Change cipher strength for management traffic

Similar Messages

• VLAN for Management Traffic

  Hello Everyone,
  I'm still learning cisco and networks in general but I need to separate management traffic from the regular network.  The switch is a cisco catalyst 5406-E.  My question is do I need to create a new subnet for the VLAN and how would I do that? The commands I have to create a VLAN and add the switch ports are
  Switch(config)# vlan 15
  switch(config-vlan)# name Management
  switch(config)# interface GigabitEthernet2/6
  switch(config-if)# switchport access vlan 15
  Now this creates vlan 15 and adds the GE 2/6 interface to vlan 15.  How do I add it to a new subnet?  Am I going in the right direction?

  In general, if you want to use separated VLAN for management, you can create VLAN + SVI (routed interface of the VLAN) with IP address + some access list on SVI and VTY (“SSH/telnet lines”) for better security.
  Example:
  ==== C4500 – L3 SWITCH CONFIG ====
  //create VLAN 15
  vlan 15
  name MGMT
  //create access list with ip addresses, from which management of all switches with SVI 15 will be accessible
  //Note: this access list (ACL) does not control access to management of L3 switch/router where the ACL is applied on SVI, only to all other switches in VLAN 15 that have default gateway set to ip address 10.0.15.1 (see next step)
  ip access-list extended MGMT_SWITCH
  remark ====ICMP====
  permit icmp any 10.0.15.0 0.0.0.255
  remark ====ADMIN====
  permit ip 10.0.1.0 0.0.0.255 10.0.15.0 0.0.0.255
  remark ====MONIORING-SERVERS====
  permit ip 10.0.100.0 0.0.0.255 10.0.15.0 0.0.0.255
  remark ====NTB-SERVICE====
  permit ip 10.0.200.0 0.0.0.255 10.0.15.0 0.0.0.255
  //create SVI/interface of the VLAN 15, add IP address and assign access list
  //Note: DO NOT assign empty access list to interface, it can make your router inaccessible!
  interface Vlan15
  description MGMT
  ip address 10.0.15.1 255.255.255.0
  ip access-group MGMT_SWITCH out
  //create ACL for VTY line of L3 switch/router; this ACL controls access only to management of L3 switch, access to all other switches with SVI 15 is controlled by previous ACL
  ip access-list standard VTY
  remark ====ADMIN====
  permit 10.0.1.0 0.0.0.255
  remark ====MONIORING-SERVERS====
  permit 10.0.100.0 0.0.0.255
  remark ====NTB-SERVICE====
  permit 10.0.200.0 0.0.0.255
  //assign ACL to vty lines
  line vty 0 4
  access-class VTY in
  ==== OTHER L2-ONLY SWITCHES CONFIG ====
  //create VLAN 15
  vlan 15
  name MGMT
  //create SVI 15
  interface Vlan15
  description MGMT
  ip address 10.0.15.50 255.255.255.0
  //set default gateway/default route to SVI of c4500
  ip default-gateway 10.0.15.1
  //some higher-level switches require use of following CLI parameters instead:
  ip routing
  ip route 0.0.0.0 0.0.0.0 10.0.15.1
  This is just one of many ways to do the management separation.

• How to change host name for management agent.

  Hi,
  I 've installed management agent for oracle, it's a part of Oracle Management Framework, but I have to change host name.
  I know how to change port number, but I've no idea how to change host name.
  Have you got any idea?
  Thank you in advance.
  Matin

  Hi,
  you can change it in System Landscape directory.
  Go to the http:yourportal.com:50000/sld
  then click on the Landscape and update the new host name.
  Raghu

• Changing desktop picture for managed account

  I would like to change the desktop picture in my daughter's managed account.
  I am using 10.5
  In a standard account, one opens the system preferences and goes to the 'desktop and screen saver' and in the 'desktop' part the picture can be set.
  However, for a managed account, there is no system preferences available. Even in the full finder is run there is no access to any of the system preferences.
  I have tried logging in to the administrator account and setting the picture from there but there does not seem to be any option to do this.
  Help please.
  Andrew

  Hi,
  You don't see the System Preferences in a managed account because "System Preferences" is an application and by default it is not included in the managed account.
  To allow System Preferences in a managed account, select the account in System Preferences (when you are in an administrator account), click the "Parental Control" button, under "System" tab, choose "System Preferences" where it allows you choose applications.

