Scribd
Upload
74 views

00-2 Contents PDF

This document provides guidance on security management for the OptiX iManager T2000. It discusses managing security at the Solaris operating system level, database level, and network management (NM) user level. Specific topics covered include setting passwords, managing users and groups, configuring access controls, and enabling remote maintenance users. The document aims to help administrators securely configure and manage the T2000 system.

Uploaded by

Evelyn González
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
74 views

00-2 Contents PDF

This document provides guidance on security management for the OptiX iManager T2000. It discusses managing security at the Solaris operating system level, database level, and network management (NM) user level. Specific topics covered include setting passwords, managing users and groups, configuring access controls, and enabling remote maintenance users. The document aims to help administrators securely configure and manage the T2000 system.

Uploaded by

Evelyn González
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

OptiX iManager T2000

Administrator Guide Contents

Contents

About This Document.....................................................................................................................1


1 Starting and Shutting Down the T2000.................................................................................1-1
1.1 Starting the T2000...........................................................................................................................................1-2
1.1.1 Starting the T2000 Server......................................................................................................................1-2
1.1.2 Logging In to the T2000 Client..............................................................................................................1-3
1.2 T2000 Process.................................................................................................................................................1-3
1.3 Viewing the T2000 Process Status..................................................................................................................1-4
1.4 Shutting Down the T2000...............................................................................................................................1-5
1.4.1 Exiting a T2000 Client...........................................................................................................................1-5
1.4.2 Shutting Down the T2000 Server...........................................................................................................1-6

2 Security Management................................................................................................................2-1
2.1 Security Management Strategy.......................................................................................................................2-3
2.2 Managing Solaris Security..............................................................................................................................2-3
2.2.1 Introduction to Solaris Users..................................................................................................................2-4
2.2.2 Changing the Password of User root......................................................................................................2-4
2.2.3 Changing the Password of User sybase..................................................................................................2-5
2.2.4 Changing the Password of User t2000...................................................................................................2-5
2.2.5 Removing Redundant Hosts Configuration Files...................................................................................2-6
2.2.6 Inhibitting User sybase from Using FTP................................................................................................2-6
2.3 Managing Application Security......................................................................................................................2-6
2.3.1 Introduction to Database Users..............................................................................................................2-7
2.3.2 Changing the Password of Database Users............................................................................................2-7
2.4 Setting Security Policy for an NM User..........................................................................................................2-8
2.4.1 Setting the Password Template..............................................................................................................2-9
2.4.2 Setting the Password Reuse Frequency................................................................................................2-10
2.4.3 Setting the Password Reuse Period......................................................................................................2-11
2.4.4 Configuring the Warning Screen for Login.........................................................................................2-11
2.4.5 Configuring the Weakness Password Dictionary.................................................................................2-12
2.4.6 Modifying NM User Validity...............................................................................................................2-12
2.4.7 Modifying NM User Password Validity..............................................................................................2-14
2.4.8 Setting User Lockout Duration............................................................................................................2-15
2.4.9 Unlocking an NM User........................................................................................................................2-16

Issue 03 (2007-06-30) Huawei Technologies Proprietary i


OptiX iManager T2000
Contents Administrator Guide

2.4.10 Initializing the T2000 User Password................................................................................................2-16


2.5 Creating NM Users........................................................................................................................................2-17
2.5.1 Creating an NM User...........................................................................................................................2-17
2.5.2 Assigning Authority and Equipment for a Single NM User................................................................2-18
2.5.3 Setting Client Access Control..............................................................................................................2-20
2.5.4 Changing the NM User Password........................................................................................................2-21
2.5.5 Deleting an NM User...........................................................................................................................2-21
2.6 Creating NM User Groups............................................................................................................................2-21
2.6.1 Creating an NM User Group................................................................................................................2-22
2.6.2 Assigning the Members for an NM User Group..................................................................................2-23
2.6.3 Assigning Authority and Equipment for an NM User Group..............................................................2-24
2.7 Creating Operation Sets................................................................................................................................2-25
2.7.1 Operation Set Type...............................................................................................................................2-26
2.7.2 Creating an Operation Set....................................................................................................................2-26
2.8 Creating an Equipment Set............................................................................................................................2-28
2.9 Example: Creating a User and Assigning Its Authority................................................................................2-30
2.10 Managing T2000 Login...............................................................................................................................2-34
2.10.1 Locking the T2000 Client Screen.......................................................................................................2-34
2.10.2 Switching a Logged-In NM User.......................................................................................................2-35
2.10.3 Forcing an NM User to Log Out of the T2000..................................................................................2-35
2.10.4 Switching to the Single User Mode....................................................................................................2-36
2.11 Managing the Remote Maintenance User...................................................................................................2-36
2.11.1 Enabling a Remote Maintenance User...............................................................................................2-37
2.11.2 Changing the Remote Maintenance User Password..........................................................................2-37
2.11.3 Setting the Remote Maintenance User Authority..............................................................................2-39
2.11.4 Setting the Remote Maintenance User Validity.................................................................................2-40
2.12 Configuring Network Security....................................................................................................................2-41
2.12.1 Setting SSL Protocol Communication Between Server and Client...................................................2-41
2.12.2 Controlling Communication Between NE and T2000 Through Ethernet Port..................................2-43
2.12.3 Controlling Communication Between NE and T2000 Through a Serial Port....................................2-44
2.12.4 Controlling Communication Between NE and LCT..........................................................................2-45
2.13 Setting the NE ACL....................................................................................................................................2-45
2.13.1 ACL....................................................................................................................................................2-46
2.13.2 Setting Basic ACL Rules....................................................................................................................2-46
2.13.3 Setting the Advanced ACL Rules......................................................................................................2-47
2.14 Managing NE Users....................................................................................................................................2-47
2.14.1 Creating an NE User and Assigning Its Authority.............................................................................2-48
2.14.2 Changing the NE User Password.......................................................................................................2-49
2.14.3 Querying NE Security Parameters.....................................................................................................2-50
2.14.4 Querying NE User Groups.................................................................................................................2-51
2.15 Managing NE Login....................................................................................................................................2-51
2.15.1 Locking Out NE Login.......................................................................................................................2-52

