![]() ![]() Due to an implementation flaw, Cisco advised customers to revert to the older type 5 (MD5) method until the flaw was corrected. Combine rules with a similar purpose into a policy (optionally with device filter) Deploy policy on device groups - importance of well-defined device groups! Example: Policy: Site_AAA (TACACS+ plus fall back method) Rule: AAA IOS Line Password Rule: AAA IOS Local Username-Secret Rule: AAA IOS TACACS Routers Rule: AAA IOS TACACS Switches Rule: AAA NX-OS Local Username-Secret Rule: AAA NX-OS TACACSġ0 Examples: Single Rule Into Policy Policy: IOS Type 4 Secrets Violation triggers script WAN_Local_s Identify IOS devices with username or enable secret commands that employ type 4 (AES) secrets. ![]() 7 Customer Examples and Q&A Forum Marty Adkins, Netcraftsmen & Large Federal Agency Gregory Whitehead, M&T BankĨ Marty Adkins CCIE #1289, CCSI #93021 Network Architect and co-founder of NetCraftsmen in 2001 Worked with Netcordia founder and NetMRI inventor Terry Slattery to define/refine initial product goals Frequent user since 2004ĩ NetMRI Rules, Policies and Scripts Strategy: Have rules specify device filters for vendor, type, model, etc.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |