Administrator Guide

NOTE: The Dell EMC Networking OS does not suppress the following ICMPv6 message types:

• Packet too big (2)

• Echo request (128)

• Multicast listener query (130)

• Multicast listener report (131)

• Multicast listener done (132)

• Router solicitation (133)

• Duplicate Address Request (157)

• Duplicate Address Confirmation (158)

Dell EMC Networking OS Security Hardening

The security of a network consists of multiple factors. Apart from access to the device, best practices, and implementing various security

features, security also lies with the integrity of the device. If the software itself is compromised, all of the aforementioned methods

become ineffective.

The Dell EMC Networking OS is enhanced verify whether the OS image and the startup configuration file are altered before loading. This

section explains how to configure OS image and startup configuration verification.

Dell EMC Networking OS comes with the OS image verification and the startup configuration verification features. When enabled, these

• If OS image verification fails after a reload, the system does not load the startup configuration. The System displays an appropriate

error message until the no verified boot command is used on the system.

• After you enable The OS image verification feature, the system prompts you to enter The OS image hash when you upgrade the Dell

EMC Networking OS to a later version. The system checks if your hash matches with The OS image hash only after reloading.

• After enabling The OS image verification feature, use the verified boot hash command to verify and store the hash value. If

you don’t store the hash value, you cannot reboot the device until you verify The OS image hash.

To enable and configure Dell EMC Networking OS image hash verification, follow these steps:

1. Enable the OS image hash verification feature.

CONFIGURATION mode

705