ii Huawei Technologies Proprietary Issue 03 (2007-06-30)


OptiX iManager T2000
Administrator Guide Contents

2.15.2 Locking Out NE Settings...................................................................................................................2-52


2.15.3 Switching a Logged-In NE User........................................................................................................2-53
2.15.4 Forcing NE Users to Log Out of the NE............................................................................................2-53
2.16 Managing Security Log...............................................................................................................................2-54
2.16.1 Operation Log....................................................................................................................................2-55
2.16.2 Viewing the T2000 Security Logs.....................................................................................................2-55
2.16.3 Setting a Scheduled Security Log Dump...........................................................................................2-55
2.16.4 Setting Overflow Dump for Security Log..........................................................................................2-56
2.16.5 Dumping Security Log Immediately..................................................................................................2-57
2.16.6 Viewing the NE Security Logs...........................................................................................................2-58
2.16.7 Transferring Operation Logs to Syslog Server..................................................................................2-59
2.17 Transferring NE Logs to Log Servers.........................................................................................................2-59
2.17.1 Syslog Service....................................................................................................................................2-60
2.17.2 Configuring the Syslog Server...........................................................................................................2-63
2.17.3 Configuring the Syslog GNE.............................................................................................................2-63
2.17.4 Configuring the Syslog Type and Severity........................................................................................2-64
2.17.5 Starting the Syslog Service................................................................................................................2-64

3 Backing Up and Restoring Databases....................................................................................3-1


3.1 Dump and Backup...........................................................................................................................................3-3
3.2 Methods of Backing Up and Restoring T2000 Data.......................................................................................3-3
3.3 Backing Up T2000 Data to a Local Server.....................................................................................................3-9
3.3.1 Backing Up the T2000 MO Data Immediately....................................................................................3-10
3.3.2 Backing Up the T2000 MO Data Periodically.....................................................................................3-10
3.3.3 Backing Up All Data in the T2000 Database.......................................................................................3-11
3.3.4 Backing Up T2000 Network Layer Data Through Script Export........................................................3-12
3.4 Backing Up T2000 Data to a Remote Server................................................................................................3-13
3.4.1 Backing Up the T2000 MO Data Immediately....................................................................................3-13
3.4.2 Backing Up the T2000 MO Data Periodically.....................................................................................3-14
3.4.3 Backing Up All Data in the T2000 Database Immediately..................................................................3-16
3.4.4 Backing Up All Data in the T2000 Database in a Scheduled Manner.................................................3-17
3.4.5 Configuring a Scheduled Task.............................................................................................................3-18
3.5 Initializing the T2000 Database....................................................................................................................3-19
3.6 Initializing NE Configuration Data in the T2000..........................................................................................3-20
3.7 Restoring T2000 Data from a Local Server..................................................................................................3-21
3.7.1 Restoring the T2000 MO Data.............................................................................................................3-21
3.7.2 Restoring All Data in the T2000 Database...........................................................................................3-23
3.7.3 Restoring T2000 Network Layer Data Through Script Export............................................................3-23
3.8 Restoring T2000 Data from a Remote Server...............................................................................................3-24
3.8.1 Restoring the T2000 MO Data.............................................................................................................3-25
3.8.2 Restoring All Data in the T2000 Database...........................................................................................3-26
3.9 Viewing the Status of Databases...................................................................................................................3-27
3.10 Dumping Databases.....................................................................................................................................3-28

