Details
Authenticates users who access the security appliance using Telnet.
Rationale:
Using AAA authentication for interactive management access to the device provides consistent, centralized control of your network. The default under AAA (local or network) is to require users to log in using a valid user name and password. This rule applies for both local and network AAA. Fallback mode should also be enabled to allow emergency access to the firewall in the event that the AAA server was unreachable, by utilizing the LOCAL keyword after the AAA server-tag.
Solution
Configure the aaa authentication Telnet using the TACACS+ server-group as primary method and the local database as backup method.
hostname(config)#aaa authentication telnet console
Default Value:
The aaa authentication telnet console is disabled by default.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Cisco.