03 Security Management

OptiX iManager T2000 Operation Manual for SDH Contents

Huawei Technologies Proprietary

i

Contents

3 Security Management 3-1

3.1 Creating NE User and Assigning Authority 3-2

3.2 Managing NE Login 3-3

3.2.1 Switching NE User 3-3

3.2.2 Forcing NE User to Log out NE 3-4

3.2.3 Locking NE Login 3-4

3.2.4 Locking NE Settings 3-5

3.2.5 Setting NE Security Parameters 3-6

3.2.6 Browsing NE Security Log 3-7

3.3 Creating NM User 3-9

3.3.1 Adding Operation Set 3-9

3.3.2 Adding Equipment Set 3-10

3.3.3 Adding NM User Group 3-11

3.3.4 Modifying Authority of NM User Group 3-11

3.3.5 Creating NM User and Assign Authority 3-13

3.3.6 Slightly Adjusting Authority of NM User 3-14

3.3.7 Modifying General User Attribute 3-15

3.3.8 Enabling Remote Maintenance User 3-16

3.4 Managing T2000 Login 3-17

3.4.1 Locking T2000 Client Screen 3-17

3.4.2 Switching NM User 3-17

3.4.3 Switching Between Single User Mode and Multi-user Mode 3-17

OptiX iManager T2000 Operation Manual for SDH Contents


ii

3.4.4 Forcing Other Users to Exit T2000 3-18

3.4.5 Modifying NM Users Password 3-19

OptiX iManager T2000 Operation Manual for SDH 3 Security Management


3-1

3 Security Management This chapter introduces some security management tasks of the T2000.

The following tasks are described:

Creating NE User and Assigning Authority

Managing NE Login

Creating NM User

Managing T2000 Login



3-2

3.1 Creating NE User and Assigning Authority

Purpose

Use this procedure to create NE user and assign its authority.

Prerequisite

Super NM user: admin.

Procedure

Step Action 1 Select [System/NE Security Management/NE User Management]

from the Main Menu.

2 In the lower-left pane, select the appropriate NE and click the double-right-arrow button (red).

3 Click . The Add NE User dialog box is displayed.

4 Enter the information of the newly created user in the Add NE User dialog box.

5 Click or .

6 Repeat this procedure to create as many NE users as necessary.



3-3

3.2 Managing NE Login

3.2.1 Switching NE User

Purpose

Use this procedure to switch NE user.

Prerequisites

NM user with the authority of system maintainer or above.

The NE user has been created.

The NE user has been logged in.

Procedure

Step Action 1 Select [System/NE Security Management/NE Login Management]

from the Main Menu.


3 Click to query the current NE user.

4 Click , or right-click an NE entry and select [Switch NE User]. The Switch Current NE User dialog box is displayed.

5 Enter the information of User and Password in the Switch Current NE User combo box.

6 Click .

7 Repeat this procedure to switch as many NE users as necessary.



3-4

3.2.2 Forcing NE User to Log out NE

Purpose

Use this procedure to force NE user to log out NE.

Prerequisites

NM user with the authority of "system maintainer" or above.

The NE user has been created.

The NE user has been logged in.

Procedure

Step Action 1 Select [System/NE Security Management/NE Login Management]

from the Main Menu.

2 In the lower-left pane, select the appropriate NEs and click the double-right-arrow button (red).

3 Select the NE entry. Click or right-click it and select [Logout]

4 The Operation Result dialog box is displayed and indicates operation succeeded.

5 Repeat this procedure to lock as many NE users as necessary.

3.2.3 Locking NE Login

Purpose

Use this procedure to lock NE login.

Prerequisites


The current NE user has the highest level in all login NE users.

Procedure

Step Action 1 Select [System/NE Security Management/NE Login Lock] from the

Main Menu.



3-5

Step Action 2 In the lower-left pane, select the appropriate NEs and click the

double-right-arrow button (red).

3 Click to query the Login Lock Status.

4 If the value of Login Lock Status is Unlocked, select it and click or right-click it and select [Lock Login].


3.2.4 Locking NE Settings

Purpose

Use this procedure to lock NE settings.

Prerequisite


Procedure

Step Action 1 Select [System/NE Security Management/NE Setting Lock] from the

Main Menu.


3 Click to query the Set Lock Status.



3-6

Step Action 4 If the value of Set Lock Status is No, select it and click or right-click it and select [Lock Settings]. The Set Lock Window dialog box is displayed.

5 Select Permanent Locking check box for permanent locking of the current NE settings or enter the value of Duration (10-10000) seconds for temporary locking. Click .


3.2.5 Setting NE Security Parameters

Purpose

Use this procedure to set and update NE security parameters.

Prerequisite

NM user with the authority of system operator or above.

Procedure

Step Action 1 Select [System/NE Security Management/NE Security Parameters]

from the Main Menu.


3 Click to query the security paramerters of current NE.

4 Modify the parameters according to your need.



3-7

Step Action 5 Repeat this procedure to set as many security parameters of NE

users as necessary.

3.2.6 Browsing NE Security Log

Purpose

All operations to NE by all users and results of the operations are recorded in the NE security log. It provides the functions of browsing NE security log and filtering by the conditions of NE user, event name and generating time.

Use this procedure to browse NE security log.

Prerequisite

NM user with the authority of system operator or above.

Procedure

Step Action 1 Select [System/NE Security Management/NE Security Log] from the

Main Menu.




3-8

Step Action 3 Customize the log fliter conditions and click .

