Skip to content

Cisco IOS XR Router RTR Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The Cisco perimeter router must be configured drop IPv6 packets with a Routing Header type 0, 1, or 3–255.

    <VulnDiscussion>The routing header can be used maliciously to send a packet through a path where less robust security is in place, rather tha...
    Rule Medium Severity
  • SRG-NET-000018-RTR-000001

    <GroupDescription></GroupDescription>
    Group
  • The Cisco router must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies.

    &lt;VulnDiscussion&gt;Information flow control regulates where information is allowed to travel within a network and between interconnected network...
    Rule Medium Severity
  • SRG-NET-000168-RTR-000078

    <GroupDescription></GroupDescription>
    Group
  • The Cisco router must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime.

    &lt;VulnDiscussion&gt;A rogue router could send a fictitious routing update to convince a site's perimeter router to send traffic to an incorrect o...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules