1-11
Cisco Content Services Switch Security Configuration Guide
OL-5650-02
Chapter1 Controlling CSS Access
Controlling Administrative Access to the CSS
•no restrict xml - Enables the transfer of XML configuration files to the CSS
through unsecure HTTP connections (disabled by default).
•no restrict web-mgmt - Enables Device Management user interface access
to the CSS (disabled by default).
Note Disable Telnet access when you want to use the Secure Shell Host (SSH) server.
For information about configuring SSH, refer to Chapter 2, Configuring the
Secure Shell Daemon Protocol.
For example, to enable Device Management user interface access, enter:
(config)# no restrict web-mgmt
Refer to the Cisco Content Services Switch Administration Guide for details on
configuring the Simple Network Management Protocol (SNMP) features on your
CSS. For details on making web-based configuration changes to the CSS using
Extensible Markup Language (XML), refer to the Cisco Content Services Switch
Administration Guide. For details on using the Device Management user
interface, refer to the Cisco Content Services Switch Device Management User’s
Guide.
Disabling Administrative Access to the CSSTo disable console, FTP, SNMP, SSH, Telnet, user database, secure and unsecure
XML, and web management access to the CSS, use the following restrict
commands:
•restrict console - Disables console access to the CSS (enabled by default).
•restrict ftp - Disables FTP access to the CSS (enabled by default).
•restrict snmp - Disables SNMP access to the CSS (enabled by default).
•restrict ssh - Disables SSHD access to the CSS (enabled by default).
•restrict telnet - Disables Telnet access to the CSS (enabled by default).
•restrict user-database - Prevents users from clearing the running-config file
and creating or modifying usernames. Only administrator and technician
users can perform these tasks (enabled by default).