1.6.1 Ensure 'SSH source restriction' is set to an authorized IP address

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Determines the client IP addresses that are allowed to connect to the security appliance through SSH

Rationale:

One key element of securing the network is the security of management access to the infrastructure devices. It is critical to establish the appropriate controls in order to prevent unauthorized access to infrastructure devices. One of them is permitting only authorized originators to attempt device management access. This ensures that the processing of access requests is restricted to an authorized source IP address, thus reducing the risk of unauthorized access and the exposure to other attacks, such as brute force, dictionary, or DoS attacks.

Solution

Run the following to enable SSH access source restriction

HOSTNAME(CONFIG)#SSH _<source_ip> <source_netmask> <interface_name>_

See Also

https://benchmarks.cisecurity.org/tools2/cisco/CIS_Cisco_Firewall_Benchmark_v4.0.0.pdf

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7

Plugin: Cisco

Control ID: acc9933cda10beaa7ca95856978eed492cc1c504d1070c9251c2a873d7fd354f