I was wondering on 2 4006's with L3 RSM's what would be the recommended "minimum security" that I can enable for PIM ? I want to address the issue of any malicious / non-malicious multicast attacks on my LAN / VLAN's.
Well, without knowing the exact security posture that you intend to incorporate into your setup, it's tough to say much. However here is some information that will help you do the same. The simplest to secure your network is to configure acess lists. Many of the common attacks use address spoofing, something that can be easily prevented using access lists. For example, a packet coming in form the outside interface carrying a source IP which is being used on the inside, is in all likelyhood a malicious packet. You could use access lists to deny such packets. The range of attacks which you can insulate against using access lists goes on. For more information see Configuring Network Security (Using ACL's) at http://www.cisco.com/en/US/products/hw/switches/ps663/products_configuration_guide_chapter09186a00800ddcfb.html
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...