English dropdown-ico

Manual Cisco Systems OL-5742-01

42 pages 0.41 mb
Download

Go to site of 42

Summary
  • Cisco Systems OL-5742-01 - page 1

    CH A P T E R 18-1 Cisco Signaling Gateway Manager User Guide OL-5742-01 18 Configuring SGM Security This chapter provides the follo wing info rmation about configuring SGM security and limiting access to SGM: • Config uring SGM User-Based A ccess, page 18-1 • Implementing SSL Supp ort in SGM, page 18-26 • Limiting SGM Client Access to the SG ...

  • Cisco Systems OL-5742-01 - page 2

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-2 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 • Manually Disabling U sers and Passwords (Solaris On ly), page 18-14 (Optio nal) • Enabling and Changing Us ers and Passwords (Solaris Only ), page 18-16 (Optio nal) • Displaying a Message o f the Day , page 18-1 ...

  • Cisco Systems OL-5742-01 - page 3

    18-3 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access Step 3 If you ha ve already conf igured the type of SGM security authent ication you want to use, skip to Step 4 . Otherwise, conf igure the type of SGM security authentication yo u want to use: • Local authentica tion ...

  • Cisco Systems OL-5742-01 - page 4

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-4 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 T o enable Solaris auth entication, enter the follo wing command: # ./sgm authtype solaris See the “SGM Command Reference” section on page C-1 for more information on the use of e ach of the above SGM commands. Step ...

  • Cisco Systems OL-5742-01 - page 5

    18-5 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access Note If sgm authtype is set to solaris , users cannot ch ange their passwords using the SGM client . Instead, t hey must mana ge their passwor ds on the external authentication servers, using Solaris commands, such as pas ...

  • Cisco Systems OL-5742-01 - page 6

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-6 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 • The password cannot be a common w ord. SGM uses the dictionary located at /usr/lib/shar e/dict/wor ds to determine whether a word is common. T o ov erride the SG M dictionary , chan ge the DICT_FI LE entry in the Sy ...

  • Cisco Systems OL-5742-01 - page 7

    18-7 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access Note Access to SGM information and downlo ads on Cisco.com is al ready p rotecte d by Cisco.com, and is not protected by SGM. T o conf igure the authentication lev el for a user , use the sgm adduser command, as described ...

  • Cisco Systems OL-5742-01 - page 8

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-8 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 • System Data Files – Notes – Vi e w s – Preferences • V iewing SG M documentation • Down loading client software Power User (Level 2) Access Po w er Users hav e acc ess to all Basic User functions. Po wer U ...

  • Cisco Systems OL-5742-01 - page 9

    18-9 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access • T elnet ting to the I TP • V iewing rout e table files and GTT f iles, but not editing them Network Operato rs have access to t he following SGM W eb di splays: • Point Code In ventories • System Data Files – ...

  • Cisco Systems OL-5742-01 - page 10

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-10 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 System Administ rators hav e access to the follo wing SGM W eb displays: • System Messages and Logs • System Status, including User Acco unts and System T roubleshooting • T rap Ho st Configuration, includ ing SN ...

  • Cisco Systems OL-5742-01 - page 11

    18-11 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access Step 2 Enter the follo wing command: # cd /opt/CSCOsgm/bin Step 3 (Optiona l) Y ou can configure SGM to gene rate an alarm after a specified number of unsuccessful login attempt s by a user . T o do so, enter the fol low ...

  • Cisco Systems OL-5742-01 - page 12

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-12 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 Step 5 (Optional) SGM keeps track of the date and time eac h user last logged in. Y ou can configure SGM to disable a user’ s secur ity authentication automaticall y after a specified n umber of days of inactivity . ...

  • Cisco Systems OL-5742-01 - page 13

    18-13 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access If you ha ve enabled this function and you w a nt to disable it (that is, pre vent SGM from forcing users to change passw ords), enter the follo wing command: # ./sgm passwordage clear Note If sgm authtype is set to sola ...

  • Cisco Systems OL-5742-01 - page 14

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-14 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 Manually Disabling Users and Passwords (Solaris Only) As described in the “ Automatically Disabling Users and Passw ords (Solaris Only)” section on page 18 -10 , you can customize SGM to automatically disable users ...

  • Cisco Systems OL-5742-01 - page 15

    18-15 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access Y ou ca n also re-enable the user’ s authenti cation with the same password, or with a ne w password: • T o re-enable the user’ s authentication with the same password as before, use the sgm enableuser command. • ...

  • Cisco Systems OL-5742-01 - page 16

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-16 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 Enabling and Changing Users and Passwords (Solaris Only) Of course, SGM also enables you to r e-enable users and passwords, and change user accounts. T o enable and change use rs and passwords, use the follo wing proce ...

  • Cisco Systems OL-5742-01 - page 17

    18-17 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access Note If sgm authtype is set to solaris , you cannot use the sgm userpass command. Instead, you must manag e passwords on the e xternal authentication servers. Step 5 (Optional) T o change a user’ s authentication le ve ...

  • Cisco Systems OL-5742-01 - page 18

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-18 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 Step 6 (Optional) T o ch ange a user’ s authenticati on lev el, but not the user’ s password, enter the following command: #. / s g m n e w l e v e l username where username is the name of the user . SGM prompts yo ...

  • Cisco Systems OL-5742-01 - page 19

    18-19 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access • SGM displays the Message o f the Day dial og ( Figure 18-1 ). Figure 18-1 Message of the D ay Dialog The Message of the Day dialog contai ns the following f ields and butt ons: Field or Button Description Message of ...

  • Cisco Systems OL-5742-01 - page 20

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-20 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 If you want t o configure SGM to display a messag e of the day , you must first enable the function. T o do so , log in as the root user , as described in the “Becoming the Root User (Solaris O nly)” section on pag ...

  • Cisco Systems OL-5742-01 - page 21

    18-21 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access T o display the co ntents of the message of the day f ile, enter the followin g command: #. / s g m m o t d c a t T o disable this funct ion (that is, to stop displaying the message of the day whene ver a user attempt s ...

  • Cisco Systems OL-5742-01 - page 22

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-22 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 SGM displays the follo wing in formation for each user: • User name • Last time the user logged in • User’ s a uthentication access lev el • User’ s current authentica tion status, such as Account Enabled o ...

  • Cisco Systems OL-5742-01 - page 23

    18-23 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access • Access to all privileged f iles and proc esses • Operating system configuration changes and program changes, at the Solaris lev el • SGM restarts • Failur es of computers, programs, communications, and operatio ...

  • Cisco Systems OL-5742-01 - page 24

    Chapter 18 Configuring SGM Security Configuring SGM User-B ased Access 18-24 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 Disabling SGM User-Bases Access For so me reason, you might want to comp letely disable SGM User-Based Access. T o do so, log in as the root user , as described in the “Becoming th e Root User (Solaris Only)” secti ...

  • Cisco Systems OL-5742-01 - page 25

    18-25 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access When you specify a super user , keep in mind the follo wing considerat ions: • The user must exist i n the local /etc/passwd file. Y ou cannot specify a user that is defined in a di stributed Netw ork Information Servi ...

  • Cisco Systems OL-5742-01 - page 26

    Chapter 18 Configuring SGM Security Implementing SSL Support in SGM 18-26 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 – sgm webport – sgm xtermpath • If sgm aut htype is set to solaris , you must still be logged in as the root user to enter the follo wing commands: – sgm adduser – sgm disableuser – sgm enableuser – sgm upda ...

  • Cisco Systems OL-5742-01 - page 27

    18-27 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM • Importing an SSL Ce rtificate to an SGM Client, pa ge 18-33 • Exporting an SSL Certif icate, page 18-34 • V iewing Det a iled Informatio n About an SSL Certificat e, page 18-36 • Managing SSL Support in SGM, page ...

  • Cisco Systems OL-5742-01 - page 28

    Chapter 18 Configuring SGM Security Implementing SSL Support in SGM 18-28 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 SGM gene rates the f ollowing files: – /opt/CSCOsgm/etc/ssl/server .ke y is the SGM server’ s priv ate key . Ensure that unauthorized per s onnel cannot access this k ey . – /opt/CSCOsgm/etc/ssl/server .cer is the s ...

  • Cisco Systems OL-5742-01 - page 29

    18-29 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM • T o use an existing signed ke y/certificate pair , log in as the root user on the SGM server and enter the follo wing command: # ./sgm keytoo l import_key ke y_ filename cert_ filename where k ey_f ilename is the name ...

  • Cisco Systems OL-5742-01 - page 30

    Chapter 18 Configuring SGM Security Implementing SSL Support in SGM 18-30 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 Downloading the SGM Server’s Self-Signed SSL Certificate If you ha ve implemented Secure Sockets Layer (SSL) suppo rt in your SGM system, you can download the SGM server’ s signed SSL certificate to all r emote SGM cl ...

  • Cisco Systems OL-5742-01 - page 31

    18-31 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM Launching the SGM Certificate Tool for SSL If you ha ve implemented Secure Sockets Layer (SSL) suppo rt in your SGM system, you c an launch th e SGM Certific ate T ool for SSL. The SGM Certificate T ool dialog lists all SS ...

  • Cisco Systems OL-5742-01 - page 32

    Chapter 18 Configuring SGM Security Implementing SSL Support in SGM 18-32 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 Figur e 18-2 SGM Certificate T ool Dialog The SGM Certificate T ool dialog displays the foll owing informati on about each SSL certificate: Field or Button Description Issued to Host name of the SGM server to which the SS ...

  • Cisco Systems OL-5742-01 - page 33

    18-33 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM Importing an SSL Certificate to an SGM Client If you ha ve implemented Secure Sockets Layer (SSL) suppo rt in your SGM system, you can import the SGM server’ s self-signed SSL ce rtificate, or a CA-signed SSL certif icat ...

  • Cisco Systems OL-5742-01 - page 34

    Chapter 18 Configuring SGM Security Implementing SSL Support in SGM 18-34 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 Use the Open dialog to locate th e SSL certificate that you w ant to import. The Open dialog for an SSL certif icate prov ides the follo wing fields and buttons: Related Topics: • Launching the SGM Certif icate T ool fo ...

