User`s guide
Chapter 16 Security Audit
SDM and Cisco IOS AutoSecure
16-26
Cisco Router and Security Device Manager Version 2.2 User’s Guide
OL-4015-08
• Disable IP Proxy ARP
• Disable IP Directed Broadcast
• Disable MOP Service
• Disable IP Unreachables
• Disable IP Unreachables on NULL Interface
• Disable IP Mask Reply
• Enable Password Encryption Service
• Disable IP Unreachables on NULL Interface
• Disable IP Unreachables on NULL Interface
• Set Minimum Password Length to Less Than 6 Characters
• Enable IP CEF
• Enable Firewall on All of the Outside Interfaces
• Set Users
• Enable Logging
• Enable Firewall on All of the Outside Interfaces
• Set Minimum Password Length to Less Than 6 Characters
• Enable Firewall on All of the Outside Interfaces
• Set Users
• Set Users
• Set Users
• Enable Unicast RPF on Outside Interfaces
• Enable Firewall on All of the Outside Interfaces
AutoSecure Features Not Implemented in SDM
The following AutoSecure features are not implemented in this version of SDM:
• Disabling NTP—Based on input, AutoSecure will disable the Network Time
Protocol (NTP) if it is not necessary. Otherwise, NTP will be configured with
MD5 authentication. SDM does not support disabling NTP.