Here are some other new things (Cisco IOS specific):
Login Security Enhancements. The Cisco IOS Login Enhancements feature
allows users to better secure their Cisco IOS devices when creating a
virtual connection, such as Telnet, secure shell (SSH), or HTTP. Thus,
users can help slow down dictionary attacks and help protect their
router from a possible denial-of-service (DoS) attack.
http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_
guide09186a00801d1cb3.html
Configuration Change Notification and Logging. Releases of Cisco IOS
software prior to 12.3(4)T/12.2(25)S lack the ability to track the
origin of changes to the running configuration. The only way to
determine if a Cisco IOS software configuration has been changed is to
pull the running and startup configurations offline and do a
line-by-line comparison. This comparison will identify all the changes
that have occurred between the two configurations, but it will not
specify the sequence in which the changes occurred or the person
responsible for the changes.
The Configuration Change Notification and Logging (Configuration
Logging) feature allows the tracking of configuration changes entered on
a per-session and per-user basis by implementing a configuration log.
The configuration log will track each configuration command that is
applied, who applied the command, the parser return code for that
command, and the time that the command was applied. This feature also
adds a notification mechanism that sends asynchronous notifications to
registered applications whenever the configuration log changes.
http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_
guide09186a00801d1e81.html
And then there is 'security passwords min-length'. If you set this to 6
more more, it would knock out 'cisco' as a possible password on the
router.