Harden the Management Plane
The management plane is used to access, configure, and manage a device, as well as monitor its operations and the network on which it is deployed. The management plane receives and sends traffic for operations of these functions. Both the management plane and control plane of a device must be secured, because operations of the control plane directly affect operations of the management plane. The following list includes protocols used by the management plane:
-
SNMP
-
Telnet
-
SSH
-
SFTP
-
FTP
-
TFTP
-
HTTP/HTTPS
-
Secure Copy Protocol (SCP)
-
TACACS+
-
RADIUS
-
LDAP
-
Network Time Protocol (NTP)
-
Syslog
Administrators must take measures to ensure the integrity of the management and control planes during security incidents. If one of these planes is successfully exploited, all planes can be compromised.