Cisco Systems OL-5742-01 # ./sgm inactiveuserdays number-of-days, # ./sgm inactiveuserdays clear

Page 12

Chapter 18 Configuring SGM Security

Configuring SGM User-Based Access

Step 5 (Optional) SGM keeps track of the date and time each user last logged in. You can configure SGM to disable a user’s security authentication automatically after a specified number of days of inactivity. To do so, enter the following command:

# ./sgm inactiveuserdays number-of-days

where number-of-daysis the number of days a user can be inactive before SGM disables the user’s authentication. SGM does not delete the user from the authentication list, SGM only disables the user’s authentication.

The valid range is 1 day to an unlimited number of days. There is no default setting.

To re-enable the user’s authentication, use the sgm enableuser command.

This function is disabled by default. If you do not specify the

sgm inactiveuserdays command, user accounts are never disabled as a result of inactivity.

If you have enabled this function and you want to disable it (that is, to prevent SGM from automatically disabling user accounts as a result of inactivity), enter the following command:

# ./sgm inactiveuserdays clear

Step 6 (Optional) If sgm authtype is set to local, you can configure SGM to force users to change their passwords after a specified number of days.

To configure SGM to force users to change their passwords after a specified number of days, enter the following command:

# ./sgm passwordage number-of-days

where number-of-daysis the number of days allowed before users must change their passwords.

The valid range is 1 day to an unlimited number of days. There is no default setting.

This function is disabled by default. If you do not specify the sgm passwordage command, users never need to change their passwords.

 

Cisco Signaling Gateway Manager User Guide

18-12

OL-5742-01

Image 12
Contents Configuring SGM Security 18-1Implementing SGM User-Based Access Solaris Only # cd /opt/CSCOsgm/bin # ./sgm useraccess enable18-2 Sgm disablepass Sgm passwordage Sgm userpass Sgm adduser Sgm disableuser Sgm enableuser Sgm updateuser# ./sgm authtype local 18-3# ./sgm authtype solaris # ./sgm sgm adduser username18-4 Creating Secure Passwords 18-5DICTFILE=/dev/null 18-6Basic User Level 1 Access 18-7Power User Level 2 Access 18-8Network Administrator Level 4 Access 18-9Automatically Disabling Users and Passwords Solaris Only 18-1018-11 # ./sgm passwordage number-of-days # ./sgm inactiveuserdays number-of-days# ./sgm inactiveuserdays clear 18-12# ./sgm passwordage clear # ./sgm clitimeout number-of-minutes# ./sgm clitimeout clear 18-13Manually Disabling Users and Passwords Solaris Only # ./sgm disablepass username# ./sgm deluser username 18-14# ./sgm disableuser username 18-15# ./sgm enableuser username # ./sgm userpass username18-16 # ./sgm updateuser username 18-17Displaying a Message of the Day # ./sgm newlevel username18-18 18-19 # cd /opt/CSCOsgm/bin # ./sgm motd enable Decline# ./sgm motd edit 18-20Manually Synchronizing Local SGM Passwords Listing All Currently Defined Users18-21 Displaying the Contents of the System Security Log # cd /opt/CSCOsgm/bin # ./sgm restore security Restoring Security-Related SGM Data# ./sgm seclog clear 18-23Disabling SGM User-Bases Access Specifying a Super User Solaris Only18-24 18-25 Sgm webport Sgm xtermpath 18-26Enabling SSL Support in SGM 18-27# ./sgm keytool importcert certfilename 18-28# ./sgm keytool importkey keyfilename certfilename 18-29Right-clickDownload SGM Server SSL Certificate 18-30Launching the SGM Certificate Tool for SSL # cd /opt/CSCOsgm/bin # ./sgm certgui18-31 18-32 Importing an SSL Certificate to an SGM Client DetailsExit HelpExporting an SSL Certificate 18-34Save 18-35Viewing Detailed Information About an SSL Certificate 18-3618-37 Certificate Information Dialog18-38 Managing SSL Support in SGM Disabling SSL Support in SGM18-39 Limiting SGM Client Access to the SGM Server Solaris Only 18-40# ./sgm ipaccess add # ./sgm ipaccess edit18-41 18-42
Related manuals
Manual 136 pages 55.23 Kb

OL-5742-01 specifications

Cisco Systems OL-5742-01 represents an essential advancement in the field of network infrastructure, tailored for organizations that demand robust, reliable, and scalable solutions. As part of Cisco's offerings, this device stands out for its comprehensive features and the technologies embedded within its design.

One of the main features of the OL-5742-01 is its support for advanced routing protocols. The device is engineered to handle both static and dynamic routing, making it versatile for different networking environments. This flexibility allows organizations to efficiently manage data traffic, ensuring optimal performance and minimal downtime. In addition, its built-in redundancy mechanisms ensure that network operations remain uninterrupted, offering peace of mind for mission-critical applications.

The OL-5742-01 is also designed with a focus on security. It incorporates a variety of security features, including advanced encryption protocols, firewall capabilities, and intrusion detection systems. This multilayered approach helps safeguard sensitive data from a myriad of cyber threats, which is particularly crucial in today's digital landscape where data breaches and cyberattacks are prevalent.

Furthermore, the device supports a range of connectivity options, making it suitable for various deployment scenarios. With multiple Ethernet ports and options for fiber connections, it adapts to the specific requirements of an organization's infrastructure. Its ability to support both wired and wireless connections enhances flexibility, allowing for seamless integration into existing networks.

Another noteworthy characteristic of the OL-5742-01 is its scalability. Organizations can easily upgrade their network infrastructure by adding additional units or expanding current capacity without overhauling their entire system. This feature is invaluable for businesses anticipating growth, as it aligns with their evolving needs.

The management of the OL-5742-01 is streamlined through its user-friendly interface, which allows network administrators to monitor and manage the device efficiently. Advanced diagnostic tools assist in troubleshooting, enabling rapid identification and resolution of issues, thus reducing potential network downtime.

In conclusion, Cisco Systems OL-5742-01 is a powerful networking device that encapsulates security, scalability, and advanced routing capabilities. Its features and technologies cater effectively to the demands of contemporary organizations, making it a reliable choice for building and maintaining resilient network infrastructures.