1.2.4 Ensure 'Unused Interfaces' is disable

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Disables the unused interfaces

Rationale:

Shutting down the unused interfaces is a complement to physical security. In fact, an attacker connecting physically to an unused port of the security appliance can use the interface to gain access to the device if the relevant interface has not been disabled and the source restriction to management access is not enabled.

NOTE: This check requires manual review. Please review the results to ensure Unused Interfaces are disabled.

Solution

* Step 1: Identify the physical name <interface_physical_name> of the unused interfaces that are not disabled
* Step 2: For each of the identified interfaces, run the following command

HOSTNAME(CONFIG)#INTERFACE <INTERFACE_PHYSICAL_NAME>
HOSTNAME(CONFIG-IF)#SHUTDOWN

See Also

https://benchmarks.cisecurity.org/tools2/cisco/CIS_Cisco_Firewall_Benchmark_v4.0.0.pdf