Users Guide
Standard Change Management Policies
36
Cisco Compliance Actions
Remedial actions are often part of the process of change management. These may be
triggered by the Cisco Event Processing Rules, and are included as part of the
Standard Change Management Policies
Compliance Cisco AAA Login—To avoid being locked out of the router, define
username and password on the access server before starting the AAA
configuration.
Compliance Cisco Finger Service (11.3-12.0 & 12.1+)—Disables the ip finger
service.
Compliance Cisco HTTP Server—Disables http.
Compliance Cisco Identd Service—Disables identd
Compliance Cisco IP Source Route—Disables ip source route
Compliance Cisco UDP Small-Servers (11.2- and 11.3+)—Disables PCI UDP Small-
Servers (11.2- and 11.3+).
Compliance Cisco TCP Small-Servers—Displace PCI Cisco TCP Small-Servers.
Compliance Cisco BOOTP Server—Disables PCI Cisco BOOTP Server.
Compliance Cisco PAD Service—Disables the PAD service.
Compliance Cisco Timestamps Logging—Enables PCI Cisco Timestamps Logging.
Compliance Cisco SNMP RW Communities—Removes RW community string with
user input.
Compliance Cisco Password Encryption—Enables PCI Cisco Password Encryption.
Compliance Cisco CDP Service—Disables CDP Cisco Discovery Protocol.
COMPLIANCE Cisco VTY Transport Input Limit
COMPLIANCE Cisco VTY Login
COMPLIANCE Cisco VTY Exec Timeout
COMPLIANCE Cisco VTY Access Class Inbound
COMPLIANCE Cisco Set Login on Console Port
COMPLIANCE Cisco Service Config
COMPLIANCE Cisco SNMP RW Communities
COMPLIANCE Cisco Password Encryption
COMPLIANCE Cisco PAD Service
COMPLIANCE Cisco NTP Redundant Servers
COMPLIANCE Cisco Enable Secret
COMPLIANCE Cisco Disable NTP
COMPLIANCE Cisco Disable MOP
COMPLIANCE Cisco Console Exec Timeout