Cisco CISCO2851 User Guide - Page 7
Roles and Services - image
View all Cisco CISCO2851 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 7 highlights
Cisco 2851 Routers Table 4 Cisco 2851 FIPS 140-2 Logical Interfaces (Continued) 10/100 Ethernet LAN Port LEDs AIM LEDs PVDM LEDs Power LED Activity LEDs Auxiliary LED Compact Flash LED Console Port Auxiliary Port Main Power Plug Redundant Power Supply Plug Status Output Interface Power Interface There are two USB ports but they are not supported currently. The ports will be supported in the future for smartcard or token reader. The CF card that stored the IOS image is considered an internal memory module, because the IOS image stored in the card may not be modified or upgraded. The card itself must never be removed from the drive. Tamper evident seal will be placed over the card in the drive. Roles and Services Authentication in Cisco 2851 is role-based. There are two main roles in the router that operators can assume: the Crypto Officer role and the User role. The administrator of the router assumes the Crypto Officer role in order to configure and maintain the router using Crypto Officer services, while the Users exercise only the basic User services. The module supports RADIUS and TACACS+ for authentication. A complete description of all the management and configuration capabilities of the router can be found in the Performing Basic System Management manual and in the online help for the router. User Services Users enter the system by accessing the console port with a terminal program or via IPSec protected telnet or SSH session to a LAN port. The IOS prompts the User for username and password. If the password is correct, the User is allowed entry to the IOS executive program. The services available to the User role consist of the following: • Status Functions-View state of interfaces and protocols, version of IOS currently running. • Network Functions-Connect to other network devices through outgoing telnet, PPP, etc. and initiate diagnostic network services (i.e., ping, mtrace). • Terminal Functions-Adjust the terminal session (e.g., lock the terminal, adjust flow control). • Directory Services-Display directory of files kept in flash memory. OL-8717-01 Cisco 2851 Integrated Services Router FIPS 140-2 Non Proprietary Security Policy 7