Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

What to do

As a Cisco LAN Administrator, what are the things one need to do in order to be proactive.

As at now.

1. I have done a network LAN architecture diagram to depict where each of the switches are

2. Done a software and hardware inventory

3. Checking to find out which if the hardware or software is end of life

So what else?



Re: What to do

Security audit?

New Member

Re: What to do

In terms of what?

ssh connection?

Re: What to do

A security audit will involve Checking SW for vulnerabilities, checking configs for good practice, chacking procsses for good practice all that kind of thing.

Also think about defining an upgrade strategy - that could be anything from "we will automatically update the moment Cisco release a new version" to " we will update if we have a problem that can be identified in the software we are running.

Look at NMS systems - something that will le you capture traffic patterns will help identify bottlenecks or issues early

Being proactive also means having plans to deal with faults - "we run with sufficient free ports in a physical location to allow repatching of all users should a switch/module fail"

New Member

Re: What to do

Thank you very much

Re: What to do

In terms of, for example:

- who has access to the management features,

- using which protocols,

- how management access is logged (if at all)

- how management traffic is restricted,

- how you keep backups of the configs,

- whether you use sectret instead of password,

- whether you allow VLAN 1 anywhere,

- whether you seperate management traffic from user traffic

- etc etc

The list is huge. There are some good books, and several documents on the Cisco web, about hardening the security of Cisco switches and routers. An audit would measure your security in terms of the recommendations.

Kevin Dorrell


New Member

Re: What to do

Thank you so much