• Change Outbound Port for certain traffic

  Hi,
  I am trying to do a specific task and not being able to figure out what I need to do. Essentially, I would like the Cisco IOS router (3945) to change all DNS traffic going outbound, to use port 54 instead of the standard port 53.
  Setup is very simple. One inside Interface and One Outside interface. Internal addressing on the inside with PAT for internet access. I would like that whenever an internal client makes a DNS request. When the router forwards that to the DNS server on the internet, it should send it to port 54 instead of 53.
  Appreciate the help.

  It's based on where you're going to see the traffic from. If you want to translate inside -> outside, you'll use "ip nat inside". Outside would be when you're wanting to translate an outside source to something else internal.
  *Edit*
  It also depends on what interfaces you have labeled as "ip nat outside" and "ip nat inside".
  ip nat outside source list:   
  translates the source of the IP packets that are traveling outside to inside
  translates the destination of the IP packets that are traveling inside to outside
  ip nat inside source list:
  translates the source of IP packets that are traveling inside to outside
  translates the destination of the IP packets that are traveling outside to inside

• What is the encryption rate/cipher strength for Firefox 3.6.13?

  need to find encryption rate

  Firefox supports TLS1.0/SSL 3.0 using (at least):
  3DES (56*3bit)(Paypal)
  RC4 (128bit)(Google , and etc)
  AES128/256(most commonly used)
  Camellia (256bit)(Geotrust, and etc)
  All of them are literally safe, with the Electronic certificate system ,RSA/DH cipher key exchange methods, and SHA1 + MD5 cheksum hash algorithm.
  Since SHA1 and MD5 are not strong enough, the higher version of TLS(1.1/1.2) use SHA512 instead.
  See "Transport Layer Security" on wikipedia for detailed information
  http://en.wikipedia.org/wiki/Transport_Layer_Security

• I have recently changed by email login password for my emails i have managed to change them in my setting for my iPad but need to change the settings for my MAC computer but i cannot see to do it help please

  i have recently changed by email login password for my emails i have managed to change them in my setting for my iPad but need to change the settings for my MAC computer but i cannot seem to do it help please?

  Mail/Preferences/Accounts
  Use the - and + signs to delete or add your new Accounts
  see
  http://support.apple.com/kb/PH4928
  Mac 101
  http://support.apple.com/kb/index?page=search&src=support_site.kbase.search&loca le=en_US&q=deleting%20mail%20accounts

• Default Cipher Strength in Internet Explorer 11

  Hello,
  I noticed that the cipher strength is not displayed in the About box with the upgrade to IE 11.  In previous versions of IE however it did display there. Does IE 11 by default set the cipher strength to zero?  From research on other forums
  I know that you can go to tools>interent options and change settings under the Security and Advanced tabs to enable the cipher strength, but was wondering if the default for IE 11 is that the cipher strength is automatically set to zero and you'd
  have to go in and enable this manually.
  Your responses in this matter are much appreciated. Thanks in advance! =)
  -E

  Hi,
  on which website are you being denied access? Usually these are Banking websites.
  this occurs because some websites are incorrectly detecting the version of your web browser.
  Select the Tools>Report web page problem to report it to MS (the website) or contact the help/support desk of the website (support links and phone numbers are at the bottom of their web pages)
  Questions regarding Internet Explorer 8, 9 and 10 and Internet Explorer 11 for the IT Pro Audience. Topics covered are: Installation, Deployment, Configuration, Security, Group Policy, Management questions. If you are a consumer looking for answers or to
  raise a question, it's highly recommended you head on over to http://answers.microsoft.com/en-us
  Include with your questions links to any websites you are having problems with and the complete text of any error messages you receive from the browser or web site.
  Regards.
  Rob^_^

• HT5312 I DO remember them but Apple chose to put them in Japanese and I can not change the language on Manage my Apple ID so I do not know if I made an error ,it threw me off , it was the wrong question Where did you fly to on your first Aiplane trip ? th

