Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipmentONS 15530
41424344454647484950
1-33
Cisco ONS 15530 Planning Guide
OL-7708-01
Chapter 1 System Overview
Security Features
active CPU switch module, the standby CPU switch module immediately takes over and assumes the
active role. Once the problem on the faulty card has been resolved, it can be manually restored to the
active function.
In addition to providing protection against hardware or software failure, the redundant CPU switch
module arrangement also permits installing a new Cisco IOS system image without system downtime.
For more information about CPU switch module redundancy operation, as well as other software
features, refer to the Cisco ONS 15530 Configuration Guide.
Security Features
The Cisco ONS 15530 supports the following Cisco IOS software security features:
AAA (authentication, authorization, and accounting)
Kerberos
RADIUS
TACACS+
SSH (Secure Shell)
Traffic filters and firewalls
Passwords and privileges
For detailed information about the security features supported on the Cisco ONS 15530, refer to the
Cisco IOS Security Configuration Guide.
System and Network Management
The Cisco ONS 15530 is fully manageable through any of the following four mechanisms: the in-band
message channel, the OSC, SONET SDCC, and a direct Ethernet connection to the NME (network
management Ethernet) on the CPU switch module. While all shelves will be equipped with at least one
CPU switch module, provisioning the OSC is optional. The in-band message channel is only available
on the 2.5-Gbps ITU trunk cards, 10-Gbps ITU tunable and non tunable trunk cards, and 10-Gbps uplink
cards. DCC is only available on the 8-port multi-service muxponder.
All four mechanisms can be deployed within a single network. Each mechanism is associated with an
interface that can be assigned an IP address. Management information will be routed between these
interfaces.
Different levels of availability exist for each of these management mechanisms. High availability for the
direct NME connection can be achieved with redundant CPU switch modules. The OSC becomes highly
available when it is provisioned on both the working and protection trunk fibers. The availability of a
particular in-band message channel or DCC will mirror the availability of the ITU wavelength with
which it is associated.
In-Band Message Channel
The in-band message channel establishes a method for providing in-band, per-wavelength OAM&P
(operations, administration, management, and provisioning) functions.