Controlling user access ·············································································································································· 40
FIPS compliance ····························································································································································· 40
Controlling Telnet/SSH logins ······································································································································ 40
Configuration procedures ····································································································································· 40
Configuration example ········································································································································· 41
Controlling SNMP access·············································································································································· 41
Configuration procedure ······································································································································ 41
Configuration example ········································································································································· 42
Configuration procedure ······································································································································ 43
Configuration example ········································································································································· 44
Configuring command accounting ······························································································································· 46
Configuration procedure ······································································································································ 46
Configuration example ········································································································································· 47
Configuring RBAC ······················································································································································ 50
Overview ········································································································································································· 50
Permission assignment ·········································································································································· 50
User role assignment ············································································································································· 52
FIPS compliance ····························································································································································· 53
Configuration task list ···················································································································································· 53
Creating user roles ························································································································································· 53
Configuring user role rules ············································································································································ 54
Configuration procedure ······································································································································ 54
Configuring feature groups ··········································································································································· 55
Assigning user roles ······················································································································································· 57
Configuration guidelines ······································································································································ 59
Displaying RBAC settings ·············································································································································· 61
RBAC configuration examples ······································································································································ 61
Troubleshooting RBAC ··················································································································································· 69
Configuring FTP ·························································································································································· 71
FIPS compliance ····························································································································································· 71
Using the device as an FTP server ································································································································ 71
Configuring basic parameters ····························································································································· 72
ii