Avocent ACS 6000 Server User Manual


 
Linux kernel
Remote authentication: Radius, Tacacs+, LDAP and Kerberos servers
SNMP
SSH and Telnet access
Syslog server
NOTE: RemoteauthenticationNFS,NISandIPSecare notsupportedwithIPv6.
Flexible users and groups
An account can be defined for each user on the console server or on an authentication server.
The admin and root users have accounts by default, and either can add and configure other user
accounts. Access to ports can be optionally restricted based on authorizations an administrator
can assign to custom user groups. For more information, see Users Accounts and User Groups
on page 53.
Security
Security profiles determine which network services are enabled on the console server.
Administrators can either allow all users to access enabled ports or allow the configuration of
group authorizations to restrict access. You can also select a security profile, which defines
which services (FTP, ICMP, IPSec and Telnet) are enabled and SSH and HTTP/HTTPS access.
The administrator can select either a preconfigured security profile or create a custom profile.
For more information, see Security on page 24.
Authentication
Authentication can be performed locally, with One Time Passwords (OTP), a remote Kerberos,
LDAP, NIS, RADIUS, TACACS+ authentication server or a DSView 3 server. The console
server also supports remote group authorizations for the LDAP, RADIUS and TACACS+
authentication methods. Fallback mechanisms are also available.
Any authentication method configured for the console server or the ports is used for
authentication of any user who attempts to log in through Telnet, SSH or the web manager. For
more information, see Authentication on page 50.
VPN based on IPSec with NAT traversal
If IPSec is enabled in the selected security profile, an administrator can use the VPN feature to
enable secure connections. IPSec encryption with optional NAT traversal (which is configured
by default) creates a secure tunnel for dedicated communications between the console server
Chapter 1: Introduction 3