Really useful checks embody investigating configuration modifications, monitoring service accounts, checking SIEM correlations for anomalies, and guaranteeing community segmentation and DMZs are arrange accurately. A typical thread within the recommendation is the vulnerability of exterior connectivity — together with VPNs, legacy SSH-1, and FTP — and the weak factors which might be passwords, authentication, entry management and patching.
Recommendation particular to Cisco tools contains disabling telnet, disabling Cisco’s Linux guestshell, and the place attainable disabling net interfaces in favor of the command line.
That is generic recommendation of the type that peppers any security alert put out by governments internationally within the final decade. Clearly, a few of it isn’t being acted on, probably as a result of telco networks are sometimes full of apparatus courting again years which has been forgotten about. In abstract: Audit the whole lot to search out outdated, susceptible stuff and preserve doing this indefinitely.