2.4.1 Create a single 'interface loopback' - 'Only one loopback interface is defined'

Information

Configure a single loopback interface.

Rationale:

Software-only loopback interface that emulates an interface that is always up. It is a virtual interface supported on all platforms.

Alternate loopback addresses create a potential for abuse, mis-configuration, and inconsistencies. Additional loopback interfaces must be documented and approved prior to use by local security personnel.

Impact:

Organizations should plan and establish 'loopback interfaces' for the enterprise network. Loopback interfaces enable critical network information such as OSPF Router IDs and provide termination points for routing protocol sessions.

Solution

Define and configure one loopback interface.

hostname(config)#interface loopback <<em>number</em>>
hostname(config-if)#ip address <<em>loopback_ip_address</em>> <<em>loopback_subnet_mask</em>>

Default Value:

There are no loopback interfaces defined by default.

See Also

https://workbench.cisecurity.org/files/3762

Item Details

Category: SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CA-9, 800-53|SC-7, 800-53|SC-7(5), CSCv7|9.2

Plugin: Cisco

Control ID: 3e0d9353ce5daf2f1383119b45ebbfdea4e495c0b7eb28d8a1522f6e09d81b04