RedMax EXtreme EX-LRT Guía para resolver problemas Pagina 19
- Pagina / 142
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Oracle SBC Security Guide
0x10 – Enables a second sshd server that provides access to the linux system console. This server
process is different from the ssh server used to access the ACLI for configuration.
0x80008 – enable source routing on the management port
For further information on boot flags refer to Section 4 “Configuration Elements A-M” of the ACLI
Reference Guide.
System ACLs
The Wancom0 Ethernet management interface should always be deployed in a secure non-public
network.
The SBC provides static System Access Control List functionality (ACL) to protect the Wancom0
interface from other devices that can access the management LAN remotely. Only the management
station(s) authorized for SBC access such as the Oracle Communications Session Element Manager
should be permitted with ACLs. All system ACLs are considered “allow” ACLs, and include a specific IP
source address / netmask and the IP protocol allowed. As the first ACL is created an implicit deny rule is
inserted as the final ACL.
The “system-access-list” configuration is detailed in Section 3 “System Configuration” of the ACLI
Configuration Guide.
Telnet/SSH
By default, telnet is enabled on the SBC Wancom0 management interface. Disable telnet and use SSH
instead. The exception is the 6000 series platforms which disable telnet by default.
To avoid unauthorized access to the telnet/SSH interface, a timeout should be configured to automatically
disconnect the terminal session after an appropriate period of time (i.e. 300 seconds). Timeouts are
disabled by default.
The SBC supports viewing, importing, and deleting public ssh keys used for authentication of SSHv2
sessions.
Configuration is detailed in Section 2 “Getting Started” of the ACLI Configuration Guide, and Section 4
“System Management” of the Maintenance and Troubleshooting Guide.
FTP/SFTP
By default, FTP is enabled on the SBC Wancom0 management interface. Disable FTP and use SFTP
instead. The exception is the 6000 series platforms which disable FTP by default.
Configuration is detailed in Section 2 “Getting Started” of the ACLI Configuration Guide.
GUI Management
The SBC can be managed by the Oracle Communications Session Element Manager either directly in an
ACLI session or via the a SOAP/XML interface over TCP ports 3000 and 3001.
By default these ports are enabled in system-config > remote-control. If the SBCs are not remotely
controlled by a Session Element Manager then this feature should be disabled.
CAUTION: Disabling the remote-control feature is incompatible with the SBC HA architecture.
Hence this functionality is considered optional and should only be deployed where HA and EMS
- SECURITY GUIDE 1
- Contents 3
- Related Documentation 7
- Part 1: Overview 8
- Figure 1: Net-SAFE Framework 9
- General Security Principles 10
- Monitor System Activity 11
- Session Border Controller 13
- Unified Session Manager 14
- Core Session Manager 15
- Session Router 16
- Realm Design Considerations 16
- Management Interfaces 17
- Passwords 18
- Boot Flags 18
- System ACLs 19
- Telnet/SSH 19
- FTP/SFTP 19
- GUI Management 19
- Resiliency 20
- Physical Link Redundancy 21
- Part 3: Security Features 22
- Security Specific Licenses 24
- Features 26
- Configuring AAA Integration 27
- SIP Interface Security 28
- Service ACLs 29
- TLS for SIP 31
- IPsec for SIP 33
- Call Admission Control (CAC) 34
- Media Policing 35
- DoS/DDoS Prevention 35
- Attack Tool Prevention 36
- Lawful Interception 36
- Part 4: Appendices 37
- Appendix B: Port Matrix 38
- Configuration Models: 40
- Supported platforms 40
- Configuration Parameters 40
- Realm Configuration 41
- SIP Interface 41
- Observations/Limitations 49
- Overview 61
- Deployment Archetypes 61
- Scanner Mitigation 63
- Peering Environments 68
- IDS License Details 70
- Dependencies 70
- Statistics 71
- SNMP MIB OIDS 71
- SNMP Traps 72
- Constraints Limiting 75
- Session-Constraints 75
- Rate constraints 76
- Message Rejections 78
- SNMP support 79
- Log Action 79
- Blacklist Table Maintentance 86
- SNMP OIDs 88
- System Management Statistics 88
- Realm Statistics 89
- Environmental Statistics 90
- Enterprise SNMP Traps 90
- SNMP Traps in HA environment 93
- Appendix I: Syslog 94
- Call Detail Records (CDR) 102
- Oracle SBC Security Guide 103
- System Statistics 106
- Application Statistics 106
- Introduction 108
- SRTP Topologies 108
- Requirements 110
- Design Aspects 111
- Secured/Unsecured Network 114
- Troubleshooting 122
- References 142
Relacionado con productos y manuales para Cortadoras De Césped RedMax EXtreme EX-LRT
Cortadoras De Césped RedMax GZ25N Especificaciones
(32 paginas)
(32 paginas)
Cortadoras De Césped RedMax CHT2301 Especificaciones
(36 paginas)
(36 paginas)
Cortadoras De Césped RedMax BC250 Especificaciones
(52 paginas)
(52 paginas)
Cortadoras De Césped RedMax HE2601 Especificaciones
(26 paginas)
(26 paginas)
Cortadoras De Césped RedMax CHT2200 Especificaciones
(32 paginas)
(32 paginas)
Cortadoras De Césped RedMax LRT2300 Especificaciones
(26 paginas)
(26 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.088 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales