Presentation is loading. Please wait.

Presentation is loading. Please wait.

Configuring ALSMS Remote Navigation

Published byGarey George Modified over 6 years ago

Similar presentations

Presentation on theme: "Configuring ALSMS Remote Navigation"— Presentation transcript:

1 Configuring ALSMS Remote Navigation
Alcatel-Lucent Security Products Configuration Example Series

2 Remote Administration of the ALSMS
The ALSMS solution allows for remote navigation through a secure tunnel or in the clear so that administrators can check the status and health of the network remotely as well as configure any changes that might need to be made. This feature comes in handy if an administrator is traveling or working from home. It also allows flexibility for an administrator if he/she gets a page while they are not at the office. Remember that the ALSMS allows for direct paging as a trigger for events. Another common use of this feature is for network operations centers to have status monitors set up to monitor remote networks. As well as to have multiple administrators working on the system at the same time. The ALSMS has “Concurrency Controls” that prevent administrators from getting into an object if another administrator is already in that object. The ALSMS also allows administrators to IM each other through the system.

3 Remote Administration of the ALSMS
Before we go load the ALSMS Remote Navigator we need to do a couple of things on the ALSMS. We need to add a couple of rules in our Administrative Zone, which is the zone that we are using to protect the ALSMS server. We need to add rules that will allow for remote administration. The next few slides will walk you through this setup. The last section of this configuration assistant will show you a few optional ways to further secure the remote navigation application.

4 Remote Administration of the ALSMS
Next we need to add two rules to the Administrative Zone that will allow the remote administrators to make a connection with the ALSMS. From the main menu double click on Brick Zone Rulesets then double click on AdministrativeZone. This is the rule set that is protecting the ALSMS.

5 Remote Administration of the ALSMS
In the Brick Zone Ruleset Editor click the + button on the lower left to add a rule. This rule will allow traffic to pass into the administrative zone. Active Yes, direction In to Zone. Source * Destination ALSMS (host group) or the actual IP Address of the ALSMS. Service Secure_Remote_Admin _to_ SMS Action Pass.

6 Remote Administration of the ALSMS
Next click on the Advanced tab. Here we are going to change the Session Time out (sec) from 300 seconds to 3600 seconds. This will allow an idle time of one hour rather than 5 minutes Uncheck Strict TCP State Enforcement. This is optional. If you leave strict TCP enforcement turned on and the session times out you will need to reinitiate a new session and login again. When you are done click OK. Now we will create a rule allowing traffic from the ALSMS out to the remote administrator.

7 Remote Administration of the ALSMS
In the Brick Zone Ruleset Editor click the + button on the lower left to add a rule. This rule will allow traffic to pass out of the administrative zone. Active Yes, direction out of Zone. For source click Host then enter the IP address of the ALSMS or choose the ALSMS host group. For destination keep * Service should be Secure_ Remote_admin_from_SMS. Action should be Pass

8 Remote Administration of the ALSMS
Next click on the Advanced tab. Here we are going to change the Session Time out (sec) from 300 seconds to 3600 seconds. This will allow an idle time of one hour rather than 5 minutes Uncheck Strict TCP State Enforcement. This is optional. If you leave strict TCP enforcement turned on and the session times out you will need to reinitiate a new session and login again. When you are done click OK.

9 Remote Administration of the ALSMS
In the Brick Zone Ruleset Editor take a look at the rules that you just created. They should be rules 1000 & 1001. When you are done looking be sure to click File>Save and Apply to apply the new rules to the Brick. Close the Brick Zone Ruleset Editor.

10 Remote Administration of the ALSMS
We now have our rules established to allow remote administrators. If you need to create new administrators proceed with the following steps. If your administrators are already setup, proceed to slide 13. From the navigator window click on Administrators. Right click and select “New Administrator”.

11 Remote Administration of the ALSMS
Click on Enable Administrator. Click ALSMS Administrator. Fill in the administrators information. Click on Authentication.

12 Remote Administration of the ALSMS
Select Local Password. Fill in your password and verify it. Note that for SOX compliance we added “password complexity” features each password must have one capital letter and one numeric. Select File>Save and Close.

13 Remote Administration of the ALSMS
The ALSMS CD includes software for remote administration called the ALSMS Remote Navigator. This software allows administrators to use the ALSMS from a remote location. Go to the PC that is designated for remote administration. Load the software. Loading the software is a simple process of installing from the ALSMS CD. Click on NT or Solaris depending on which operating system you are using. Click on the Remote Navigator folder and then click on ALSMSremotenav-9.xxxx. Another way to load the software is to download it from the ALSMS. To do this open a browser and point it to the IP address of the ALSMS in this format; Example: Accept all defaults during the installation. This is covered in more detail in the ALSMS Admin. Guide.

