Implementing secure protocols for infrastructure management
Due to recommendations from a security audit, the IOS network infrastructure must be managed through SSH v2, SSL or some other encrypted protocol. Currently for our routers, switches, firewalls, CSS, and APs we use TACACS+ and Telnet. What steps are necessary to move to SSH v2 and how do I maintain the same functionalities in ACS (i.e. line command logging, etc.)? Will I have additional hardware/software needs, if so any recommendations based on personal experiences?
Re: Implementing secure protocols for infrastructure management
As far as the IOS code is concerned you need to have crypto support built in with that to get you the rsa keys generated.
to have the crytp feature set you need to ios code which should also fit onto your exisiting DRAM and FLASH size or else you need to upgrade both DRAM as well as the flash to support the required ios code..
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...