APC AP7900 - page 182

®

USER’S GUIDE

Switched Rack PDU

179

123

Secondary NTP Server 106

Secondary Server for RADIUS 102

Secondary Server Secret for RADIUS

102

Section headings, user configuration

file 154

Secure CoPy. See SCP.

Secure Hash Algorithm (SHA) 92

Secure SHell. See SSH.

Secure Sockets Layer. See SSL.

Security

authentication

authentication vs. encryption 120

through digital certificates with SSL

124

certificate-signing requests 125

disabling less secure interfaces 123

encryption with SSH and SCP 122

how certificates are used 134

How SSH host keys are used 135

immediately changing username and

password 119

options for each interface 117

planning and implementing 117, 120

SCP as alternative to FTP 123

SSL

choosing a method to use certificates

126

CipherSuite algorithms and ciphers

125

supported SSH clients 79

using non-standards ports as extra

passwords 120

Security Wizard 134

creating certificates

without a Certificate Authority 137

creating server certificates

to use with a Certificate Authority 142

creating signing requests 142

creating SSH host keys 146

Send DNS Query 76

Server certificates

creating to use with a

Certificate Authority 142

creating without a Certificate Authority

137

Severity levels of events 61

events with no severity level 61

mapping event severity to Syslog

priorities. 87

Signing requests

creating 142

SMTP

From Address 65

Server 65

server 67

SMTP Server 65

SNMP

Access Type setting 85

Authentication Traps 63

Community Name setting 84

NMS IP/Domain Name setting 85

SNMP traps option 62

SSH

enabling 78

encryption 122

fingerprints, displaying and comparing

79

host key

as identifier that cannot be falsified 122

creating 146

file name 83

file status 83

transferring to the PDU 79

modifying the Port setting 81, 91

obtaining an SSH client 79

server configuration 82

v1 Encryption Algorithms 82

v2 Encryption Algorithms 82

SSL

Contents

Main Contents Introduction Control Console Web Interface Device and Outlet Management Menus Data Menu (Web Interface Only) Network Menu System Menu Boot Mode Security How to Export Configuration Settings File Transfers Index Product Information Introduction Product Description Features of the Switched Rack PDU Initial setup Access Procedures Access priority for logging on Types of user accounts Page How to Recover From a Lost Password Page Upgrading Firmware through a Serial Connection Page Page Page Link-RX/TX (10/100) LED This LED indicates the network status. Status LED This LED indicates the network status of the Rack PDU. Load indicator LED The load indicator LED identifies overload and warning conditions for the displayed phase or bank. APC Worldwide Customer Support Wat ch do g F eatures Network interface watchdog mechanism Resetting the network timer Control Console How to Log On Remote access to the control console Telnet for basic access. SSH for high-security access. Local access to the control console Main Screen Example main screen The main screen that is displayed when you log on to the control console of a Rack PDU: Information and status fields Main screen information fields. Main screen status fields. Control Console Menus Menu structure Main menu Device Manager option Network option System option Web Inter face How to Log On Supported Web browsers URL address formats Summary Page Status Quick status tab Navigation Menu Selecting a menu to perform a task Help menu Links menu Device and Outlet Management Menus How to Configure and Control Outlet Groups Outlet group terminology Purpose and benefits of outlet groups System requirements for outlet groups Rules for configuring outlet groups How to enable outlet groups Enable creation of outlet groups. Enable support for global outlet groups (linked groups). How to create a local outlet group (Web interface) How to create multiple global outlet groups (Web interface) How to edit or delete an outlet group Typical outlet group configurations Page Verify your setup and configuration for global outlet groups Outlet Settings for Outlets and Outlet Groups How to initiate a control action Web i nter face. Control Console. Control actions you can select. How to configure outlet settings and outlet name Settings that you can configure. both the Web interface and control console unless otherwise indicated: Web I nterfa ce. Control Console. Switched Rack PDU Settings Configure Load Thresholds Web i nter face. Control console. How to configure Device Settings Web i nter face. Control console. Power Supply Status (control console only) Scheduling Outlet Actions (Web Interface Only) Actions you can schedule Page How to schedule an outlet event How to edit, disable, enable, or delete an outlet event Event-Related Menus Page Event Log Logged events Web