I understand our pals who work for certain agencies have regulatory requirements. But for the rest of us, it has become the norm to apply all these "STIG" and "NIST" configs to our switches.
The resultant configuration is like 50k lines long, using all kinds of obscure commands that are only talked about in an old white paper from 2005, and breaking all kinds of stuff that doesn't need to be broken.
The result is huge problems managing the device, and half the config becoming invalid when you update code on it.
Are attackers in 2021 really saying "Let's go after the switches!" Like really, if you just throw a management ACL on there, lock down net services to known server IPs, you should pretty much be golden.
Thoughts?
No comments:
Post a Comment