Cisco Headend System Release 2.7 Installation Guide
Chapter 1 Planning the Upgrade
2
4035749 Rev B
Important Points About the Upgrade
Enhanced Security for SR 5.0
SR 5.0 implements enhanced security which changes the way you will interact with
and administer the system. Refer to DNCS System Release 5.0 Security Configuration
Guide (part number 4034689) if you are unfamiliar with the changes implemented as
a result of the security enhancements. There are fundamental changes you must be
aware of to perform some of the most basic functions on the DNCS.
and administer the system. Refer to DNCS System Release 5.0 Security Configuration
Guide (part number 4034689) if you are unfamiliar with the changes implemented as
a result of the security enhancements. There are fundamental changes you must be
aware of to perform some of the most basic functions on the DNCS.
RBAC
As part of the security enhancements, the system now uses Sun’s Role Based Access
Control (RBAC) system. This feature converts the “dncs” account to a dncs “role,”
and you will no longer be able to log on to the system directly as the dncs user.
Instead, you will need to create individual accounts with various levels of access to
the “dncs” role.
Control (RBAC) system. This feature converts the “dncs” account to a dncs “role,”
and you will no longer be able to log on to the system directly as the dncs user.
Instead, you will need to create individual accounts with various levels of access to
the “dncs” role.
Single Sign-on
By default, users are not permitted to have more than one login session. This means
that any user using the Secure Shell (SSH) to remotely access the DNCS or the
Application Server is not allowed to establish a second connection, even from the
same remote system, until the first session has been disconnected. However, the user
is not restricted as to the number of xterm windows that can be launched from a
single SSH session.
that any user using the Secure Shell (SSH) to remotely access the DNCS or the
Application Server is not allowed to establish a second connection, even from the
same remote system, until the first session has been disconnected. However, the user
is not restricted as to the number of xterm windows that can be launched from a
single SSH session.
Non-Essential Services Disabled by Default
All services that are not essential to the operation and administration of the DNCS or
Application Server (telnet, rlogin, rsh, etc.) are disabled by default.
Note: FTP and TFTP will continue to be enabled by default.
Application Server (telnet, rlogin, rsh, etc.) are disabled by default.
Note: FTP and TFTP will continue to be enabled by default.
Performance Impact
Interactive services will not be available while you are within the maintenance
window, after DNCS processes are stopped.
window, after DNCS processes are stopped.