HP Networking guide to hardening Comware-based devices
Table Of Contents
- Introduction
- Management plane
- General management plane hardening
- Limiting access to the network with infrastructure ACLs
- Securing interactive management sessions
- Fortifying Simple Network Management Protocol
- Logging best practices
- HP Comware software configuration management
- Control plane
- General control plane hardening
- Limiting the CPU impact of control plane traffic
- Securing BGP
- Securing Interior Gateway Protocols
- Securing Virtual Router Redundancy Protocol
- Data plane
- General data plane hardening
- Filtering transit traffic with Transit ACLs
- Anti-spoofing protections
- Limiting the CPU impact of data plane traffic
- Traffic identification and traceback
- Access control with VLAN QoS policy and port access control lists
- Using private VLANs
- Port isolation
40
Keywords: secure, management plane, control plane, data plane
Abstract: This document describes how to secure HP Comware devices.
Acronyms:
Acronym Full spelling
AAA authentication, authorization, and accounting
TFTP Trivial File Transfer Protocol
SFTP Security FTP
NTP Network Time Protocol
UDP User Datagram Protocol
DoS denial of service
ACL access control list
TTY true type terminal
VTY virtual type terminal
LDAP Lightweight Directory Access Protocol
SNMP Simple Network Management Protocol
RIP Routing Information Protocol
OSPF open shortest path first
IGP Interior Gateway Protocol
MD5 Message Digest 5
ABR Area Border Router
BGP Border Gateway Protocol
ACE access control entry
Get connected
hp.com/go/getconnected
Current HP driver, support, and security alerts
delivered directly to your desktop
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only
warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein
should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Microsoft and Windows are U.S. registered trademarks of Microsoft Corporation.
4AA4-4160ENW, Created October 2012