Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
827
Views
0
Helpful
1
Replies

Securing Internet Edge Switch

andy.winford
Level 1
Level 1

‎06-28-2011 01:11 PM - edited ‎03-09-2019 11:35 PM

I am fairly familiar with hardening of Cisco routers acting as an internet gateway, like enabling SSH and blocking inbound access to private range IP addressing via ACLs, disabling , but what about switches?   Is there a best practice on configuring a switch that is being used as a L3 device for internet access?

Thanks...

Andy

Labels:
0 Helpful
1 Reply 1

mvsheik123
Level 7
Level 7

‎07-05-2011 06:27 AM

Hi,

For L3 switch @ internet edge, you can use the similar security restrictions (ACLs, disabling services that is not needed etc) and inaddition 'admin down' the ports that are not being used. In addition to that if the switch IP not required to advertise to interenet, do not add the default route (you may need this incase of L3 behaviour, but you can judge better).

hth

MS

0 Helpful
Customers Also Viewed These Support Documents