Ensure IS-IS neighbor authentication is set to MD5
Details IS-IS Neighbors should be authenticated. Rationale: Where it is deployed, IS-IS routing is vital for normal operation of an...
- Home
- Security Hardening
- CIS Juniper OS Benchmark V2.1.0 L1
CIS Juniper OS Benchmark V2.1.0 L1
Ensure Local Accounts can ONLY be used during loss of external AAA
Details Authentication using locally configured usernames and passwords should only be permitted when External AAA servers are down or cannot...Ensure logging data is monitored
Details Logs and events should be monitored. Rationale: Even after you have applied all of the settings in this guide,...Ensure loose authentication check is not configured
Details IS-IS Neighbors should be authenticated. Rationale: Where it is deployed, IS-IS routing is vital for normal operation of an...Ensure maximum RAM is installed
Details The router should have the maximum RAM installed. Rationale: Some Denial of Service attacks rely on exhausting the target...Ensure NO Plain Text Archive Sites are configured
Details The routers configuration MUST NOT be sent in plain text to the Archive Site. Rationale: JUNOS routers can use...Ensure only one loopback address is set
Details Configure only one Loopback address per Routing Instance Rationale: Multiple Loopback addresses create potential for abuse, mis-configuration and confusion....Ensure OSPF authentication is set to MD5
Details OSPF Neighbors should be authenticated. Rationale: Where it is deployed, OSPF routing is vital for normal operation of an...Ensure OSPFv3 authentication is set to IPSEC SA – ipsec-sa
Details OSPFv3 Neighbors should be strongly authenticated. Rationale: Where it is deployed, OSPFv3 routing is vital for normal operation of...Ensure OSPFv3 authentication is set to IPSEC SA – md5
Details OSPFv3 Neighbors should be strongly authenticated. Rationale: Where it is deployed, OSPFv3 routing is vital for normal operation of...