I am looking for a workprogram, which allows to audit Cisco routers and switches. In detail i) I have to define controls that make sense for each device (router & switch) and ii) afterwards I have to perform test procedures.
What should be reviewed? What tests should be performed?
There are many places you can go and get some great ideas, but ultimately, it will depend on your environment....where each device is located, what are the capabilities that you are looking for each device to do...just to name a few.
Some suggestions to get you started might be:
~Create a "Router Security Policy" (www.sans.org has an example)
~Create a "IOS Security Checklist" (a baseline if you will, something that is needed for ALL IOS devices. If you switches run Native IOS instead of CatOS you could use this here as well. You can use a portion of the SANS policy and implement into this.)
~Create a "CatOS Security Checklist" (Same as above)
~CIS (Center for Internet Security has a Cisco router tool that you can run to check your devices. I have never used it, but I have heard good things about it.)
~NIST (National Institute of Standards Technology) also has a lot of great stuff to give you some ideas.)
~Finally, I would end with your port/ service scan tool. (There are a variety of tools that you can use for this.)
Hopefully, I have helped out a little to get you thinking and some places to start. I will keep checking back to see how you are doing.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...