User guide
Chapter 11: Command Line Interface
153
Enabling Firewall Protection
SX provides a firewall function to provide protection for the IP network
and to control access between the internal router, LAN (or LAN1 and
LAN2 if dual-LAN units) and the dial modem interfaces.
Enabling Security Profiles
SX provides the ability to define security profiles which simplify the
assigning of permissions to users and groups. There are three types of
profiles. Two are predefined: standard and secure. The third allows for
the definition of custom profiles; this allows assignment of all permissions
by assigning one security profile. Multiple custom security profiles may
be defined.
Configuring Logging and Alerts
As part of the security capabilities of the SX, facilities are provided to log
data and to provide alerts based on activities between the users, SX, and
the target device. These facilities provide an audit trail that allows
authorities to review what has happened in the system, determine who
implemented what action, and when.
Among these facilities are event logging and SNMP traps. Events may
be logged locally using Syslog. Local events are maintained in a 256K
per port buffer and can be stored, reviewed, cleared, or sent periodically
to an FTP server.
Configuring Users and Groups
Users and groups are related. SX allows the administrator to define
groups with common permissions and attributes. They can then add
users to the groups and each user takes the attributes and permissions
of that group. By enabling groups, the permissions for each user do not
have to be configured individually, reducing the time to configure users
one by one.
Command Language Interface Permissions
Administrators can execute all commands.
Operators and Observers can execute only the following commands:
connect (the port list appears after returning from connect command)
? (functions as help)
logout
password
history