Security hardening for Cisco devices

The Cisco security hardening and configuration guide was created from many years of working with network switches and routers and ensuring these devices were configured to meet Security Technical Implementation Guides (STIGs), regulations, and basic cybersecurity hygiene.

The RADIUS configuration is gears towards using DUO multifactor but should work with any RADIUS/TACAS+ authentication such as RSA and Yubikey.

As with anything, test ALL changes in your environment before making these changes permanent.