Manuals / Nortel Networks / Computer Equipment / Server

Nortel Networks NTRN10AN, 3500 manual Security log audit trail

Models: 3500 NTRN10AN

1 342
Download 342 pages 27.69 Kb
Page 176
Image 176

2-138Operation, administration, and maintenance (OAM) features

OPTera Metro allows any user with a UPC level 4 and above to add, delete, or retrieve the Access Control List (ACL) for a node. Each OPTera Metro network element supports an ACL which allows a customer to provision nodes onto an allow or deny list. These lists determine whether or not another node is allowed to access the relevant node. The ACL provisioner has the flexibility to define separate outgoing and incoming access. Your customers modify their own lists but are restricted to incoming access only. In other words, the customer provisions the nodes that are able to access their node.

An Incoming network violation alarm is raised when a denied node attempts to gain access.

Security log audit trail

The security log, by default, records all TL1 commands on the network element that require level 2 access or higher with the following level 1 command exceptions:

ACT-USER, CANC-USER, ED-SECU-PID

ALW-MSG-ALL

INH-MSG-ALL

The caption of the security log includes the following:

date and time of the event

user identification

type of event

names of resources accessed

success or failure of event

The following events are recorded in the security log:

all user login and logouts

invalid user authentication attempts (as well as alarm/alerts generated due to invalid authentication attempts)

authorized commands (according to user class)

changes made in a users security profiles and attributes

changes made in security profiles and attributes associated with a channel or port

changes made in the network element’s security configuration

These logs are archived in a circular buffer resident on the SPx or NPx and accessible through Site Manager’s Security menu. The circular buffer has a capacity of 600 logs per node (estimated 1 week’s activity). Logging on to Preside or Site Manager is not recorded. The Login is limited to operations on Site Manager/Preside that invoke (directly or indirectly) TL1 commands and

OPTera Metro 3500 Multiservice Platform NTRN10AN Rel 12.1 Standard Iss 1 Apr 2004

Page 175 Page 177
Page 176
Image 176
Nortel Networks NTRN10AN, 3500 manual Security log audit trail, Act-User, Canc-User, Ed-Secu-Pid Alw-Msg-All Inh-Msg-All
Page 175 Page 177