Produttore : Cisco Systems
File Size : 383.31 kb
File Nome : axg_admin_misc.pdf
|
Facilità d'uso
This information is often required when contacting Cisco support or to ensure that all appliances in a cluster are running the same software version. To obtain version information from the ACE XML appliance: Step 1 Log into the appliance shell as the root user. Step 2 In the Main Menu, choose the Advanced Options menu item. The Advanced Options menu appears. Step 3 Choose the Version Information menu item. The release identifier string appears as a banner at the top of the screen. In the center of the screen, the appliance displays version numbers of the currently-installed Gateway software, operating system kernel, Tarari XML coprocessor card firmware (this option information refers to a hardware add-on option that is no longer available), and nForce hardware keystore card firmware. Cisco ACE XML Gateway Administration Guide OL-13877-01 11-59 Chapter 11 Miscellaneous Administrative Tasks Creating Appliance User Accounts Creating Appliance User Accounts There are several types of user accounts in the system. Manager user accounts provide access to the ACE XML Manager web console interface. Another type of user account is used for accessing the ACE XML appliance command-line environment. These accounts, called operating system accounts, enable access to terminal sessions on the appliance, whether locally using a console connected to the appliance or remotely using secure shell (SSH). Each ACE XML appliance includes the built-in root account. The root user has broad privileges for performing operations on the ACE XML appliance. For security purposes, it is essential that access to the root account is controlled carefully. You can create additional login accounts to allocate limited administrative privileges to the appliance. User accounts also make it easier to audit configuration changes. There are two types of user accounts for the appliance: • Developer users access the appliance to install SDK extension • Operator users access the appliance to roll and retrieve log files Notice that the privileges in either case are very restrictive. For example, the menu-driven Shell interface is not available for either type of user. In both cases, they are restricted to the tasks listed. To create a new login account on the ACE XML appliance: Step 1 Log into the appliance shell as the root user. Step 2 In the Main Menu, choose the Advanced Options item. Step 3 Choose the Run Bash option on the Advanced Options page. Step 4 At the bash prompt, create one of the two user types as follows: • To create an operator user, enter the following command: reactivity-operator-add [username] “[description]” where: – [username] is the login name of the new operator user. – [description] is a brief description of the account's purpose. • To create a developer user, enter the following command: reactivity-developer-add [username] “[description]” where: – [username] is the login name of the new user. – [description] is a brief description of the account. Be sure to enclose the description with the double-quote character (") to ensure that the shell reads it correctly. Step 5 Enter a password for the new account. When prompted, confirm the password by entering it again. The new user can now log in to the shell interface. Step 6 Type exit to return to the administration menu. 11-60 Cisco ACE XML Gateway Administration Guide OL-13877-01 Chapter 11 Miscellaneous Administrative Tasks Backing Up and Restoring the System Backing Up and Restoring the System Working policies are extremely valuable documents, often the result of many hours of planning and configuration. They also contain important and sensitive information about your network. You should treat them with the same care that you use with any other sensitive, mission-critical data, including having a backup and disaster recovery plan. There are two approaches to backing up a system: • By archiving individual policies and storing them offline. This captures policy changes made in the Manager interface, but excludes configuration settings made on the appliance directly. • By backing up the state of the appliance with the backup command. This produces an archive file that contains the system state of the appliance, including configuration settings, policy, log files, and so on. Most people will choose to do both, storing individual policies as needed, and maintaining a regular schedule of system backups. Archiving individual policies can be accomplished from the ACE XML Manager web console. (For instructions on doing so, see the chapter “Exporting a Policy to a File” in the Cisco ACE XML Gateway User Guide.) This section describes how to back up the entire system. To back up a system or restore an appliance based on a previously saved backup, use the backup command on the appliance. The backup command is available on both Gateway systems and the Manager. When you run the command, it examines the files on the appliance for any differences to the original state, excluding those that are r...