Filter
Top Products
System Overview Chapter 2 27
System Overview
Secure interface and audit logging
This feature enhances interface security by adding more secure access controls. It also adds
security audit logs, allowing capture of configuration changes and system activity by User ID,
date, and time. These improvements bring the BCM in alignment with the security enhancements
being introduced with BCM50.
Secure Interface Access and Communications Controls provide:
• Support for Secure Copy (SFTP), providing for SSH encrypted file transfers
• Support for Simple Network Management Protocol (SNMP) v2 & v3, including
encryption provided with v3
• BCM owner control of Nortel technical support access
• Use of digital signatures and enhanced tamper detection to ensure trusted sources for
software upgrades (patches and software release upgrades)
• Ability to test the system ability to generate alarms and logs, including system security
alarms and logs
Audit log tracks critical changes to the system and the login attempts. The log includes:
• Last successful login identification and interface
• Last failed login attempt, total failed logins since last successful login
• Configuration change log, tracking configuration changes to system by User ID
• RADIUS Support (Centralized Authentication and Radius Client to authenticate and
authorize using a centralized Radius server)
In addition to supporting IPsec tunnels for management, the ability to encrypt SNMP and file
transfers provides BCM users an expanded capability set for secure interface communications.
Audit logging of login attempts provides the BCM user the ability to track security violation
attempts and determine if further action is required.
If a user ID security breach is suspected as a result of system configuration changes, the audit
logging of configuration changes provides traceability to user IDs and interfaces.
Audit logging provides an increased ease of use and a reduction in user lost productivity by
ensuring system availability (protection against DoS attacks). Administrative and support
overheads and lower OPEX expenses (RADIUS, User Account, Password, Session by
management of Security Policies) are reduced.
There is an overall increase in Security with effective logging capabilities for Audit Trail logs,
Alarm logs, Configuration Change logs.
A BCM user who requires improved interface access and communications security for alarm, log,
and file transfers can use these security enhancements. As well, a user can audit and identify the
critical system changes specific users initiate.