Chapter 16 Configuring Security for the ML-Series Card

RADIUS Stand Alone Mode

 

Command

Purpose

Step 1

 

 

Router# configure terminal

Enter global configuration mode.

Step 2

 

 

Router (config)# aaa authorization

Configure the ML-Series card for user RADIUS authorization for all

 

network radius

network-related service requests.

Step 3

 

 

Router (config)# aaa authorization

Configure the ML-Series card for user RADIUS authorization if the user

 

exec radius

has privileged EXEC access.

 

 

The exec keyword might return user profile information (such as

 

 

autocommand information).

Step 4

 

 

Router (config)# end

Return to privileged EXEC mode.

Step 5

 

 

Router# show running-config

Verify your entries.

Step 6

 

 

Router# copy running-config

(Optional) Save your entries in the configuration file.

 

startup-config

 

 

 

 

To disable authorization, use the no aaa authorization {network exec} method1 global configuration command.

Starting RADIUS Accounting

The AAA accounting feature tracks the services that users are accessing and the amount of network resources that they are consuming. When AAA accounting is enabled, the ML-Series card reports user activity to the RADIUS security server in the form of accounting records. Each accounting record contains accounting attribute-value (AV) pairs and is stored on the security server. This data can then be analyzed for network management, client billing, or auditing.

Beginning in privileged EXEC mode, follow these steps to enable RADIUS accounting for each Cisco IOS privilege level and for network services:

 

Command

Purpose

Step 1

 

 

Router# configure terminal

Enter global configuration mode.

Step 2

 

 

Router (config)# aaa accounting

Enable RADIUS accounting for all network-related service requests.

 

network start-stop radius

 

 

 

 

Step 3 Router (config)# aaa accounting exec

Enable RADIUS accounting to send a start-record accounting notice at

 

start-stop radius

the beginning of a privileged EXEC process and a stop-record at the end.

Step 4

 

 

Router (config)# end

Return to privileged EXEC mode.

Step 5

 

 

Router# show running-config

Verify your entries.

Step 6

 

 

Router# copy running-config

(Optional) Save your entries in the configuration file.

 

startup-config

 

 

 

 

To disable accounting, use the no aaa accounting {network exec} start-stopmethod1... global configuration command.

 

 

 

Cisco ONS 15310-CL, ONS 15310-MA, and ONS 15310-MA SDH Ethernet Card Software Feature and Configuration Guide, R9.1 and R9.2

 

 

 

 

16-16

78-19415-01

 

 

 

Page 213 Page 215
Page 214
Image 214
Cisco Systems ONS 15310-CL, Cisco ONS 15310-MA manual Starting Radius Accounting, 16-16
Page 213 Page 215

ONS 15310-CL, ONS 15310-MA, Cisco ONS 15310-MA specifications

Cisco Systems has long been a leader in networking and telecommunications technology, and among its impressive lineup of products, the Cisco ONS 15310 series stands out as an essential solution for optical networking. This series includes models such as the ONS 15310-MA, ONS 15310-CL, and ONS 15310-CA, each designed to meet the diverse needs of service providers and enterprises seeking to enhance their optical transport networks.

The Cisco ONS 15310-MA is an advanced multi-service platform designed for metropolitan area networks. It facilitates the seamless transport of data, voice, and video over optical networks. One of its main features is its ability to support a variety of interfaces, including Ethernet, SONET/SDH, and Wavelength Division Multiplexing (WDM), allowing users to integrate multiple services into a single platform. Additionally, the ONS 15310-MA supports advanced traffic management and Quality of Service (QoS) features to prioritize critical applications and ensure consistent performance.

The ONS 15310-CL variant is tailored for more specific applications, providing enhanced capabilities aimed at delivering carrier-grade services. It features a robust architecture that accommodates high-capacity traffic without compromising reliability. This model emphasizes low power consumption and a compact design, making it suitable for deployment in space-constrained environments. The ONS 15310-CL also supports a wide range of optical interfaces, making it highly flexible for various network configurations.

In terms of technologies, the Cisco ONS 15310 series leverages Optical Transport Network (OTN) capabilities, providing high efficiency and greater bandwidth utilization. OTN technology enables efficient error correction and adds resilience to the network through its built-in protection mechanisms. Furthermore, the series supports seamless integration with existing IP/MPLS networks, creating a cohesive infrastructure as organizations evolve their networking requirements.

One of the defining characteristics of the ONS 15310 series is its focus on scalability. Network operators can start with a modest deployment and gradually expand capacity as demand grows. This adaptability is complemented by Cisco's comprehensive management and monitoring tools, providing operators with real-time insights into network performance and facilitating proactive management.

In conclusion, the Cisco ONS 15310-MA and ONS 15310-CL models represent sophisticated solutions for modern optical networks. With their versatile features, advanced technologies, and robust design, they empower service providers and enterprises to build resilient, high-capacity networks that meet the demands of today’s data-driven world.
Top Page Image Contents