One of the more important hardening items for switches is restricting management access with an ACL. In a true zero-trust environment, a fully air-gapped network may exist for switch management. And while full AAA should also be implemented, adding an ACL for the users and systems that should be allowed to interact with a switch is equally important.