Details

Defines user defaults to apply to EIGRP interfaces that belong to an address-family.

Rationale:

Part of the EIGRP address-family setup

Impact:

Organizations should plan and implement enterprise security policies that require rigorous authentication methods for routing protocols. Using ‘af-interface default’ for EIGRP interfaces enforces these policies by restricting the exchanges between predefined network devices.

Solution

Configure the EIGRP address family.

hostname(config)#router eigrp <virtual-instance-name>
hostname(config-router)#address-family ipv4 autonomous-system {eigrp_as-number}
hostname(config-router-af)#af-interface default

Default Value:

Not set

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/3160https://workbench.cisecurity.org/files/3160

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Cisco.

References

• 800-53|IA-3
• CSCv6|11
• CSCv7|11

Source

• Tenable.com/audits