1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Router
  5. ASR 1000 Series
  6. Common criteria operational user guidance and preparative procedures

Clock Management; Identification And Authentication; Login Banners; Virtual Private Networks (Vpn) - Cisco ASR 1000 Series Common Criteria Operational User Guidance And Preparative Procedures

Aggregation services router
Hide thumbs Also See for ASR 1000 Series:
Table of Contents

Advertisement

Note: Details for the password encryption aes command can be found in the: [10] Under
Reference Guides  Command References  Security and VPN  See manual Cisco IOS
Security Command Reference: Commands M to R.

4.3 Clock Management

Clock management is restricted to the privileged administrator.
[15] contains information on setting the local hardware clock or NTP sources. When Network
Time Protocol (NTP) is configured, the time is synchronized with a NTP server over NTPv3.
NTP runs on UDP, which in turn runs on IP. NTP Version 3 (NTPv3) is documented in RFC
1305.

4.4 Identification and Authentication

Configuration of Identification and Authentication settings is restricted to the privileged
administrator.
The ASR can be configured to use any of the following authentication methods:
 Remote authentication (RADIUS)
o Refer to "Authentication Server Protocols" elsewhere in this document for more
details.
 Local authentication (password or SSH public key authentication);
o Note: this should only be configured for local fallback if the remote authentication
server is not available.
 X.509v3 certificates
o Refer to "X.509 Certificates" in Section Error! Reference source not
found.below for more details.

4.5 Login Banners

The TOE may be configured by the privileged administrators with banners using the banner
login command. This banner is displayed before the username and password prompts. To create
a banner of text "This is a banner" use the command
banner login ^c This is a banner ^c
where c is the delimiting character. The delimiting character may be any character except ?, and
it must not be part of the banner message.

4.6 Virtual Private Networks (VPN)

4.6.1

IPsec Overview

The TOE allows all privileged administrators to configure Internet Key Exchange (IKE) and
IPSEC policies. IPsec provides the following network security services:
Page 30 of 72
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cisco ASR 1000 Series

Related Content for Cisco ASR 1000 Series

This manual is also suitable for:

Asr 1001Asr 1002xAsr 1004Asr 1006Asr 1013Asr 1001hx ... Show all

Table of Contents