Version 6.6 9 October 2014
Installation & Operation Manual Contents
32.1.2 Configuring the V5.2 Access Gateway ................................................. 296
32.1.2.1 Configuring Media Gateway board's PSTN parameters ...................296
32.1.2.2 Configuring Trunks for the V5.2 Access Gateway application ..........296
32.1.2.3 Configuring V5.2 Interfaces ...............................................................297
32.1.2.4 Configuring V5.2 Links.......................................................................298
32.1.2.5 Configuring V5.2 User Ports ..............................................................299
32.1.2.6 Bringing V5.2 Interfaces "In Service" .................................................301
33 Configuring Security Settings ........................................................................ 303
33.1 Security Configuration Guidelines ................................................................ 305
33.2 Secure Operation Mode .................................................................................. 306
33.2.1 Enabling Secure Operation Mode ......................................................... 307
33.2.2 Disabling Secure Operation Mode ........................................................ 308
33.3 Secure Access to the SNMP Management Interface .................................... 308
33.4 Secure Access to the CLI Interface................................................................ 309
33.4.1 SSH Protocol ........................................................................................ 309
33.4.2 SCP and SFTP Protocols ..................................................................... 309
33.5 Disabled Remote Root Login ......................................................................... 309
33.5.1 Enabling a Direct Remote Root Login ................................................... 310
33.5.2 Disabling a Direct Remote Root Login .................................................. 311
33.6 OS Hardening .................................................................................................. 311
33.7 OS Security Patches (on SC boards) ............................................................. 312
33.7.1 Installing OS Security Patches from a Latest Installation Package ....... 313
33.7.2 Installing the Latest OS Security Patches from the “OS Security Patch
Bundle” ............................................................................................... 315
33.8 File System Integrity ....................................................................................... 316
33.8.1 Viewing the File System Integrity Status ............................................... 316
33.8.2 Scheduling File System Integrity Check ............................................... 318
33.8.3 Restoring File System Integrity ............................................................. 319
33.9 OS Auditing on SC Boards ............................................................................. 320
33.9.1 Auditing Goal ........................................................................................ 320
33.9.2 Auditing Trail File .................................................................................. 320
33.9.3 OS Auditing on the Mediant 8000 Media Gateway ............................... 321
33.9.3.1 Analyzing the Audit Trail File on the Solaris OS ................................321
33.9.3.2 Analyzing the Audit Trail File on the Linux OS ..................................321
33.10 X.509 Public Key Infrastructure ..................................................................... 325
33.10.1 Initial Configuration ............................................................................... 326
33.10.2 Self-Signed Certificate .......................................................................... 327
33.10.3 Generating a Certificate Signing Request (CSR) .................................. 329
33.10.4 Adding Certificates to the Auxiliary Files Repository ............................. 331
33.10.5 Activating the new X.509 Certificates on the Media Gateway ............... 331
33.10.6 Configuring an X.509 Certificate Expiration Date Reminder ................ 336
33.10.7 Generating a New Private Key ............................................................. 337
33.10.8 Checking Certificate Revocation Status ................................................ 338
33.11 IPSEC and IKE ................................................................................................. 339
33.11.1 For Management Interfaces (on SC boards) ......................................... 339
33.11.1.1 IKE Protocol .......................................................................................339
33.11.1.2 IPSEC Protocol ..................................................................................340
33.11.2 For Call Control and Signaling Interfaces (on TP boards) ..................... 340
33.11.2.1 IKE Protocol .......................................................................................340
33.11.2.2 IPSEC Protocol ..................................................................................340
To Next Page
Loading...
Need help?
General
