Cisco Cisco Packet Data Gateway (PDG) Documentation Roadmaps
Web Element Manager Overview
WEM Architecture ▀
Cisco ASR 5000 Series Product Overview ▄
OL-22938-01
Audit trail results are stored in the PostgreSQL database for later retrieval and analysis.
The new Network Audit Tool functionality in WEM supports the on-demand or periodic auditing of chassis
configuration attributes such as PPP MRU, Auth Sequence, Bulkstats Schema Needs Update, etc.
configuration attributes such as PPP MRU, Auth Sequence, Bulkstats Schema Needs Update, etc.
ANSI T1.276 Compliance
The WEM supports ANSI standard T1.276, providing a set of baseline security features to help mitigate security risks in
the management of telecommunication networks. New users will be sent a randomly generated password automatically,
and will be prompted to provide a new password upon first login. New passwords must meet strict requirements to
comply with the ANSI standard:
the management of telecommunication networks. New users will be sent a randomly generated password automatically,
and will be prompted to provide a new password upon first login. New passwords must meet strict requirements to
comply with the ANSI standard:
Passwords must be a minimum of eight characters long.
Passwords must not be a repeat or the reverse of the associated user ID.
Passwords must not be more than three of the same characters used consecutively.
Passwords must contain at least three of the following character types:
At least one lower case alpha character
At least one upper case alpha character
At least one numeric character
At least one special character
Users will also be required to change passwords after a configurable number of days, and will be barred from reusing
the same password for a configurable number of password change cycles. Too many failed login attempts will result in
an account lockout, which may be removed either by an administrator or by waiting for a defined period of time to
elapse.
the same password for a configurable number of password change cycles. Too many failed login attempts will result in
an account lockout, which may be removed either by an administrator or by waiting for a defined period of time to
elapse.
WEM Process Monitor
The Process Monitor (PSMon) is a Perl script that monitors the status of processes pertaining to the WEM application.
The script is a plain text Apache-style configuration file that allows the user to define a set of rules. These rules describe
what processes should always be running on the system, any limitations on concurrent instances, Time-To-Live (TTL),
and maximum CPU/memory usage of processes. It can be run as a stand alone program or a fully functional background
daemon.
what processes should always be running on the system, any limitations on concurrent instances, Time-To-Live (TTL),
and maximum CPU/memory usage of processes. It can be run as a stand alone program or a fully functional background
daemon.
PSMon scans the UNIX process table and, using the set of defined rules, will re-spawn any dead processes, and/or slay
or ―deal with‖ any aggressive or illegal processes. The number of retries and time interval the PSMon scans the table is
configurable meaning that it will never try to start the process if 'number of retries' exceeds in given time interval.
or ―deal with‖ any aggressive or illegal processes. The number of retries and time interval the PSMon scans the table is
configurable meaning that it will never try to start the process if 'number of retries' exceeds in given time interval.
PSMon logs events to syslog and to a log file and is equipped with customizable e-mail notification facilities.