GE C30 Instruction Manual page 134

PRODUCT SETUP
Setting name
Confirm RADIUS
Authentication
(Shared) Secret
Table 5-4: General security settings
Setting name
Session Lockout
Session Lockout
Period
Syslog Server IP
Address
Syslog Server Port
Number
Device
Authentication
5
Firmware Lock
(via Lock Relay)
Factory Service
Mode
Restore to Defaults Sets the device to factory defaults
Supervisor Role
RADIUS user names Ensures that RADIUS user names are not the
Password
5-16
Description
Confirmation of the shared secret. The
entry displays as asterisks.
Description
Number of failed authentications before the
device blocks subsequent authentication
attempts for the lockout period
The period in minutes that a user is prevented
from logging in after being locked out
The IP address of the target Syslog server to
which all security events are transmitted
The UDP port number of the target syslog
server to which all security events are
transmitted
When enabled, local Device authentication
with roles is allowed. When disabled, the UR
only authenticates to the AAA server (RADIUS).
NOTE: Administrator and Supervisor (if still
enabled) remain active even after Device
authentication is disabled. The only permission
for local Administrator is to re-enable Device
authentication when Device authentication is
disabled. To re-enable Device authentication,
the Supervisor unlocks the device for setting
changes, and then the Administrator can re-
enable Device authentication.
Indicates if the device receives firmware
upgrades. If Enabled and the firmware
upgrade attempt is made, the device denies
the upgrade and displays an error message
that the lock is set. On each firmware upgrade,
this setting goes back to the default.
The Lock Relay setting blocks settings and
firmware updates.
When enabled, the device can go into factory
service mode. To enable, Supervisor
authentication is necessary.
When enabled, the Supervisor role is active. To
enable, Administrator authentication is
necessary. When disabled, the Supervisor role
is inactive. To disable, Supervisor
authentication is necessary.
same as local/device role names
Local/device roles except for Observer are
password-protected. All RADIUS users are
password-protected.
Minimum Maximum
See the 245 characters
Password
Requirements
section
Minimum Maximum Default
0 (lockout 99
disabled)
0 (no period) 9999
0.0.0.0 223.255.
255.254
1 65535
Disabled Enabled
Disabled Enabled
Disabled Enabled
No Yes
Disabled Enabled
See RADIUS See
server RADIUS
documents server
document
s
See the See the
Password following
Requirements password
section earlier section for
in this chapter requireme
nts
C30 CONTROLLER SYSTEM – INSTRUCTION MANUAL
CHAPTER 5: SETTINGS
Default Units Minimum
permission
N/A - Administrator
Units Minimum
permission
3 - Administrator
3 min Administrator
0.0.0.0 - Administrator
514 - Administrator
Enabled - Administrator
Enabled - Administrator
Disabled - Supervisor
(Administrator
when Supervisor
is disabled)
No - Administrator
Enabled - Administrator to
enable and
Supervisor to
disable
- Administrator
Change Text The specified
Me1# role and
Administrator,
except for
Supervisor,
where it is only
itself