14 Remote Administration of the ALSMS
Next go to Start>Programs>Lucent Security Management Server>ALSMS Remote Navigator 9.1. Log in using your user name and password that you set up earlier. For ALSMS URL use Example Click Connect. Once you are connected you can manage the network just the same as if you were logged directly into the ALSMS server.

15 Remote Administration of the ALSMS
NOTES: If you are already logged in with the same user name and Password on the ALSMS host the remote navigator will log you off before logging you on remotely. If your log in doesn’t work, go back to your Brick and look at Policy Assignments on the Brick. Make sure that no policy is assigned on the port that your Remote Navigator is connected to or that there are rules in that ports firewall allowing remote navigation. Next go back and look at the rules that you created in the Administrative Zone to make sure that they are all done right have the right direction and an action of Pass.

16 Remote Administration of the ALSMS
NOTES: At this point you have the Remote Navigator application working. There are a few ways to further secure this application. These steps are optional and may not be necessary given your use of the Remote Navigator. If you are running the application locally, behind a firewall and using administrator password authentication you are probably secure enough. If you are running the Remote Navigator from remote sites you may want to consider one or more of the following ways to keep the ALSMS secure. Running the Remote Navigator through an IP Sec Tunnel. Certificate Authentication for the Administrators Running the Remote Navigator through HTTPS (Secure). Creating a Host Group to restrict who can navigate remotely. See the section on Remote Administration in the Administration Guide for further details on configuring these options.

17 Remote Administration of the ALSMS
For more detailed information on configuring this feature click Help>On Line Product Manuals>Administration Guide See the section on Remote Administration. The Product Manuals can also be found on your ALSMS CD.

Download ppt "Configuring ALSMS Remote Navigation"

Similar presentations

Home This training presentation is designed to introduce the Residency Management Suite to new users. This presentation covers the following topics: Login.

Home This training presentation is designed to introduce the Residency Management Suite to new users. This presentation covers the following topics: Login.
DSL-2730B, DSL-2740B, DSL-2750B.

DSL-2730B, DSL-2740B, DSL-2750B.
Choose a category: Install Episys Install Accessories Synergent Confidential Episys Version 2008.08Synergent 2008Download latest guides from:

Choose a category: Install Episys Install Accessories Synergent Confidential Episys Version Synergent 2008Download latest guides from:
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
DVG-N5402SP.

DVG-N5402SP.
Configuring NOE VOIP Alcatel-Lucent Security Products Configuration Example Series January 2010 Software Version 9.4.

Configuring NOE VOIP Alcatel-Lucent Security Products Configuration Example Series January 2010 Software Version 9.4.
File sharing. Connect the two win 7 systems with LAN card Open the network.

File sharing. Connect the two win 7 systems with LAN card Open the network.
Copyright © 2013 FingerTec Worldwide Sdn.Bhd. All rights reserved.

Copyright © 2013 FingerTec Worldwide Sdn.Bhd. All rights reserved.
Installing Ricoh Driver. Items you need to know IP address of Printer Options that are installed And Paper Sizes To get all this information you can print.

Installing Ricoh Driver. Items you need to know IP address of Printer Options that are installed And Paper Sizes To get all this information you can print.
Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.
4-1 PSe_4Konf.503 EAGLE Getting Started and Configuration.

4-1 PSe_4Konf.503 EAGLE Getting Started and Configuration.
Advanced Networking for DVRs

Advanced Networking for DVRs
HCare access on an iPad hCare access is the remote access to PGH. The steps for installing vary from the Mac somewhat. This will guide you. Installation.

HCare access on an iPad hCare access is the remote access to PGH. The steps for installing vary from the Mac somewhat. This will guide you. Installation.
Hosted Exchange 2007. The purpose of this Startup Guide is to familiarize you with ExchangeDefender's Exchange and SharePoint Hosting. ExchangeDefender.

Hosted Exchange The purpose of this Startup Guide is to familiarize you with ExchangeDefender's Exchange and SharePoint Hosting. ExchangeDefender.
1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.

1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.
Eucalyptus Virtual Machines Running Maven, Tomcat, and Mysql.

Eucalyptus Virtual Machines Running Maven, Tomcat, and Mysql.
Thrive Installation.

Thrive Installation.
Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.

Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod9_L8 1 Network Security 2 Module 6 – Configure Remote Access VPN.

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod9_L8 1 Network Security 2 Module 6 – Configure Remote Access VPN.
Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.

Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.

Similar presentations

Ads by Google