Single Point Security Gateway | Cyclades AlterPath BladeManager

Key Features

Single Point Security Gateway

The BladeManager has been designed such that communication between users and the management network must pass through a single point of access (the BladeManager) to optimize security and enforce adherence to your corporate security policy.

A single, secure access point reduces management overhead for managing blade servers. Moreover, the multiple authentication options available ensures compatibility with existing infrastructure.

Centralized Authentication

Centralized authentication saves the user or administrator from using a password for each blade server, and thereby maintain a secure password. You need only use your password once upon logging onto the BladeManager. To access the blade servers and switch modules, the BladeManager provides the following authentication methods: local database, RADIUS, LDAP, Kerberos, Tacacs+, NIS and active_directory.

Consolidated Views and Blade Access

The BladeManager provides secure OS, POST and BIOS access to individual blades and switch modules.

From the BladeManager web interface, you can view a list of all blades to which you have authorized access. Information about each blade includes blade name, port, location, description, and status. For added security, users cannot view blades which they are not authorized to use.

Simple and Easy Web User Interface

The BladeManager provides a convenient and user-friendly web user interface for the regular user and the administrator. Hyperlinks enable you to access consoles, view data logs, and other information even faster. From one single interface, you can achieve just about everything you need to manage your network’s consoles.

Users can only view and access those blades and switches to which they are assigned. This customization adds security to the system since users cannot view or access any blade or switch that does not concern them.

AlterPath BladeManager Manual

1-3

Image 19

Cyclades AlterPath BladeManager user manual Single Point Security Gateway, Centralized Authentication

