I am looking for a document/link for setting up security on an internet router. What Access lists should be implemented; services denied both inbound and outbound. A common practice type document would be great.
In particular, what are the ramifications for allowing Microsoft networking out? UDP 137, 138 and 139.
The following document published by National Security Agency (NSA) for Router Security is excellent read and I'm sure will help you with your question, I acctually used it for my CCIE backround reading.
"CCSAT (Cisco Configuration Security Auditing Tool) is a script to allow automated review of configuration security of large numbers of Cisco routers and switches. The tool is based upon industry best practices including Cisco, NSA and SANS security guides and recommendations. It is flexible and can report details down to individual device interfaces, lines, ACL's, AS's, etc."
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...