Implementing Secure Access to Cisco Devices using TACACS+ and SSH

Many environments that I encounter are using a Defense-In-Depth network security strategy. They have implemented firewalls, Intrusion Detection, VPN, and have a good security policy. When asked, however, how they manage their large installation of Cisco network devices, the reply many times is clear-text telnet, no username/password authentication combination, and very little in the way of auditing logs. The goal of this paper is to provide an easy guide for network administrators to implement secure remote access for all Cisco networking equipment.