CIS Cisco Update - April 2021
CIS_Cisco_2021_04_v1
------------------------
This package will update the CIS Policies and Policy Rules on a given
NetMRI to the CIS Cisco Benchmarks that were available in April 2021.
In this archive, the following CIS Policies are provided:
- CIS Cisco IOS Benchmark V1.1.1
- CIS Cisco Firewall Benchmark V4.2.0
The installation program will update existing rules on the device based
on the title of the existing rules; if the program cannot find the rule
that is being updated, it will create the new rule(s) from the latest
CIS Benchmarks. It will also remove rules that are no longer needed that
have been found on the device.
INSTALLATION
------------
See the accompanying file INSTALL
Changes Since CIS_Cisco_2021_02_v1
--------------------------------------
CIS Cisco Firewall Benchmark
- 1.3.1 Ensure ‘Image Integrity’ is correct
- 1.3.2 Ensure ‘Image Authenticity’ is correct
- 1.6.3 Ensure ‘RSA key pair’ is greater than or equal to 2048 bits
- 1.7.2 Ensure ‘TLS 1.2’ is set for HTTPS access
- 1.8.3 Ensure ‘HTTP idle timeout’ is less than or equal to ‘5’
minutes
- 1.10.12 Ensure email logging is configured for critical to emergency
- 1.11.5 Ensure ‘SNMP community string’ is not the default string
- 2.2 Ensure ‘noproxyarp’ is enabled for untrusted interfaces
- 2.4 Ensure DHCP services are disabled for untrusted interfaces
- 2.5 Ensure ICMP is restricted for untrusted interfaces.
- 3.12 Ensure explicit deny in access lists is configured correctly
- 3.4 Ensure non-default application inspection is configured
correctly
Checksum
------------
d0998a07bab7993933ae0067485d2fa0 CIS-Cisco-2021-04.tar.gz
Categories
- All Categories
- 5.1K Forums
- 4.6K Critical Network Services
- 463 Security
- Visibility and Insights
- Ideas Portal
- Webinars & Events
- 266 Resources
- 266 News & Announcements
- Knowledge Base Articles
- Infoblox Documentation Portal
- Infoblox Blog
- Support Portal
- 4 Members Hub
- 4 Getting Started with Community
- Community Support