There are tons of things you can do to secure a Cisco router. You can protect it from DDOS attacks with management plane and control plane protection. You can use the ip Inspect command (also known as CBAC - content based access control)to create dynamic firewall entries (i.e. by default, you allow everything outbound, but -nothing- inbound expect traffic that is returning to sessions that were intiated by internal devices.) You can enable Intrusion Detection / Prevention (IPS) and enable high-risk signatures.
Your best bet is to use the SDM (security and device manager) to start, even if you're a CLI guy, because the SDM GUI helps you get familiar with the different functional areas.
Next, I'd get a copy of Richard Deal's CiscoPress book "Router Firewall Security". I've been doing router security for a while now and I still refer to it.
If you want, post a copy of your config (w/ passwords edited out) and I'd be happy to suggest some improvements.
As you might be aware I am just getting the feel for the CLI and would prefer using that just because of the issues I have had with SDM in the past. There is also another crutial command that I am missing\ or need to omit to get user internall to access the Internet. If you could provide me with that as well it would be greatly appreciated. I'll check out that book you mentioned. Thanks.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :