58 BSGX4e Business Gateway User Guide
NN47928-102 Release 01.01
n Authenticates the entered password by using either strong password hashing
(SHA) or external authentication through a Radius server.
n Never stores passwords in clear text.
Tracks log on attempts:
n Locks out the console port after three failed log on attempts.
n Keeps a log of all failed log on attempts and logouts.
Can limit user accounts to specific access methods, including CLI, Web UI,
Telnet, SSH, and/or File Transfer Protocol (FTP).
Lists who is currently logged in to the system:
n User list includes their access methods and their IP addresses, if any.
n Multiple users can log on simultaneously.
Supports management of users by user groups:
n Users can belong to more than one group.
n Each user management element (user accounts, user groups, and associated
rights records) can be added, edited, and deleted independently.
n Can assign rights to read and/or write access by user account and by user
group.
n Enforces who has access to which modules in the system, using specified
access methods and under what conditions.
Provides an audit log that records:
n Account activities.
n Logins and logouts.
n All failed log on attempts.
Password Entry
All access to the BSGX4e unit requires the entry of a valid user ID and password. The
factory settings for the unit define two user IDs:
nnadmin with initial password PlsChgMe!
user with initial password netcat
The installation procedure recommends that these passwords be changed
immediately.
NOTE: For security reasons, it is recommended that all passwords be changed
on a regular basis.
Failed log on Attempts
A user can attempt to log on from the console port three times. If the user log on
fails all three times, the console is locked out, and no one can log on to the console
port for the next fifteen minutes or until the unit is restarted by a power recycle.
When attempting to log on remotely through Telnet or SSH, the user is given three
log on attempts, and then the session is ended.