  • Cisco Systems OL-5742-01 - page 35

    18-35 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM T o export an SSL certif icate, launch th e SGM SSL Certificate T ool, as describe d in the “Launching the SGM Ce rtificate T o ol for SSL” section on page 18 -31 , select a certificate from the list, then click Export ...

  • Cisco Systems OL-5742-01 - page 36

    Chapter 18 Configuring SGM Security Implementing SSL Support in SGM 18-36 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 Related Topics: • Launching the SGM Certif icate T ool for SSL, page 18-31 Viewing Detailed Information About an SSL Certificate If you ha ve implemented Secure Sockets Layer (SSL) suppo rt in your SGM system, you can v ...

  • Cisco Systems OL-5742-01 - page 37

    18-37 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM Figur e 18-5 Certificat e Infor mation Dialog ...

  • Cisco Systems OL-5742-01 - page 38

    Chapter 18 Configuring SGM Security Implementing SSL Support in SGM 18-38 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 The Certifi cate Information dialog displays the fol lowing detailed informatio n for the selected SSL certificate: Related Topics: • Launching the SGM Certif icate T ool for SSL, page 18-31 Field or Button Description ...

  • Cisco Systems OL-5742-01 - page 39

    18-39 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM Managing SSL Support in SGM SGM enables you to per form the follow ing tasks to make it easier to manage SSL support in SGM: • T o display the current status of SSL support in SGM, including whether SSL support is enab l ...

  • Cisco Systems OL-5742-01 - page 40

    Chapter 18 Configuring SGM Security Limiting SGM Client Access to the SGM Server (Solaris Only) 18-40 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 • T o remov e an SSL certificate from the SGM client, launch the SGM SSL Certificate T ool. SGM lists each import ed certificate. Select the certif icate you want to rem ove, and click R emov ...

  • Cisco Systems OL-5742-01 - page 41

    18-41 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Limiting SGM Client Access to the SGM Server (Solaris Only) Step 3 Create the ipaccess.conf fil e : • T o create t he ipaccess.conf file and add a client IP address to the list, enter the follo wing command: # ./sgm ipaccess add • T o create t he ipa ...

  • Cisco Systems OL-5742-01 - page 42

    Chapter 18 Configuring SGM Security Limiting SGM Client Access to the SGM Server (Solaris Only) 18-42 Cisco Signaling Gateway Mana ger User Guide OL-5742-01 Any changes you mak e to the ipaccess.conf file tak e effect when you restart the SGM server . SGM also enables you to limi t the IP addresses that can send traps to the server by creating and ...

Manufacturer Cisco Systems Category Home Security System

Documents that we receive from a manufacturer of a Cisco Systems OL-5742-01 can be divided into several groups. They are, among others:
- Cisco Systems technical drawings
- OL-5742-01 manuals
- Cisco Systems product data sheets
- information booklets
- or energy labels Cisco Systems OL-5742-01
All of them are important, but the most important information from the point of view of use of the device are in the user manual Cisco Systems OL-5742-01.

A group of documents referred to as user manuals is also divided into more specific types, such as: Installation manuals Cisco Systems OL-5742-01, service manual, brief instructions and user manuals Cisco Systems OL-5742-01. Depending on your needs, you should look for the document you need. In our website you can view the most popular manual of the product Cisco Systems OL-5742-01.

Similar manuals

A complete manual for the device Cisco Systems OL-5742-01, how should it look like?
A manual, also referred to as a user manual, or simply "instructions" is a technical document designed to assist in the use Cisco Systems OL-5742-01 by users. Manuals are usually written by a technical writer, but in a language understandable to all users of Cisco Systems OL-5742-01.

A complete Cisco Systems manual, should contain several basic components. Some of them are less important, such as: cover / title page or copyright page. However, the remaining part should provide us with information that is important from the point of view of the user.

1. Preface and tips on how to use the manual Cisco Systems OL-5742-01 - At the beginning of each manual we should find clues about how to use the guidelines. It should include information about the location of the Contents of the Cisco Systems OL-5742-01, FAQ or common problems, i.e. places that are most often searched by users in each manual
2. Contents - index of all tips concerning the Cisco Systems OL-5742-01, that we can find in the current document
3. Tips how to use the basic functions of the device Cisco Systems OL-5742-01 - which should help us in our first steps of using Cisco Systems OL-5742-01
4. Troubleshooting - systematic sequence of activities that will help us diagnose and subsequently solve the most important problems with Cisco Systems OL-5742-01
5. FAQ - Frequently Asked Questions
6. Contact detailsInformation about where to look for contact to the manufacturer/service of Cisco Systems OL-5742-01 in a specific country, if it was not possible to solve the problem on our own.

Do you have a question concerning Cisco Systems OL-5742-01?

Use the form below

If you did not solve your problem by using a manual Cisco Systems OL-5742-01, ask a question using the form below. If a user had a similar problem with Cisco Systems OL-5742-01 it is likely that he will want to share the way to solve it.

Copy the text from the picture

Captcha
New picture

Comments (0)