Cisco 7609-S User Guide - Page 10

Functions (r, w, x, z) Terminal Functions Directory Services Perform SelfTests through SSH, telnet, PPP, etc. and initiate diagnostic network services (i.e., ping, mtrace). Adjust the terminal session (e.g., lock the terminal, adjust flow control). Display directory of files kept in flash memory. Perform the FIPS 140 start-up tests on demand Table 4 - User Services shared secret, DH private exponent, SSH Private key, SSH session key N/A N/A N/A b. Crypto Officer Services During initial configuration of the router, the Crypto Officer password (the "enable" password) is defined. A Crypto Officer can assign permission to access the Crypto Officer role to additional accounts, thereby creating additional Crypto Officers. The Crypto Officer role is responsible for the configuration and maintenance of the router. Just like the User, the Crypto Officer can access the router via the console port or via SSH session. The Crypto Officer services consist of the following: Services & Access Configure the router (r, w, z) Description Define network interfaces and settings, create command aliases, set the protocols the router will support, enable interfaces and network services, set system date and time, and load authentication information. Keys & CSPs User password, Enable password, RADIUS secret, TACACS+ secret, DH shared secret, Router Authentication key, PPP authentication key, SSH private key Define Rules and Filters View Status Functions (r, x) Create packet Filters that are applied to User data streams on each interface. Each Filter consists of a set of Rules, which define a set of packets to permit or deny based on characteristics such as protocol ID, addresses, ports, TCP connection establishment, or packet direction. View the router configuration, routing tables, active sessions, use gets to view SNMP MIB statistics, health, temperature, memory status, voltage, packet statistics, review accounting logs, and view physical interface N/A User password, Enable password, RADIUS secret, TACACS+ secret, DH shared secret, Router Authentication key, PPP authentication key, SSH private key © Copyright 2011 Cisco Systems, Inc. 10 This document may be freely reproduced and distributed whole and intact including this Copyright Notice.