Dell PowerEdge M805 User Manual

74

Using the CLI

www

.dell.com | support.dell.com

Security Logs

Security logs are maintained to record all security events including the following:

•

User login.

•

User logout.

•

Denied login attempts.

•

User attempt to exceed security access level.

•

Denied attempts by external management system to access the system.

The security log record contains the following information:

•

The user name, if available, or the protocol being accessed if the event is related to a
remote management system.

•

The IP address from which the user is connecting or the IP address of the remote
management system.

•

A description of the security event.

•

A timestamp of the event

If syslog is available, the CLI sends the security log records to the syslog server. If syslog is not
available, the CLI records the last 1000 security log records in a log separate from the system log
records itemized above. Also in this case, the CLI suppresses repeated events from the same source
and instead the CLI records one event within a period of time and includes that count as part of
the log.

Management ACAL

In addition to user access control, the system also manages the access level for particular
management interfaces. The system allows individual hosts or subnets to access only specific
management protocols.

The user defines a management profile, which identifies management protocols such as the
following:

•

Telnet.

•

SSH and the keying information to use for SSH.

•

HTTP.

•

HTTPS and the security certificate to be used.

•

SNMPv1/v2c and the read and read/write community strings to be used.

•

SNMPv3 and the security information for used this protocol.

For each of these management profiles, the user defines the list of hosts or subnets from which the
management profiles may be used.