5-5
Cisco ONS 15600 Reference Manual, R7.2
Chapter 5 Security
5.2.2 Security Policies
5.2.2 Security Policies
Users with Superuser security privileges can provision security policies on the ONS 15600. These
security policies include idle user timeouts, password changes, password aging, and user lockout
parameters.
5.2.2.1 Superuser Privileges for Provisioning Users
Superusers can grant permission to Provisioning users to perform a set of tasks, including retrieving the
audit log, restoring a database, clearing performance monitoring (PM) parameters, activating a software
load, and reverting a software load. These privileges can only be set using CTC network element (NE)
defaults, except the PM clearing privilege, which can be granted using the CTC Provisioning > Security
> Access tabs. For more information about setting up Superuser privileges, refer to the Cisco ONS 15600
Procedure Guide.
5.2.2.2 Idle User Timeout
Each ONS 15600 CTC or TL1 user has a specified amount of time to leave the system idle before the
CTC window locks. CTC lockouts prevent unauthorized users from making changes. Higher-level users
have shorter idle times and lower-level users have longer or unlimited default idle periods, as shown in
Table 5-3. Superusers can change user idle times on the Provisioning > Security > Policy tabs.
Provisioning Security Users: Create/Delete — — — X
Users: Change Same User Same User Same User All Users
Active logins: Logout/Retrieve
Last Activity Time/View
———X
Policy: Edit/View — — — X
Alarm Profiles Store/Delete
1
—— X X
New/Load/Compare/Available/
Usage
XXXX
BLSR Create/Edit/Delete/Upgrade — — X X
Overhead
Circuits
Create/Delete/Edit/Merge — — X X
Search X X X X
Provisionable
Patchcords (PPC)
Create/Delete — — X X
Server Trails Create/Edit/Delete — — X X
Maintenance Software Download/Cancel — X X X
Diagnostics Retrieve/Clear X X X X
1. The action buttons in the subtab are active for all users, but the actions can be completely performed only by the users assigned with the required security
levels.
Table 5-2 ONS 15600 Security Levels—Network View (continued)
CTC Tab Subtab Actions Retrieve Maintenance Provisioning Superuser