Owner's manual

ManualsBrandsRaritan Computer ManualsHardwareCC-SG

181

182

183

184

185

186

187

188

189

190

Table Of Contents

Chapter 1: Introduction
- Prerequisites
- Intended Audience
- Terminology/Acronyms
Chapter 2: Accessing CC-SG
- Browser-Based Access
- Thick Client Access
  - Install the Thick Client
  - Use the Thick Client
- CC-SG Window Components
- Check IP Address, Firmware Version, and Application Versions
- Power Down CC-SG
- Compatibility Matrix
Chapter 3: Configuring CC-SG with Guided Setup
- Prepare to Configure CC-SG with Guided Setup
- Guided Setup Overview
- Start Guided Setup:
- Associations
  - Create Categories and Elements
- Device Setup
  - Discover and Add Devices
- Create Groups
  - Add Device Groups and Node Groups
- User Management
  - Add User Groups and Users
Chapter 4: Creating Associations
- Associations
- Association Manager
Chapter 5: Adding Devices and Device Groups
- The Device Tab
- Device and Port Icons
- Search for Devices
- Add a Device
  - Adding a KVM or Serial Device
  - Adding a PowerStrip Device
- Discover Devices
- Edit Device
  - Edit PowerStrip Device
- Delete Device
- Configure Ports
- Device Management
- Viewing Devices
  - Tree View
  - Custom View
- Special Access to Paragon II System Devices
  - Paragon II System Controller (P2-SC)
  - IP-Reach and UST-IP Administration
- Device Group Manager
Chapter 6: Configuring Nodes and Interfaces
- View Nodes
- Nodes and Interfaces Overview
  - About Nodes
  - About Interfaces
- Add Node
- Add an Interface
- Connect to a Node
- Edit an Interface
- Delete an Interface
- Ping a Node
- Edit a Node
- Delete a Node
- Chat
- Node Groups
Chapter 7: Adding and Managing Users and User Groups
- The Users Tree
- Special User Groups
- Add User Groups
- Edit A User Group
- Delete User Group
- Add User
- Edit a User
- Delete User
- Assign Users To Group
- Delete Users From Group
- Other User and User Group Functions
Chapter 8: Policies
- Controlling Access Using Policies
  - Policy Summary
- Node Groups
- Device Groups
- Policy Manager
- Applying Policies To User Groups
Chapter 9: Configuring Remote Authentication
- Authentication and Authorization (AA)
  - Flow for Authentication
  - User Accounts
- Distinguished Names for LDAP and AD
  - Username
  - Base DN
- AD Configurations
- Add LDAP (Netscape) Module to CC-SG
- Add a TACACS+ Module
  - TACACS+ General Settings
- Add a RADIUS Module
  - RADIUS General Settings
- Specify Modules for Authentication and Authorization
- Establish Order of External AA Servers
Chapter 10: Generating Reports
- Audit Trail Report
- Error Log Report
- Access Report
- Availability Report
- Active Users Report
- Locked Out Users Report
- User Data Report
- Users in Groups Report
- Group Data Report
- AD User Group Report
- Asset Management Report
- Node Asset Report
- Active Nodes Report
- Node Creation Report
- Query Port Report
- Active Ports Report
- Scheduled Reports
- CC-NOC Synchronization Report
Chapter 11: System Maintenance
- Maintenance Mode
- Backup CC-SG
- Restore CC-SG
  - Saving and Deleting Backup Files
- Reset CC-SG
- Restart CC-SG
- Upgrade CC-SG
- Shut Down CC-SG
- Restarting CC-SG after Shutdown
- End CC-SG Session
  - Log Out
  - Exit CC-SG
Chapter 12: Advanced Administration
- Guided Setup
- Message of the Day Setup
- Application Manager
  - Adding, Editing and Deleting Applications
  - Default Applications
- Firmware Manager
- Cluster Configuration
- Configure Security
- Notification Manager
- Task Manager
- CommandCenter NOC
- SSH Access to CC-SG
- Diagnostic Console
Appendix A: Specifications (G1, V1, and E1)
- G1 Platform
- V1 Platform
- E1 Platform
Appendix B: CC-SG and Network Configuration
- Introduction
- Executive Summary
- CC-SG Access via NAT-enabled Firewall
- Security and Open Port Scans
Appendix C: User Group Privileges
Appendix D: SNMP Traps
Appendix E: Troubleshooting
- Client Browser Requirements
Appendix F: Two-Factor Authentication
- Supported Environments
- Setup Requirements
- Known Issues
Appendix G: FAQs
Appendix H: Keyboard Shortcuts

170 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE

The Login Settings lets you configure the Strong Password Settings and Lockout Settings.

1. On the Administration menu, click Security. The Security Manager screen appears.

2. Click the Login Settings tab.

Figure 174 Login Settings

Strong Password Settings

Strong password rules require users to observe strict guidelines when creating passwords, which

makes the passwords more difficult to guess and, in theory, more secure. Strong passwords are

not enabled in CC-SG by default. In order to use strong passwords, administrators must first

check Strong Passwords Required For All Users.

Note: A strong password that includes all strong password requirements is always required for

the CC Super-User.

Once enabled, administrators can edit the fields in the Strong Password Settings area to customize

their password rules. At minimum, all strong passwords must be configured with the following

criteria:

• Minimum Password Length – All passwords must contain a minimum number of characters.

Click the drop down menu and select the minimum length of passwords.

• Password History Depth – Click the drop down menu and select how many previous

passwords are kept in the history. While in the history, users will not be able to reuse a

password when asked to choose a new one. For example, if Password History is set to 5,

users cannot reuse any of their last 5 passwords.

• Password Expiration Frequency – All passwords must expire after a set number of days.

Click the drop down menu and select the number of days passwords remain valid. After a

password expires, users will be asked to choose a new password the next time they log in.

In addition, any four contiguous characters in the user name and the password cannot match.

Under Strong Password Requirements, the administrator can configure password rules to

require a number of extra items:

• Passwords must contain at least one lower case letter.

• Passwords must contain at least one upper case letter.

• Passwords must contain at least one number.