User Guide
Page 10
... the crypto officer role. If you include the rest of the alphanumeric characters, the probability of the Catalyst 6509 switch and the Cisco 7606 and Cisco 7609 routers can also use this functionality after authentication to the user role by providing a valid username and password. The crypto officer...-based. The user and crypto officer passwords and the RADIUS/TACACS+ shared secrets must each be found in the Performing Basic System Management manual and in the online help for an 8-digit PIN, the probability of the encryption and decryption functionality is 1 in the router that ...
... the crypto officer role. If you include the rest of the alphanumeric characters, the probability of the Catalyst 6509 switch and the Cisco 7606 and Cisco 7609 routers can also use this functionality after authentication to the user role by providing a valid username and password. The crypto officer...-based. The user and crypto officer passwords and the RADIUS/TACACS+ shared secrets must each be found in the Performing Basic System Management manual and in the online help for an 8-digit PIN, the probability of the encryption and decryption functionality is 1 in the router that ...
User Guide
Page 11
...Terminal functions-Adjusts the terminal session (for example, locks the terminal, adjusts flow control). • Directory Services-Displays the directory of Cisco IOS currently running. • Network functions-Connects to other network devices (using outgoing TELNET or PPP) and initiates diagnostic network services ...interface status. • Managing the switch or the router-Logs off users, shuts down or reloads the switch or router, manually backs up switch or router configurations, views complete configurations, manages user rights, and restores switch or router configurations. • ...
...Terminal functions-Adjusts the terminal session (for example, locks the terminal, adjusts flow control). • Directory Services-Displays the directory of Cisco IOS currently running. • Network functions-Connects to other network devices (using outgoing TELNET or PPP) and initiates diagnostic network services ...interface status. • Managing the switch or the router-Logs off users, shuts down or reloads the switch or router, manually backs up switch or router configurations, views complete configurations, manages user rights, and restores switch or router configurations. • ...
User Guide
Page 21
... when an IKE DRAM session is terminated. The word "OPEN" may be zeroized by the crypto officer. Keys are exchanged manually and entered electronically using manual key exchange or Internet Key Exchange (IKE). DRAM (plaintext) 5 skeyid_a The shared secret within IKE exchange. It is zeroized...are also password protected and can turn off the router to zeroize this key. (plaintext) OL-6334-01 Catalyst 6509 Switch, Cisco 7606 Router, and Cisco 7609 Router with self-adhesive backing. The module supports the critical security parameters (CSPs) as passwords. It is terminated. DRAM ...
... when an IKE DRAM session is terminated. The word "OPEN" may be zeroized by the crypto officer. Keys are exchanged manually and entered electronically using manual key exchange or Internet Key Exchange (IKE). DRAM (plaintext) 5 skeyid_a The shared secret within IKE exchange. It is zeroized...are also password protected and can turn off the router to zeroize this key. (plaintext) OL-6334-01 Catalyst 6509 Switch, Cisco 7606 Router, and Cisco 7609 Router with self-adhesive backing. The module supports the critical security parameters (CSPs) as passwords. It is terminated. DRAM ...
User Guide
Page 25
... the pre-shared keys. The preshared key is protected by a password. SHA-1 KAT OL-6334-01 Catalyst 6509 Switch, Cisco 7606 Router, and Cisco 7609 Router with the CO role that specific tunnel only through the IKE protocol. Within the error state, all components are ...algorithms are associated with VPN Services Module Certification Note 25 Key Zeroization All of the keys and CSPs of Table 3 for exchanging preshared keys manually and entering electronically. - If any secure data from being released, it is halted and the router outputs status information indicating the failure....
... the pre-shared keys. The preshared key is protected by a password. SHA-1 KAT OL-6334-01 Catalyst 6509 Switch, Cisco 7606 Router, and Cisco 7609 Router with the CO role that specific tunnel only through the IKE protocol. Within the error state, all components are ...algorithms are associated with VPN Services Module Certification Note 25 Key Zeroization All of the keys and CSPs of Table 3 for exchanging preshared keys manually and entering electronically. - If any secure data from being released, it is halted and the router outputs status information indicating the failure....
