Table of Contents
Advertisement
Configuring Software Authentication Manager
on Cisco IOS XR Software
Software Authentication Manager (SAM) is a component of the Cisco IOS XR software operating
system that ensures that software being installed on the router is safe, and that the software does not run
if its integrity has been compromised.
For SAM to verify software during installation, the software to be installed must be in a PIE format. PIEs
are digitally signed and SAM verifies the digital signature before allowing bits from that PIE to reside
on the router. Each time an installed piece of software is run, SAM ensures that the integrity of the
software has not been compromised since it was installed. SAM also verifies that software preinstalled
on a flash card has not been tampered with while in transit.
When the initial image or a software package update is loaded on the router, SAM verifies the validity
of the image by checking the expiration date of the certificate used to sign the image. If an error message
is displayed indicating that your certificate has expired, check the system clock and verify that it is
accurate. If the system clock is not set correctly, the system does not function properly. For information
on setting the system clock, see the clock set command in the Clock Commands on Cisco IOS XR
Software module in the Cisco IOS XR System Management Command Reference.
For information on SAM commands, see the Software Authentication Manager Commands on
Cisco IOS XR Software module in the Cisco IOS XR System Security Command Reference.
Cisco IOS XR System Security Configuration Guide
SC-225
Hide quick links:
Advertisement
Chapters
Table of Contents
