Huawei网络设备加固规范2024年11月目录1帐号管理、认证授权.......................................................................................................................21.1账号管理...................................................................................................................................21.1.1SHG-Huawei-01-01-01....................................................................................................21.2登录要求...................................................................................................................................31.2.1SHG-Huawei-01-02-01....................................................................................................31.2.2SHG-Huawei-01-02-02....................................................................................................41.2.3SHG-Huawei-01-02-03....................................................................................................41.3认证和授权...............................................................................................................................51.3.1SHG-Huawei-01-03-01....................................................................................................52日志配置...........................................................................................................................................62.1.1SHG-Huawei-02-01-01....................................................................................................63通信协议...........................................................................................................................................73.1.1SHG-Huawei-03-01-01....................................................................................................73.1.2SHG-Huawei-03-01-02....................................................................................................83.1.3SHG-Huawei-03-01-03....................................................................................................93.1.4SHG-Huawei-03-01-04....................................................................................................93.1.5SHG-Huawei-03-01-05.......................................................................................................103.1.6SHG-Huawei-03-01-06...................................................................................................114设备其它安全要求.........................................................................................................................114.1.1SHG-Huawei-04-01-01...................................................................................................114.1.2SHG-Huawei-04-01-02..................................................................................................121帐号管理、认证授权1.1账号管理1.1.1SHG-Huawei-01-01-01编号:SHG-Huawei-01-01-01名称:无效帐户清理实施目的:删除与设备运行、维护等工作无关的账号问题影响:账号混淆,权限不明确,存在用户越权使用的可能。系统当前状态:查看备份的系统配置文件中帐号信息。实施方案:1、参考配置操作aaaundolocal-usertest回退方案:还原系统配置文件。判断依据:标记用户用途,定期建立用户列表,比较是否有非法用户实施风险:低重要等级:★★★实施风险:低重要等级:★★★1.2登录要求1.2.1SHG-Huawei-01-02-01编号:Huawie-01-02-01名称:远程登录加密传输实施目的:远程登陆采用...
VIP
