20-6
Cisco ONS 15454 DWDM Installation and Operations Guide, R6.0
August 2005
Chapter 20 Security Reference
20.2.2 Security Policies
20.2.2 Security Policies
Superusers can provision security policies on the ONS 15454. These security policies include idle user
timeouts, password changes, password aging, and user lockout parameters. In addition, Superusers can
access the ONS 15454 through the TCC2/TCC2P RJ-45 port, the backplane LAN connection, or both.
20.2.2.1 Idle User Timeout
Each ONS 15454 CTC or TL1 user can be idle during his or her login session for a specified amount of
time before the CTC window is locked. The lockouts prevent unauthorized users from making changes.
Higher-level users have shorter default idle periods and lower-level users have longer or unlimited
default idle periods, as shown in Table 20-3. The user idle period can be modified by a Superuser; refer
to the “NTP-G88 Modify Users and Change Security” procedure on page 10-45.
Circuits Circuits Create/Edit/Delete — — X X
Filter/Search X X X X
Rolls Create/Edit/Delete — — X X
Filter/Search X X X X
Provisioning Security Users: Create/Delete — — — X
Users: Change Same User Same User Same User All Users
Active logins: Logout — — — X
Policy: Change — — — X
Alarm Profiles New/Load/Store/Delete
1
—— X X
Compare/Available/Usage X X X X
BLSR (ANSI)
MS-SPRing (ETSI)
Create/Edit/Delete/Upgrade — — X X
Overhead Circuits Create/Delete/Edit/Merge — — X X
Search X X X X
Provisionable
Patchcords (PPC)
Create/ Delete — — X X
Maintenance Software Download/Cancel X X X X
1. The action buttons in the subtab are active for all users, but the actions can be completely performed only by the users assigned with the required security
levels.
Table 20-2 ONS 15454 Security Levels—Network View (continued)
CTC Tab Subtab [Subtab]: Actions Retrieve Maintenance Provisioning Superuser
Table 20-3 ONS 15454 Default User Idle Times
Security Level Idle Time
Superuser 15 minutes
Provisioning 30 minutes
To Next Page
Loading...
