Details

Configure authentication to prevent unapproved sources from introducing unauthorized or false service messages.

Rationale:

This is part of the EIGRP authentication configuration

Impact:

Organizations should plan and implement enterprise security policies that require rigorous authentication methods for routing protocols. Using the ‘authentication mode’ for EIGRP address-family or service-family packets enforces these policies by restricting the type of authentication between network devices.

Solution

Configure the EIGRP address family authentication mode.

hostname(config)#router eigrp
hostname(config-router)#address-family ipv4 autonomous-system {eigrp_as-number}
hostname(config-router-af)#af-interface {interface-name}
hostname(config-router-af-interface)#authentication mode md5

Default Value:

Not defined

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/3156https://workbench.cisecurity.org/files/3156

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Cisco.

References

• 800-53|SC-8(1)
• CSCv6|11
• CSCv7|11

Source

• Tenable.com/audits