1.7.1 Ensure 'HTTP source restriction' is set to an authorized IP address


Determines the client IP addresses that are allowed to connect to the security appliance through HTTP


One key element of securing the network is the security of management access to the infrastructure devices. It is critical to establish the appropriate controls in order to prevent unauthorized access to infrastructure devices. One of them is permitting only authorized originators to attempt device management access. This ensures that the processing of access requests is restricted to an authorized source IP address, thus reducing the risk of unauthorized access and the exposure to other attacks, such as brute force, dictionary, or DoS attacks.


Run the following to enable HTTP access source restriction

hostname(config)#http <source_ip> <source_netmask> <interface_name>

See Also


Item Details


References: 800-53|CM-2, CSCv7|11.1

Plugin: Cisco

Control ID: 471f0562d480991ec62094d3fdcccfd7f3d288893f324370303dac0abc1762ed