Chapter 5 Connecting the Management Interfaces and Performing Initial System Configuration

Initial System Configuration

EXAMPLE:

This example illustrates a common access control scenario. Let us assume the following:

We want to permit every station to access the SCE on the management port (e.g. ping, SNMP polling etc.).

We want to restrict Telnet access to only a few permitted stations.

We therefore need to create two access control lists:

For general IP access: permit access to all IP addresses.

For Telnet: permit access to the specified IP address, and deny to all others. ACL #1 = permit any IP address. Assign to IP access.

ACL #2 = permit access to 10.1.1.0, 10.10.10.1, deny to all others. Assign to Telnet access.

Would you like to enter the Access lists configuration menu? [no]: y

Would you like create new Access lists or modify existing lists? [no]: y

Enter ACL number: 1

Does this entry permit access? [yes]:

Enter IP address or the word ‘any’ to denote any IP address: any

This entry matches every IP address, no use in adding more entries to this list.

Would you like to configure another list? [no]: y

Enter ACL number: 2

Does this entry permit access? [yes]:

Enter IP address or the word ‘any’ to denote any IP address: 10.1.1.0

Enter wildcard bits: 0.0.0.0

Would you like to add another entry to this list? [no]:y Does this entry permit access? [yes]:

Enter IP address or the word ‘any’ to denote any IP address: 10.10.10.1

Enter wildcard bits: 0.0.0.0

Would you like to add another entry to this list? [no]:y Does this entry permit access? [yes]:n

Enter IP address or the word ‘any’ to denote any IP address: any

This entry matches every IP address, no use in adding more entries to this list.

Would you like to configure another list? [no]: Enter IP access-class [0]: 1

Enter Telnet access-class [0]: 2

EXAMPLE 2:

This example skips the first section of the dialog (creating/modifying), and proceeds directly to assign existing ACLs.

Would you like to enter the Access lists configuration menu? [no]: y

Would you like create new Access lists or modify existing lists? [no]:

Enter IP access-class [0]: 10

Enter Telnet access-class [0]: 22

SCE 2000 4xGBE Installation and Configuration Guide

5-16

OL-7824-02

 

 

 

 

Page 80
Image 80
Cisco Systems SCE 2000 4xGBE manual Example

SCE 2000 4xGBE specifications

The Cisco Systems SCE 2000 4xGBE is a robust solution designed to optimize IP networks and enhance service delivery. As a member of Cisco's Service Control Engine (SCE) product line, this device is particularly suited for service providers looking to manage network traffic, improve service quality, and provide a suite of advanced management features.

One of the standout features of the SCE 2000 is its ability to process and analyze network traffic in real-time. This capability allows operators to gain insights into user behavior, application usage, and overall network performance. By utilizing deep packet inspection technology, the SCE 2000 can identify different types of traffic, enabling network managers to enforce policies and prioritize critical applications effectively.

In terms of interface capabilities, the SCE 2000 offers four 1 Gigabit Ethernet (GbE) ports. This versatility allows for easy integration into existing network infrastructure while ensuring ample bandwidth for data transfer. The device supports both IPv4 and IPv6 protocols, making it future-proof and suitable for evolving network demands.

One of the significant technologies employed by the SCE 2000 is Service Level Agreement (SLA) management. This feature ensures that service providers can meet their commitments to customers by monitoring performance metrics such as latency, jitter, and packet loss. The ability to generate reports based on SLA compliance allows for better customer engagement and transparency.

Additionally, the SCE 2000 facilitates dynamic resource allocation, enabling service providers to adapt network resources based on current demand. This elasticity is crucial in managing peak loads and ensuring a seamless user experience. Furthermore, the device’s support for Quality of Service (QoS) policies ensures that critical applications receive the necessary bandwidth and resources dedicated to maintaining operational efficiency.

The SCE 2000 also emphasizes security with features such as intrusion detection and prevention capabilities, helping protect the integrity of the network. This combination of performance monitoring, traffic management, and security makes the SCE 2000 an invaluable tool for service providers.

In conclusion, the Cisco Systems SCE 2000 4xGBE is a powerful network management solution that excels in providing real-time traffic management, SLA compliance, and security features. Its capabilities make it an essential component for service providers aiming to optimize their networks while delivering high-quality services to their customers.