Chapter 5 Security

Audit Trail

Secure shellSuperusers can select secure shell (SSH) instead of Telnet at the CTC Provisioning > Security > Access tab. SSH is a terminal-remote host Internet protocol that uses encrypted links. It provides authentication and secure communication over channels that are not secure. Port 22 is the default port and cannot be changed.

5.3Audit Trail

The ONS 15310-MA SDH maintain a GR-839-CORE-compliant audit trail log that resides on the 15310E-CTX-K9 cards. Audit trails are useful for maintaining security, recovering lost transactions, and

tracing user activities. The audit trail log shows who has accessed the node and what operations were performed during a given period of time. The log includes authorized Cisco support logins and logouts using the operating system command line interface (CLI), CTC, and TL1; the log also includes FTP actions,

circuit creation/deletion, and user/system generated actions.

Event monitoring is also recorded in the audit log. An event is defined as a change in status of an element within the network. External events, internal events, attribute changes, and software upload/download activities are recorded in the audit trail.

To view the audit trail log, refer to the Cisco ONS 15310-MA SDH Procedure Guide. Users can access the audit trail logs from any management interface (CTC, Cisco Transport Manager [CTM], or TL1).

The audit trail is stored in persistent memory and is not corrupted by processor switches or upgrades.

Note The ONS 15310-MA SDH do not support a real-time clock with battery backup. Therefore, when you reset 15310E-CTX-K9 card, the audit log is reset to 1970 until you set the date and time again.

5.3.1 Audit Trail Log Entries

Audit trail records capture various types of activities. Individual audit entries contain some or all of the following information:

User—Name of the user performing the action

Host—Host from where the activity is logged

Device ID—IP address of the device involved in the activity

Application—Name of the application involved in the activity

Task—Name of the task involved in the activity (view a dialog box, apply configuration, and so on)

Connection Mode—The service used to connect to the node (for example, Telnet, console, or Simple Network Management Protocol [SNMP])

Category—Type of change: Hardware, Software, or Configuration

Status—Status of the user action: Read, Initial, Successful, Timeout, or Failed

Time—Time of change

Message Type—Denotes whether the event succeeded or failed

Message Details—A description of the change

Cisco ONS 15310-MA SDH Reference Manual, Release 9.1 and Release 9.2

 

78-19417-01

5-7

 

 

 

Page 113
Image 113
Cisco Systems 15310-MA manual Audit Trail Log Entries

15310-MA specifications

Cisco Systems has established itself as a leader in the networking domain, offering a wide array of solutions to meet the needs of modern businesses. Among its impressive product lineup are the Cisco 15310-CL and 15310-MA routers, designed to provide advanced network performance and reliability.

The Cisco 15310-CL is a versatile platform that primarily serves as a carrier-class router aimed at supporting high-speed data and voice services. It is built to handle the demands of large enterprises and service providers, offering a robust design that ensures maximum uptime and performance. One of its standout features is its modular architecture, which enables users to customize their configurations based on specific application needs. This scalability allows for future expansion without the need for a complete hardware overhaul.

Key technologies integrated into the Cisco 15310-CL include high-density Ethernet interfaces and a comprehensive suite of Layer 2 and Layer 3 protocol support. The device is capable of supporting multiple types of connections, including TDM, ATM, and Ethernet. This flexibility makes it an ideal choice for organizations that require seamless migration between various service types. Moreover, with features such as MPLS (Multiprotocol Label Switching) support and advanced Quality of Service (QoS) mechanisms, the router ensures that critical applications receive the necessary bandwidth and low latency required for optimal performance.

In contrast, the Cisco 15310-MA focuses on access solutions, providing a cost-effective entry point for businesses looking to enhance their network capabilities. It is well-suited for smaller offices or branch locations that need reliable connectivity without the expense and complexity associated with larger systems. The device supports a range of access methods and provides essential features like firewall capabilities, VPN support, and comprehensive security measures to protect sensitive data.

Both models benefit from Cisco's commitment to security and manageability, offering features like enhanced encryption protocols and user authentication mechanisms that help safeguard networks against threats. Additionally, they can be managed through Cisco’s intuitive software tools, simplifying configuration and monitoring tasks for IT administrators.

The Cisco 15310-CL and 15310-MA are ideal solutions for businesses seeking to enhance their network infrastructure, ensuring firms can keep pace with evolving technology demands while maintaining a focus on security and performance. Their combination of advanced features, modular capabilities, and robust support makes them valuable assets in the networking landscape.