03 security management
DESCRIPTION
OSN500TRANSCRIPT
-
OptiX iManager T2000 Operation Manual for SDH Contents
Huawei Technologies Proprietary
i
Contents
3 Security Management 3-1
3.1 Creating NE User and Assigning Authority 3-2
3.2 Managing NE Login 3-3
3.2.1 Switching NE User 3-3
3.2.2 Forcing NE User to Log out NE 3-4
3.2.3 Locking NE Login 3-4
3.2.4 Locking NE Settings 3-5
3.2.5 Setting NE Security Parameters 3-6
3.2.6 Browsing NE Security Log 3-7
3.3 Creating NM User 3-9
3.3.1 Adding Operation Set 3-9
3.3.2 Adding Equipment Set 3-10
3.3.3 Adding NM User Group 3-11
3.3.4 Modifying Authority of NM User Group 3-11
3.3.5 Creating NM User and Assign Authority 3-13
3.3.6 Slightly Adjusting Authority of NM User 3-14
3.3.7 Modifying General User Attribute 3-15
3.3.8 Enabling Remote Maintenance User 3-16
3.4 Managing T2000 Login 3-17
3.4.1 Locking T2000 Client Screen 3-17
3.4.2 Switching NM User 3-17
3.4.3 Switching Between Single User Mode and Multi-user Mode 3-17
-
OptiX iManager T2000 Operation Manual for SDH Contents
Huawei Technologies Proprietary
ii
3.4.4 Forcing Other Users to Exit T2000 3-18
3.4.5 Modifying NM Users Password 3-19
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-1
3 Security Management This chapter introduces some security management tasks of the T2000.
The following tasks are described:
Creating NE User and Assigning Authority
Managing NE Login
Creating NM User
Managing T2000 Login
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-2
3.1 Creating NE User and Assigning Authority
Purpose
Use this procedure to create NE user and assign its authority.
Prerequisite
Super NM user: admin.
Procedure
Step Action 1 Select [System/NE Security Management/NE User Management]
from the Main Menu.
2 In the lower-left pane, select the appropriate NE and click the double-right-arrow button (red).
3 Click . The Add NE User dialog box is displayed.
4 Enter the information of the newly created user in the Add NE User dialog box.
5 Click or .
6 Repeat this procedure to create as many NE users as necessary.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-3
3.2 Managing NE Login
3.2.1 Switching NE User
Purpose
Use this procedure to switch NE user.
Prerequisites
NM user with the authority of system maintainer or above.
The NE user has been created.
The NE user has been logged in.
Procedure
Step Action 1 Select [System/NE Security Management/NE Login Management]
from the Main Menu.
2 In the lower-left pane, select the appropriate NE and click the double-right-arrow button (red).
3 Click to query the current NE user.
4 Click , or right-click an NE entry and select [Switch NE User]. The Switch Current NE User dialog box is displayed.
5 Enter the information of User and Password in the Switch Current NE User combo box.
6 Click .
7 Repeat this procedure to switch as many NE users as necessary.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-4
3.2.2 Forcing NE User to Log out NE
Purpose
Use this procedure to force NE user to log out NE.
Prerequisites
NM user with the authority of "system maintainer" or above.
The NE user has been created.
The NE user has been logged in.
Procedure
Step Action 1 Select [System/NE Security Management/NE Login Management]
from the Main Menu.
2 In the lower-left pane, select the appropriate NEs and click the double-right-arrow button (red).
3 Select the NE entry. Click or right-click it and select [Logout]
4 The Operation Result dialog box is displayed and indicates operation succeeded.
5 Repeat this procedure to lock as many NE users as necessary.
3.2.3 Locking NE Login
Purpose
Use this procedure to lock NE login.
Prerequisites
NM user with the authority of system maintainer or above.
The current NE user has the highest level in all login NE users.
Procedure
Step Action 1 Select [System/NE Security Management/NE Login Lock] from the
Main Menu.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-5
Step Action 2 In the lower-left pane, select the appropriate NEs and click the
double-right-arrow button (red).
3 Click to query the Login Lock Status.
4 If the value of Login Lock Status is Unlocked, select it and click or right-click it and select [Lock Login].
5 Repeat this procedure to lock as many NE users as necessary.
3.2.4 Locking NE Settings
Purpose
Use this procedure to lock NE settings.
