Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
295
Views
0
Helpful
2
Replies

Mgmt Interface

zekebashi
Level 4
Level 4

‎04-06-2017 04:11 AM - edited ‎03-08-2019 10:05 AM

Hello,

We ran a vulnerability test against the mgmt interface on the NX7K and the results came back showing that a number of services, such as SSH, DHCPs, NTP, BGP, and SNMP that are open. Are these services/ports listening to these services by default?

Thanks in advance.

Best, ~zK

Labels:
0 Helpful
2 Replies 2

Reza Sharifi
Hall of Fame
Hall of Fame

‎04-06-2017 06:16 AM

Hi,

I think theses services are available under the mgmt vrf and the global.  So, for example SNMP port has to run on the device to be able to manage the switch using the mgmt port.  The same for NTP and DHCP.  If you are not using the services, you maybe able to turn them off or use access list to block them. I am not sure, if there is any other simple solution for this.

HTH

0 Helpful

zekebashi
Level 4
Level 4
In response to Reza Sharifi

‎04-06-2017 03:59 PM

Hi Reza, 

Thanks for the response. I was having a discussion with my colleague regarding securing the mgmt interface and proposed using ACLs on the mgmt interface itself. He preferred the approach of securing the management plane, which I am not clear on. So, what is the best approach of securing the management interfaces on 4 VDCs on the NX7K? 

Thanks in advance. 

~zK 

0 Helpful
Customers Also Viewed These Support Documents