Service manual
Chapter 2: Network Configuration 15
Security Profiles
A security advisory appears the first time the console server is turned on, or when the unit is reset to
factory default parameters. Once you have configured the basic network settings, a security profile
must be selected in order to proceed to further configuration procedures. Table 2.4 describes the
protocols and services available for each security profile.
To select a predefined security profile:
Configure a predefined security profile by entering the following string at the CLI prompt.
cli> config security profile [secured|moderate|open]
To configure a custom security profile:
1. Navigate to the custom menu.
cli> config security profile custom
secdnsserver <IPv6_address>/<prefix_length> Secondary DNS Server (IPv4 or
IPv6)
primipaddress <nnn.nnn.nnn.nnn> Primary IP address (IPv4 specific)
secipaddress <nnn.nnn.nnn.nnn> Secondary IP address (IPv4
specific)
primsubnetmask <nnn.nnn.nnn.nnn> Primary subnet mask (IPv4
specific)
secsubnetmask <nnn.nnn.nnn.nnn> Secondary subnet mask (IPv4
specific)
Table 2.3: Host Settings Parameters and Values (Continued)
Parameter Level1 Parameter Level2 Value Description
Table 2.4: Security Profiles
Security profile Description
Secured Predefined security profile. All protocols and services are disabled except SSHv2, HTTPs
and SSH to Serial Ports.
Moderate
(Default)
Predefined security profile. Enables SSHv1, SSHv2, HTTP, HTTPs, Telnet, SSH and Raw
connections to serial ports, ICMP and HTTP redirection to HTTPs.
Open Predefined security profile. Enables all services, Telnet, SSHv1, SSHv2, HTTP, HTTPS,
SNMP, RPC, ICMP and Telnet, SSH and Raw connections to Serial Ports.
Custom Administrator may configure individual protocols and services and configure access to
serial ports.