Issue 03 (2007-06-30) Huawei Technologies Proprietary iii


OptiX iManager T2000
Contents Administrator Guide

3.10.1 Dumping Alarms Manually................................................................................................................3-28


3.10.2 Dumping Alarms Automatically........................................................................................................3-29
3.10.3 Dumping Performance Data Manually..............................................................................................3-30
3.10.4 Dumping Performance Data Automatically.......................................................................................3-31
3.11 Backing Up NE Databases..........................................................................................................................3-33
3.12 Configuration Upgrade Wizard...................................................................................................................3-33

4 File and Disk Management......................................................................................................4-1


4.1 T2000 File System.......................................................................................................................................... 4-2
4.1.1 System Architecture...............................................................................................................................4-2
4.1.2 File System of the T2000 Server............................................................................................................4-2
4.1.3 File System of the T2000 Client............................................................................................................ 4-4
4.2 Checking Disk Space Usage........................................................................................................................... 4-5
4.3 Viewing Disk Status........................................................................................................................................4-5
4.4 Clearing Disk Space........................................................................................................................................4-6

5 Setting System Time..................................................................................................................5-1


5.1 Setting Time on the T2000 Server.................................................................................................................. 5-2
5.1.1 Changing the T2000 Server Time and Date...........................................................................................5-2
5.1.2 Changing the Time Zone of the T2000 Server.......................................................................................5-3
5.1.3 Setting the Daylight Saving Time on the T2000 Server........................................................................ 5-3
5.2 Configuring the NTP Service on the T2000 Server........................................................................................5-4
5.2.1 NTP Service........................................................................................................................................... 5-5
5.2.2 Time Synchronization Scheme...............................................................................................................5-5
5.2.3 Configuring the T2000 Server as the Highest Level NTP Server..........................................................5-6
5.2.4 Configuring the T2000 Server as a Medium Stratum NTP Server........................................................5-7
5.2.5 Configuring the T2000 Server As an NTP Client..................................................................................5-7
5.2.6 Starting the NTP Service........................................................................................................................5-8
5.2.7 Stopping the NTP Service......................................................................................................................5-8
5.2.8 Checking the Running Status of the NTP Service................................................................................. 5-9
5.3 Setting Time on the T2000 Client.................................................................................................................5-10
5.3.1 Changing the T2000 Client Time and Time Zone...............................................................................5-11
5.3.2 Starting the NTP server on the T2000 Client.......................................................................................5-11

6 Setting Host Name and IP Address of the T2000 Server ...................................................6-1


6.1 Modifying the Host Name of the T2000 Server..............................................................................................6-2
6.2 Modifying the IP Address of the T2000 Server..............................................................................................6-2

7 T2000 Routine Maintenance.....................................................................................................7-1


7.1 Maintenance Items.......................................................................................................................................... 7-2
7.2 Maintenance Operations..................................................................................................................................7-2
7.2.1 Checking Communication Between the T2000 Server and NEs........................................................... 7-3
7.2.2 Viewing Current NM Alarms.................................................................................................................7-3
7.2.3 Viewing Database Status .......................................................................................................................7-4
7.2.4 Viewing T2000 Server Status................................................................................................................ 7-5

iv Huawei Technologies Proprietary Issue 03 (2007-06-30)


OptiX iManager T2000
Administrator Guide Contents

7.2.5 Checking Disk Space Usage..................................................................................................................7-5


7.2.6 Periodically Changing the Password of NM .........................................................................................7-5
7.2.7 Checking Settings of Log Dump ...........................................................................................................7-5
7.2.8 Checking Configuration Data Consistency Between an NE and the T2000..........................................7-6
7.2.9 Backing Up the T2000 Data ..................................................................................................................7-6

8 Urgent Maintenance for the T2000..........................................................................................8-1


8.1 Urgent Maintenance of the T2000 Server.......................................................................................................8-2
8.2 Urgent Maintenance of the T2000 Client........................................................................................................8-2
8.3 Urgent Maintenance upon T2000 Server Power Failure.................................................................................8-2
8.3.1 Cannot Start the Operating System Because of System File Loss.........................................................8-3
8.3.2 Terminal Information of Manually Executing fsck to Repair File System............................................8-4
8.3.3 Suspending of the Database...................................................................................................................8-4

9 Handling Faults..........................................................................................................................9-1
9.1 General Thoughts About Troubleshooting......................................................................................................9-2
9.2 Process of Troubleshooting.............................................................................................................................9-2
9.2.1 Collecting Data.......................................................................................................................................9-2
9.2.2 Locating Faults.......................................................................................................................................9-3
9.2.3 Handling Faults......................................................................................................................................9-3