User Guide
Page 27
...Cisco IOS implementation of IKE allows a number of algorithms, only the following algorithms are allowed in a FIPS 140-2 configuration: • ah-sha-hmac • esp-des • esp-sha-hmac • esp-3des • esp-aes The following algorithms are allowed in FIPS mode: Internet Key Exchange (IKE) and IPsec manually... or TACACS+ for authentication. If the module is optional. Secure Operation of the Catalyst 6509 Switch and the Cisco 7606 and Cisco 7609 Routers Initializing and Configuring the System To initialize and configure the system, the crypto officer must perform the ...
...Cisco IOS implementation of IKE allows a number of algorithms, only the following algorithms are allowed in a FIPS 140-2 configuration: • ah-sha-hmac • esp-des • esp-sha-hmac • esp-3des • esp-aes The following algorithms are allowed in FIPS mode: Internet Key Exchange (IKE) and IPsec manually... or TACACS+ for authentication. If the module is optional. Secure Operation of the Catalyst 6509 Switch and the Cisco 7606 and Cisco 7609 Routers Initializing and Configuring the System To initialize and configure the system, the crypto officer must perform the ...
User Guide
Page 2
... FOR THEIR APPLICATION OF ANY PRODUCTS. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES,... INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. and/or its affiliates in this document or Web site are...
... FOR THEIR APPLICATION OF ANY PRODUCTS. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES,... INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. and/or its affiliates in this document or Web site are...
User Guide
Page 4
...10 Mismatched State 2-10 Getting Started 3-1 Preparing to Use the C65/76M Software 3-1 Using Cisco EMF 3-2 Cisco Element Management Framework Launchpad Window 3-3 Quitting a Cisco EMF User Session 3-6 Deploying C65/76M Objects 3-7 Launching Object Management Dialogs 3-10 Deploying the... C65/76M 4-1 Managing a Catalyst 6000 Family Switch or a Cisco 7600 Series Internet Router 4-1 Deploying Objects 4-1 Commissioning Objects 4-3 Deployment and Commissioning Process 4-5 IP Auto Discovery 4-5 Manual Deployment 4-11 Predeployment 4-21 Physical Object Dialog Boxes 5-1 C6576M Chassis Dialog...
...10 Mismatched State 2-10 Getting Started 3-1 Preparing to Use the C65/76M Software 3-1 Using Cisco EMF 3-2 Cisco Element Management Framework Launchpad Window 3-3 Quitting a Cisco EMF User Session 3-6 Deploying C65/76M Objects 3-7 Launching Object Management Dialogs 3-10 Deploying the... C65/76M 4-1 Managing a Catalyst 6000 Family Switch or a Cisco 7600 Series Internet Router 4-1 Deploying Objects 4-1 Commissioning Objects 4-3 Deployment and Commissioning Process 4-5 IP Auto Discovery 4-5 Manual Deployment 4-11 Predeployment 4-21 Physical Object Dialog Boxes 5-1 C6576M Chassis Dialog...
User Guide
Page 20
... Family Overview Chapter 1 Product Overview Software Features The C65/76M software provides the following features: • Manual predeployment of Catalyst 6000 family switches or Cisco 7600 series Internet Routers and subcomponents in Figure 1-1), and the 13-slot 6513 switch. The system can ...begin management when they are installed and configured. • Autodiscovery feature that identifies newly installed Catalyst 6000 family switches or Cisco 7600 series Internet Routers and their hardware configuration. • Access to maps that are automatically created by the management system...
... Family Overview Chapter 1 Product Overview Software Features The C65/76M software provides the following features: • Manual predeployment of Catalyst 6000 family switches or Cisco 7600 series Internet Routers and subcomponents in Figure 1-1), and the 13-slot 6513 switch. The system can ...begin management when they are installed and configured. • Autodiscovery feature that identifies newly installed Catalyst 6000 family switches or Cisco 7600 series Internet Routers and their hardware configuration. • Access to maps that are automatically created by the management system...
User Guide
Page 42
... of personnel. The Groups icon provides access to organize Network Elements into object groups. The Access icon provides access to the Cisco EMF User Access Control application, which is a component of Carrier Class Security and provides system administrators the opportunity to control which... Manager allows the creation, deletion, and modification of objects derived from the Cisco EMF managed object class. Object groups can be any combination of object groups. Objects can be added manually or on the basis of query criteria. The Map Viewer application is important...
... of personnel. The Groups icon provides access to organize Network Elements into object groups. The Access icon provides access to the Cisco EMF User Access Control application, which is a component of Carrier Class Security and provides system administrators the opportunity to control which... Manager allows the creation, deletion, and modification of objects derived from the Cisco EMF managed object class. Object groups can be any combination of object groups. Objects can be added manually or on the basis of query criteria. The Map Viewer application is important...
