ZXR10M6000&T8000&8900ESecurityTarget
1.RADIUSauthenticationgroupisunreachable
2.RADIUSaccountingservergroupisunreachable
3.RADIUSbufferqueueexceedsthethreshold
lNTPalarmlog
1.TheclockofNTPserverandclientarenotsynchronizedACLalarm
lACLalarm
1.ACLaggregationistoolarge
lRIP/OSPF/IS-IS/BGPalarm
1.authenticationsuccess
2.authenticationfailure
Commandlogging:allactivitiesperformedbytheadministratorarerecordedinthe
Commandlog.
TheTOEisconguredtorecordallauditableevents.Logsareconguredinthefollowing
contexts:
1.Logle—Loglescontainlogeventmessagestreams.
2.SNMPtrapgroups—SNMPtrapgroupscontainanIPaddressandcommunitynames
whichidentifytargetstosendtrapsfollowingspeciedevents.
3.SYSLOG—InformationissenttoaSYSLOGhostthatiscapableofreceivingselected
SYSLOGmessagesfromanetworkelement.
4.Eventlters—Aneventlterdeneswhethertoforwardordropaneventortrapbased
onmatchcriteria.
LoglevelisassociatedwiththeAlarmlogtocontrolwhicheventswillbeloggedinthe
eventlogbasedonseveritywhereloglevelshallbeconguredatleast6(basicloglevel).
lFAU_GEN.2Useridentityassociation
TheTOEisabletoassociateeachauditableeventwiththeidentityoftheadministrator
thatcausedtheevent.TheCommandlogrecordisassociatedwithanadministrator.
Othertypesoflogsareassociatedwithunauthenticateduser/application.
lFAU_SAR.1Auditreview
Theadministratorreadsalltheinformationinthelogdestinations(i.e.,memory,ora
leonthelocallesystem)viaCLIcommands.
Theadministratorexecutesthefollowinglogcommands:
1.CongurationCommands;
2.LogFileCommands;
3.AlarmlevellterCommands;
4.SYSLOGCongurationCommands;
5.SNMPTrapGroups;
6.ShowCommands;
lFAU_STG.1,FAU_STG.4ProtectedaudittrailstorageandPreventionofauditdata
loss
TheTOEprotectsstoredauditrecordsstoredinsidetheTOEfromunauthorized
deletionandmodicationsbyonlyallowauthenticatedandauthorizedadministrator
6-2
SJ-20110815105844-030|2011/08/19(R1.6)ZTECORPORATION
To Next Page
Loading...
