Owner's manual
Table Of Contents
- Chapter 1: Introduction
- Chapter 2: Accessing CC-SG
- Chapter 3: Configuring CC-SG with Guided Setup
- Chapter 4: Creating Associations
- Chapter 5: Adding Devices and Device Groups
- Chapter 6: Configuring Nodes and Interfaces
- Chapter 7: Adding and Managing Users and User Groups
- Chapter 8: Policies
- Chapter 9: Configuring Remote Authentication
- Chapter 10: Generating Reports
- Audit Trail Report
- Error Log Report
- Access Report
- Availability Report
- Active Users Report
- Locked Out Users Report
- User Data Report
- Users in Groups Report
- Group Data Report
- AD User Group Report
- Asset Management Report
- Node Asset Report
- Active Nodes Report
- Node Creation Report
- Query Port Report
- Active Ports Report
- Scheduled Reports
- CC-NOC Synchronization Report
- Chapter 11: System Maintenance
- Chapter 12: Advanced Administration
- Appendix A: Specifications (G1, V1, and E1)
- Appendix B: CC-SG and Network Configuration
- Appendix C: User Group Privileges
- Appendix D: SNMP Traps
- Appendix E: Troubleshooting
- Appendix F: Two-Factor Authentication
- Appendix G: FAQs
- Appendix H: Keyboard Shortcuts
APPENDIX G: FAQS 239
QUESTION ANSWER
What options are available
for authentication with
directory services and
security tools such as
LDAP, AD, RADIUS, etc.
CC-SG permits local authentication as well remote
authentication.
Remote authentication servers supported include: AD,
TACACS+, RADIUS, and LDAP.
Security
Sometimes when I try to
log on, I receive a message
that states my “login is
incorrect” even though I am
sure I am entering the
correct username and
password. Why is this?
There is a session-specific ID that is sent out each time you
begin to log on to CC-SG. This ID has a time-out feature, so if
you do not log on to the unit before the time-out occurs, the
session ID becomes invalid. Performing a Shift-Reload
refreshes the page from CC-SG. Or, you may close the current
browser, open a new browser, and log on again. This provides
an additional security feature so that no one can recall
information stored in the web cache to access the unit.
How is a password secure?
Passwords are encrypted using MD5 encryption, which is a one-
way hash. This provides additional security to prevent
unauthorized users from accessing the password list.
Sometimes I receive a “No
longer logged in” message
when I click any menu in
CC-SG, after leaving my
workstation idle for a
period of time. Why?
CC-SG times each user session. If no activity happens for a pre-
defined period of time, CC-SG logs the user out. The length of
the time period is pre-set to 60 minutes, but it can be
reconfigured. It is recommended that users exit CC-SG when
they finish a session.
As Raritan has root access
to server, this may
potentially cause issue with
government bodies. Can
customers also have root
access or can Raritan
provide a method of
auditability /
accountability?
No party will have root access to server once the unit is shipped
out of Raritan, Inc.
Is SSL encryption internal
as well as external (not just
WAN, but LAN, too)?
Both. The session is encrypted regardless of source, LAN or
WAN.
Does CC-SG support CRL
List, that is, LDAP list of
invalid certificates?
No.
Does CC-SG support Client
Certificate Request?
No.
Accounting
The event times in the
Audit Trail report seem
incorrect. Why?
Log event times are logged according to the time settings of the
client computer. You can adjust the computer’s time and date
settings.
Can audit/logging abilities
track down who switched
on or off a power plug?
Direct power switch-off is not logged, but power control through
CC-SG can be logged to audit logs.