Has anyone configured their ASA for hardening based on NIST Pub. 800-41? or anything similar?
As part of a security best practices recommendation, we were informed about this NIST Special Publication 800-41 that has a lot of recommendations on firewall hardening. Granted it is dated 2009.
I was just wondering if anyone out there may have configured their FW based on these recommendations, and if so would you post your configs as they pertain to these recommendations?
I would like to harden everything, but some things are a bit vague. Of course not all the recommendations are going to work for everyone, but good guidelines with good examples are sometimes hard to come across.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...