The network device endpoint type lets you manage privileged account passwords on network devices.
Note: Currently, you can configure the endpoint type to work with a Cisco 2600 network device only.
When you create devices of this type, provide the following information so that CA ControlMinder Enterprise Management can connect to the device:
Specifies the user authentication mode on login:
Specifies the authentication mode to set the device to enable mode:
Note: In Anonymous authentication modes, the following fields are disabled: Username, Password, and Enable Mode Username.
Defines the name of an administrative user of the endpoint. SAM uses this account to perform administrative tasks on the endpoint, for example, to connect to the endpoint, discover accounts, and change passwords.
Note the following points:
If you specify the Advanced option, SAM does not use the User Login account to perform administrative tasks. Instead, SAM uses the specified privileged account to perform administrative tasks on the endpoint.
Defines the password of the administrative user of the endpoint.
Defines the name of an administrative user with privileges to set the device to enable mode. Enable mode lets you modify the network device settings.
Defines the host name of the endpoint.
Specifies the server listening port number.
Default: 23
Specifies to use Telnet rather than SSH to connect to the SSH device.
Note: Use Telnet protocol only to connect to the Cisco 2600 network device.
Specifies the name of the SSH Device XML configuration file. You can customize the XML files to fit your needs.
Note: If you do not specify a value for this field, CA ControlMinder Enterprise Management uses the netdevice_connector_conf.xml file.
Specifies whether you want to use a privileged administrative account to perform administrative tasks on the endpoint, for example, to connect to the endpoint, discover accounts, and change passwords. For example, you can specify a privileged domain account that can perform administrative tasks on multiple endpoints.
If you specify this option, SAM does not use the User Login account to perform administrative tasks.
Specifies whether to disable the exclusive sessions check on this endpoint. When selected, SAM does not check for open sessions on the endpoint.
Specifies to block break-glass check-out action on exclusive accounts.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|