Cisco Cisco ASA 5545-X Adaptive Security Appliance 기술 매뉴얼
Contents
Introduction
Prerequisites
Requirements
Components Used
Conventions
Secure Operations
Monitor Cisco Security Advisories and Responses
Leverage Authentication, Authorization, and Accounting
Centralize Log Collection and Monitoring
Use Secure Protocols When Possible
Gain Traffic Visibility with NetFlow
Configuration Management
Management Plane
Hardening Management Plane
Password Management
Enable HTTP Service
Enable SSH
Configure Timeout for Login Sessions
Password Management
Configure Local User and Encrypted Password
Configure Enable Password
Configure AAA Authentication for Enable Mode
Authentication, Authorization, and Accounting
TACACS+ Authentication
ASA image signing and verification
Configure Clock Time Zone
Configure NTP
DHCP Server Service (If not being used)
Control-Plane Access-list
From ASA
For Through traffic
TCP Sequence Number Randomization
TTL Decrement
dnsguard
Configure Fragment Chain Fragmentation Checks
Configure Protocol Inspection
Configure Unicast Reverse-Path Forwarding
Threat Detection
Botnet Filter
ARP cache additions for non-connected subnets
Logging and Monitoring
Configuring SNMP