Cisco Optical Network Planner Configuration Guide, Releases 26.x.x

CSDL compliance enhancements in Cisco ONP

Updated: March 9, 2026

Want to summarize with AI?

On this page

Overview

Passphrase security features
Passphrase management features
User login information features
Additional security features

Overview

Explains security features implemented to meet CSDL standards, including login IP tracking, passphrase management, and enhanced encryption options, which strengthen overall user management and system security.

A CSDL compliance enhancement is a set of security features in Cisco ONP that

display the last login IP address of the client in the user interface,
allow administrators to set a passphrase for encrypting credentials during the installation of the Live Network Import (LNI) application and its database, and
incorporate several Secure Development Lifecycle (CSDL) compliance measures to strengthen security and user management.

Table 1. Feature History
Feature Name	Release Information	Feature Description
CSDL Compliance Enhancements	Cisco ONP Release 4.1	The following CSDL compliance enhancements are supported: Displays the last login IP address of the client. Allows you to set a passphrase for encryption of credentials during the installation of LNI application and database.

Other security and user management improvements associated with CSDL compliance in Cisco ONP include:

Passphrase security features

Ensure new passphrases do not match common passwords by checking against a dictionary.
Notify users with pop-up alerts before passphrase expiration.
Enable administrators or users with CONFIGURATION_MANAGEMENT permission to configure passphrase lifetime and grace period in the system configuration tab.
Require passphrases to be 8–127 characters and contain at least one lowercase letter, one uppercase letter, one number, and one special character.

Passphrase management features

Prompt administrators to change their passphrase upon first login.
Allow setting a passphrase or encryption key for credentials during LNI application installation (using a default key if unspecified).
Permit users to set a passphrase between 8 and 64 characters during Cisco ONP and LNI database installation.

User login information features

Display the last login date and time.
Show the last login IP address in the Cisco ONP user interface.

Additional security features

Offer a “Generate Password” option, letting users create a password automatically.
Display password strength as the user sets it.
Provide improved feedback during password creation.

Need help?

Open a support case

(Requires a Cisco Service Contract)

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.