Name: Cisco ASR 1002
Brand: Cisco
Rating: 5 (1 reviews)

To Next Page

To Previous Page

Page 27 of 72

4 Secure Management

4.1 User Roles

The ASR has both privileged and semi-privileged administrator roles as well as non-

administrative access. Non-administrative access is granted to authenticated neighbor routers for

the ability to receive updated routing tables per the information flow rules. There is no other

access or functions associated with non-administrative access. These privileged and semi-

privileged roles are configured in the Access Control and Session Termination section above.

The TOE also allows for customization of other levels. Privileged access is defined by any

privilege level entering an enable password after their individual login. Privilege levels are

number 0-15 that specifies the various levels for the user. The privilege levels are not

necessarily hierarchical. Privilege level 15 has access to all commands on the TOE. Privilege

levels 0 and 1 are defined by default, while levels 2-14 are undefined by default. Levels 0-14 can

be set to include any of the commands available to the level 15 administrator, and are considered

the semi-privileged administrator for purposes of this evaluation. The privilege level determines

the functions the user can perform; hence the authorized administrator with the appropriate

privileges.

To establish a username-based authentication system, use the username command in global

configuration mode.

router(config)# username name [privilege level]

When a user no longer requires access to the ASR, the user account can be removed. To remove

an established username-based authentication account, use the “no” form of the command.

router(config)# no username name

Refer to the IOS Command Reference Guide for available commands and associated roles and

privilege levels.

4.2 Passwords

The password complexity is not enforced by the router by default, and must be administratively

set in the configuration. To prevent administrators from choosing insecure passwords, each

password must be as follows: See [10] Under Reference Guides  Command References 

Security and VPN  See manual Cisco IOS Security Command Reference: Commands A to Z

for this section.

1. At least 15 characters long. Use the following command to set the minimum length to 15

or greater.

router(config)#security passwords min-length length

Example: router(config)# security passwords min-length 15

Other manuals for Cisco ASR 1002

Questions and Answers:

Need help?

Do you have a question about the Cisco ASR 1002 and is the answer not in the manual?

General

Ethernet LAN	Yes
Cabling technology	10/100/1000Base-T(X)
Networking standards	IEEE 802.3
Ethernet LAN data rates	10, 100, 1000 Mbit/s
Ethernet interface type	Gigabit Ethernet
DHCP client	-
Supported network protocols	BGP, GRE, OSPF, DVMRP, EIGRP, IS-IS, IGMPv3, PIM-SM, PIM-SSM
Ethernet LAN (RJ-45) ports	4
Security algorithms	SSH
VPN tunnels quantity	8000
Safety	UL60950-1 CSA, C22.2 No. 60950-1-03, EN 60950-1, IEC 60950-1, AS/NZS 60950.1
Certification	FCC 47CFR15 Class A AS/NZS CISPR 22 CISPR 22 Class A EN55022 Class A ICES-003 Class A VCCI Class A CNS-13438 Class A EN61000-3-2 EN61000-3-3
Internal memory	4096 MB
AC input voltage	85 - 264 V
Power source type	AC
AC input frequency	50 - 60 Hz
Power consumption (typical)	560 W
Operating altitude	0 - 3048 m
Storage temperature (T-T)	0 - 50 °C
Operating temperature (T-T)	0 - 40 °C
Storage relative humidity (H-H)	5 - 95 %
Operating relative humidity (H-H)	5 - 90 %
Product color	Gray
Rack capacity	2U