Contents

AlterPath BladeManager Page Table of Contents BladeManager Web Access BladeManager Web Administration Table of Contents Table of Contents Advanced Configuration Appendix a Hardware Specifications Viii Chapter Title Description Before You BeginAudience Document Organization Form/Window Levels Typographical ConventionsForm/Window Labels Hypertext Links Naming Conventions Command Line Syntax Where outlet lists format is Before You Begin AlterPath BladeManager Manual Chapter Introduction Connectivity and Capacity Key Features Simple and Easy Web User Interface Centralized AuthenticationConsolidated Views and Blade Access Single Point Security Gateway Log File Compression and Rotation One-Click Access to Blades and SwitchesPrioritized Triggers & Alarms Centralized Data Logging System Chassis, Blades, and User Group Management Backup, Restore, and Replicate User DataOther Alarm Features Blade Wizard Exhaustive Reporting Command Line Interface CLIMultiport Ethernet Cards Deploying the BladeManager Introduction AlterPath BladeManager Manual Product Installation Checklist BladeManager Installation Rack Mounting Guidelines Rack Mounting Guidelines BladeManager Installation Rack Mounting Guidelines BladeManager Installation Rack Mounting Guidelines BladeManager Installation Rack Mounting Guidelines BladeManager Installation Major Components of the BladeManager System Reliability Guidelines Installation Safety GuidelinesStatic-Sensitive Devices Installing DIMMs Installation Procedures BladeManager Installation Installing a Simple-Swap Serial ATA Hard Disk Drive Installing a Hard Disk DriveGo to Completing the Installation, this chapter Installing a Scsi Hard Drive Installing an Adapter BladeManager Installation Installation Procedures BladeManager Installation Completing the Installation Connecting the Cables BladeManager Controls, LEDs, and Power Updating the Server Configuration Front LEDs/Buttons Function Reset button Power-control buttonRear LEDs Function Switching On the Server BladeManager Power Features Switching Off the BladeManager Requirement Description Pre-Configuration Requirements Configuring the COM Port Connection and Logging BladeManager Installation AlterPath BladeManager Manual User Interface Overview AlarmsMenu Option Function Using the Web Interface as a Regular User User Interface Overview Sorting a List Form by Column/Field Name General Screen Features Search and Filter Functions Alarms Responding to an alarm Alarm LogsAlarm List Form Fieldname Definition Viewing the Alarm Detail Form Fieldname / Button Definition Form brings up the Alarm Detail form Assigning a Ticket to a User Viewing Alarm or Console Logs Viewing the Blade List Blades CLI, KVM, VM, ON, OFF Column or Button Definition Name Multiple Users and Read/Write Access Connecting to a Blade ConsoleViewing a Blade or Switch Consoles Detail Form Console Name Field Name DefinitionPort Consoles Notify Form Consoles Access Form Consoles Groups Form Log Type Definition Logs Viewing the Logs Access Logs Event Logs Data Buffer Profile User’s Profile Disabled Viewing the User Access Form Changing Your PasswordViewing the User Groups Form User list box System displays the User Group form List box to the Selected security profiles list Viewing the Security Form Security profile list box BladeManager Web Administration Operational Modes Configuration Process Flow Running the First Time Configuration Wizard First Time Configuration Wizard Password Resetting Configuration to Factory Settings ===================================================== First Time Configuration Wizard An Example First Time Configuration Wizard Hostname Configuration Must Follow RFC Standard Setting the Authentication Method Encrypted version Connecting to the Web Interface Forms Summary BladeManager Web Interface Admin Mode Menu Option Forms and their Functions Menu Option Forms and their Functions Menu Option Forms and their Functions Parts of the Web Interface Logging Into the BladeManager Web Interface BladeManager Web Interface Admin Mode Sorting, Filtering, and Saving a List Form Action Forms Used Using the Form Input FieldsVerifying Error Messages Chassis Management Blade Wizard Save & Create Blades Switch 1 through Switch Fieldname / Element Definition Chassis Devices List Form Filter by button Adding or Editing a ChassisSearch Chassis Management Devices Details Form Fields and Elements Intdhcp or static Intdhcp Static Using a Dhcp Server and Selecting the Correct IP ModeIP Mode When to use this mode Function of the Status Field To select one or more groups to access a chassis Selecting the Groups to Access a Chassis Proxy Types ProxiesProxy Type Function Proxy Type Function Configuring the Proxy From the menu, go to Devices Details Groups Switch Verifying your Proxy SettingConfiguring the Chassis Switch Configuring Ports to be Proxied Mode intdhcp or static Two Methods of Blade Configuration Screen/Form Name Function Running the Blade Wizard Connection Method BladeManager Web Administration Groups Unconfigured Consoles Confirmation Edit Configuration Consoles List Form Configuring Blades Manually through the Menu Deleting a Device Connecting to a Device Deleting a Device from a Group Alarm TriggerDeleting a Device Group Form Function Forms Used Alarm Trigger ManagementViewing the Alarm Trigger List Create Alarm and Priority Creating an Alarm Trigger Field Name Definition Deleting an Alarm Trigger Blades / SwitchesUsing the Logical and in the Alarm Trigger Expression Connection Applies to Use this connection to Type Consoles List Form OFF Viewing the Console List Adding a Serial Console Blades / Switches 10Consoles Detail Form Fieldnames and Elements Adding a Switch Console Selecting Users to Access the Console Selecting Users to be Notified Assigning the Console to a Group Deleting a Console from a Group Deleting a Console Group Connecting to a ConsoleLog Rotation Initiating Log Rotation Users Setting Log Rotation in Auto Mode Adding a User User List form Username Fieldnames Definition Authentication e.g., LDAP, RADIUS, it is Selecting Consoles for a User Selecting User Groups for a User Deleting a User from a Group Deleting a UserDeleting a User Group Setting Up Local Authentication Setting the Local PasswordSetting a User’s Security Profile Creating a Group Groups Groups Assigning a Security Profile to a User Group Deleting a Group Security Profiles Column Name Definition Status Enabled , Disabled or DeletedSecurity Profile List Form Title Use this form to Adding or Editing a Security Profile Security Profiles Source IP Field Name Function Security Profiles LAN ITF Selected LAN ITF Conditions list box right Security Profile Date/Time Configuring Authorization Authorized Action Function Go to Security Profiles Authorization Backing Up User Data Deleting a Security ProfileData Type Definition Backup and Restore Scenarios System Recovery Guidelines Responding to the Warning Message BladeManager Database Transaction Support Info / Reporting Changing the Default Configuration Info / Reporting Page Advanced Configuration Logging Shell CommandsCommand Use this command to Working from a CLI Copying and Pasting Text within the Console Applet Window Connecting Directly to PortsMenu Option Use this option to CLI Sample Command Line Interface Keys Command CLI Commands Setboot sets the network boot utility. For example Set Commands Setcons sets console connection. For example Date sets the date and date format. For example More Ethernet Subinterfaces Yes, No or Setsmtp sets the email server’s IP address. For example Changing the Escape Sequence Edit the file /opt/tomcat/apm/applet.conf Changing the Session TimeoutRe-defining the Interrupt Key Changing the Number of Lines in the SSH Applet Enabling Telnet Edit /etc/xinetd.conf as follows service telnet Status Meaning NIS ConfigurationFile to edit /etc/nsswitch.conf Where Parameter Definition User Authentication Active Directory Configuration Firmware Disabling Http to Use Only HttpsAdding Firmware Upgrading the Apbm Firmware Backing Up User Data Where Log Files are Archived Backup and Restore CommandsManaging Log Files Where Backing Up Log Files to a Remote Server Maxconnections in my.cnf Changing the Database ConfigurationRestoring Your Configuration Restconf config.tgz.old Enter OpenSSL command Installing SSL CertificatesParameter Description Submit the CSR to the CA Upon receipt, install the certificate Keytool -import -alias tomcat -file jcertfile.cer Advanced Configuration Alterpath BladeManager Manual ACL Access Control ListAuthentication Bios Checksum BootBreak Signal Blade Server DNS Server ClusterConsole Console Port Flow Control Escape SequenceEthernet Flash IP Address Hot-SwapIn-band Network Management KVM Parity Network Mask Pcmcia Secure Shell SSH Root AccessProxy ARP Routing Table Subnet Mask Stop Bit Terminal Server Telnet Rack Height Unit UDP Appendix a Air Temperature BladeManager Hardware Specifications BladeManager Hardware Specifications