Authentication Manager (SAM) is a component of the
the Cisco ASR 9000 Series Router operating system that ensures that
software being installed on the router is safe, and that the software does not
run if its integrity has been compromised.
For information on SAM
commands, see the
Authentication Manager Commands
Cisco ASR 9000 Series Aggregation Services Router
System Security Command Reference.
For information on
setting the system clock, see the
Commands module in
Cisco ASR 9000 Series Aggregation
Services Router System Management Command Reference.
for Configuring Software Authentication Manager
feature was introduced.
Information about Software Authentication Manager
For SAM to verify software during installation, the software to be installed must be in a Packager for IOS/ENA (PIE) format. PIEs are digitally signed and SAM verifies the digital signature before allowing bits from that PIE to reside on the router. Each time an installed piece of software is run, SAM ensures that the integrity of the software is not been compromised since it was installed. SAM also verifies that software preinstalled on a flash card has not been tampered with while in transit.
When the initial image or a software package update is loaded on the router, SAM verifies the validity of the image by checking the expiration date of the certificate used to sign the image. If an error message is displayed indicating that your certificate has expired, check the system clock and verify that it is accurate. If the system clock is not set correctly, the system does not function properly.