Nokia IP265 Security Guide - Page 10

Service SSH TLS Boot manager commands SNMPv3 Get commands (Implemented in IPSO 3.9 only) Interface commands Description Input Provide authenticated and encrypted sessions while using the CLI SSH key transport (SSHv1) or SSH key agreement (SSHv2) parameters, SSH inputs, and data Provide authenticated and encrypted sessions while using the Check Point management interface TLS handshake parameters, TLS inputs, and data Control the boot-up process and obtain system information View MIB values Commands and configuration data Commands Configure, manage, and view physical and logical interfaces through the CLI: view all interfaces; delete any logical interface; view tunnels; view status and statistics; configure ARP behavior, physical and logical ATM interfaces, physical and logical Ethernet interfaces, physical and logical FDDI interfaces, physical and logical ISDN interfaces, physical or logical loopback interfaces, and physical and logical serial interfaces Commands and configuration data Output SSH outputs and data TLS outputs and data Status of commands and configuration data Status of commands, configuration data Status of commands and configuration data Critical Security Parameter (CSP) Access RSA (SSHv1 and SSHv2) or DSA (SSHv2) host key pair (read access) ;RSA (SSHv1 and SSHv2) or DSA (SSHv2) authorized key (read access); RSA server key (SSHv1 only, read access); DiffieHellman key pair for SSHv2 key exchange (read/write access); session key for SSH (read/write access); X9.31 PRNG keys (read access) RSA key pair for TLS key transport (read access); session keys for TLS (read/write access); X9.31 PRNG keys (read access) Password (read/write access) Password (read access) The password itself is read-write while the v3 service is read access © Copyright 2005, 2006, 2007 Nokia Page 10 of 43 This document may be freely reproduced and distributed whole and intact including this Copyright Notice.