1.6.1 Ensure 'SSH source restriction' is set to an authorized IP address

Information

Determines the client IP addresses that are allowed to connect to the security appliance through SSH

Rationale:

One key element of securing the network is the security of management access to the infrastructure devices. It is critical to establish the appropriate controls in order to prevent unauthorized access to infrastructure devices. One of them is permitting only authorized originators to attempt device management access. This ensures that the processing of access requests is restricted to an authorized source IP address, thus reducing the risk of unauthorized access and the exposure to other attacks, such as brute force, dictionary, or DoS attacks.

Solution

Run the following to enable SSH access source restriction

hostname(config)#ssh <source_ip> <source_netmask> <interface_name>

See Also

https://workbench.cisecurity.org/benchmarks/7194

Item Details

Category: ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|AC-2(1), 800-53|AC-3, 800-53|AC-17, 800-53|AC-17(1), 800-53|SC-7, 800-53|SI-4, CSCv7|11.6

Plugin: Cisco

Control ID: 79e7d9ab471e0dfb356df8681522eac65e29f104d1e857f1f4f4b49bf9526a4c