  I DO remember them but Apple chose to put them in Japanese and I can not change the language on Manage my Apple ID so I do not know if I made an error ,it threw me off , it was the wrong question Where did you fly to on your first Aiplane trip ? then I was unable to enter until 8 hours then called Apple Japan 4 times each time threy asked me would you like to speak with an English speaker,I said yes then they told me sorry today is Sunday no English speakers ,but they refused to speak Japanese, then I called 5th time and a kind guy could speak English we were on 1and 1/2 hours he got me to log in but the reset key chain could not be completed still pending.
  He said do not mess with that ! then I got a text from somewhere to reset 4 pins suddenly it was very strange I said to him that I got this pin this morning but it said you can use maximum 3 hours it had a UK number and I told him I do not like this and will not enter the code he said do not do it if it is from the UK and then I said to him ok you did a lot to help but we can not go any further ! and we cut of I went back to my computer to re do the ID but I found everything a mess so I call and a stupid sounding Japanese women with a squeaky voice came on I was calm at first and they want your phone number your IMEI number your iPhone serial number date of birth Address email address it takes 10 munutes to check then they ask what are you caling about so I try to explain my keychain is broken or problems with language security questions and can not change my pasword because the security question have failed me so it is ONE BIG HEADACHE AND I START I GET STRESSED she says Do want an ENGLISH speaker ,I say yes ,that guy i talked to earlier but I never got his name and first time I ever talked to him but they said he is not here so I said ok and then she said today is sunday so call back in the morning ,I said ,well ok in Japanese but they make you feel stupid because they do not want to speak Jap@anese with none natives and they are to busy,And they feel that I should not bother them ,then I say that Apple Japan is trying to refuse Apple foreign customers and then she wants to hang up and ask me to visit the shop ,but they are the same I have a very bad time with Apple Japan since they do not discuss software problems or security with customer meaning if you have a problem they ask you to come on a time 20 minutes max so they do hardware test and say you phone is fine then I say no I can not reset my ID they say you must call call centre so I am going around in circles ,When I call English it is usually Australia so if my problem is in Japan surely if do not want me to talk to them in Japanese and they ask me to call Australia but every time my call charge is expensive after asking them is this free because I have Apple care they say yes but when the call goes to Australia 0120 277 535 it might change to paid call so I call then I have to ask is this charging they say we can not give you that information ! so what can I do I have have been at the computer and phone all day on my day off work and in tre week I am so busy and can not use my phone I can not work without it ,this new technology for you ,they can not cope with the fact that the customer have problems yet they do not want to deal with us because they can not solve it and so it shows them to be useless they like to walk around in their cool tee shirts and retro shop but when it comes to functionality we are unwelcome they got the money so do not return because apple is perfect that nothing should go wrong .
  But it does somehow my English security answers do not work on a Japanese Question especialy if I did not choose that question I set  up the multiple choice In English and wrote the answers in English or Roman and set them langauge preferences in English, do you really think you can correctly write english name or word in Japanese they write a police patrol car  pato caa パトカア　they do not have r and l .So it is my choice to make my security easy for me and as difficult for others to hack.But they also have patororoo choo meaning ' now patrolling ' so why they have pato caa patrol car and patoro patrol and have thousands of Chinese words kanji they can find patrol.
  I am getting off the topic but I am at a loss to fix this problem when they hold the keys and i have all the info to verify my ID.

  You have to enter the Apple ID and password. You are running into the Activation Lock
  iCloud: Find My iPhone Activation Lock in iOS 7
  Is there a way to find my Apple ID Name if I can't remember it?
  Yes. Visit My Apple ID and click Find your Apple ID. See Finding your Apple ID if you'd like more information.
  How do I change or recover a forgotten Apple ID Password?
  If you've forgotten your Apple ID Password or want to change it, go to My Apple ID and follow the instructions. SeeChanging your Apple ID password if you'd like more information.

• How to change default thresholds for some metrics of all targets.

