Details
Authenticates users who access the security appliance using the serial Console port.
Rationale:
Using AAA authentication for interactive management access to the device provides consistent, centralized control of your network. The default under AAA (local or network) is to require users to log in using a valid user name and password. This rule applies for both local and network AAA. Fallback mode should also be enabled to allow emergency access to the firewall in the event that the AAA server was unreachable, by utilizing the LOCAL keyword after the AAA server-tag.
Solution
Configure the aaa authentication serial using the TACACS+ server-group as primary method and the local database as backup method.
hostname(config)#aaa authentication serial console
Default Value:
The aaa authentication serial console is disabled by default.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Cisco.