RedMax EXtreme EX-LRT Guía para resolver problemas Pagina 27
- Pagina / 142
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Oracle SBC Security Guide
naming policies. All management stations used for accounting monitoring services should have a permit
ACL configured.
Configuration is detailed in the ACLI Accounting Guide.
HDR over SFTP
The Historical Data Recording (HDR) feature allows the SBC to record data in comma-separated files
and periodically sends them to a remote file server. For added security, transfer the HDR record files
using SFTP. Note that public key authentication is not available for this feature so the SBC uses password
authentication. All management stations used for SFTP access should have a permit ACL configured.
Configuration is detailed in Section 3 “System Configuration” of the ACLI Configuration Guide.
Syslog
The syslog service should be used for sending system events from the SBC to a Security Event & Incident
Monitoring (SEIM) platform or to another operations monitoring platform. The information sent via
syslog is also contained locally on the SBC in the scmelog file.
See Appendix I: for examples of important syslog messages to monitor. The default syslog log level is
WARNING.
Configuration is detailed in Section 3 “Syslog and Process Logs” of the ACLI Configuration Guide.
Configuring AAA Integration
SSH RADIUS Authentication
The SBC management interface sends RADIUS requests containing login authentication and
authorization data to remote RADIUS servers.
The SBC supports the use of the Cisco Systems Inc.™ “Cisco-AVPair” vendor specific attribute (VSA).
The Vendor-ID is 1 and the Vendor-Type is 9. This attribute allows for successful administrator login to
servers that do not support the Oracle authorization VSA. While using RADIUS-based authentication, the
SBC authorizes you to enter Superuser mode locally even when your RADIUS server does not return the
ACME_USER_CLASS VSA or the Cisco-AVPair VSA.
All management stations used for SSH access should have a permit ACL configured. An ACL should also
be configured to allow RADIUS traffic to the RADIUS server.
For more information, see Section 4 “System Management” of the Maintenance and Troubleshooting
Guide.
TACACS+
TACACS+ is a protocol that was originally developed by Cisco Systems. It provides functions for
authentication, authorization, and encryption of the administrative traffic. Unlike RADIUS, it separates
authentication and authorization functions. The SBC acts as a TACACS+ client.
The Net-Net SBC uses TACACS+ services to provide administrative authorization. With TACACS+
authorization enabled, each individual ACLI command issued by an admin user is authorized by the
TACACS+ authorization service. The SBC replicates each ACLI command in its entirety, sends the
command string to the authorization service, and suspends command execution until it receives an
- SECURITY GUIDE 1
- Contents 3
- Related Documentation 7
- Part 1: Overview 8
- Figure 1: Net-SAFE Framework 9
- General Security Principles 10
- Monitor System Activity 11
- Session Border Controller 13
- Unified Session Manager 14
- Core Session Manager 15
- Session Router 16
- Realm Design Considerations 16
- Management Interfaces 17
- Passwords 18
- Boot Flags 18
- System ACLs 19
- Telnet/SSH 19
- FTP/SFTP 19
- GUI Management 19
- Resiliency 20
- Physical Link Redundancy 21
- Part 3: Security Features 22
- Security Specific Licenses 24
- Features 26
- Configuring AAA Integration 27
- SIP Interface Security 28
- Service ACLs 29
- TLS for SIP 31
- IPsec for SIP 33
- Call Admission Control (CAC) 34
- Media Policing 35
- DoS/DDoS Prevention 35
- Attack Tool Prevention 36
- Lawful Interception 36
- Part 4: Appendices 37
- Appendix B: Port Matrix 38
- Configuration Models: 40
- Supported platforms 40
- Configuration Parameters 40
- Realm Configuration 41
- SIP Interface 41
- Observations/Limitations 49
- Overview 61
- Deployment Archetypes 61
- Scanner Mitigation 63
- Peering Environments 68
- IDS License Details 70
- Dependencies 70
- Statistics 71
- SNMP MIB OIDS 71
- SNMP Traps 72
- Constraints Limiting 75
- Session-Constraints 75
- Rate constraints 76
- Message Rejections 78
- SNMP support 79
- Log Action 79
- Blacklist Table Maintentance 86
- SNMP OIDs 88
- System Management Statistics 88
- Realm Statistics 89
- Environmental Statistics 90
- Enterprise SNMP Traps 90
- SNMP Traps in HA environment 93
- Appendix I: Syslog 94
- Call Detail Records (CDR) 102
- Oracle SBC Security Guide 103
- System Statistics 106
- Application Statistics 106
- Introduction 108
- SRTP Topologies 108
- Requirements 110
- Design Aspects 111
- Secured/Unsecured Network 114
- Troubleshooting 122
- References 142
Relacionado con productos y manuales para Cortadoras De Césped RedMax EXtreme EX-LRT
Cortadoras De Césped RedMax GZ25N Especificaciones
(32 paginas)
(32 paginas)
Cortadoras De Césped RedMax CHT2301 Especificaciones
(36 paginas)
(36 paginas)
Cortadoras De Césped RedMax BC250 Especificaciones
(52 paginas)
(52 paginas)
Cortadoras De Césped RedMax HE2601 Especificaciones
(26 paginas)
(26 paginas)
Cortadoras De Césped RedMax CHT2200 Especificaciones
(32 paginas)
(32 paginas)
Cortadoras De Césped RedMax LRT2300 Especificaciones
(26 paginas)
(26 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.063 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales