Cisco Systems OL-5742-01 manual # ./sgm keytool importkey keyfilename certfilename, 18-29

Page 29

Chapter 18 Configuring SGM Security

Implementing SSL Support in SGM

To use an existing signed key/certificate pair, log in as the root user on the SGM server and enter the following command:

#./sgm keytool import_key key_filename cert_filename

where key_filename is the name of the existing SSL key and cert_filename is the name of the existing signed certificate.

SGM stops the SGM server and imports the SSL key in OpenSSL format and the signed SSL certificate in X.509 format.

Step 3 Enable SSL support in SGM, by logging in as the root user on the SGM server and entering the sgm ssl enable command.

Step 4 Set up the SGM client-side SSL certificate trust relationship, by downloading and importing the self-signed or CA-signed certificate on every remote SGM client, Windows as well as Solaris, that connects to the SGM server.

a.(Self-signed certificate only) Download the self-signed certificate

(server.cer), using the procedure in the “Downloading the SGM Server’s Self-Signed SSL Certificate” section on page 18-30.

b.Import the self-signed or CA-signed certificate, using the procedure in the “Importing an SSL Certificate to an SGM Client” section on page 18-33.

Step 5 Restart the SGM client.

The SGM clients can now connect to the SGM server using SSL. All communication between the server and clients is encrypted.

If an SGM or GTT client that is not SSL-enabled attempts to connect to an SSL-enabled SGM server, SGM displays an appropriate warning message and opens the SGM client download page. The user can then download and install a new SGM client to use to connect to that SGM server.

If the client is SSL-enabled but does not have the correct certificate, SGM displays an appropriate warning message and opens the SGM Server SSL Certificate page. The user can then download the signed SSL certificate in X.509 format to the client.

 

 

Cisco Signaling Gateway Manager User Guide

 

 

 

 

 

 

OL-5742-01

 

 

18-29

 

 

 

Page 28 Page 30
Image 29
Page 28 Page 30
Contents 18-1 Configuring SGM Security18-2 Implementing SGM User-Based Access Solaris Only# cd /opt/CSCOsgm/bin # ./sgm useraccess enable Sgm adduser Sgm disableuser Sgm enableuser Sgm updateuser Sgm disablepass Sgm passwordage Sgm userpass# ./sgm authtype local 18-318-4 # ./sgm authtype solaris# ./sgm sgm adduser username 18-5 Creating Secure Passwords18-6 DICTFILE=/dev/null18-7 Basic User Level 1 Access18-8 Power User Level 2 Access18-9 Network Administrator Level 4 Access18-10 Automatically Disabling Users and Passwords Solaris Only18-11 # ./sgm inactiveuserdays number-of-days # ./sgm passwordage number-of-days# ./sgm inactiveuserdays clear 18-12# ./sgm clitimeout number-of-minutes # ./sgm passwordage clear# ./sgm clitimeout clear 18-13# ./sgm disablepass username Manually Disabling Users and Passwords Solaris Only# ./sgm deluser username 18-1418-15 # ./sgm disableuser username18-16 # ./sgm enableuser username# ./sgm userpass username 18-17 # ./sgm updateuser username18-18 Displaying a Message of the Day# ./sgm newlevel username 18-19 Decline # cd /opt/CSCOsgm/bin # ./sgm motd enable# ./sgm motd edit 18-2018-21 Manually Synchronizing Local SGM PasswordsListing All Currently Defined Users Displaying the Contents of the System Security Log Restoring Security-Related SGM Data # cd /opt/CSCOsgm/bin # ./sgm restore security# ./sgm seclog clear 18-2318-24 Disabling SGM User-Bases AccessSpecifying a Super User Solaris Only 18-25 18-26 Sgm webport Sgm xtermpath18-27 Enabling SSL Support in SGM18-28 # ./sgm keytool importcert certfilename18-29 # ./sgm keytool importkey keyfilename certfilename18-30 Right-clickDownload SGM Server SSL Certificate18-31 Launching the SGM Certificate Tool for SSL# cd /opt/CSCOsgm/bin # ./sgm certgui 18-32 Details Importing an SSL Certificate to an SGM ClientExit Help18-34 Exporting an SSL Certificate18-35 Save18-36 Viewing Detailed Information About an SSL CertificateCertificate Information Dialog 18-3718-38 18-39 Managing SSL Support in SGMDisabling SSL Support in SGM 18-40 Limiting SGM Client Access to the SGM Server Solaris Only18-41 # ./sgm ipaccess add# ./sgm ipaccess edit 18-42
Related manuals
Manual 136 pages 55.23 Kb

OL-5742-01 specifications

Cisco Systems OL-5742-01 represents an essential advancement in the field of network infrastructure, tailored for organizations that demand robust, reliable, and scalable solutions. As part of Cisco's offerings, this device stands out for its comprehensive features and the technologies embedded within its design.

One of the main features of the OL-5742-01 is its support for advanced routing protocols. The device is engineered to handle both static and dynamic routing, making it versatile for different networking environments. This flexibility allows organizations to efficiently manage data traffic, ensuring optimal performance and minimal downtime. In addition, its built-in redundancy mechanisms ensure that network operations remain uninterrupted, offering peace of mind for mission-critical applications.

The OL-5742-01 is also designed with a focus on security. It incorporates a variety of security features, including advanced encryption protocols, firewall capabilities, and intrusion detection systems. This multilayered approach helps safeguard sensitive data from a myriad of cyber threats, which is particularly crucial in today's digital landscape where data breaches and cyberattacks are prevalent.

Furthermore, the device supports a range of connectivity options, making it suitable for various deployment scenarios. With multiple Ethernet ports and options for fiber connections, it adapts to the specific requirements of an organization's infrastructure. Its ability to support both wired and wireless connections enhances flexibility, allowing for seamless integration into existing networks.

Another noteworthy characteristic of the OL-5742-01 is its scalability. Organizations can easily upgrade their network infrastructure by adding additional units or expanding current capacity without overhauling their entire system. This feature is invaluable for businesses anticipating growth, as it aligns with their evolving needs.

The management of the OL-5742-01 is streamlined through its user-friendly interface, which allows network administrators to monitor and manage the device efficiently. Advanced diagnostic tools assist in troubleshooting, enabling rapid identification and resolution of issues, thus reducing potential network downtime.

In conclusion, Cisco Systems OL-5742-01 is a powerful networking device that encapsulates security, scalability, and advanced routing capabilities. Its features and technologies cater effectively to the demands of contemporary organizations, making it a reliable choice for building and maintaining resilient network infrastructures.
Top Page Image Contents