Understanding SSH, 16-2 | Cisco Systems Cisco ONS 15310-MA manual

Chapter 16 Configuring Security for the ML-Series Card

Disabling the Console Port on the ML-Series Card

There are several ways to access the Cisco IOS running on the ML-Series card, including a direct connection to the console port, which is the RJ-11 serial port on the front of the card. Users can increase security by disabling this direct connection, which is enabled by default. This prevents console port input without preventing any console port output, such as Cisco IOS error messages.

You can disable console port access through CTC or TL1. To disable it with CTC, at the card-level view of the ML-Series card, click under the IOS tab and uncheck the Enable Console Port Access box and click Apply. The user must be logged in at the Superuser level to complete this task.

To disable it using TL1, refer to the Cisco ONS SONET TL1 Command Guide.

Secure Login on the ML-Series Card

The ML-Series card supports the Cisco IOS login enhancements integrated into Cisco IOS

Release 12.2(25)S and introduced in Cisco IOS Release 12.3(4)T. The enhancements allow users to better secure the ML-Series card when creating a virtual connection, such as Telnet, Secure Shell, or HTTP. The secure login feature records successful and failed login attempts for vty sessions (audit trail) on the ML-Series card. These features are configured using the Cisco IOS command-line interface (CLI.)

For more information, including step-by-step configuration examples, refer to the Cisco IOS Release 12.2(25)S feature guide module Cisco IOS Login Enhancements at http://www.cisco.com/en/US/products/sw/iosswrel/ps1838/products_feature_guides_list.html.

Secure Shell on the ML-Series Card

This section describes how to configure the SSH feature and contains this information:

•Understanding SSH, page 16-2

•Configuring SSH, page 16-3

•Displaying the SSH Configuration and Status, page 16-5

For other SSH configuration examples, see the “SSH Configuration Examples” section in the “Configuring Secure Shell” chapter of the Cisco IOS Security Configuration Guide, Cisco IOS Release 12.2, at this URL:

http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/fsecur_c.html

Note For complete syntax and usage information for the commands used in this section, see the command reference for Cisco IOS Release 12.2 at the URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_installation_and_configuration_g uides_list.html

Understanding SSH

The ML-Series card supports SSH, both version 1 (SSHv1) and version 2 (SSHv2). SSHv2 offers security improvements over SSHv1 and is the default choice on the ML-Series card.

Cisco ONS 15310-CL, ONS 15310-MA, and ONS 15310-MA SDH Ethernet Card Software Feature and Configuration Guide, R9.1 and R9.2

16-2	78-19415-01

ONS 15310-CL, ONS 15310-MA, Cisco ONS 15310-MA specifications

Cisco Systems has long been a leader in networking and telecommunications technology, and among its impressive lineup of products, the Cisco ONS 15310 series stands out as an essential solution for optical networking. This series includes models such as the ONS 15310-MA, ONS 15310-CL, and ONS 15310-CA, each designed to meet the diverse needs of service providers and enterprises seeking to enhance their optical transport networks.

The Cisco ONS 15310-MA is an advanced multi-service platform designed for metropolitan area networks. It facilitates the seamless transport of data, voice, and video over optical networks. One of its main features is its ability to support a variety of interfaces, including Ethernet, SONET/SDH, and Wavelength Division Multiplexing (WDM), allowing users to integrate multiple services into a single platform. Additionally, the ONS 15310-MA supports advanced traffic management and Quality of Service (QoS) features to prioritize critical applications and ensure consistent performance.

The ONS 15310-CL variant is tailored for more specific applications, providing enhanced capabilities aimed at delivering carrier-grade services. It features a robust architecture that accommodates high-capacity traffic without compromising reliability. This model emphasizes low power consumption and a compact design, making it suitable for deployment in space-constrained environments. The ONS 15310-CL also supports a wide range of optical interfaces, making it highly flexible for various network configurations.

In terms of technologies, the Cisco ONS 15310 series leverages Optical Transport Network (OTN) capabilities, providing high efficiency and greater bandwidth utilization. OTN technology enables efficient error correction and adds resilience to the network through its built-in protection mechanisms. Furthermore, the series supports seamless integration with existing IP/MPLS networks, creating a cohesive infrastructure as organizations evolve their networking requirements.

One of the defining characteristics of the ONS 15310 series is its focus on scalability. Network operators can start with a modest deployment and gradually expand capacity as demand grows. This adaptability is complemented by Cisco's comprehensive management and monitoring tools, providing operators with real-time insights into network performance and facilitating proactive management.

In conclusion, the Cisco ONS 15310-MA and ONS 15310-CL models represent sophisticated solutions for modern optical networks. With their versatile features, advanced technologies, and robust design, they empower service providers and enterprises to build resilient, high-capacity networks that meet the demands of today’s data-driven world.

Cisco Systems Cisco ONS 15310-MA manual Disabling the Console Port on the ML-Series Card, 16-2

Models: ONS 15310-CL ONS 15310-MA Cisco ONS 15310-MA