Proper authentication model

Iljitsch van Beijnum iljitsch at
Tue Jan 11 21:07:24 UTC 2005

On 11-jan-05, at 18:48, Daniel Golding wrote:

> Its terribly important that your routers' management traffic be 
> encrypted
> all the way to the device.

Why "terribly important"? If this stuff runs over your own network then 
others aren't going to be able to sniff it without physically getting 
at your stuff. And if they can do that crypto won't buy you anything.

That said, being able to connect to your stuff with crypto is better 
than without crypto, of course.

> Bastion hosts are a good thing and can be a great place to put in 
> checks for
> multi-factor authentication (another must-have),

Just make sure that when half your routers are dead you can still 
connect to the remaining half. A single bastion host isn't good enough.

> While you are at it, look at your SNMP setup. You want your SNMP 
> management
> to have the same characteristics as your vty management - strong
> authentication and encryption. Cleartext community strings don't cut 
> it, as
> an example.

Not for write access, anyway. For read access you can get away with 
being slightly less paranoid.

> Also, you need a secure Out of Band management network.

True out of band management networks are very hard to build and very 
hard to use, and you run the risk that you can't get at your stuff 
because the management network is down.

More information about the NANOG mailing list