Casio ACS V6000 manual To configure the Security Profile, Select System Security Security Profile

Page 22

Chapter 3: Accessing a Virtual Console Server via the Web Manager 17

Allow all users to access enabled ports or allow the configuration of group authorizations to restrict access

Enable or disable BootP Configuration Retrieval and/or Live Configuration Retrieval

Select a Security Profile, which defines:

Enabled services (FTP, ICMP, IPSec and Telnet)

SSH and HTTP/HTTPS access

The administrator can select either a preconfigured Security Profile or create a custom profile.

All the services and the SSH and HTTP/HTTPS configuration options that are enabled and disabled for each Security Profile are shown in the Wizard - Security and the System - Security - Security Profile pages.

To configure the Security Profile:

1.Select System - Security - Security Profile.

2.In the Idle Timeout field, enter the number of minutes before the virtual console server times out open sessions.

NOTE: This value applies to any user session to the appliance via HTTP, HTTPS, SSH or Telnet. The new idle time-out will be applied to new sessions only.

3.Under the Enabled Services section, enable or disable the RCP checkbox.

4.Under the Serial Devices heading, enable or disable the Port access is controlled by authorizations assigned to user groups checkbox.

5.Select the checkbox for Custom, Moderate, Open or Secure under the Security Profile heading.

6.Click Save.

You can also configure DSView 3 software security settings. When the virtual console server is managed by the DSView 3 software, the DSView 3 server will supply the certificate to the virtual console server. Under normal conditions, the DSView 3 software will manage the certificate to clear and replace it with a new certificate as needed. If communication with the DSView 3 software is lost, the DSView server will be unable to clear the certificate and the virtual console server cannot be used. Click the Clear DSView Certificate button to configure the virtual console server in Trust All mode.

To configure DSView 3 software security settings:

1.Select System - Security - DSView.

2.Click the Allow appliance to be managed by DSView checkbox and click Save.

Page 21 Page 23
Image 22
Page 21 Page 23
Contents ACS Page ACS B L E of C on TE N TS Iii ACS v6000 Installation/Administration/User Guide Features and Benefits Access optionsIPv4 and IPv6 support Web ManagerFlexible users and groups VPN based on IPSec with NAT traversal AuthenticationSecurity Packet filteringData logging, notifications, alarms and data buffering Auto discoveryTo create the virtual machine using the vSphere client ACS v6000 virtual console server requirementsPage Using Telnet or SSH To close a Telnet session To use Telnet to connect to a device through a serial port# telnet hostname IPaddress To use SSH to connect to a device through a serial portTo close an SSH session ACS v6000 Installation/Administration/User Guide Web Manager Overview for Administrators To log into the web managerWizard Mode Wizard Screen To configure licenses To configure network parametersTo configure Ports To configure users and change the default user passwords Expert ModeAccess To view and connect to devices using the web managerSystem System ToolsSecurity profiles To configure DSView 3 software security settings To configure the Security ProfileSelect System Security Security Profile Date and Time Help and LanguageInformation VM SettingsUsage To add an association by Datacenter To configure a vCenterVCenter Network To power control targets using the web managerLicense Devices SettingsTo configure a network device IPv4 and IPv6 static routesFirewall Configuring the firewallHosts To add a hostProtocol options To add a chainTo add a rule To change the policy for a default chainIPSecVPN To edit a rulePayload or AH Authentication Header To configure Snmp Snmp ConfigurationClick Network Snmp Serial ports To enable or disable one or more serial portsPorts Select Ports Serial PortsCAS Ctrl-X Parameter Description CAS Profile To copy/clone the configuration of one port to other portsAuto discovery Select Probe Strings or Match Strings To configure the input/output strings used by auto answerSelect Ports CAS Profile Auto Answer Pool of CAS ports To configure a pool of CAS portsClick Ports Pool of CAS Ports Authentication Pool of CAS Ports Parameters Parameter DescriptionTo set authentication for the console server Appliance authenticationAuthentication servers To configure a Radius authentication serverTo configure an Ldapsad authentication server To configure a TACACS+ authentication serverSelect Authentication Authentication Servers TACACS+ Select Authentication Authentication Servers LdapsadTo configure a DSView authentication server To configure a Kerberos authentication serverTo configure an NIS authentication server Users Accounts and User GroupsLocal accounts To add new usersAdmin group To configure password rulesClick Users Local Accounts Password Rules User groupsTo view admin Appliance Access Rights User group Appliance-admin groupShell-login-profile Managing user groupsCheck the Enable Log-In Profile box To configure a login profile for a user groupTo remove members from a user group To add access to serial ports for a user group To assign appliance access rights for custom user groupsTo configure a group in a TACACS+ authentication server To configure a group in a Radius authentication serverEvent List Event NotificationsEvent Destinations Data Buffering To configure Data BufferingSelect Events and Logs Data Buffering Monitoring To configure Appliance LoggingActive Sessions Appliance LoggingSelect Change Password Change PasswordTo change your own password Web Manager Overview for Regular UsersACS v6000 Installation/Administration/User Guide Appendix a BootP Configuration Retrieval ConfigurationTo resolve an issue Appendix B Technical SupportFor Technical Support
Top Page Image Contents