10 FAQ...........................................................................................................................................10-1
10.1 About the Operating System ......................................................................................................................10-2
10.1.1 How to Set the Default Router...........................................................................................................10-2
10.1.2 How to Add a Static Route.................................................................................................................10-2
10.1.3 How to View the Hardware Configuration of the T2000 Server.......................................................10-3
10.1.4 How to View the Solaris Version.......................................................................................................10-4
10.1.5 How to Handle Abnormal Shutdown of the Workstation..................................................................10-4
10.2 About the Database.....................................................................................................................................10-5
10.2.1 How to Confirm the Sybase Process Is Started..................................................................................10-5
10.2.2 How to Start the Database Server Manually......................................................................................10-6
10.3 About the T2000..........................................................................................................................................10-6
10.3.1 What are the Factors Affecting Response Speed of T2000................................................................10-6
10.3.2 How to Confirm the T2000 Server Is Started on UNIX....................................................................10-6
10.3.3 How to Handle the Failure of Connection Between the T2000 Server and an NE............................10-7

A Service Ports Description.......................................................................................................A-1


A.1 Background....................................................................................................................................................A-2
A.2 Notes and Precautions...................................................................................................................................A-2
A.3 Service Ports Used by the T2000..................................................................................................................A-2
A.4 How to Query Service Ports..........................................................................................................................A-6

B Solaris Common Commands..................................................................................................B-1


B.1 Solaris Common Operations..........................................................................................................................B-2
B.1.1 Directory Browse and Control Commands...........................................................................................B-2

Issue 03 (2007-06-30) Huawei Technologies Proprietary v


OptiX iManager T2000
Contents Administrator Guide

B.1.2 File Maintenance Commands...............................................................................................................B-2


B.1.3 Text File Content-Displaying Commands............................................................................................B-3
B.2 User Management Commands.......................................................................................................................B-3
B.3 Utility Commands and Programs...................................................................................................................B-4
B.4 System Resource Commands.........................................................................................................................B-4
B.5 Network Communication Commands............................................................................................................B-5

C T2000 Commands and Applications.....................................................................................C-1


D Common Maintenance Tools................................................................................................D-1
E Glossary.......................................................................................................................................E-1
F Acronyms and Abbreviations..................................................................................................F-1
Index.................................................................................................................................................i-1

vi Huawei Technologies Proprietary Issue 03 (2007-06-30)


OptiX iManager T2000
Administrator Guide Figures

Figures

Figure 2-1 IP and ECC hybrid networking-1.....................................................................................................2-60


Figure 2-2 IP and ECC hybrid networking-2.....................................................................................................2-61
Figure 2-3 ECC independent networking...........................................................................................................2-62
Figure 5-1 NTP synchronisation networking.......................................................................................................5-5
Figure 5-2 The status of the highest level NTP server.........................................................................................5-9
Figure 5-3 The status of a medium level NTP server.........................................................................................5-10
Figure 5-4 The status of an NTP client..............................................................................................................5-10

Issue 03 (2007-06-30) Huawei Technologies Proprietary vii


OptiX iManager T2000
Administrator Guide Tables

Tables

Table 1-1 T2000 processes...................................................................................................................................1-4


Table 2-1 Introduction to Solaris users.................................................................................................................2-4
Table 2-2 Comparison of NM application and NM for transmission network..................................................2-26
Table 2-3 Operation log danger level.................................................................................................................2-55
Table 2-4 Configuration List..............................................................................................................................2-61
Table 2-5 Configuration List..............................................................................................................................2-62
Table 3-1 Script files the T2000 provides............................................................................................................3-5
Table 3-2 Characteristics and application scenarios of three data maintenance methods....................................3-8
Table 4-1 Major directory architecture for the T2000 server software (UNIX)...................................................4-3
Table 4-2 Major directory architecture for the T2000 server software (Windows).............................................4-3
Table 4-3 Major directories for the T2000 client software...................................................................................4-4
Table 7-1 Table of maintenance items ................................................................................................................ 7-2
Table B-1 Directory browse and control commands...........................................................................................B-2
Table B-2 File maintenance commands...............................................................................................................B-2
Table B-3 Display and browse commands for text files......................................................................................B-3
Table B-4 Solaris user management commands..................................................................................................B-3
Table B-5 Utility commands and programs.........................................................................................................B-4
Table B-6 System resource report and management commands.........................................................................B-4
Table B-7 Network communication commands..................................................................................................B-5
Table C-1 Common applications in Windows.....................................................................................................C-1
Table C-2 Common applications in UNIX..........................................................................................................C-2
Table D-1 Common maintenance tools in Windows...........................................................................................D-1
Table D-2 Common maintenance tools in UNIX................................................................................................D-2

Issue 03 (2007-06-30) Huawei Technologies Proprietary ix

You might also like