Cisco Systems OL-5742-01 manual Configuring SGM Security, 18-1

Page 1

C H A P T E R 18

Configuring SGM Security

This chapter provides the following information about configuring SGM security and limiting access to SGM:

Configuring SGM User-Based Access, page 18-1

Implementing SSL Support in SGM, page 18-26

Limiting SGM Client Access to the SGM Server (Solaris Only), page 18-40

Configuring SGM User-Based Access

SGM enables you to control who is allowed to do what in SGM, beyond simply specifying root and non-root users. SGM calls this ability User-Based Access.

User-Based Access provides multi-level password-protected access to SGM features. Each user can have a unique user name and password. Each user can also be assigned to one of five levels of access, which control the list of SGM features accessible by that user.

To configure SGM User-Based Access, perform the tasks in the following sections. Required and optional tasks are indicated.

Implementing SGM User-Based Access (Solaris Only), page 18-2(Required)

Creating Secure Passwords, page 18-5(Required)

Configuring SGM User Authentication Levels (Solaris Only), page 18-6(Required)

Automatically Disabling Users and Passwords (Solaris Only), page 18-10(Optional)

 

 

Cisco Signaling Gateway Manager User Guide

 

 

 

 

 

 

OL-5742-01

 

 

18-1

 

 

 

Page 1 Page 2
Image 1
Page 1 Page 2
Contents 18-1 Configuring SGM Security# cd /opt/CSCOsgm/bin # ./sgm useraccess enable Implementing SGM User-Based Access Solaris Only18-2 Sgm adduser Sgm disableuser Sgm enableuser Sgm updateuser Sgm disablepass Sgm passwordage Sgm userpass# ./sgm authtype local 18-3# ./sgm sgm adduser username # ./sgm authtype solaris18-4 18-5 Creating Secure Passwords18-6 DICTFILE=/dev/null18-7 Basic User Level 1 Access18-8 Power User Level 2 Access18-9 Network Administrator Level 4 Access18-10 Automatically Disabling Users and Passwords Solaris Only18-11 # ./sgm inactiveuserdays number-of-days # ./sgm passwordage number-of-days# ./sgm inactiveuserdays clear 18-12# ./sgm clitimeout number-of-minutes # ./sgm passwordage clear# ./sgm clitimeout clear 18-13# ./sgm disablepass username Manually Disabling Users and Passwords Solaris Only# ./sgm deluser username 18-1418-15 # ./sgm disableuser username# ./sgm userpass username # ./sgm enableuser username18-16 18-17 # ./sgm updateuser username# ./sgm newlevel username Displaying a Message of the Day18-18 18-19 Decline # cd /opt/CSCOsgm/bin # ./sgm motd enable# ./sgm motd edit 18-20Listing All Currently Defined Users Manually Synchronizing Local SGM Passwords18-21 Displaying the Contents of the System Security Log Restoring Security-Related SGM Data # cd /opt/CSCOsgm/bin # ./sgm restore security# ./sgm seclog clear 18-23Specifying a Super User Solaris Only Disabling SGM User-Bases Access18-24 18-25 18-26 Sgm webport Sgm xtermpath18-27 Enabling SSL Support in SGM18-28 # ./sgm keytool importcert certfilename18-29 # ./sgm keytool importkey keyfilename certfilename18-30 Right-clickDownload SGM Server SSL Certificate# cd /opt/CSCOsgm/bin # ./sgm certgui Launching the SGM Certificate Tool for SSL18-31 18-32 Details Importing an SSL Certificate to an SGM ClientExit Help18-34 Exporting an SSL Certificate18-35 Save18-36 Viewing Detailed Information About an SSL CertificateCertificate Information Dialog 18-3718-38 Disabling SSL Support in SGM Managing SSL Support in SGM18-39 18-40 Limiting SGM Client Access to the SGM Server Solaris Only# ./sgm ipaccess edit # ./sgm ipaccess add18-41 18-42
Related manuals
Manual 136 pages 55.23 Kb

OL-5742-01 specifications

Cisco Systems OL-5742-01 represents an essential advancement in the field of network infrastructure, tailored for organizations that demand robust, reliable, and scalable solutions. As part of Cisco's offerings, this device stands out for its comprehensive features and the technologies embedded within its design.

One of the main features of the OL-5742-01 is its support for advanced routing protocols. The device is engineered to handle both static and dynamic routing, making it versatile for different networking environments. This flexibility allows organizations to efficiently manage data traffic, ensuring optimal performance and minimal downtime. In addition, its built-in redundancy mechanisms ensure that network operations remain uninterrupted, offering peace of mind for mission-critical applications.

The OL-5742-01 is also designed with a focus on security. It incorporates a variety of security features, including advanced encryption protocols, firewall capabilities, and intrusion detection systems. This multilayered approach helps safeguard sensitive data from a myriad of cyber threats, which is particularly crucial in today's digital landscape where data breaches and cyberattacks are prevalent.

Furthermore, the device supports a range of connectivity options, making it suitable for various deployment scenarios. With multiple Ethernet ports and options for fiber connections, it adapts to the specific requirements of an organization's infrastructure. Its ability to support both wired and wireless connections enhances flexibility, allowing for seamless integration into existing networks.

Another noteworthy characteristic of the OL-5742-01 is its scalability. Organizations can easily upgrade their network infrastructure by adding additional units or expanding current capacity without overhauling their entire system. This feature is invaluable for businesses anticipating growth, as it aligns with their evolving needs.

The management of the OL-5742-01 is streamlined through its user-friendly interface, which allows network administrators to monitor and manage the device efficiently. Advanced diagnostic tools assist in troubleshooting, enabling rapid identification and resolution of issues, thus reducing potential network downtime.

In conclusion, Cisco Systems OL-5742-01 is a powerful networking device that encapsulates security, scalability, and advanced routing capabilities. Its features and technologies cater effectively to the demands of contemporary organizations, making it a reliable choice for building and maintaining resilient network infrastructures.
Top Page Image Contents