Ensure ‘OSPF authentication’ is enabled
Details Enables the authentication of OSPF neighbor before routing information is received from the neighbor Rationale: Enabling the routing protocol...
- Home
- Security Hardening
- Tenable Cisco Firepower Best Practices
Tenable Cisco Firepower Best Practices
Ensure ‘Password Policy’ is enabled – minimum-length
Details Enforces the Enterprise Password Policy by setting compliant local password requirements for the security appliance Rationale: The password policy...Ensure ‘RIP authentication’ is enabled
Details Enables the authentication of RIPv2 neighbor before routing information is received from the neighbor Rationale: Enabling the routing protocol...Ensure ‘SNMP community string’ is not the default string
Details Sets a SNMP community string different from the default one Rationale: The SNMP community string is a key used...Ensure ‘snmp-server group’ is set to ‘v3 priv’
Details Sets the SNMP v3 group with authentication and privacy Rationale: SNMP Version 3 provides security enhancements that are not...Ensure ‘SNMP traps’ is enabled – authentication
Details Enables SNMP traps to be sent to the NMS Rationale: The purpose of the SNMP service is to monitor...Ensure ‘SNMP traps’ is enabled – coldstart
Details Enables SNMP traps to be sent to the NMS Rationale: The purpose of the SNMP service is to monitor...Ensure ‘SNMP traps’ is enabled – linkdown
Details Enables SNMP traps to be sent to the NMS Rationale: The purpose of the SNMP service is to monitor...Ensure ‘SSH source restriction’ is set to an authorized IP address
Details Determines the client IP addresses that are allowed to connect to the security appliance through SSH Rationale: One key...Ensure ‘syslog hosts’ is configured correctly
Details Sets the SNMP notification recipient or the NMS or SNMP manager that can connect to the Firepower. Rationale: Syslog...