Can anyone point me to a document or official statement from Cisco stating that their routers, switches, and firewalls are not capable of running Anti-Virus/Anti-Malware to protect their IOS? NERC CIP standards require that all devices contained within the Electronic Security Perimeter run Anti-Virus/Anti-Malware software "where technically feasible", if the devices cannot run AV/AM you have to submit a "Technical Feasibility Exception"....done that...now they want proof that Cisco devices (routers, switches, firewalls) are not capable of running AV/AM to protect their IOS. Please don't confuse this with all of the offering that Cisco has to protect end-user devices...this applies only to the routers, switches, and firewalls.
Any answers would be greatly appreciated, even comments from others dealing with this issue.
Re: Can Cisco Routers, Switches, or Firewalls run AV?
The FW's have "Bot-Net Detectors" as added options.
I am not sure if you are referring to the ASA botnet filtering featute, but if that is the case, it is not a tool for bots or viruses against the ASA IOS itself. It identifies hosts infected and act as bots.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...