cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
273
Views
0
Helpful
1
Replies

Router Vulnerability Scanning Best practice for loopback addresses

oscarquinonez
Level 1
Level 1

Hello Fellows, 

I'm trying to find if there is any Cisco authored or reputable sources for recommended practice when it comes to scanning interfaces on Cisco routers. 
Our vulnerability management teams insist on them being able to scan all interfaces, but we want to limit the scanning to the loopback interface. Rationale is that we don't want business mission critical segments to be scanned, one for potential of unintended issues like network overload, and the other is because our vulnerability reports can show duplicate issues for which is a skewed view of the actual number of findings. 

Any pointers at documentation for or against this would be greatly appreciated. 

1 Reply 1

marce1000
VIP
VIP

 

 - I would agree that this 'becomes too much' ; especially for a device in production. Advising to scan for vulnerabilities using the management or loopback interface (confirmed)

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
Review Cisco Networking for a $25 gift card