interface Control console How to use FTP or SCP to retrieve a log file Secure CoPy (SCP). File Transfer Protocol (FTP). Page Event Actions (Web Interface Only) Severity levels Event log action Syslog action SNMP traps action Email action Event Recipients Trap Receiver settings E-mail Feature DNS servers SMTP settings Email Recipients Page Page How to Configure Individual Events Event List page Detailed Event Action Configuration page Data Menu (Web Interface Only) Log Option Configuration Option Network Menu Page Option Settings TCP/IP Current TCP/IP settings fields. Boot mode setting. Advanced settings. Page DNS Configure Domain Name System Settings fields. Send DNS Query (Web interface). Ping utility (control console only) FTP Se rv er Telnet/SSH Page Page Page Page Page SNMP Email See SMTP settings and E-mail Feature. Syslog Syslog settings. Syslog test (Web interface). message to the Syslog servers configured in the Syslog Server section. Syslog message format. Web/SSL (Web/SSL/TLS in the control console) Page Page Page Page Page Page WAP ISX Protocol (control console only) System Menu Page Option Settings User Manager Use this option to define access values shared by the control console and Web interface. Outlet User Manager Web i nter face. Control console. select Manage Outlet Users from the User Manager menu. RADIUS Configuring the Rack PDU. Configuring the RADIUS server. Page Identification Date & Time Set Manually. Synchronize with Network Time Protocol (NTP) Server . Too ls Use this option to perform the following actions. Links (Web interface) Modem (not supported) About System Page Boot Mode DHCP & BOOTP boot process DHCP Configuration Settings Switched Rack PDU settings Page DHCP response options Vendor Specific Information (opt ion 43). Page TCP/IP options. Miscellaneous options. Security Security Features Planning and implementing security features Summary of access methods Serial control console. Remote control console. SNMP. File transfer protocols. Web S erve r. RADIUS. Changing default user names and passwords immediately Port assignments User names, passwords, community names (SNMP) Authentication versus Encryption Page Encryption Secure SHell (SSH) and Secure CoPy (SCP) Page Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Page Creating and Installing Digital Certificates Purpose Choosing a method for your system Method 1: Use the auto-generated default certificate. Page Method 2: Use the APC Security Wizard to create a CA certificate and a server certificate. Page Page Page Page Using the APC Security Wizard Overview Authentication How certificates are used. How SSH host keys are used. Files you create for SSL and SSH security Page Create a Root Certificate & Server Certificates Create the CA root certificate. Load the CA root certificate to your browser . Create an SSL Server User Certificate. Load the server certificate to the Rack PDU. Create a Server Certificate and Signing Request Create the Certificate Signing Request (CSR). Page Import the signed certificate. Load the server certificate to the Rack PDU. Create an SSH Host Key Create the host key. Load the host key to the Rack PDU. APC Device IP Configuration Wizard Purpose and Requirements Purpose: configure basic TCP/IP settings System requirements Install the Wizard Use the Wizard Launch the Wizard Configure the basic TCP/IP settings remotely Prepare to configure the settings. Run the Wizard to perform the configuration. Configure or reconfigure the TCP/IP settings locally How to Export Configuration Settin gs Retrieving and Exporting the .ini File Summary of the procedure Contents of the .ini file Detailed procedures Retrieving. Customizing. Exporting the file to a single Rack PDU. Exporting the file to multiple Rack PDUs. The Upload Event and Error Messages The event and its error messages Messages in config.ini Errors generated by overridden values Using the APC Device IP Configuration Wizard File Transfers Upgrading Firmware: Methods and Tools Benefits of upgrading firmware Firmware files (Switched Rack PDU) Obtain the latest firmware version Automated upgrade tool for Microsoft Windows systems. Manual upgrades, primarily for Linux systems. Firmware file transfer methods Use FTP or SCP to upgrade one Rack PDU Instructions for using FTP . Instructions for using SCP . How to upgrade multiple Rack PDUs Export configuration settings. Use FTP or SCP to upgrade multiple Rack PDUs. Use XMODEM to upgrade one Rack PDU Page Verifying Upgrades and Updates Last Transfer Result codes Product Information Warranty and Service Limited warranty Warranty limitations Obtaining service Life-Support Policy General policy Examples of life-support devices Index A B C D E F G H I K L M N O P R S Page T U V W APC Worldwide Customer Support Copyright 990-1368D-001 04/2005