Skip to content
Log In

Arista MLS EOS 4.2x Router Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-NET-000205-RTR-000002

    Group
    Show

  • The Arista router must be configured to drop all fragmented Internet Control Message Protocol (ICMP) packets destined to itself.

    Fragmented ICMP packets can be generated by hackers for DoS attacks such as Ping O' Death and Teardrop. It is imperative that all fragmented ICMP packets are dropped.
    Rule Medium Severity
    Show

  • SRG-NET-000205-RTR-000003

    Group
    Show

  • The Arista perimeter router must be configured to filter ingress traffic at the external interface on an inbound direction.

    Access lists are used to separate data traffic into that which it will route (permitted packets) and that which it will not route (denied packets). Secure configuration of routers makes use of acce...
    Rule Medium Severity
    Show

  • SRG-NET-000205-RTR-000005

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules