Tenable Cisco Viptela SD-WAN - vEdge

Audit Details

Name: Tenable Cisco Viptela SD-WAN - vEdge

Updated: 12/22/2023

Authority: TNS

Plugin: Cisco_Viptela

Revision: 1.3

Estimated Item Count: 36

File Details

Filename: Tenable_Best_Practices_Cisco_Viptela_vEdge_v1.0.0.audit

Size: 56.7 kB

MD5: 457123c28ca4a50bbf5e3b31ea2537e5
SHA256: e86f499235621b60af2b30dbec566c5b095927a8946fdfe3c70e6d2b5de5c2d1

Audit Items

DescriptionCategories
Account Management - Review account groups assigned to 'netadmin'

ACCESS CONTROL

Account Management - Review disabled user accounts

ACCESS CONTROL

Change the Rekeying Timer

ACCESS CONTROL

Change the Size of the Anti-Replay Window

ACCESS CONTROL

Configure Allowed Authentication Types

SYSTEM AND COMMUNICATIONS PROTECTION

Configure an IPsec Static Route

ACCESS CONTROL

Configure an IPsec Tunnel

ACCESS CONTROL

Configure IPsec Tunnel Parameters - cipher-suite

ACCESS CONTROL

Configure IPsec Tunnel Parameters - perfect-forward-secrecy

ACCESS CONTROL

Configure IPsec Tunnel Parameters - rekey

ACCESS CONTROL

Configure IPsec Tunnel Parameters - replay-window

ACCESS CONTROL

Content of Audit Records - Configure disk logging - enable

AUDIT AND ACCOUNTABILITY

Content of Audit Records - Configure disk logging - file rotate

AUDIT AND ACCOUNTABILITY

Content of Audit Records - Configure disk logging - file size

AUDIT AND ACCOUNTABILITY

Content of Audit Records - Configure disk logging - priority level

AUDIT AND ACCOUNTABILITY

Content of Audit Records - Configure remote syslog - priority level

AUDIT AND ACCOUNTABILITY

Enable IKE Version 1/2 - cipher-suite

SYSTEM AND COMMUNICATIONS PROTECTION

Enable IKE Version 1/2 - group

SYSTEM AND COMMUNICATIONS PROTECTION

Enable IKE Version 1/2 - rekey

ACCESS CONTROL

Event Logging - Configure remote syslog - server

AUDIT AND ACCOUNTABILITY

Flaw Remediation - Review version of running image

CONFIGURATION MANAGEMENT

Identification and Authentication - Use out of band authentication - AAA - audit logging

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - AAA - netconf logging

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - Admin Authentication Order

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - Authentication Order

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - Server IP

IDENTIFICATION AND AUTHENTICATION

Secure Name/address Resolution Service - Configure DNS servers - Primary

SYSTEM AND COMMUNICATIONS PROTECTION

Secure Name/address Resolution Service - Configure DNS servers - Secondary

SYSTEM AND COMMUNICATIONS PROTECTION

Session Termination - Configure Idle CLI timeout

ACCESS CONTROL

System Backup - Enable Backups - interval

CONTINGENCY PLANNING

System Backup - Enable Backups - path

CONTINGENCY PLANNING

System Use Notification - Banner Login

ACCESS CONTROL

System Use Notification - Banner motd

ACCESS CONTROL

Time Stamps - Enable NTP - remote server

AUDIT AND ACCOUNTABILITY

Time Stamps - Enable NTP - timezone

AUDIT AND ACCOUNTABILITY

vEdge Modify IKE Dead-Peer Detection

ACCESS CONTROL