Integrate Directory Services on Routers/Switches/Firewall’s

Devices such as firewall’s routers and switches typically do not integrate with directory services and have a single password. From a security standpoint this is not a good idea. The device password should only be known by a limited amount of users. Having a single password is also bad if someone leaves. You have to do a fire drill of a massive password change. A better approach is to integrate the password with directory services. This will allow you to assign each user rights to these devices and they can be controlled by a group. It also allows you the ability to disable a user without a password change. This is a very easy thing to do and is highly recommended.

Add a Comment

Your email address will not be published. Required fields are marked *