  Hi!
  We have a lot of servers which have to work hard.
  So, our OEM very often generates messages like these:
  "EM Alert: Critical:dbsora90.tsb.kz - CPU Utilization is 99.95%, crossed warning (80) or critical (95) threshold."
  "EM Alert: Critical:dbsora94.tsb.kz - Disk Device c8t60A9800043346C384C344A4A63516D6Ad0(ssd4) is 99.7% busy."
  "EM Alert: Critical:dbsora94.tsb.kz - CPU Load (Run Queue Length averaged over 5 minutes) is 20.78, crossed warning (10) or critical (20) threshold."
  I need to change default tresholds for mentioned metrics but I can't their defenition in SYSMAN.MGMT_*-tables or suitable settings in OEM GUI.
  And I have no time to edit treshholds manually for each target. )

  Modification of Metric Thresholds (as this is what you are referring to), should be done using the Metrics and Policy Settings link (to be found in the Target Home page).
  Don't mess around with the SYSMAN tables!
  Best thing to do here is to start using Monitoring Templates for this.
  Check:
  Oracle® Enterprise Manager Concepts
  11g Release 11.1.0.1
  http://download.oracle.com/docs/cd/E11857_01/em.111/e11982/toc.htm
  Regards
  Rob
  http://oemgc.wordpress.com

• Tutorial for managing bookmarks in iPhone environment?

  I hate asking newbie questions but here goes. Searched for this but found threads regarding desktop environment.
  When I open Safari on my iPhone 3CS, I see bookmarks imported from my pc when I synched. Don't need all those so deleted most. Here's the problem: if I type in a new address in Safari addres field at top, and go to that page, then do Add Bookmark, it doesn't show up the next time I open Safari and look at the bookmarks. If I start to re-type it in the address field, the full link and title appear below, so I know it's storing it somewhere.
  Can someone just point me toward an online tutorial for manageing bookmarks within the iPhone environment not the desktop?
  Thanks!

  it's one of the dangers to BYOD.....The best way to manage this is education(unless you are ready for MDM).
  Granted that can be a bigger pain in the buttocks than working around it.
  What I tell people(having had this happen to me a couple of times) is when it's time to change your password
  1.) Make sure you have all your devices with you
  2.) disable the wireless on everything
  3.) change password via your laptop
  4.) enable one device, and go change the password there < rinse repeat for subsequent devices.
  Now, when the company I was working for moved to a MDM, the issue went away on my phone and tablet, as the mail settings were controlled by the MDM, so when i changed my password, it pushed to my other devices.
  HTH,
  Steve
  Please remember to rate useful posts, and mark questions as answered

• Best practice for managing Apple ID's in an enterprise enviroment.

  We have just started to incorporate iPads into our Corporate enviroment.  We have had them in use for the last couple of months and to be fair they have worked well but i guess now is the time to try and workout some of the issues we are experiencing with them, the re-occuring issues that just seem to keep haunting us.
  As part of the deployment we gave those with current apple id's the option of using their own, particularly those Execs who already had iPads and iPhones.  We are currently using active sync with our exchange server for access to email.
  How do other people manage Apple ID's?
  How do other people handle the password change scenario.. we have had users on holiday where their passwords have expired and they have been unable to access the email...also the issue of you reset your password on the network but you still need to re-authenticate it on the iPad...does anyone have a decent app that can get us round this?
  what issues have others found?

  Hi ToRnUK,
  The information below will explain some options for managing multiple iPads in your business.
  Apple - Support - iPad - Enterprise
  http://www.apple.com/support/ipad/enterprise/
  Apple - iPad in Business - IT Center
  http://www.apple.com/ipad/business/it-center/
  Cheers,
  Judy

• How to change page template for a single page?

  I create a new document based on the Pages "Reports > Business Report".
  Now the first page is formatted as a "Cover" page with a larger top margin.
  Via "Format > Advanced > Manage Pages..." I see there are what I assume are the "Page Templates":
  - Cover
  - Table of Contents
  - Chapter Page
  - Text Page
  - Appendix
  My question: How can I change the template for a single page in my document? E.g. I don't want Page #1 to be formatted as "Cover". I'd like it to be a "Text Page".
  Any hints?

