Cisco OL-5742-01 - Manuals

Cisco OL-5742-01 – Manual in PDF format online.

Manuals:

Manual

Manual Cisco OL-5742-01

Summary

Page 4 - sgm authtype

Chapter 18 Configuring SGM Security Configuring SGM User-Based Access 18-4 Cisco Signaling Gateway Manager User Guide OL-5742-01 To enable Solaris authentication, enter the following command: # ./sgm authtype solaris See the “SGM Command Reference” section on page C-1 for more information on the use...

Page 5 - Creating Secure Passwords

18-5 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access Note If sgm authtype is set to solaris , users cannot change their passwords using the SGM client. Instead, they must manage their passwords on the external authentication...

Page 6 - Configuring SGM User Authentication Levels (Solaris Only)

Chapter 18 Configuring SGM Security Configuring SGM User-Based Access 18-6 Cisco Signaling Gateway Manager User Guide OL-5742-01 • The password cannot be a common word. SGM uses the dictionary located at /usr/lib/share/dict/words to determine whether a word is common. To override the SGM dictionary,...

Page 7 - sgm adduser

18-7 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access Note Access to SGM information and downloads on Cisco.com is already protected by Cisco.com, and is not protected by SGM. To configure the authentication level for a user,...

Page 10 - Automatically Disabling Users and Passwords (Solaris Only)

Chapter 18 Configuring SGM Security Configuring SGM User-Based Access 18-10 Cisco Signaling Gateway Manager User Guide OL-5742-01 System Administrators have access to the following SGM Web displays: • System Messages and Logs • System Status, including User Accounts and System Troubleshooting • Trap...

Page 11 - sgm enableuser

18-11 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access Step 2 Enter the following command: # cd /opt/CSCOsgm/bin Step 3 (Optional) You can configure SGM to generate an alarm after a specified number of unsuccessful login atte...

Page 14 - Manually Disabling Users and Passwords (Solaris Only)

Chapter 18 Configuring SGM Security Configuring SGM User-Based Access 18-14 Cisco Signaling Gateway Manager User Guide OL-5742-01 Manually Disabling Users and Passwords (Solaris Only) As described in the “Automatically Disabling Users and Passwords (Solaris Only)” section on page 18-10 , you can cus...

Page 16 - Enabling and Changing Users and Passwords (Solaris Only)

Chapter 18 Configuring SGM Security Configuring SGM User-Based Access 18-16 Cisco Signaling Gateway Manager User Guide OL-5742-01 Enabling and Changing Users and Passwords (Solaris Only) Of course, SGM also enables you to re-enable users and passwords, and change user accounts. To enable and change ...

Page 18 - Displaying a Message of the Day; View > Message of the Day

Chapter 18 Configuring SGM Security Configuring SGM User-Based Access 18-18 Cisco Signaling Gateway Manager User Guide OL-5742-01 Step 6 (Optional) To change a user’s authentication level, but not the user’s password, enter the following command: # ./sgm newlevel username where username is the name ...

Page 19 - Field or Button; Accept

18-19 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access • SGM displays the Message of the Day dialog ( Figure 18-1 ). Figure 18-1 Message of the Day Dialog The Message of the Day dialog contains the following fields and button...

Page 21 - Manually Synchronizing Local SGM Passwords; Listing All Currently Defined Users

18-21 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access To display the contents of the message of the day file, enter the following command: # ./sgm motd cat To disable this function (that is, to stop displaying the message of...

Page 22 - Account Enabled; Displaying the Contents of the System Security Log

Chapter 18 Configuring SGM Security Configuring SGM User-Based Access 18-22 Cisco Signaling Gateway Manager User Guide OL-5742-01 SGM displays the following information for each user: • User name • Last time the user logged in • User’s authentication access level • User’s current authentication stat...

Page 23 - Restoring Security-Related SGM Data

18-23 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Configuring SGM User-Based Access • Access to all privileged files and processes • Operating system configuration changes and program changes, at the Solaris level • SGM restarts • Failures of computers, ...

