Cisco Systems OL-5742-01 manual Managing SSL Support in SGM, Disabling SSL Support in SGM, 18-39

Page 39

Chapter 18 Configuring SGM Security

Implementing SSL Support in SGM

Managing SSL Support in SGM

SGM enables you to perform the following tasks to make it easier to manage SSL support in SGM:

To display the current status of SSL support in SGM, including whether SSL support is enabled or disabled and which SSL keys and certificates exist, use either the sgm ssl status or sgm sslstatus command.

To print the SGM server’s SSL certificate in X.509 format, use the sgm keytool print_crt command.

To list the SSL key/certificate pair on the SGM server, use the sgm keytool list command.

To list all SSL certificates on the SGM client, launch the SGM SSL Certificate Tool. SGM lists each imported certificate, including to whom the certificate was issued, who issued the certificate, and when the certificate expires.

See the “SGM Command Reference” section on page C-1for more information on the use of these commands.

See the “Importing an SSL Certificate to an SGM Client” section on page 18-33for more information on launching the SGM SSL Certificate Tool.

Disabling SSL Support in SGM

SGM enables you to disable SSL support in SGM, and to remove SSL keys and certificates from the SGM server and clients:

To disable SSL support in SGM, use the sgm ssl disable command. See the “sgm ssl” section on page C-98for more information.

To remove all SSL keys and certificates from the SGM server, use the

sgm keytool clear command. SGM stops the SGM server, if necessary, and removes the keys and certificates. Before restarting the server, you must either generate new SSL keys using the sgm keytool genkey command, or you must completely disable SSL using the sgm ssl disable command.

See the “SGM Command Reference” section on page C-1for more information on the use of these commands.

 

 

Cisco Signaling Gateway Manager User Guide

 

 

 

 

 

 

OL-5742-01

 

 

18-39

 

 

 

Page 38 Page 40
Image 39
Page 38 Page 40
Contents 18-1 Configuring SGM SecurityImplementing SGM User-Based Access Solaris Only # cd /opt/CSCOsgm/bin # ./sgm useraccess enable18-2 18-3 Sgm disablepass Sgm passwordage Sgm userpassSgm adduser Sgm disableuser Sgm enableuser Sgm updateuser # ./sgm authtype local# ./sgm authtype solaris # ./sgm sgm adduser username18-4 18-5 Creating Secure Passwords18-6 DICTFILE=/dev/null18-7 Basic User Level 1 Access18-8 Power User Level 2 Access18-9 Network Administrator Level 4 Access18-10 Automatically Disabling Users and Passwords Solaris Only18-11 18-12 # ./sgm passwordage number-of-days# ./sgm inactiveuserdays number-of-days # ./sgm inactiveuserdays clear18-13 # ./sgm passwordage clear# ./sgm clitimeout number-of-minutes # ./sgm clitimeout clear18-14 Manually Disabling Users and Passwords Solaris Only# ./sgm disablepass username # ./sgm deluser username18-15 # ./sgm disableuser username# ./sgm enableuser username # ./sgm userpass username18-16 18-17 # ./sgm updateuser usernameDisplaying a Message of the Day # ./sgm newlevel username18-18 18-19 18-20 # cd /opt/CSCOsgm/bin # ./sgm motd enableDecline # ./sgm motd editManually Synchronizing Local SGM Passwords Listing All Currently Defined Users18-21 Displaying the Contents of the System Security Log 18-23 # cd /opt/CSCOsgm/bin # ./sgm restore securityRestoring Security-Related SGM Data # ./sgm seclog clearDisabling SGM User-Bases Access Specifying a Super User Solaris Only18-24 18-25 18-26 Sgm webport Sgm xtermpath18-27 Enabling SSL Support in SGM18-28 # ./sgm keytool importcert certfilename18-29 # ./sgm keytool importkey keyfilename certfilename18-30 Right-clickDownload SGM Server SSL CertificateLaunching the SGM Certificate Tool for SSL # cd /opt/CSCOsgm/bin # ./sgm certgui18-31 18-32 Help Importing an SSL Certificate to an SGM ClientDetails Exit18-34 Exporting an SSL Certificate18-35 Save18-36 Viewing Detailed Information About an SSL CertificateCertificate Information Dialog 18-3718-38 Managing SSL Support in SGM Disabling SSL Support in SGM18-39 18-40 Limiting SGM Client Access to the SGM Server Solaris Only# ./sgm ipaccess add # ./sgm ipaccess edit18-41 18-42
Related manuals
Manual 136 pages 55.23 Kb

OL-5742-01 specifications

Cisco Systems OL-5742-01 represents an essential advancement in the field of network infrastructure, tailored for organizations that demand robust, reliable, and scalable solutions. As part of Cisco's offerings, this device stands out for its comprehensive features and the technologies embedded within its design.

One of the main features of the OL-5742-01 is its support for advanced routing protocols. The device is engineered to handle both static and dynamic routing, making it versatile for different networking environments. This flexibility allows organizations to efficiently manage data traffic, ensuring optimal performance and minimal downtime. In addition, its built-in redundancy mechanisms ensure that network operations remain uninterrupted, offering peace of mind for mission-critical applications.

The OL-5742-01 is also designed with a focus on security. It incorporates a variety of security features, including advanced encryption protocols, firewall capabilities, and intrusion detection systems. This multilayered approach helps safeguard sensitive data from a myriad of cyber threats, which is particularly crucial in today's digital landscape where data breaches and cyberattacks are prevalent.

Furthermore, the device supports a range of connectivity options, making it suitable for various deployment scenarios. With multiple Ethernet ports and options for fiber connections, it adapts to the specific requirements of an organization's infrastructure. Its ability to support both wired and wireless connections enhances flexibility, allowing for seamless integration into existing networks.

Another noteworthy characteristic of the OL-5742-01 is its scalability. Organizations can easily upgrade their network infrastructure by adding additional units or expanding current capacity without overhauling their entire system. This feature is invaluable for businesses anticipating growth, as it aligns with their evolving needs.

The management of the OL-5742-01 is streamlined through its user-friendly interface, which allows network administrators to monitor and manage the device efficiently. Advanced diagnostic tools assist in troubleshooting, enabling rapid identification and resolution of issues, thus reducing potential network downtime.

In conclusion, Cisco Systems OL-5742-01 is a powerful networking device that encapsulates security, scalability, and advanced routing capabilities. Its features and technologies cater effectively to the demands of contemporary organizations, making it a reliable choice for building and maintaining resilient network infrastructures.
Top Page Image Contents