From: James (james@towardex.com)
Date: Sun Aug 29 2004 - 22:53:12 GMT-3
On Mon, Aug 30, 2004 at 01:21:13AM +0300, ccie wrote:
> Hi,
>
> One of the best white paper about securing cisco iso can be find on this
> link
>
> http://www.cymru.com/Documents/secure-ios-template.html
The Team Cymru documentation is very well recommended for protecting just about
any Cisco router out there. Rob Thomas & co are very well experienced in
this field, and they have good reputation and trust in the operators community.
Also, for those who use Cisco 7500 or 12000 GSR series (or the new HFR/CRS-1)
routers, you should also look into using Receive ACL to protect the route
processor (GRP in GSR, RSP in 7500, or rather Control Plane in overall). I wish
Cisco can include/roll out Receive ACL featureset to all of their IOS releases
for rest of router models, as receive acl is simply another acl applied to
receive-adjacency path in the FIB.
-J
-- James Jun TowardEX Technologies, Inc. Technical Lead Network Design, Consulting, IT Outsourcing james@towardex.com Boston-based Colocation & Bandwidth Services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net
This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:50 GMT-3