Can anyone point me to a document or official statement from Cisco stating that their routers, switches, and firewalls are not capable of running Anti-Virus/Anti-Malware to protect their IOS? NERC CIP standards require that all devices contained within the Electronic Security Perimeter run Anti-Virus/Anti-Malware software "where technically feasible", if the devices cannot run AV/AM you have to submit a "Technical Feasibility Exception"....done that...now they want proof that Cisco devices (routers, switches, firewalls) are not capable of running AV/AM to protect their IOS. Please don't confuse this with all of the offering that Cisco has to protect end-user devices...this applies only to the routers, switches, and firewalls.
Any answers would be greatly appreciated, even comments from others dealing with this issue.
