Security Profiles | Cyclades AlterPath BladeManager specification

Security Profiles

1.Select the security profile from the Select Security Profile box and then click on the Add button.

Security Profiles

A security profile defines a set of rules or conditions regarding a user’s access permissions and limits for accessing the BladeManager and its features. The Security Profiles feature allows the administrator to centrally create these rules for as many profiles as necessary. Each time a user requests a page, the system checks the security profile.

Security Profiles deal with IP filtering, VLAN restriction, time and date restrictions, and authorization rules that are applied to each user. The default rule of security profiles is Deny.

You can apply security profiles to users and user groups. The Default Profile is the profile of the default group, User. Whatever condition(s) you configure in the Default Profile is automatically applied to all users except Admin users. This profile cannot be deleted.

Note: To configure users and user groups, go to Users > Groups.

The Default Profile already allows users to log on. You may change it to block connections by default and then allow the valid users. If the chosen rule is Allow, you must select at least one action from the Authorization tab.

AlterPath BladeManager Manual

4-65

Image 147

Cyclades AlterPath BladeManager user manual Security Profiles

Contents

AlterPath BladeManager Page Table of Contents BladeManager Web Access BladeManager Web Administration Table of Contents Table of Contents Advanced Configuration Appendix a Hardware Specifications Viii Chapter Title Description Before You BeginAudience Document Organization Form/Window Levels Typographical ConventionsForm/Window Labels Hypertext Links Naming Conventions Command Line Syntax Where outlet lists format is Before You Begin AlterPath BladeManager Manual Chapter Introduction Connectivity and Capacity Key Features Simple and Easy Web User Interface Centralized AuthenticationConsolidated Views and Blade Access Single Point Security Gateway Log File Compression and Rotation One-Click Access to Blades and SwitchesPrioritized Triggers & Alarms Centralized Data Logging System Chassis, Blades, and User Group Management Backup, Restore, and Replicate User DataOther Alarm Features Blade Wizard Command Line Interface CLI Exhaustive ReportingMultiport Ethernet Cards Deploying the BladeManager Introduction AlterPath BladeManager Manual Product Installation Checklist BladeManager Installation Rack Mounting Guidelines Rack Mounting Guidelines BladeManager Installation Rack Mounting Guidelines BladeManager Installation Rack Mounting Guidelines BladeManager Installation Rack Mounting Guidelines BladeManager Installation Major Components of the BladeManager Installation Safety Guidelines System Reliability GuidelinesStatic-Sensitive Devices Installing DIMMs Installation Procedures BladeManager Installation Installing a Hard Disk Drive Installing a Simple-Swap Serial ATA Hard Disk DriveGo to Completing the Installation, this chapter Installing a Scsi Hard Drive Installing an Adapter BladeManager Installation Installation Procedures BladeManager Installation Completing the Installation Connecting the Cables BladeManager Controls, LEDs, and Power Updating the Server Configuration Front LEDs/Buttons Function Power-control button Reset buttonRear LEDs Function Switching On the Server BladeManager Power Features Switching Off the BladeManager Requirement Description Pre-Configuration Requirements Configuring the COM Port Connection and Logging BladeManager Installation AlterPath BladeManager Manual Alarms User Interface OverviewMenu Option Function Using the Web Interface as a Regular User User Interface Overview Sorting a List Form by Column/Field Name General Screen Features Search and Filter Functions Alarms Alarm Logs Responding to an alarmAlarm List Form Fieldname Definition Viewing the Alarm Detail Form Fieldname / Button Definition Form brings up the Alarm Detail form Assigning a Ticket to a User Viewing Alarm or Console Logs Viewing the Blade List Blades CLI, KVM, VM, ON, OFF Column or Button Definition Name Connecting to a Blade Console Multiple Users and Read/Write AccessViewing a Blade or Switch Consoles Detail Form Field Name Definition Console NamePort Consoles Notify Form Consoles Access Form Consoles Groups Form Log Type Definition Logs Viewing the Logs Access Logs Event Logs Data Buffer Profile User’s Profile Disabled Changing Your Password Viewing the User Access FormViewing the User Groups Form User list box System displays the User Group form List box to the Selected security profiles list Viewing the Security Form Security profile list box BladeManager Web Administration Operational Modes Configuration Process Flow Running the First Time Configuration Wizard First Time Configuration Wizard Password Resetting Configuration to Factory Settings ===================================================== First Time Configuration Wizard An Example First Time Configuration Wizard Hostname Configuration Must Follow RFC Standard Setting the Authentication Method Encrypted version Connecting to the Web Interface Forms Summary