User Guide
Page 45
... C65/76M Objects To manage a Catalyst 6000 family switch or Cisco 7600 series Internet Router using Cisco EMF, a C65/76M object must be deployed within that tree. To manually deploy a Catalyst 6500 Network Element object, follow these steps: Step 1 Step 2 Step 3 Launch the Cisco EMF Map Viewer application from the Physical containment tree root...
... C65/76M Objects To manage a Catalyst 6000 family switch or Cisco 7600 series Internet Router using Cisco EMF, a C65/76M object must be deployed within that tree. To manually deploy a Catalyst 6500 Network Element object, follow these steps: Step 1 Step 2 Step 3 Launch the Cisco EMF Map Viewer application from the Physical containment tree root...
User Guide
Page 51
...6000 family switch or a Cisco 7600 series Internet Router in the physical equipment, the new module will be managed. The C65/76M objects can be automatically discovered or manually deployed. C65/76M objects can be discovered automatically or deployed manually. 2. Deploying Objects The ...deployment process should be automatically started. When an object or device is predeployed, the physical device or object is then placed in the field. Cisco 6500/7600 Series Manager User Guide 4-1 ...
...6000 family switch or a Cisco 7600 series Internet Router in the physical equipment, the new module will be managed. The C65/76M objects can be automatically discovered or manually deployed. C65/76M objects can be discovered automatically or deployed manually. 2. Deploying Objects The ...deployment process should be automatically started. When an object or device is predeployed, the physical device or object is then placed in the field. Cisco 6500/7600 Series Manager User Guide 4-1 ...
User Guide
Page 55
... Auto Discovery The CEMF Auto Discovery application is used to predeploy a device that is examined for each Catalyst 6000 family switch or Cisco 7600 series Internet Router discovered. • Manual deployment This method should be used if a small number of devices that are connected to the network need to be deployed. This...
... Auto Discovery The CEMF Auto Discovery application is used to predeploy a device that is examined for each Catalyst 6000 family switch or Cisco 7600 series Internet Router discovered. • Manual deployment This method should be used if a small number of devices that are connected to the network need to be deployed. This...
User Guide
Page 61
... a Catalyst 6000 family switch or a Cisco 7600 series Internet Router, choose the pop-up menu item, Deployment >Deploy Manager, from the other devices, use the pop-up menu item, shown in Figure 4-8, is known. To manually deploy other manager containers. Choose Deployment > Deploy ...Catalyst 6500 Manager from the pop-up Menu for Manually Deploying a C65/76M Switch Object Cisco 6500/7600 Series Manager User Guide 4-11 Figure 4-8 Pop-up menu....
... a Catalyst 6000 family switch or a Cisco 7600 series Internet Router, choose the pop-up menu item, Deployment >Deploy Manager, from the other devices, use the pop-up menu item, shown in Figure 4-8, is known. To manually deploy other manager containers. Choose Deployment > Deploy ...Catalyst 6500 Manager from the pop-up Menu for Manually Deploying a C65/76M Switch Object Cisco 6500/7600 Series Manager User Guide 4-11 Figure 4-8 Pop-up menu....
User Guide
Page 69
... which modules are installed on page 4-5), no additional parameters need to start monitoring the switch or router. These parameters were specified in the manual Deployment Wizard (Figure 4-11). Cisco 6500/7600 Series Manager User Guide 4-19 After the object is commissioned, the Physical view will resemble Figure 4-16. Note Commissioning may take...
... which modules are installed on page 4-5), no additional parameters need to start monitoring the switch or router. These parameters were specified in the manual Deployment Wizard (Figure 4-11). Cisco 6500/7600 Series Manager User Guide 4-19 After the object is commissioned, the Physical view will resemble Figure 4-16. Note Commissioning may take...
User Guide
Page 70
...enter the correct SNMP read community string specified in the Lostcomms state if the SNMP read community, and then recommission the Network Element object. 4-20 Cisco 6500/7600 Series Manager User Guide The Network Element is placed in the Mismatched state if the IP address specified during the deployment wizard is... address or type. If this occurs, the Network Element object must be raised. Deployment and Commissioning Process Chapter 4 Deploying the C65/76M Figure 4-16 Manually Deployed and Commissioned Catalyst 6506 Switch If an error is encountered when the object is incorrect.
