InformationFor situations where management access must be provided on interfaces other than the dedicated management interface, IP Access Control Lists (ACLs) can be used to limit management access to specific management stations or subnets, permitting granular control over IP ranges or protocols permitted to access the switch.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
SolutionACLs cannot be applied on the management interface or mgmt VRF. If access controls must be implemented for this interface, an ACL should be applied on the upstream device. ACLs should be used in conjunction with a trusted authentication service, such as a RADIUS or TACACS+ server.