4Cyclades® ACS 5000 Installation/Administration/User Guide

A web manager user account must be defined. The admin has an account by default, and can add regular-user accounts to grant access to the connected servers or devices using the web manager.

Types of Users

The console server supports the following user account types:

The root user who can manage the console server and its connected devices. The root user performs the initial network configuration. Access privileges are full read/write and management.

Users who are in an Admin group with administrative privileges. The admin user belongs to this group.

Regular users who can access the connected devices through the serial ports they are authorized for. Regular users have limited access to the web manager features.

NOTE: It is strongly recommended that you change the default password avocent for the root and admin users before configuring the console server.

Security

The console server includes a set of security profiles that consists of predefined parameters to control access to the console server and its serial ports. This feature provides more control over the services that are active at any one time. As an additional security measure, all serial ports are disabled by default, allowing the administrator to enable and assign individual ports to users.

NOTE: The Default security profile parameters are the same as the Moderate profile.

Authentication

The console server supports a number of authentication methods to assist the administrator with user management. Authentication can be performed locally or with a remote server, such as RADIUS, TACACS+, LDAP or Kerberos. An authentication security fallback mechanism is also employed should the negotiation process with the authentication server fail. In such situations, the console server follows an alternate defined rule when the authentication server cannot authenticate the user.

The following table lists the supported authentication methods.

Page 12
Image 12
Avocent ACS 5000 manual Types of Users, Security, Authentication