CSS Security Configuration Guide (Software Version 8.20)

Book Contents

Find Matches in This Book

Available Languages

Download Options

Book Title

CSS Security Configuration Guide (Software Version 8.20)

Chapter Title

Preface

PDF - Complete Book (1.23 MB) PDF - This Chapter (218.0 KB)
View with Adobe Reader on a variety of devices

Results

Chapter: Preface

Audience
How to Use This Guide
Related Documentation
Symbols and Conventions
Obtaining Documentation, Obtaining Support, and Security Guidelines

Preface

This guide provides instructions for configuring the security features of the Cisco 11500 Series Content Services Switches (CSS). Information in this guide applies to all CSS models except where noted.

The CSS software is available in a Standard or optional Enhanced feature set. Proximity Database and Secure Management, which includes Secure Shell Host and SSL strong encryption for the Device Management software, are optional features.

This preface contains the following major sections:

•Audience

•How to Use This Guide

•Related Documentation

•Symbols and Conventions

•Obtaining Documentation, Obtaining Support, and Security Guidelines

Audience

This guide is intended for the following trained and qualified service personnel who are responsible for configuring the CSS:

•Web master

•System administrator

•System operator

How to Use This Guide

This guide is organized as follows:


Chapter	Description
Chapter 1, Controlling CSS Access	Control access to the CSS including user and network traffic access.
Chapter 2, Configuring the Secure Shell Daemon Protocol	Configure Secure Shell Daemon (SSHD) protocol to provide secure encrypted communications between two hosts communicating over an insecure network.
Chapter 3, Configuring the CSS as a Client of a RADIUS Server	Configure Remote Authentication Dial-In User Service (RADIUS) protocol as a client on the CSS.
Chapter 4, Configuring the CSS as a Client of a TACACS+ Server	Configure Terminal Access Controller Access Control System (TACACS+) protocol as a client on the CSS.
Chapter 5, Configuring Firewall Load Balancing	Configure firewall load balancing between CSSs for enhanced security.

Related Documentation

In addition to this guide, the Content Services Switch documentation includes the following publications.


Document Title	Description
Release Note for the Cisco 11500 Series Content Services Switch	This release note provides information on operating considerations, caveats, and command line interface (CLI) commands for the Cisco 11500 series CSS.
Cisco 11500 Series Content Services Switch Hardware Installation Guide	This guide provides information for installing, cabling, and powering the Cisco 11500 series CSS. In addition, this guide provides information about CSS specifications, cable pinouts, and hardware troubleshooting.
Cisco Content Services Switch Getting Started Guide	This guide describes how to perform initial administration and configuration tasks on the CSS, including: •Booting the CSS for the first time and on a routine basis, and logging in to the CSS •Configuring the username and password, Ethernet management port, static IP routes, and the date and time •Configuring DNS server for hostname resolution •Configuring sticky cookies with a sticky overview and advanced load-balancing method using cookies •Installing the CSS Cisco View Device Manager (CVDM) browser-based user interface used to configure the CSS •A task list to help you find information in the CSS documentation •Troubleshooting the boot process
Cisco Content Services Switch Administration Guide	This guide describes how to perform administrative tasks on the CSS, including upgrading your CSS software and configuring the following: •Logging, including displaying log messages and interpreting sys.log messages •User profile and CSS parameters •SNMP •RMON •XML documents to configure the CSS •CSS scripting language •Offline Diagnostic Monitor (Offline DM) menu
Cisco Content Services Switch Routing and Bridging Configuration Guide	This guide describes how to perform routing and bridging configuration tasks on the CSS, including: •Management ports, interfaces, and circuits •Spanning-tree bridging •Address Resolution Protocol (ARP) •Routing Information Protocol (RIP) •Internet Protocol (IP) •Open Shortest Path First (OSPF) protocol •Cisco Discovery Protocol (CDP) •Dynamic Host Configuration Protocol (DHCP) relay agent
Cisco Content Services Switch Content Load-Balancing Configuration Guide	This guide describes how to perform CSS content load-balancing configuration tasks, including: •Flow and port mapping •Services •Service, global, and script keepalives •Source groups •Loads for services •Server/Application State Protocol (SASP) •Dynamic Feedback Protocol (DFP) •Owners •Content rules •Sticky parameters •HTTP header load balancing •Content caching •Content replication
Cisco Content Services Switch Global Server Load-Balancing Configuration Guide	This guide describes how to perform CSS global load-balancing configuration tasks, including: •Domain Name System (DNS) •DNS Sticky •Content Routing Agent •Client-Side Accelerator •Network proximity
Cisco Content Services Switch Redundancy Configuration Guide	This guide describes how to perform CSS redundancy configuration tasks, including: •VIP and virtual interface redundancy •Adaptive session redundancy •Box-to-box redundancy
Cisco Content Services Switch SSL Configuration Guide	This guide describes how to perform CSS SSL configuration tasks, including: •SSL certificate and keys •SSL termination •Back-end SSL •SSL initiation •HTTP data compression
Cisco Content Services Switch Command Reference	This reference provides an alphabetical list of all CLI commands including syntax, options, and related commands.

Symbols and Conventions

This guide uses the following symbols and conventions to identify different types of information.

Caution

A caution means that a specific action you take could cause a loss of data or adversely impact use of the equipment.

Warning A warning describes an action that could cause you physical harm or damage the equipment.

Note A note provides important related information, reminders, and recommendations.

Bold text indicates a command in a paragraph.

Courier text indicates text that appears on a command line, including the CLI prompt.

Courier bold text indicates commands and text you enter in a command line.

Italics text indicates the first occurrence of a new term, book title, emphasized text, and variables for which you supply values.

1. A numbered list indicates that the order of the list items is important.

a. An alphabetical list indicates that the order of the secondary list items is important.

•A bulleted list indicates that the order of the list topics is unimportant.

–An indented list indicates that the order of the list subtopics is unimportant.

Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html