ExtremeCloud™ Orchestrator Security Guide Version 3.3.0.
>
Security Hardening
> Security Hardening for SLX in XCO
Published September 2023
Search this document
Print this page
Email this page
View PDF
Previous
Next
Preface
Text Conventions
Documentation and Training
Help and Support
Send Feedback
What's New in this Document
Security Features in XCO
XCO User Authentication and Authorization
Assign and View XCO Roles
XCO RBAC Policy Enforcement
Update User Password on TPVM
Configure an External LDAP Server
Configure TACACS using CLI
Configure Local User using CLI
BGP MD5 Authentication
BGP MD5 Authentication on Fabric Links
Configure BGP MD5 Password Create, Update, and Clear
Employ a Phased Approach
Configure BGP MD5 Password: Failures When Clearing the Neighbor Session
Configure BGP MD5 Password: Clos Topology (3-Stage and 5-Stage)
Configure BGP MD5 Password: Non-Clos Topology and Fabric Events
Fabric Events and the MD5 Password
Verify the BGP MD5 Password
Configure BGP MD5 Password: Switch Configuration
The BGP MD5 Password, Drift and Reconcile, and Idempotency
Configure BGP MD5 Password: Fabric Clone
Configure BGP MD5 Password: Rules for Clearing BGP Sessions
BGP MD5 Authentication on Edge Links
Configure BGP MD5 Authentication for Tenant BGP Peer
Configure BGP MD5 Authentication for Tenant BGP Peer-group
Configure BGP MD5 Authentication for Tenant BGP Peer and Peer-group Securely
Configure BGP MD5 Authentication for Backup Routing Neighbors
Security Hardening
Overview of System Hardening in XCO
System Hardening for CIS-CAT Assessments
Hardening Script for Ubuntu Linux Host Servers
Security Hardening for SLX in XCO
SLX Device Configuration
Global Device Security Settings
Device Security Settings
Drift and Reconcile for Security Settings
The iptables Policy
Secure the Grub Boot Loader
Install the Linux Audit System
Install and Use OSSEC
Secure NTP and XCO
Secure DNS and XCO
Detect Rootkits with rkhunter
Security Hardening for SLX in
XCO
Harden your security for SLX devices in
ExtremeCloud Orchestrator
.