Home aaa authentication authorization aux console cty line password radius tacas virtual vty Device Access Security

Device Access Security

, , , , , , , , , ,

 





It s important to secure Cisco devices by configuring and implementing username and password protection and assigning different Cisco privilege levels to control and restrict access to the CLI. Hence, protecting the devices from unauthorized access

There are 16 privilege levels of admins access, 0-15, on the Cisco router or switch that you can configure to provide customized access control. With 0 being the least privileged and 15 being the most privileged.

 These are three privilege levels the Cisco IOS uses by default:

  • Level 0 – Zero-level access only allows five commands- logout, enable, disable, help and exit.
  • Level 1 – User-level access allows you to enter in User Exec mode that provides very limited read-only access to the router.
  • Level 15 – Privilege level access allows you to enter in Privileged Exec mode and provides complete control over the router.


                  (connection ports into the routers)

The Console Port

Each router has one console port .The CTY line-type is the Console Port.On any router, it appears in the router configuration as line con 0 and in the output of the show line command as cty




Virtual Terminals (VTYs)

VTYs are logical connections from the network to the router; these are typically telnet, SSH, or rlogin connections.The VTY lines are the Virtual Terminal lines of the router, used solely to control inbound Telnet connections. They are virtual, in the sense that they are a function of software. No physical lines



The Auxiliary (AUX) Port
The router’s auxiliary (AUX) port functions as a backup async port. It is most commonly used as a backup console port. The AUX line is the Auxiliary port, seen in the configuration as line aux 0.





Authentication
 Authentication provides a way to identify a user, typically by having the user enter a valid username and valid password before access is granted. 
The AAA server compares a user's authentication credentials with other user credentials stored in a database. 
If the credentials match, the user is permitted access to the network. If the credentials do not match, authentication fails and network access is denied.

Authorization


Authorization is the process of enforcing policies: determining what types of activities, resources, or services a user is permitted to

Accounting 


Accounting measures the resources a user consumes during access, which may include the amount of system time or the amount of data that a user has sent or received during a logging session or log files. 









Device Access Security Device Access Security Reviewed by ohhhvictor on September 12, 2022 Rating: 5

No comments:

Subscribe to: Post Comments ( Atom )
photo imagen120.jpg
Theme images by RBFried. Powered by Blogger.