Cisco CSS Device Support

Configuration
=============
!Active version:
# sh run          (a potential hostname)
restrict snmp
snmp community
snmp name         (a potential hostname)
snmp contact
snmp location
snmp reload-enable
snmp trap-source
snmp trap-host
snmp auth-traps
snmp trap-type generic
snmp trap-type enterprise
prelogin-banner
restrict telnet
restrict ssh
restrict xml
restrict secure-xml
restrict ftp
restrict console
restrict user-database
restrict web-mgmt
sshd version
sshd keepalive
sshd port
sshd server-keybits
web-mgmt state
dump
idle timeout
dns primary | secondary
dns suffix
dns-record
dns-server forwarder
acl enable | disable
acl <index>
  clause
nql
  description
  ip address
tacacs-server timeout
tacacs-server key
tacacs-server <host>
radius-server timeout
radius-server retransmit
radius-server primary
radius-server secondary
virtual authentication
console authentication
interface <if-no>
  description
  shut
  admin-shutdown
  vlan
  bridge vlan
  trunk
circuit <vlan>
  description
  ip address


Security Audit
==============

Reference        Title
---------------------------------------------------
CSS.SNMPRELO.1   SNMP Reload Enabled
CSS.ADMIREST.1   User Restrictions Disabled
CSS.ADMISSHK.1   SSH Keep Alive Messages Disabled
CSS.COREDUMP.1   Core Dumps Enabled
CSS.FILTNOAC.1   ACL Were Not Active


Filter logging does not work unless "logging subsystem acl..." has been configured!
TODO - ACL applied to a circuit