Ubiquiti EdgeRouter Hardening Guide

Ubiquiti EdgeRouter Hardening Guide

8.00

The Ubiquiti EdgeRouter Hardening Guide is over 30 pages of router security commands, advice, and best practices that you can implement in your networks. Use this guide to gain a deeper understanding of Ubiquiti security and implement some security "quick wins" in your organization.

Add To Cart

The Ubiquiti EdgeRouter Hardening Guide is over 30 pages of router security commands, advice, and best practices that you can implement in your networks. Use this guide to gain a deeper understanding of Ubiquiti security and implement some security "quick wins" in your organization.

The following tasks are covered in this guide:

  • Device baseline port scan (Nmap)
  • Physical security check:
    • Add interface descriptions
    • Disable unused interfaces
    • Verify physical device security
  • Secure router services:
    • Disable Telnet
    • Secure SSH access
    • Secure GUI access
    • Disable / prune Neighbor Discovery
    • Disable / prune LLDP
    • Secure SNMP monitoring
  • Configure the firewall:
    • Configure address groups
    • Filter WAN traffic inbound
    • Filter local traffic outbound
    • Filter management connections
    • Enable Source Validation (BCP #38)
    • Block ICMP redirects
    • Block broadcast ”pings”
  • Manage router credentials:
    • Change default user password
    • Create individual credentials
    • Disable / remove default user
  • Use best practices:
    • Configure timezone and NTP
    • Set login banners
    • Ship logs to a Syslog server
    • Disable source routing