4 Repeat this procedure to set as many security parameters of NE users as necessary.



3-9

3.3 Creating NM User

3.3.1 Adding Operation Set

Purpose

After planning and creating an operation set, authorize a specific user group. All users in this group have the right to perform the operations in the operation set.

This management mode helps in unified assignment and management of the T2000 user authority.

Use this procedure to create operation set.

Prerequisite


Procedure

Step Action 1 Select [System/NM Security Management/NM User Management]

from the Main Menu.

2 Right-click the . Select [Create Operation Set].

3 Enter information of the newly created operation set in the "Create Operation Set" dialog box, and click or .

4 Repeat this procedure to create as many operation sets as necessary.



3-10

3.3.2 Adding Equipment Set

Purpose

After planning and creating an equipment set, authorize a specific user group to make users in the group have the right to operate the equipments in the equipment set.

This management mode helps in unified assignment and management of the T2000 user authority.

Use this procedure to create equipment set.

Prerequisite


Procedure


from the Main Menu.

2 Right-Click the . Select [Create Equipment Set].

3 Enter information of the newly created equipment set in the "Create Equipment Set" dialog box, and click or .

4 Repeat this procedure to create as many equipment sets as necessary.



3-11

3.3.3 Adding NM User Group

Purpose

Use this procedure to create NM user group.

Prerequisite


Procedure


from the Main Menu.

2 Right-click the . Select [Create User Group].

3 Enter information of the newly created user group in the "Create User Group" dialog box, and click or .

4 Repeat this procedure to create as many NM user groups as necessary.

3.3.4 Modifying Authority of NM User Group

Purpose

Use this procedure to modify authority of an NM user group.

Prerequisite




3-12

Procedure


from the Main Menu.

2 Click the . Select the appropriate NM user group.

Note: NM user group authority is not allowed to be modified for the four system default user groups: system administer, system maintainer, system operator, and system supervisor groups.

3 Select the tab Authority. Click , the Add Authority dialog box is displayed.

4 Add authority: Select Type, Subtype, Operation Name and Operation Level. Click . Delete authority: Select the appropriate row, click .

5 Repeat this procedure to modify as many authorities of NM user group as necessary.



3-13

3.3.5 Creating NM User and Assign Authority

Purpose

Use this procedure to create NM user and assign its authority.

Prerequisite


Procedure


from the Main Menu.

2 Right-Click the , Select [Create User].

3 Enter information of the newly created user in the "Create User" dialog box, and click or .

Note: Step 1 to step 3 are performed to create the NM user.

4 Click the . Select the new user in the user list.

5 Click the tab "Subjected to". Click .

6 Select the user group in the "Add User Group" dialog box and click the , and click to add the user into this user group.

Note: Step 1 to step 6 are performed to assign the NM user authority.

7 Repeat this procedure to create as many NM users as necessary.



3-14

3.3.6 Slightly Adjusting Authority of NM User

Purpose

Use this procedure to slightly adjust authority of NM user.

Prerequisite


Procedure


from the Main Menu.

2 Click the . Select the appropriate user.

3 Select the tab Additional authority. Click . The Add Authority dialog box is displayed.

4 Add authority: Select Type, Subtype, Operation Name and Operation Level. Click . Delete authority: Select the appropriate row. Click .

5 Repeat this procedure to slightly adjust as many authorities of NM users as necessary.



3-15

3.3.7 Modifying General User Attribute

Purpose

Use this procedure to modify general user attribute.

Prerequisite


Procedure


from the Main Menu.


3 Select the tab General.

4 Modify the general attribute. Click .

5 Repeat this procedure to modify as many general attributes of NM users as necessary.



3-16

3.3.8 Enabling Remote Maintenance User

Purpose

Use this procedure to enable a remote maintenance user, enabling the T2000 remote maintenance terminal to access the T2000 server for remote maintenance.

Prerequisite


Procedure

Step Action 1 Select [System/NM Security Management/Remote Maintenance

User Management] from the Main Menu.

2 The Set Remote Maintenance User dialog box is displayed. Set the value of Disable/Enable to Enable.

3 Click .



3-17

3.4 Managing T2000 Login

3.4.1 Locking T2000 Client Screen

Purpose

Use this procedure to lock T2000 client screen.

Prerequisite

None

Procedure

Step Action 1 Select [System/Lock NM Screen] from the Main Menu.

2 The T2000 Client has been locked is displayed.

3.4.2 Switching NM User

Refer to the 1.1.9 Switching T2000 User.

3.4.3 Switching Between Single User Mode and Multi-user Mode

Purpose

You can switch the client login mode: single user mode and multi-user mode. In single user mode, all users currently logged in the client are forced to exit and log in again as "admin".

Use this procedure to switch between single user mode and multi-user mode.

Prerequisite




3-18

Procedure

Step Action 1 Select [System/Single User Mode] from the Main Menu under the

multi-user mode. Select [System/Multi-user Mode] from the Main Menu under the single user mode.

3.4.4 Forcing Other Users to Exit T2000

Purpose

Use this procedure to force other users to exit T2000. This function is used to force a user having logged in to exit, while the single user login mode is used to force all the other users logged in to exit.

Prerequisite


Procedure


from the Main Menu.


3 Right-click and select [Force to Exit].



3-19

3.4.5 Modifying NM Users Password

Purpose

Use this procedure to modify current NM users password.

Prerequisite

None

Procedure

Step Action 1 Select [System/Change Password] from the Main Menu.

2 The Set New Password dialog box is displayed.

3 Enter the old password and a new password respectively. Click after confirming the new password.

Documents

03 Security Management