Security Basics mailing list archives
R: CISCO Catalyst
From: "Vega - Brunello Ivan" <I.Brunello () vegaspa it>
Date: Wed, 23 Jan 2008 17:55:30 +0100
In short: setup a TACACS+ server (that is, a server which manages the userbase). This way, you can: - setup users in a centralized location, and optionally bind user to external userbase (e.g. Active Directory, LDAP, or SQL). - set password policies (if you use external userbase, external userbase policy apply). - group users by role. - grant users or groups access to every single command (TACACS+ lets you do, something else like RADIUS cannot). - have log of every single action. AFAIK the only one (for tacacs) is Cisco own ACS product. Dunno if there are cheaper (and better) alternatives. Ivan Brunello System & Network Management -----Messaggio originale----- Da: listbounce () securityfocus com [mailto:listbounce () securityfocus com] Per conto di pepsdiaz () gmail com Inviato: mercoledì 23 gennaio 2008 10.27 A: security-basics () securityfocus com Oggetto: CISCO Catalyst Dear all, I need to audit a CISCO Catalyst 6509 and 2950. I would like to know, if you can set up several users in order log their activities on it and how to do that. Besides, I would like to know if you can set up password protection measures like: - Change password periodically. - Lenght of password - Historical of password Can you set up more than one user role or just the administrator? Thanks in advance to everybody.
Current thread:
- CISCO Catalyst pepsdiaz (Jan 23)
- RE: CISCO Catalyst Worrell, Brian (Jan 23)
- Re: CISCO Catalyst Leif Hardison (Jan 23)
- Re: CISCO Catalyst Andrea Gatta (Jan 23)
- RE: CISCO Catalyst Erik Soosalu (Jan 23)
- Re: CISCO Catalyst Gou, S.TOKIDA (Jan 23)
- Re: CISCO Catalyst a42n8k9 dejazzd.com (Jan 23)
- RE: CISCO Catalyst Aaron T. Rohyans (Jan 23)
- R: CISCO Catalyst Vega - Brunello Ivan (Jan 23)
- RE: CISCO Catalyst Worrell, Brian (Jan 23)
- Re: R: CISCO Catalyst Jens Link (Jan 23)
- RE: R: CISCO Catalyst Erik Soosalu (Jan 23)
- Re: CISCO Catalyst brian . bevers (Jan 23)
- RE: CISCO Catalyst Worrell, Brian (Jan 23)