02-14-2012 10:38 AM - edited 02-21-2020 04:33 AM
I work for the U.S. Government, government regulations require us to meet certain requirements. Are Cisco products capable of loading an Anti Virus/Malware application to protect the IOS while not quarantining traffic or clients? Also, will the IOS enforce a password with a minimum of 6 characters including a combination of alpha, numeric and special characters and force an annual password change?
02-14-2012 02:42 PM
There is no IOS antivirus / antimalware per se. Several Cisco products can redirect user traffic THROUGH them to such products.
If your router or switch is running IOS 12.3 or later, you can enforce local password minimum length:
rtr(config)#security password min-length ?
<0-16> Minimum length of all user/enable passwords
You cannot do the other password policies for local passwords, but you can with an external AAA server (like ACS).
Using the above features, systems can be certified and accredited at the highest levels.
05-15-2014 06:51 AM
I was thinking about the same thing too, because any OS connected to the network could get a virus infection !
some OSs do not get infection probably because of the most Virus writers write viruses for the most used OS like windows.
so still in the loop, does cisco IOS have a possibility for infection ?
thanks,
05-16-2014 05:09 AM
I'm not aware of any documented case of an "IOS virus".
IOS is targeted more for denial-of-service via things like syn or ping flooding. It is also commonly targeted for password cracking via brute force dictionary type attacks.
There are a number of countermeasures one can take to counter those type of attacks. They are described in depth in the CCNA Security and CCNP Security reference guides as well as numerous Cisco configuration guides and whitepapers.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: