Revision 1.9Jul 12, 2022
Functional Update
- Authentication: a backup remote authentication server is available
- Authentication: enable remote authentication
- Authentication: use a remote authentication server
- BGP: Authenticate peers
- BGP: Disable Capability Negotiation
- ICMP: Do not return Proxy ARP requests
- ICMP: Do not return redirect messages
- ICMP: Do not return unreachable messages
- Login: Accounts are locked after 3 failed password attempts
- Login: Exponential Backoff is set
- Login: Idle connections time out after 5 minutes or less
- Login: ssh - limit consecutive logins to 16 or less
- SNMP: Use SNMPv3 only
- SNMP: configure access groups to use privacy
- SNMP: configure community strings
- Spanning Tree: enable edge-port
- Spanning Tree: enable root-guard
