SIOM Overview
522
NE2552E Application Guide for ENOS 8.4
In networking solutions, a new approach about adopting a security level on
Input/Output modules has been developed. This security level encompasses
secured authentication management and only allows secure traffic and protocols.
IOMs can be classified into two security categories:
Legacy Input/Output Modules (LIOMs)
LIOMs are not capable of provisioning any security policy setting. All IOMs
developed before the SIOM feature was introduced are of type LIOM.
Secure Input/Output Modules (SIOMs)
SIOMs have security characteristics that allow them to integrate the network
assigned security policy.
For IOM to be in SIOM mode, both the IOM and the CMM (Chassis Management
Module) containing it must be running SIOM‐capable software, and the IOM must
have SIOM enabled. In all other cases, the IOM operates in LIOM mode.
When the IOM is in SIOM mode, the security characteristics configured on the
CMM are sent to the IOM. These characteristics can be divided into the following
categories:
Policy setting
User Account Management
Secure LDAP (LDAPS) authentication
To see whether SIOM is enabled on the IOM, use the following command:
NE2552E(config)# show boot siom
Current SIOM setting: disabled
Saved SIOM setting:
This shows both the current SIOM setting and the saved setting that will be applied
after reboot.
SIOM is disabled by default. To enable SIOM on the switch, in Global
Configuration mode, enter:
NE2552E(config)# boot siom enable
To disable SIOM, enter:
NE2552E(config)# no boot siom enable
Note: You must reboot the switch for SIOM settings to take effect.
disabled