Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

What are you doing for edge security?

Hi there,

Thanks for reading.

I'm seeing that my edge routers are terminating remote ssh sessions coming from overseas. 

There's internal talk of an IPS system this year but no movement (quotes, POs). 

What are some of the things you're doing for edge security?

Thanks!

Bob

1 ACCEPTED SOLUTION

Accepted Solutions

What are you doing for edge security?

If you're concerned about traffic to your router, you need to look into control plane security (CoPP)

http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html

If you're concerned with traffic going through the router, acls, ZBFW or CBAC can control what goes through it, and you should disable unused services on the router.

You can view what ports are listening with "show control-plane hosts open".

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
3 REPLIES

What are you doing for edge security?

If you're concerned about traffic to your router, you need to look into control plane security (CoPP)

http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html

If you're concerned with traffic going through the router, acls, ZBFW or CBAC can control what goes through it, and you should disable unused services on the router.

You can view what ports are listening with "show control-plane hosts open".

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

What are you doing for edge security?

New Member

What are you doing for edge security?

You should take a look at the following link by TeamCymru. Its kind of best operating procedure in many cases.

http://www.cymru.com/Documents/secure-ios-template.html

150
Views
8
Helpful
3
Replies
CreatePlease to create content