Re: (ASCEND) Feature request - log security profiles

[Tim Basher <basher@alpha.CES.CWRU.Edu>]

> I haven't been able to find anything like this, so I'll phrase
> it as a feature request...

Phrasing it as a feature request to this mailing list doesn't really
change anything.  If you think something is important then either fill
out the online feature request form you can find on the Ascend WWW site
or talk to your salesperson.  Your salesperson is [supposed to be] your
best ally for this, since they can make a case for it within the company.

> We have several security profiles in use on our Ascend gear,
> and it would be quite useful to generate a syslog entry when-
> ever a profile other than default is invoked.

How does this differ from the new feature that is already present in the
6.0.0 release.

Syslog messages generated when Security profile activated
    
    This feature enables you to detect and handle unauthorized Telnet or
    serial-port sessions with the MAX.  When a user activates a Security
    profile, the MAX generates a Syslog message notifying you that the
    event occurred.
    
    New Syslog messages
    
    A user can activate a Security profile in a Telnet session or a serial-
    line COM port session by selecting the Security profile and specifying
    the proper password. When a user activates a Security profile, the new
    Syslog messages show the name of the Security profile, the IP address of
    the Telnet client or the COM port number, and the local IP address.
    
    The EventSyslog message has one of these formats:
    
    ^DP(assword)
     ASCEND: "<profile_name>" ... for <remote_IP> on <local_IP>
     ASCEND: "<profile_name>" ... from <COM_port> on <local_IP>
    
    *    The <profile_name> argument specifies the name of the activated
         Security profile.
    *    The <remote_IP> argument specifies the IP address of the Telnet
         client.
    *    The <local_IP> argument specifies the local IP address of the MAX.
    *    The <COM_port> argument specifies the COM port number for the
         session.
    
    On system login, the MAX does not generate a Syslog message for the
    Default Security profile; for all events other than system login,
    the MAX generates a Syslog message for the Default Security profile.
    If Syslog is enabled, messages at LEVEL_NOTICE appear when a user
    activates a Security profile and the MAX accepts the Security profile
    password.
    
    These two messages signal that a Telnet client has enabled a Security
    profile:
    
    Jan 10 10:05:17 eng-lab-141 ASCEND: "Full Access" security profile enabled for 206.65.212.9 on 192.168.6.141.
    Jan 10 10:07:26 eng-lab-141 ASCEND: "Default" security profile enabled for 206.65.212.23 on 192.168.6.141.
    
    This message signals that a COM port user has enabled the Full Access
    profile:
    
    Jan 10 10:03:52 eng-lab-141 ASCEND: "Full Access" security profile enabled from com port 0 on 192.168.6.141.
++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

---

• Prev by Date: Re: (ASCEND) Max 4004 and Merit Radius
• Next by Date: RE: (ASCEND) snmp query of digital calls
• Prev by thread: (ASCEND) Feature request - log security profiles
• Next by thread: (ASCEND) Max 4004 and Merit Radius
• Index(es):
  • Main
  • Thread