9-5
Cisco ONS 15454 SDH Reference Manual, R5.0
April 2008
Chapter9 Security and Timin g
9.1.2 Security Policies
9.1.2 Security Policies
Users with Superuser security privilege can provision security policies on the ONS15454 SDH. These
security policies include idle user timeouts, password changes, password aging, and user lockout
parameters. In addition, a Superuser can prevent users from accessing the ONS 1 5454 SDH through the
TCC2/TCC2P RJ-45 port, the MIC-C/T/P LAN connection, or both.

9.1.2.1 Idle User Timeout

Each ONS 15454 SDH CTC or TL1 user can be idle during hi s or her login session for a specified
amount of time before the CTC window is locked. The lockouts prevent unauthoriz ed users from making
changes. Higher-level users have shorter default idle periods and lower-level users have longer or
unlimited default idle periods, as shown in Table 9- 3. The user idle period can be modified by a
Superuser; refer to the CiscoONS 15454 SDH Procedure Guide for instructions.
Provisioning Security Users: Create/Delete X
Users: Change Same user Same user Same user All users
Active logins: Logout X
Policy: Change X
Alarm Profiles Store/Delete1—— X X
New/Load/Compare/Available/
Usage
XXXX
MS-SPRing Create/Delete/Edit/Upgrade — X X
Overhead Circuits Create/Delete/Edit/Merge X X
Search X X X X
Provisionable
Patchcords
Create/ Delete X X
Maintenance Software Download/Cancel X X X X
1. The action buttons in the subtab are active for all users, but the actions can be completely performed only by the users assigned with the required security
levels.
Table9-2 ONS15454 SDH Security Levels—Network View (continued)
CTC Tab Subtab [Subtab]: Actions Retrieve Maintenance Provisioning Superuser
Table9-3 ONS15454 SDH Default User Idle Times
Security Level Idle Time
Superuser 15 minutes
Provisioning 30 minutes
Maintenance 60 minutes
Retrieve Unlimited