API Guide
Chapter 1: OS10 security best practices........................................................................................ 4
On first boot..........................................................................................................................................................................4
Password rules..................................................................................................................................................................... 5
Federal Information Processing Standards (FIPS)...................................................................................................... 6
Enable and configure secure boot................................................................................................................................... 7
Users, roles, and privilege levels...................................................................................................................................... 8
Port security........................................................................................................................................................................10
Management plane............................................................................................................................................................ 12
Role-based access control......................................................................................................................................... 12
Access rules...................................................................................................................................................................15
Banner rules...................................................................................................................................................................16
SNMP rules.................................................................................................................................................................... 17
Control plane.......................................................................................................................................................................19
System clock rules....................................................................................................................................................... 19
Logging rules................................................................................................................................................................. 19
NTP rules.......................................................................................................................................................................20
Loopback rules.............................................................................................................................................................. 21
Data plane rules................................................................................................................................................................. 22
Neighbor authentication.................................................................................................................................................. 22
X.509v3 certificates......................................................................................................................................................... 23
Contents
Contents 3