A
PPENDIX
G:
FAQ
S
249
Q
UESTION
A
NSWER
If we had more than 1,000
users, how would this be
managed? That is, do you
support Active Directory?
CC-SG works with Microsoft Active Directory, Sun iPlanet or
Novell eDirectory. If a user account already exists in an
authentication server, then CC-SG supports remote
authentication using
AD/ /RADIUS/LDAP
authentication.
What options are available
for authentication with
directory services and
security tools such as
LDAP, AD, RADIUS, etc.
CC-SG permits local authentication as well remote
authentication.
Remote authentication servers supported include: AD,
, RADIUS, and LDAP.
Security
Sometimes when I try to
log on, I receive a message
that states my “login is
incorrect” even though I am
sure I am entering the
correct User Name and
Password. Why is this?
There is a session-specific ID that is sent out each time you
begin to log on to CC-SG. This ID has a time-out feature, so if
you do not log on to the unit before the time-out occurs, the
session ID becomes invalid. Performing a
Shift-Reload
refreshes the page from CC-SG. Or, you may close the current
browser, open a new browser, and log on again. This provides
an additional security feature so that no one can recall
information stored in the Web cache to access the unit.
How is a password secure?
Passwords are encrypted using MD5 encryption, which is a one-
way hash. This provides additional security to prevent
unauthorized users from accessing the password list.
Sometimes I receive a “No
longer logged in” message
when I click on any menu
in CC-SG, after leaving my
workstation idle for a
period of time. Why?
CC-SG times each user session. If no activity happens for pre-
defined period of time, CC-SG logs the user out. The length of
the time period is pre-set to 60 minutes, but can be reconfigured.
It is recommended that users
exit
CC-SG when they finish an
operation.
As Raritan has Root access
to server, this may
potentially cause issue with
Government bodies. Can
customers also have root
access or can Raritan
provide a method of
auditability /
accountability?
No party will have root access to server once the unit is shipped
out of Raritan, Inc.
Is SSL encryption internal
as well as external (not just
WAN, but LAN, too)?
Both. The session is encrypted regardless of source, i.e.
LAN/WAN.
Does CC-SG support CRL
List, that is, LDAP list of
invalid certificates?
No.
Does CC-SG support Client
Certificate Request?
No.
Accounting
The event times in the
Audit Trail report seem
incorrect. Why?
Log event times are logged according to the time settings of the
computer that CC-SG is installed on. You can correct this by
adjusting the computer’s time and date settings.
Can audit/logging abilities
Direct power switch-off is not logged, but the power on -off
Summary of Contents for Command Center CC-SG
Page 2: ...This page intentionally left blank...
Page 16: ......
Page 34: ...18 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Page 64: ...48 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Page 122: ...106 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Page 168: ...152 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Page 252: ......
Page 254: ...238 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Page 258: ...242 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Page 260: ...244 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Page 268: ...252 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE 255 80 5140 00...
Page 269: ...APPENDIX G FAQS 253...