03-26-2010 09:10 AM - last edited on 03-25-2019 04:10 PM by ciscomoderator
Hi,
We've got a security audit coming up and we wanted to make sure the IOS versions we're running haven't been flagged for vulnerabilities. Is there anywhere on the Cisco web site that notices like that would show up? Or is there some way of determining that our IOS has been "certified" as acceptable? For example, does an organization like CERT or NSA do anything like that?
The alternative, it seems, is just to scour the Cisco web site and see if specific vulnerailities and/or bugs have been announced, but I'm wondering if there's a faster, cleaner way of determining if your IOS is a good one.
Thanks.
03-26-2010 09:37 AM
Hi,
The best place to look into is the release notes for the IOS you are using. Just go through it and see if you notice any thing that security may flag.
You should also look at DISA Stig standards to make sure you are complying with their guidelines.
HTH
Reza
03-26-2010 09:42 AM
Please refer to the following URL
http://www.cisco.com/en/US/products/products_security_advisories_listing.html
Regards
Edison
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide