SDM Security Audit
Using SDM to perform security audits

The SDM security audit feature compares router configurations to a predefined checklist of best practices using ICSA and Cisco TAC recommendations.

Examples of the audit include, but are not limited to, the following:

  • Shuts down unneeded servers on the router. These servers include BOOTP, finger, tcp/udp small-servers.
  • Shuts down unneeded services on the router. These services include CDP, ip source-route, ip classless.
  • Applies a firewall to the outside interfaces.
  • Disables SNMP or enables it with hard-to-guess community strings.
  • Shuts down unused interfaces using no ip proxy-arp.
  • Forces passwords for the router console and VTY lines.
  • Forces an enable secret password.
  • Enforces the use of ACLs.

Security Audit   contains two modes:

  • Security Audit – Examines router configuration, then displays the Report Card screen, which shows a list of possible security problems. The administrator can then pick and choose which vulnerability to lock down.
  • One-step lockdown – Initiates the automatic lockdown using recommended settings.

Web Links