Tenable Cisco Viptela SD-WAN - vEdge

Audit Details

Name: Tenable Cisco Viptela SD-WAN - vEdge

Updated: 6/17/2024

Authority: TNS

Plugin: Cisco_Viptela

Revision: 1.4

Estimated Item Count: 36

File Details

Filename: Tenable_Best_Practices_Cisco_Viptela_vEdge_v1.0.0.audit

Size: 56.7 kB

MD5: 90db744ff312ae44bc5d263d037c1bfc
SHA256: b1aebf54766df713bf15179ee070e69982da2558fefa5541ef6e6a80195cbe26

Audit Items

DescriptionCategories
Account Management - Review account groups assigned to 'netadmin'

ACCESS CONTROL

Account Management - Review disabled user accounts

ACCESS CONTROL

Change the Rekeying Timer

ACCESS CONTROL

Change the Size of the Anti-Replay Window

ACCESS CONTROL

Configure Allowed Authentication Types

SYSTEM AND COMMUNICATIONS PROTECTION

Configure an IPsec Static Route

ACCESS CONTROL

Configure an IPsec Tunnel

ACCESS CONTROL

Configure IPsec Tunnel Parameters - cipher-suite

ACCESS CONTROL

Configure IPsec Tunnel Parameters - perfect-forward-secrecy

ACCESS CONTROL

Configure IPsec Tunnel Parameters - rekey

ACCESS CONTROL

Configure IPsec Tunnel Parameters - replay-window

ACCESS CONTROL

Content of Audit Records - Configure disk logging - enable

AUDIT AND ACCOUNTABILITY

Content of Audit Records - Configure disk logging - file rotate

AUDIT AND ACCOUNTABILITY

Content of Audit Records - Configure disk logging - file size

AUDIT AND ACCOUNTABILITY

Content of Audit Records - Configure disk logging - priority level

AUDIT AND ACCOUNTABILITY

Content of Audit Records - Configure remote syslog - priority level

AUDIT AND ACCOUNTABILITY

Enable IKE Version 1/2 - cipher-suite

SYSTEM AND COMMUNICATIONS PROTECTION

Enable IKE Version 1/2 - group

SYSTEM AND COMMUNICATIONS PROTECTION

Enable IKE Version 1/2 - rekey

ACCESS CONTROL

Event Logging - Configure remote syslog - server

AUDIT AND ACCOUNTABILITY

Flaw Remediation - Review version of running image

CONFIGURATION MANAGEMENT

Identification and Authentication - Use out of band authentication - AAA - audit logging

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - AAA - netconf logging

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - Admin Authentication Order

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - Authentication Order

IDENTIFICATION AND AUTHENTICATION

Identification and Authentication - Use out of band authentication - Server IP

IDENTIFICATION AND AUTHENTICATION

Secure Name/address Resolution Service - Configure DNS servers - Primary

SYSTEM AND COMMUNICATIONS PROTECTION

Secure Name/address Resolution Service - Configure DNS servers - Secondary

SYSTEM AND COMMUNICATIONS PROTECTION

Session Termination - Configure Idle CLI timeout

ACCESS CONTROL

System Backup - Enable Backups - interval

CONTINGENCY PLANNING

System Backup - Enable Backups - path

CONTINGENCY PLANNING

System Use Notification - Banner Login

ACCESS CONTROL

System Use Notification - Banner motd

ACCESS CONTROL

Time Stamps - Enable NTP - remote server

AUDIT AND ACCOUNTABILITY

Time Stamps - Enable NTP - timezone

AUDIT AND ACCOUNTABILITY

vEdge Modify IKE Dead-Peer Detection

ACCESS CONTROL