STIG-V8R19-CSCO-Port Management

Version 1

    This Policy Document will evaluate every port (TenGigabit, GigabitEthernet, FastEthernet, Ethernet) on your network base on the latest configuration saved in NCM for your CISCO devices. 

     

    Null VLAN is 999

    Native VLAN is 1000

     

     

     

    !---> Unused Switchport

    description DISABLE_PORT

    switchport mode access

    switchport access vlan 999

    switchport port-security

    switchport port-security mac-address sticky

    shutdown

     

    !---> Active Switchport

    switchport mode access

    switchport access vlan (vlan|vlan|vlan|vlan)

    switchport port-security

    switchport port-security mac-address sticky

     

    !---> Trunk Port

    Switchport mode trunk

    switchport trunk native vlan 1000

    switchport trunk allow vlan (vlan|vlan|vlan|vlan)

     

    !---> Disabled  Layer 3 Port

    description DISABLED_PORT

    no ip address

    no ip proxy-arp

    no ip redirects

    no ip unreachables

     

    !---> Active Layer 3 Port

    no ip proxy-arp

    no ip redirects

    no ip unreachables