Page 24 - Disabling SGM User-Bases Access

Chapter 18 Configuring SGM Security Configuring SGM User-Based Access 18-24 Cisco Signaling Gateway Manager User Guide OL-5742-01 Disabling SGM User-Bases Access For some reason, you might want to completely disable SGM User-Based Access. To do so, log in as the root user, as described in the “Becom...

Page 26 - Implementing SSL Support in SGM

Chapter 18 Configuring SGM Security Implementing SSL Support in SGM 18-26 Cisco Signaling Gateway Manager User Guide OL-5742-01 – sgm webport – sgm xtermpath • If sgm authtype is set to solaris , you must still be logged in as the root user to enter the following commands: – sgm adduser – sgm disabl...

Page 27 - Enabling SSL Support in SGM; sgm keytool genkey

18-27 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM • Importing an SSL Certificate to an SGM Client, page 18-33 • Exporting an SSL Certificate, page 18-34 • Viewing Detailed Information About an SSL Certificate, page 18-36 •...

Page 29 - sgm ssl enable

18-29 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM • To use an existing signed key/certificate pair, log in as the root user on the SGM server and enter the following command: # ./sgm keytool import_key key_filename cert_fi...

Page 30 - Downloading the SGM Server’s Self-Signed SSL Certificate; Server SSL Certificate

Chapter 18 Configuring SGM Security Implementing SSL Support in SGM 18-30 Cisco Signaling Gateway Manager User Guide OL-5742-01 Downloading the SGM Server’s Self-Signed SSL Certificate If you have implemented Secure Sockets Layer (SSL) support in your SGM system, you can download the SGM server’s si...

Page 31 - Launching the SGM Certificate Tool for SSL; Certificate Tool

18-31 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM Launching the SGM Certificate Tool for SSL If you have implemented Secure Sockets Layer (SSL) support in your SGM system, you can launch the SGM Certificate Tool for SSL. T...

Page 33 - Importing an SSL Certificate to an SGM Client; Import; Details; Help

18-33 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM Importing an SSL Certificate to an SGM Client If you have implemented Secure Sockets Layer (SSL) support in your SGM system, you can import the SGM server’s self-signed SSL...

Page 34 - Exporting an SSL Certificate

Chapter 18 Configuring SGM Security Implementing SSL Support in SGM 18-34 Cisco Signaling Gateway Manager User Guide OL-5742-01 Use the Open dialog to locate the SSL certificate that you want to import. The Open dialog for an SSL certificate provides the following fields and buttons: Related Topics:...

Page 35 - Export; File Name

18-35 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM To export an SSL certificate, launch the SGM SSL Certificate Tool, as described in the “Launching the SGM Certificate Tool for SSL” section on page 18-31 , select a certifi...

Page 36 - Viewing Detailed Information About an SSL Certificate

Chapter 18 Configuring SGM Security Implementing SSL Support in SGM 18-36 Cisco Signaling Gateway Manager User Guide OL-5742-01 Related Topics: • Launching the SGM Certificate Tool for SSL, page 18-31 Viewing Detailed Information About an SSL Certificate If you have implemented Secure Sockets Layer ...

Page 39 - Managing SSL Support in SGM; Disabling SSL Support in SGM

18-39 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Implementing SSL Support in SGM Managing SSL Support in SGM SGM enables you to perform the following tasks to make it easier to manage SSL support in SGM: • To display the current status of SSL support in...

Page 40 - Remove

Chapter 18 Configuring SGM Security Limiting SGM Client Access to the SGM Server (Solaris Only) 18-40 Cisco Signaling Gateway Manager User Guide OL-5742-01 • To remove an SSL certificate from the SGM client, launch the SGM SSL Certificate Tool. SGM lists each imported certificate. Select the certifi...

Page 41 - sgm ipaccess

18-41 Cisco Signaling Gateway Manager User Guide OL-5742-01 Chapter 18 Configuring SGM Security Limiting SGM Client Access to the SGM Server (Solaris Only) Step 3 Create the ipaccess.conf file: • To create the ipaccess.conf file and add a client IP address to the list, enter the following command: #...