Network security is a hot topic today, and will only increase in importance in the months and years ahead.
While most of the attention is paid to exterior threats, there are some steps you can take to prevent unwanted Cisco router access from within your organization.
Whether you want to limit what certain users can do and run on your routers, or prevent unauthorized users in your company from getting to config mode in the first place, here are four important yet simple steps you can take to do so.
Encrypt the passwords in your running configuration.
This is a basic Cisco router security command that is often overlooked. It doesnt do you any good to set passwords for your ISDN connection or Telnet connections if anyone who can see your routers running configuration can see the passwords. By default, these passwords are displayed in your running config in clear text.
One simple command takes care of that. In global configuration mode, run service password-encryption. This command will encrypt all clear text passwords in your running configuration.
Set a console password.
If I walked into your network room right now, could I sit...