  Just delete the Cover section and insert a Text Page.
  Click on:
  +Toolbar > View > Page Thumbnails+
  Click on the Cover thumbnail, it will be outlined in yellow, hit delete.
  It may start off with certain defaults but you do not have to accept them.
  Peter

• Best Practice for Managing a BPC Environment?

  My company is currently running a BPC 5.1 MS environment and will soon be upgrading to version 7.0 MS.  I was wondering if there is a white paper or some guidance that anyone can give with regard to the best practice for managing a BPC environment.  Which brings to light several questions in my mind:
  1.  Which department(s) in a company should u201Cownu201D the BPC application? 
  2. If both, whatu2019s SAPu2019s recommendation for segregation of duties?
  3. What roles should exist within our company to manage BPC?
  4. What type(s) of change control is SAPu2019s u201CBest Practiceu201D?
  We are currently evaluating the best way to manage the system across multiple departments, however there is no real business ownership in the system, which seems to be counter to the reason for having BPC as a solution in the first place.
  Any guidance on this would be very much appreciated.

  My company is currently running a BPC 5.1 MS environment and will soon be upgrading to version 7.0 MS.  I was wondering if there is a white paper or some guidance that anyone can give with regard to the best practice for managing a BPC environment.  Which brings to light several questions in my mind:
  1.  Which department(s) in a company should u201Cownu201D the BPC application? 
  2. If both, whatu2019s SAPu2019s recommendation for segregation of duties?
  3. What roles should exist within our company to manage BPC?
  4. What type(s) of change control is SAPu2019s u201CBest Practiceu201D?
  We are currently evaluating the best way to manage the system across multiple departments, however there is no real business ownership in the system, which seems to be counter to the reason for having BPC as a solution in the first place.
  Any guidance on this would be very much appreciated.

• Cisco IronPort AsyncOS 6.7.6-068 for Management GA Notification

  Cisco is pleased to announce the General Availability (GA) of a new major release of AsyncOS 6.7.6-068 for
  Management to all customers. This release applies to all our Security Management Appliances (M-Series).
  AsyncOS 6.7.6-068 for Management enables Centralized Tracking and Reporting for the new features introduced in AsyncOS 7.0 for Email.
  New Features and Enhancements in AsyncOS 6.7.6-068 for Management
  New Feature: Centralized support for the reporting and tracking changes in the AsyncOS for Email release 7.0:
  RSA Data Loss Prevention
  Marketing Message Detection
  New Feature: Reporting by ESA Groups
  Enhanced: Domain-Based Executive Summary Report now configurable by:
  Domain of Email Server
  Domain of Email Address
  Fixes in AsyncOS 6.7.6-068 for Management
  Fixed: MemoryError after losing Housekeeper thread [Defect ID: 52048]
  Fixed: The Show Details link results in a timeout [Defect ID: 51558]
  Fixed: Safelist/Blocklist should be exportable via CLI [Defect ID: 43360]
  Fixed: LDAP Query strips spaces [Defect ID: 46099]
  Fixed: Tracking database time does not update after system timezone is changed [Defect ID: 49407]
  Fixed: Application error when accessing Online Help from the End User Spam Quarantine page [Defect ID: 52395]
  This release has gone through our beta program, internal soak tests and is also running in production at our FCS customers.
  Please upgrade at your convenience and let us know how you like this new release!
  Cheers,
  Jakob

  Hi,
  We identified an issue in AsyncOS 6.7.6-068 for Management that under certain circumstances can cause loss of historical reporting data when reporting groups are configured. To ensure a high quality release, further testing on our side is required.
  6.7.6-068 is no longer available for upgrade to your M-Series appliances.
  If you already upgraded to 6.7.6-068 we strongly recommend to disable group based reporting to avoid being affected.
  We expect to release a new improved build of 6.7.6 shortly and apologize for any inconvenience or confusion this might have caused.
  If you are required to upgrade to 6.7.6 before a new build is available, please contact Cisco IronPort Customer Support.
  I'll let you know once the new build is available...
  Best Regards,
  Jakob