3
U
SER
M
ANAGEMENT
This chapter describes how to control access to the BSGX4e unit:
password entry
adding and removing users
setting up groups
assigning permission to users and to groups
authentication using a Radius server or a TACACS+ server
IMPORTANT: The security of the BSGX4e unit depends on password security. To
ensure secure access to the unit, change passwords regularly and
keep them secure.
NOTE: To perform user management functions that change the user
management database, you must log on with a user ID that has both read
and write access. The pre-defined user ID nnadmin has all access rights.
User Management Features
The user management functions determine who can access the BSGX4e unit and
whether the user can change the configuration of the unit or just display
information stored in it.
User access is controlled both at logon and after log on:
At log on, user access is determined by the user ID and password:
n The user ID determines if the access method is allowed (for example, remote
access can be denied to the user).
n The password must be authenticated (either internally or externally) before
access is allowed.
After log on, the user's access rights limit what the user can do.
You can perform user management functions through a console directly connected to
the unit or remotely by using Telnet or SSH. In both cases, you must log on with a
valid user account. You can also perform user management functions by using the
Command Line Interface (CLI) or the Web user interface (Web UI). For information
about using Web UI, see “Web User Interface” (page 379).
The following is a summary of user management functions:
Requires log on with a valid user ID and password:
