From Cisco IOS XE Release 3 NDM Security Technical Implementation Guide
Part of SRG-APP-000516-NDM-000336
Associated with: CCI-000366 CCI-000370
The use of authentication servers or other centralized management servers for providing centralized authentication services is required for network device management. Maintaining local administrator accounts for daily usage on each network device without centralized management is not scalable or feasible. Without centralized management, it is likely that credentials for some network devices will be forgotten, leading to delays in administration, which itself leads to delays in remediating production problems and in addressing compromises in a timely fashion.
Verify that administrative accounts are configured on the authentication server.
The configuration should look similar to the example below:
aaa authentication login default radius
radius server RADIUS1
address ipv4 1.1.1.1
key
Configure the Cisco IOS XE router to use multiple authentication servers.
The configuration should look similar to the example below:
aaa authentication login default radius
radius server RADIUS1
address ipv4 1.1.1.1
key
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer