System information

ManualsBrandsRaritan ManualsComputer equipmentCommand Center CC-SG

CommandCenter Secure Gateway – Frequently Asked Questions

Question

Answer

Can two CC-SG virtual

appliances be clustered?

No. For failover of a virtual appliance, we support using VMware’s High

Availability feature.

Do I need to buy additional

licenses for the backup Cluster

unit?

No. Because only one unit is active at a time, node licenses are not needed for

the second unit.

What is a CC-SG

“Neighborhood”?

A CC-SG neighborhood is a collection of up to 10 CC-SG units, deployed and

working together to serve the IT infrastructure access and control needs of the

enterprise. A Neighborhood implementation allows for significant scalability

and distribution of CC-SGs for improved performance in large or

geographically dispersed configurations.

How do I find servers and

devices that are managed by

another CC-SG Neighborhood

appliance?

Users can search from the Access Client for nodes that are managed directly

by other neighborhood CC-SGs and launch the interfaces for the discovered

nodes. Users can then create a consolidated node list spanning multiple

neighborhood units – providing easy, convenient access when needed.

Can Clusters and

Neighborhoods be implemented

together?

Absolutely. By deploying CC-SG in a combination Cluster/neighborhood

configuration, not only is performance improved, but automatic failover

ensures the elimination of or decrease in downtime.

Can a Neighborhood be built

with virtual appliances?

Yes. It is operated the same way as a Neighborhood with hardware

appliances.

Can a virtual and hardware

appliance be included in the

same Neighborhood?

Yes. Note that all appliances in a neighborhood must be running the same

firmware version.

If I buy a CC-SG virtual

appliance, can I easily migrate to

it from a CC-SG hardware

appliance?

Yes. As of release 5.1, the system configuration and database can be easily

transferred. Both appliances must be running the same firmware release for

easy migration.

Is the status of CC-SG limited by

the status of the devices that it

proxies?

No. CC-SG software resides on the dedicated appliance. This means that

even if the device being proxied by CC-SG is not operating, users can still

access CC-SG.

Can I upgrade to newer versions

of CC-SG as they become

available?

Yes. Information about firmware or firmware availability may be downloaded

from the Raritan website at http://www.raritan.com/support/CommandCenter-

Secure-Gateway/

Upgrades are done through CommandCenter Secure Gateway’s client

Graphical User Interface. Additionally, the CC-SG appliance has a

CD/DVD-ROM drive to facilitate install/upgrades.

How many log-in accounts can

be created for CC-SG?

There is no specified limit to the number of log-in accounts that can be

created. However, licensing restrictions or system specifications will limit the

number of concurrent users or the number of nodes associated with the CC-

SG based on the configuration deployed.

Can I assign specific node

access to a specific user?

Yes, for users with Administrator permissions. Administrators have the ability

to assign specific nodes per user.

How are passwords secured in

CC-SG?

Passwords are encrypted using MD5 encryption, a one-way hash. This

provides additional security to prevent unauthorized users from accessing the

password list.

Additionally, users can be authenticated remotely using Active Directory

RADIUS, LDAP or TACACS+ servers. The password is not stored or cached

on CC-SG when using remote authentication.