Manualshelf

User guide

ManualsBrandsRaritan ManualsComputer equipmentDOMINION SX -
141142143144145146147148149150
Chapter 13: Command Line Interface
130
Defining SSL Security Certificates
SSL Security certificates are used in browser access to ensure that the
device you are attaching to is the device that is authorized to be
connected. This section describes only how to configure the certificates
on the console server. See Appendix C: Certificates (see
"Certificates" on page 243) for details on SSL Certificates.
Enabling Firewall Protection
Dominion SX provides a firewall function to provide protection for the IP
network and to control access between the internal router, LAN (or LAN1
and LAN2 if dual-LAN units) and the dial modem interfaces.
Enabling Security Profiles
Dominion SX provides the ability to define security profiles which simplify
the assigning of permissions to users and groups. There are three types
of profiles. Two are predefined: standard and secure. The third allows for
the definition of custom profiles; this allows assignment of all permissions
by assigning one security profile. Multiple custom security profiles may
be defined.
Configuring Logging and Alerts
As part of the security capabilities of the Dominion SX, facilities are
provided to log data and to provide alerts based on activities between the
users, Dominion SX, and the target device. These facilities provide an
audit trail that allows authorities to review what has happened in the
system, determine who implemented what action, and when.
Among these facilities are event logging and SNMP traps. Events may
be logged locally using Syslog. Local events are maintained in a 256K
per port buffer and can be stored, reviewed, cleared, or sent periodically
to an FTP server.
Configuring Users and Groups
Users and groups are related. Dominion SX allows the administrator to
define groups with common permissions and attributes. They can then
add users to the groups and each user takes the attributes and
permissions of that group. By enabling groups, the permissions for each
user do not have to be configured individually, reducing the time to
configure users one by one.