Ensure ‘aaa command accounting’ is configured correctly
Details Enables accounting of administrative access by specifying that each command, or commands of a specified privilege level or higher,...
- Home
- Security Hardening
- CIS Cisco Firewall V8.x L1 V4 2.0
CIS Cisco Firewall V8.x L1 V4 2.0
Ensure ‘aaa command authorization’ is configured correctly
Details Defines the source of authorization for the commands entered by an administrator/user Rationale: Requiring authorization for commands enforces separation...Ensure ‘aaa local authentication max failed attempts’ is set to less than or equal to ‘3’
Details Limits the maximum number of times a local user can enter a wrong password before being locked out Rationale:...Ensure ‘ASDM banner’ is set
Details Sets the banner message for the ASDM access Rationale: Configuring banner is an additional security safeguard to protect the...Ensure ‘console session timeout’ is less than or equal to ‘5’ minutes
Details Sets the idle timeout for a console session before the security appliance terminates it. Rationale: Limiting session timeout prevents...Ensure ‘Domain Name’ is set
Details Sets the domain name for the security appliance Rationale: The domain name is important during the deployment of RSA...Ensure ‘Enable Password’ is set
Details Sets the password for users accessing privileged EXEC mode when they run the enable command. Rationale: The default device...Ensure ‘EXEC banner’ is set
Details Sets the banner message for the access to the privileged EXEC mode Rationale: Configuring banner is an additional security...Ensure ‘Failover’ is enabled
Details Enables failover between the security appliance and another security appliance in order to achieve high availability Rationale: Enabling failover...Ensure ‘Host Name’ is set
Details Changes the device default hostname Rationale: The device hostname plays an important role in asset inventory and identification as...