BladeManager Web Interface Admin Mode Menu Option Forms and their Functions Menu Option Forms and their Functions Menu Option Forms and their Functions Parts of the Web Interface Logging Into the BladeManager Web Interface BladeManager Web Interface Admin Mode Sorting, Filtering, and Saving a List Form Action Forms Used Using the Form Input FieldsVerifying Error Messages Chassis Management Blade Wizard Save & Create Blades Switch 1 through Switch Fieldname / Element Definition Chassis Devices List Form Adding or Editing a Chassis Filter by buttonSearch Chassis Management Devices Details Form Fields and Elements Intdhcp or static Intdhcp Static Using a Dhcp Server and Selecting the Correct IP ModeIP Mode When to use this mode Function of the Status Field To select one or more groups to access a chassis Selecting the Groups to Access a Chassis Proxies Proxy TypesProxy Type Function Proxy Type Function Configuring the Proxy From the menu, go to Devices Details Groups Switch Verifying your Proxy SettingConfiguring the Chassis Switch Configuring Ports to be Proxied Mode intdhcp or static Two Methods of Blade Configuration Screen/Form Name Function Running the Blade Wizard Connection Method BladeManager Web Administration Groups Unconfigured Consoles Confirmation Edit Configuration Consoles List Form Configuring Blades Manually through the Menu Deleting a Device Connecting to a Device Alarm Trigger Deleting a Device from a GroupDeleting a Device Group Form Function Forms Used Alarm Trigger ManagementViewing the Alarm Trigger List Create Alarm and Priority Creating an Alarm Trigger Field Name Definition Blades / Switches Deleting an Alarm TriggerUsing the Logical and in the Alarm Trigger Expression Connection Applies to Use this connection to Type Consoles List Form OFF Viewing the Console List Adding a Serial Console Blades / Switches 10Consoles Detail Form Fieldnames and Elements Adding a Switch Console Selecting Users to Access the Console Selecting Users to be Notified Assigning the Console to a Group Deleting a Console from a Group Deleting a Console Group Connecting to a ConsoleLog Rotation Initiating Log Rotation Users Setting Log Rotation in Auto Mode Adding a User User List form Username Fieldnames Definition Authentication e.g., LDAP, RADIUS, it is Selecting Consoles for a User Selecting User Groups for a User Deleting a User Deleting a User from a GroupDeleting a User Group Setting the Local Password Setting Up Local AuthenticationSetting a User’s Security Profile Creating a Group Groups Groups Assigning a Security Profile to a User Group Deleting a Group Security Profiles Column Name Definition Status Enabled , Disabled or DeletedSecurity Profile List Form Title Use this form to Adding or Editing a Security Profile Security Profiles Source IP Field Name Function Security Profiles LAN ITF Selected LAN ITF Conditions list box right Security Profile Date/Time Configuring Authorization Authorized Action Function Go to Security Profiles Authorization Deleting a Security Profile Backing Up User DataData Type Definition Backup and Restore Scenarios System Recovery Guidelines Responding to the Warning Message BladeManager Database Transaction Support Info / Reporting Changing the Default Configuration Info / Reporting Page Advanced Configuration Logging Shell CommandsCommand Use this command to Working from a CLI Connecting Directly to Ports Copying and Pasting Text within the Console Applet WindowMenu Option Use this option to CLI Sample Command Line Interface Keys Command CLI Commands Setboot sets the network boot utility. For example Set Commands Setcons sets console connection. For example Date sets the date and date format. For example More Ethernet Subinterfaces Yes, No or Setsmtp sets the email server’s IP address. For example Changing the Escape Sequence Edit the file /opt/tomcat/apm/applet.conf Changing the Session TimeoutRe-defining the Interrupt Key Changing the Number of Lines in the SSH Applet Enabling Telnet Edit /etc/xinetd.conf as follows service telnet Status Meaning NIS ConfigurationFile to edit /etc/nsswitch.conf Where Parameter Definition User Authentication Active Directory Configuration Disabling Http to Use Only Https FirmwareAdding Firmware Upgrading the Apbm Firmware Backing Up User Data Backup and Restore Commands Where Log Files are ArchivedManaging Log Files Where Backing Up Log Files to a Remote Server Maxconnections in my.cnf Changing the Database ConfigurationRestoring Your Configuration Restconf config.tgz.old Installing SSL Certificates Enter OpenSSL commandParameter Description Submit the CSR to the CA Upon receipt, install the certificate Keytool -import -alias tomcat -file jcertfile.cer Advanced Configuration Alterpath BladeManager Manual ACL Access Control ListAuthentication Bios Checksum BootBreak Signal Blade Server DNS Server ClusterConsole Console Port Flow Control Escape SequenceEthernet Flash IP Address Hot-SwapIn-band Network Management KVM Parity Network Mask Pcmcia Secure Shell SSH Root AccessProxy ARP Routing Table Subnet Mask Stop Bit Terminal Server Telnet Rack Height Unit UDP Appendix a Air Temperature BladeManager Hardware Specifications BladeManager Hardware Specifications