Prerequisite
NM user with the authority of system maintainer or above.
Procedure
Step Action 1 Select [System/NE Security Management/NE Setting Lock] from the
Main Menu.
2 In the lower-left pane, select the appropriate NE and click the double-right-arrow button (red).
3 Click to query the Set Lock Status.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-6
Step Action 4 If the value of Set Lock Status is No, select it and click or right-click it and select [Lock Settings]. The Set Lock Window dialog box is displayed.
5 Select Permanent Locking check box for permanent locking of the current NE settings or enter the value of Duration (10-10000) seconds for temporary locking. Click .
6 Repeat this procedure to lock as many NE users as necessary.
3.2.5 Setting NE Security Parameters
Purpose
Use this procedure to set and update NE security parameters.
Prerequisite
NM user with the authority of system operator or above.
Procedure
Step Action 1 Select [System/NE Security Management/NE Security Parameters]
from the Main Menu.
2 In the lower-left pane, select the appropriate NE and click the double-right-arrow button (red).
3 Click to query the security paramerters of current NE.
4 Modify the parameters according to your need.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-7
Step Action 5 Repeat this procedure to set as many security parameters of NE
users as necessary.
3.2.6 Browsing NE Security Log
Purpose
All operations to NE by all users and results of the operations are recorded in the NE security log. It provides the functions of browsing NE security log and filtering by the conditions of NE user, event name and generating time.
Use this procedure to browse NE security log.
Prerequisite
NM user with the authority of system operator or above.
Procedure
Step Action 1 Select [System/NE Security Management/NE Security Log] from the
Main Menu.
2 In the lower-left pane, select the appropriate NE and click the double-right-arrow button (red).
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-8
Step Action 3 Customize the log fliter conditions and click .
4 Repeat this procedure to set as many security parameters of NE users as necessary.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-9
3.3 Creating NM User
3.3.1 Adding Operation Set
Purpose
After planning and creating an operation set, authorize a specific user group. All users in this group have the right to perform the operations in the operation set.
This management mode helps in unified assignment and management of the T2000 user authority.
Use this procedure to create operation set.
Prerequisite
Super NM user: admin.
Procedure
Step Action 1 Select [System/NM Security Management/NM User Management]
from the Main Menu.
2 Right-click the . Select [Create Operation Set].
3 Enter information of the newly created operation set in the "Create Operation Set" dialog box, and click or .
4 Repeat this procedure to create as many operation sets as necessary.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-10
3.3.2 Adding Equipment Set
Purpose
After planning and creating an equipment set, authorize a specific user group to make users in the group have the right to operate the equipments in the equipment set.
This management mode helps in unified assignment and management of the T2000 user authority.
Use this procedure to create equipment set.
Prerequisite
Super NM user: admin.
Procedure
Step Action 1 Select [System/NM Security Management/NM User Management]
from the Main Menu.
2 Right-Click the . Select [Create Equipment Set].
3 Enter information of the newly created equipment set in the "Create Equipment Set" dialog box, and click or .
4 Repeat this procedure to create as many equipment sets as necessary.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-11
3.3.3 Adding NM User Group
Purpose
Use this procedure to create NM user group.
Prerequisite
Super NM user: admin.
Procedure
Step Action 1 Select [System/NM Security Management/NM User Management]
from the Main Menu.
2 Right-click the . Select [Create User Group].
3 Enter information of the newly created user group in the "Create User Group" dialog box, and click or .
4 Repeat this procedure to create as many NM user groups as necessary.
3.3.4 Modifying Authority of NM User Group
Purpose
Use this procedure to modify authority of an NM user group.
Prerequisite
Super NM user: admin.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-12
Procedure
Step Action 1 Select [System/NM Security Management/NM User Management]
from the Main Menu.
2 Click the . Select the appropriate NM user group.
Note: NM user group authority is not allowed to be modified for the four system default user groups: system administer, system maintainer, system operator, and system supervisor groups.
3 Select the tab Authority. Click , the Add Authority dialog box is displayed.
4 Add authority: Select Type, Subtype, Operation Name and Operation Level. Click . Delete authority: Select the appropriate row, click .
