Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
142
Views
0
Helpful
1
Replies

Router Vulnerability Scanning Best practice for loopback addresses

oscarquinonez
Level 1
Level 1

‎05-23-2024 11:20 AM

Hello Fellows, 

I'm trying to find if there is any Cisco authored or reputable sources for recommended practice when it comes to scanning interfaces on Cisco routers. 
Our vulnerability management teams insist on them being able to scan all interfaces, but we want to limit the scanning to the loopback interface. Rationale is that we don't want business mission critical segments to be scanned, one for potential of unintended issues like network overload, and the other is because our vulnerability reports can show duplicate issues for which is a skewed view of the actual number of findings. 

Any pointers at documentation for or against this would be greatly appreciated. 

Labels:
0 Helpful
1 Reply 1

marce1000
VIP
VIP

‎05-24-2024 03:00 AM

 

 - I would agree that this 'becomes too much' ; especially for a device in production. Advising to scan for vulnerabilities using the management or loopback interface (confirmed)

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card