1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Server
  5. SSG5
  6. Manual

Roles And Services - Juniper SSG 5 Manual

Hide thumbs Also See for SSG 5:
Table of Contents

Advertisement

Physical Security
Operational Environment
Cryptographic Key Management
EMI/EMC
Self-Tests
Design Assurance
Mitigation of Other Attacks

Roles and Services

The security appliance supports three distinct roles:
Cryptographic Officer (Root): The device allows one Crypto-Officer. This role is assigned to
the first operator who logs on to the device using the default admin name and password
(netscreen, netscreen). Only the Crypto-Officer can create other administrators, change the
device to operate in FIPS mode and apply the tamper-evident seals.
User (Admin): This role can configure specific security policies. These policies provide the
device with information on how to operate. For example, configuring access policies and VPN
encryption with Triple-DES). This role does not have the ability to create other administrators.
Read-Only User (Admin): This role can only perform a limited set of services to retrieve
information or status. This role cannot perform services to configure the device.
The security appliance offers the following services:
Configuration: Configure firewall policies (including the bypass service), VPN encryption and
digital signature options, network interface options, routing tables, protocol support,
authentication servers, logging options and system time. Clear dynamic system information
such as statistics or VPN security associations.
Status: View firewall policies, VPN configuration, traffic and performance statistics, firmware
version, network interface status and system logs. Perform ping and trace-route.
Zeroize: Overwrite all CSP values with three alternating bit patterns, then reset the
configuration to the factory default values. Also occurs when placing the device into or
removing it from FIPS mode.
Manage: Create new users.
Self-tests: Invoke cryptographic algorithm and system integrity self-tests.
The module allows concurrent Admin users, either User or Read-Only User roles. It provides the
following services for each role:
Table 2: Roles and services summary
Service
Configure
Status
Zeroize
Manage
Juniper Networks SSG 5 and SSG 20 Security Policy
2
N/A
2
2
2
2
N/A
Cryptographic
User
Officer
Y
Y
Y
Y
Y
N
Y
N
Read-only
User
N
Y
N
N
5
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Juniper SSG 5

Related Content for Juniper SSG 5

This manual is also suitable for:

Ssg 20

Table of Contents