5 Repeat this procedure to modify as many authorities of NM user group as necessary.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-13
3.3.5 Creating NM User and Assign Authority
Purpose
Use this procedure to create NM user and assign its authority.
Prerequisite
Super NM user: admin.
Procedure
Step Action 1 Select [System/NM Security Management/NM User Management]
from the Main Menu.
2 Right-Click the , Select [Create User].
3 Enter information of the newly created user in the "Create User" dialog box, and click or .
Note: Step 1 to step 3 are performed to create the NM user.
4 Click the . Select the new user in the user list.
5 Click the tab "Subjected to". Click .
6 Select the user group in the "Add User Group" dialog box and click the , and click to add the user into this user group.
Note: Step 1 to step 6 are performed to assign the NM user authority.
7 Repeat this procedure to create as many NM users as necessary.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-14
3.3.6 Slightly Adjusting Authority of NM User
Purpose
Use this procedure to slightly adjust authority of NM user.
Prerequisite
Super NM user: admin.
Procedure
Step Action 1 Select [System/NM Security Management/NM User Management]
from the Main Menu.
2 Click the . Select the appropriate user.
3 Select the tab Additional authority. Click . The Add Authority dialog box is displayed.
4 Add authority: Select Type, Subtype, Operation Name and Operation Level. Click . Delete authority: Select the appropriate row. Click .
5 Repeat this procedure to slightly adjust as many authorities of NM users as necessary.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-15
3.3.7 Modifying General User Attribute
Purpose
Use this procedure to modify general user attribute.
Prerequisite
Super NM user: admin.
Procedure
Step Action 1 Select [System/NM Security Management/NM User Management]
from the Main Menu.
2 Click the . Select the appropriate user.
3 Select the tab General.
4 Modify the general attribute. Click .
5 Repeat this procedure to modify as many general attributes of NM users as necessary.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-16
3.3.8 Enabling Remote Maintenance User
Purpose
Use this procedure to enable a remote maintenance user, enabling the T2000 remote maintenance terminal to access the T2000 server for remote maintenance.
Prerequisite
Super NM user: admin.
Procedure
Step Action 1 Select [System/NM Security Management/Remote Maintenance
User Management] from the Main Menu.
2 The Set Remote Maintenance User dialog box is displayed. Set the value of Disable/Enable to Enable.
3 Click .
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-17
3.4 Managing T2000 Login
3.4.1 Locking T2000 Client Screen
Purpose
Use this procedure to lock T2000 client screen.
Prerequisite
None
Procedure
Step Action 1 Select [System/Lock NM Screen] from the Main Menu.
2 The T2000 Client has been locked is displayed.
3.4.2 Switching NM User
Refer to the 1.1.9 Switching T2000 User.
3.4.3 Switching Between Single User Mode and Multi-user Mode
Purpose
You can switch the client login mode: single user mode and multi-user mode. In single user mode, all users currently logged in the client are forced to exit and log in again as "admin".
Use this procedure to switch between single user mode and multi-user mode.
Prerequisite
Super NM user: admin.
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-18
Procedure
Step Action 1 Select [System/Single User Mode] from the Main Menu under the
multi-user mode. Select [System/Multi-user Mode] from the Main Menu under the single user mode.
3.4.4 Forcing Other Users to Exit T2000
Purpose
Use this procedure to force other users to exit T2000. This function is used to force a user having logged in to exit, while the single user login mode is used to force all the other users logged in to exit.
Prerequisite
Super NM user: admin.
Procedure
Step Action 1 Select [System/NM Security Management/NM User Management]
from the Main Menu.
2 Click the . Select the appropriate user.
3 Right-click and select [Force to Exit].
-
OptiX iManager T2000 Operation Manual for SDH 3 Security Management
Huawei Technologies Proprietary
3-19
3.4.5 Modifying NM Users Password
Purpose
Use this procedure to modify current NM users password.
Prerequisite
None
Procedure
Step Action 1 Select [System/Change Password] from the Main Menu.
2 The Set New Password dialog box is displayed.
3 Enter the old password and a new password respectively. Click after confirming the new password.