Index – 9
cached-reauth-limit, no limit … 6-29
client public-key authentication, disabled …8-1
connection-rate filtering … 3-1
connection-rate filtering, none …1-8
DHCP snooping
database parameters … 11-12
on VLANs, disabled … 11-7
Option 82 remote-id, MAC address … 11-11
Option 82 untrusted-policy, drop … 11-10
trusted ports, disabled … 11-7
DHCP snooping, none …1-8
DSA keysize, 1024 bits …8-12
dynamic arp protection, none …1-8
dynamic IP lockdown, none …1-8
dyn-autz-port 3799 … 6-19
factory reset, enabled …2-38
front panel security … 2-1, 2-38
ICMP rate-liming, none …1-8
instrumentation monitor
SNMP traps, disabled … 11-36
thresholds and parameters … 11-36
instrumentation monitor, disabled …11-36
key management system, none …1-8
MAC authentication, disabled …1-5
MAC lockdown and lockout, none …1-7
manager password, no password …1-2
multicast filters, none … 12-2
passwords
clear password, enabled …2-38
password recovery, enabled … 2-39, 2-45
password-clear, enabled …2-40
reset-on-clear, disabled …2-38
username and passwords, none …2-1
port security, none …1-7
port security, off or ’continuous’ … 14-2
protocol filters, none … 12-2
RADIUS
accounting, none …6-1
authentication, none …6-1
authorization, none …6-1
global parameters … 6-9
radius-server dead-time, 0 minutes …6-19
radius-server retransmit, 3 seconds …6-20
radius-server timeout, 3 seconds …6-20
server key, null …6-9
RADIUS authentication, disabled …1-4
RSA keysize, 2048 bits …8-12
secure management vlan, disabled …1-4
security
access security and authentication … 1-2
network security … 1-6
SNMP access … 1-13
SNMP access to the security MIB, open …6-32
SNMP, public, unrestricted …1-4
source-port filters, none … 12-2
spanning tree
bpdu filtering, none …1-8
bpdu protection, none …1-8
SSH, disabled … 1-3, 8-1
SSL, disabled … 1-4, 9-1
TACACS+
authentication configuration … 5-8
authentication, disabled …1-4, 5-1
login attempts, 3 …5-5
tacacs-server-timeout, 5 seconds …5-23
TCP port number for SSH connections,
22 …8-18
TCP port number for SSL connections,
443 …9-16
Telnet access, enabled …1-3
time-window, 300 seconds … 6-17
traffic filters, none … 12-2
traffic/security filters, none …1-6
UDP destination port for accounting,
1813 …6-7
UDP destination port for authentication,
1812 …6-7
usb autorun, disabled(if password) … 1-6
usb autorun, enabled (if no password) … 1-6
user authentication, disabled …8-1
virus throttling … 3-1
virus throttling, none …1-8
Web and MAC authentication … 4-1–4-53
Web authentication, disabled …1-5
Web-browser access, enabled …1-3
defualt settings
dyn-authorization, disabled … 6-16
denial-of-service
avoid attacks using DHCP snooping … 11-4
monitoring system resources … 11-34
DES …9-2
DHCP Option 82
IP-to-MAC binding database … 11-20, 11-28
DHCP protection
See DHCP snooping.
DHCP snooping … 11-3
To Next Page
Loading...
Need help?
General