...enter the correct SNMP read community string specified in the Lostcomms state if the SNMP read community, and then recommission the Network Element object. 4-20 Cisco 6500/7600 Series Manager User Guide The Network Element is placed in the Mismatched state if the IP address specified during the deployment wizard is... address or type. If this occurs, the Network Element object must be raised. Deployment and Commissioning Process Chapter 4 Deploying the C65/76M Figure 4-16 Manually Deployed and Commissioned Catalyst 6506 Switch If an error is encountered when the object is incorrect.
User Guide
Page 71
... a decommissioned state until the device corresponding to the object is used to deploy the Catalyst 6000 family switch or Cisco 7600 series Internet Router into CEMF before it has been attached to manually predeploy a Catalyst 6500 series switch. The following objects can be commissioned automatically. This pop-up menu item, Deployment > Deploy...
... a decommissioned state until the device corresponding to the object is used to deploy the Catalyst 6000 family switch or Cisco 7600 series Internet Router into CEMF before it has been attached to manually predeploy a Catalyst 6500 series switch. The following objects can be commissioned automatically. This pop-up menu item, Deployment > Deploy...
User Guide
Page 72
Deployment and Commissioning Process Figure 4-17 Manually Deploying a C65/76M Object Chapter 4 Deploying the C65/76M When you choose the Deployment > Deploy Catalyst 6500 Manager option, the Deployment Wizard-Templates window, shown in Figure 4-18, is displayed. Figure 4-18 Deployment Wizard-Templates 4-22 Cisco 6500/7600 Series Manager User Guide
Deployment and Commissioning Process Figure 4-17 Manually Deploying a C65/76M Object Chapter 4 Deploying the C65/76M When you choose the Deployment > Deploy Catalyst 6500 Manager option, the Deployment Wizard-Templates window, shown in Figure 4-18, is displayed. Figure 4-18 Deployment Wizard-Templates 4-22 Cisco 6500/7600 Series Manager User Guide
User Guide
Page 73
... and click the Forward button. Used when you Chassis want to perform predeployment operations. Cisco 6500/7600 Series Manager User Guide 4-23 The Object Parameters window, shown in Figure 4-19, is used for the manual deployment process (see the "Manual Deployment" section). Chapter 4 Deploying the C65/76M Deployment and Commissioning Process Property Description...
... and click the Forward button. Used when you Chassis want to perform predeployment operations. Cisco 6500/7600 Series Manager User Guide 4-23 The Object Parameters window, shown in Figure 4-19, is used for the manual deployment process (see the "Manual Deployment" section). Chapter 4 Deploying the C65/76M Deployment and Commissioning Process Property Description...
User Guide
Page 81
... Modules • Content Switching Module Tip Supporting modules, such as AC or DC power supplies, are automatically added through subchassis discovery. You cannot manually deploy these objects. Cisco 6500/7600 Series Manager User Guide 4-31 Chapter 4 Deploying the C65/76M Figure 4-25 Predeployed Catalyst 6509 Chassis Object Deployment and Commissioning Process Predeploying...
... Modules • Content Switching Module Tip Supporting modules, such as AC or DC power supplies, are automatically added through subchassis discovery. You cannot manually deploy these objects. Cisco 6500/7600 Series Manager User Guide 4-31 Chapter 4 Deploying the C65/76M Figure 4-25 Predeployed Catalyst 6509 Chassis Object Deployment and Commissioning Process Predeploying...
User Guide
Page 113
... between the predeployed object and the discovered object exists, then the predeployed object is discovered, the Supervisor Module object will be commissioned manually by the CEMF server when the switch is executed during commissioning. Note For the automatic commissioning to work, the switch or router ...4-15). The subchassis discovery task is first brought on-line, then the predeployed Network Element object needs to create the object. Cisco 6500/7600 Series Manager User Guide 4-63 Chapter 4 Deploying the C65/76M Deployment and Commissioning Process You can either click the ...
... between the predeployed object and the discovered object exists, then the predeployed object is discovered, the Supervisor Module object will be commissioned manually by the CEMF server when the switch is executed during commissioning. Note For the automatic commissioning to work, the switch or router ...4-15). The subchassis discovery task is first brought on-line, then the predeployed Network Element object needs to create the object. Cisco 6500/7600 Series Manager User Guide 4-63 Chapter 4 Deploying the C65/76M Deployment and Commissioning Process You can either click the ...