Hardening with AutoSecure
AutoSecure is a feature found in Cisco IOS Release 12.3T and later that
automates many of the tasks involved in hardening a router. It can be operated
in either Interactive mode or in Noninteractive mode. Interactive mode
prompts the user with questions regarding security features such as enabling
and disabling services. Noninteractive mode automatically hardens the router
according to Cisco-recommended guidelines.
AutoSecure can selectively lock down the router with the following features:
■ Management plane features, including disabling unneeded services
■ Forwarding plane features, such as Cisco Express Forwarding (CEF)
and basic access control lists (ACL)
■ Cisco IOS Firewall services
■ Login and password security
■ NTP
■ SSH
■ TCP Intercept