user manual
Table Of Contents
- Cisco ONS 15454 SDH Reference Manual
- Contents
- About this Guide
- Shelf and FMEC Hardware
- Common Control Cards
- Electrical Cards
- Optical Cards
- Ethernet Cards
- Storage Access Networking Cards
- Card Protection
- Cisco Transport Controller Operation
- Security and Timing
- Circuits and Tunnels
- SDH Topologies and Upgrades
- CTC Network Connectivity
- Alarm Monitoring and Management
- Ethernet Operation
- Hardware Specifications
- A.1 Shelf Specifications
- A.2 SFP Specifications
- A.3 General Card Specifications
- A.4 Common Control Card Specifications
- A.5 Electrical Card and FMEC Specifications
- A.5.1 E1-N-14 Card Specifications
- A.5.2 E1-42 Card Specifications
- A.5.3 E3-12 Card Specifications
- A.5.4 DS3i-N-12 Card Specifications
- A.5.5 STM1E-12 Card Specifications
- A.5.6 BLANK Card
- A.5.7 FMEC-E1 Specifications
- A.5.8 FMEC-DS1/E1 Card Specifications
- A.5.9 FMEC E1-120NP Card Specifications
- A.5.10 FMEC E1-120PROA Card Specifications
- A.5.11 FMEC E1-120PROB Card Specifications
- A.5.12 E1-75/120 Impedance Conversion Panel Specifications
- A.5.13 FMEC-E3/DS3 Card Specifications
- A.5.14 FMEC STM1E 1:1 Card Specifications
- A.5.15 FMEC-BLANK Card Specifications
- A.5.16 MIC-A/P Card Specifications
- A.5.17 MIC-C/T/P Card Specifications
- A.6 Optical Card Specifications
- A.6.1 OC3 IR 4/STM1 SH 1310 Card Specifications
- A.6.2 OC3 IR/STM1 SH 1310-8 Card Specifications
- A.6.3 OC12 IR/STM4 SH 1310 Card Specifications
- A.6.4 OC12 LR/STM4 LH 1310 Card Specifications
- A.6.5 OC12 LR/STM4 LH 1550 Card Specifications
- A.6.6 OC12 IR/STM4 SH 1310-4 Card Specifications
- A.6.7 OC48 IR/STM16 SH AS 1310 Card Specifications
- A.6.8 OC48 LR/STM16 LH AS 1550 Card Specifications
- A.6.9 OC48 ELR/STM16 EH 100 GHz Card Specifications
- A.6.10 OC192 SR/STM64 IO 1310 Card Specifications
- A.6.11 OC192 IR/STM64 SH 1550 Card Specifications
- A.6.12 OC192 LR/STM64 LH 1550 Card Specifications
- A.6.13 OC192 LR/STM64 LH ITU 15xx.xx Card Specifications
- A.7 Ethernet Card Specifications
- A.8 Storage Access Networking Card Specifications
- Administrative and Service States
- Network Element Defaults
- Index
9-6
Cisco ONS 15454 SDH Reference Manual, R5.0
April 2008
Chapter 9 Security and Timing
9.1.2 Security Policies
9.1.2.2 User Password, Login, and Access Policies
Superusers can view real-time lists of users who are logged into CTC or TL1 by node. Superusers can
also provision the following password, login, and node access policies.
• Password expirations and reuse—Superusers can specify when users must change and when they can
reuse their passwords.
• Login attempts—Superusers can specify the maximum number of times that users are allowed to
attempt to log into CTC.
• Locking out and disabling users—Superusers can provision the number of invalid logins that are
allowed before locking out users and the length of time before inactive users are disabled.
• Node access and user sessions—Superusers can limit the number of CTC sessions one user can have,
and they can prohibit access to the ONS 15454 SDH using the LAN or MIC-C/T/P connections.
In addition, a Superuser can select secure shell (SSH) instead of Telnet at the CTC Provisioning >
Security > Access tabs. SSH is a terminal-remote host Internet protocol that uses encrypted links. It
provides authentication and secure communication over unsecure channels. Port 22 is the default
port and cannot be changed.
Note The superuser cannot modify the privilege level of an active user. The CTC displays a warning message
when the superuser attempts to modify the privilege level of an active user.
9.1.2.3 Audit Trail
Audit trails prove useful for maintaining security, recovering lost transactions, and enforcing
accountability. Accountability refers to tracing user activities; that is, associating a process or action
with a specific user.
The ONS 15454 SDH maintains a 640-entry, human-readable audit trail of user or system actions such
as login, logout, circuit creation or deletion, and user- or system-generated actions. Login events include
authorized Cisco logins using the ONS 15454 SDH TL1 or the CTC graphical user interface. You can
move the log to a local or network drive for later review. The ONS 15454 SDH generates an event to
indicate when the log is 80 percent full, and another event to indicate that the oldest log entries are being
overwrittenn.
Table 9-4 contains the columns listed in Audit Trail window.
Table 9-4 Audit Trail Window Columns
Heading Explanation
Date Date when the action occurred
Num Incrementing count of actions
User User ID that initiated the action
P/F Pass/Fail (whether or not the action was executed)
Operation Action that was taken