Ensure ‘HTTP idle timeout’ is less than or equal to ‘5’ minutes
Details Sets the timeout for an HTTP session idle before the security appliance terminates it. Rationale: Limiting session idle timeout...
- Home
- Security Hardening
- CIS Cisco Firewall V8.x L1 V4 2.0
CIS Cisco Firewall V8.x L1 V4 2.0
Ensure ‘HTTP source restriction’ is set to an authorized IP address
Details Determines the client IP addresses that are allowed to connect to the security appliance through HTTP Rationale: One key...Ensure ‘Image Authenticity’ is correct
Details Verifies for digitally signed images that the running image is from a trusted source Rationale: The software image being...Ensure ‘Image Integrity’ is correct
Details Verifies integrity of an uploaded software before upgrading the system Rationale: Sometimes, manipulating software from downloading them from the...Ensure known default accounts do not exist
Details Deletes the known default accounts configured Rationale: In order to attempt access to known devices’ platforms, attackers use the...Ensure ‘local username and password’ is set
Details Sets a local username and password Rationale: Default device configuration does not require strong user authentication enabling unfettered access...Ensure ‘LOGIN banner’ is set
Details Sets the LOGIN banner for access to the Command Line Interface (CLI) Rationale: Configuring banner is an additional security...Ensure ‘Logon Password’ is set
Details Changes the default login password. Rationale: The login password is used for Telnet and SSH connections. The default device...Ensure ‘Master Key Passphrase’ is set
Details Defines the master key passphrase used for to encrypt the application secret-keys contained in the configuration file for software...Ensure ‘MOTD banner’ is set
Details Sets the message-of-the-day (MOTD) banner for first access to the Command Line Interface (CLI). Rationale: Configuring banner is an...