Console Port Security

Patrick McHenry · ‎11-17-2011

Hi,

I had a question about console port security. We have some production switches that are not locked up in our enviroment - leaving them vulnerable to a break-in. I don't want to disable the recovery feature as I might need it. Are there locks you can purchase for console ports? If not, can ethernet port locks work in a console port? I know that there are locks you can purchase for ethernet ports.

Thanks, Pat.

smitesh kharecha · ‎11-17-2011

Hi Patrick,

Have you consider putting password on console ??

line con 0

password

This way, even if some unauthorised person tries to console to your devices, he would be asked for console password.

PS: Yes here the catch is, if that person is knowlegible then he might go for password recovery mechanism...

Regards,

Smitesh

Patrick McHenry · ‎11-17-2011

Smitesh,

I'm referring to a break-in only. The switch is still vulnerable to that. Of course, I have passwords on our console ports.My question was if anyone knew of any console port locks and if the ones used for ethernet ports would work.

MahmutOran · ‎08-09-2019

Hi,

In this topic, i have question too.

I would like to secure the console port and console username & password.

When we connect to network, entiring though tacacs but if the device not connect to network can connect with console.
We have one standard console username & password. And this can learn from everybody. For every device, can product local console username but this is not rational i know.

Could it make like this "multi factor authentication"? Is there any solition for this topic.

Thank you.