Chapter 3: System planning
Security planning
Page 3-43
Planning for HTTPS operation
Before starting to configure HTTPS operation, ensure that the cryptographic material listed in
Table 82
is
available.
Table 82
HTTPS security material
Item
Description
Quantity required
User Defined Security
Banner
The banner provides warnings and notices to
be read by the user before logging in to the
ODU. Use text that is appropriate to the
network security policy.
Normally one per link.
This depends upon
network policy.
Port numbers for HTTP,
HTTPS and Telnet
Port numbers allocated by the network.
As allocated by network.
Planning for SNMPv3 operation
SNMP security mode
Decide how SNMPv3 security will be configured.
MIB-based security management uses standard SNMPv3 MIBs to configure the user-based security
model and the view-based access control model. This approach provides considerable flexibility, allowing
a network operator to tailor views and security levels appropriate for different types of user. MIB-based
security management may allow a network operator to take advantage of built-in security management
capabilities of existing network managers.
Web-based security management allows an operator to configure users, security levels, privacy and
authentication protocols, and passphrases using the 450 Platform Family web-based management
interface. The capabilities supported are somewhat less flexible than those supported using the MIB-
based security management, but will be sufficient in many applications. Selection of web-based
management for SNMPv3 security disables the MIB-based security management. 450 Platform Family
does not support concurrent use of MIB-based and web-based management of SNMPv3 security.
Web-based management of SNMPv3 security
Initial configuration of SNMPv3 security is available only to HTTP or HTTPS user accounts with security
role of Security Officer.
Identify the format used for SNMP Engine ID. The following formats are available:
MAC address (default)
5 and 32 hex characters (the hex character input is driven by RFC 3411 recommendations on the
Engine ID)
Identify the user names and security roles of initial SNMPv3 users. Two security roles are available:
Summary of Contents for PMP 450 AP
Page 1: ...33F Cambium 450 Platform User Guide System Release 15 2 pass...
Page 14: ...Contents Page xii 450m overload I Glossary III...
Page 104: ...Chapter 2 System hardware Cabling Page 2 40...
Page 157: ...Chapter 3 System planning Radio Frequency planning Page 3 24 Figure 49 Sector Antenna...
Page 158: ...Chapter 3 System planning Radio Frequency planning Page 3 25 Figure 50 cnMedusa Antenna...