- Table of Contents
- Preface
- Overview
- Preparing to Rack Mount the Cisco PAM Appliance
- Rack Mounting the Cisco PAM Appliance
- Configuring and Monitoring the Cisco PAM Server
- Getting Started With the Cisco PAM Desktop Software
- Configuring Cisco PAM User Access
- Understanding Door Configuration
- Configuring Gateways, Doors, and Expansion Modules
- Configuring Door and Device Templates
- Configuring Personnel and Badges
- Configuring Cisco Access Policies
- Events & Alarms
- Configuring Automated Tasks
- System Integration
- Configuring Video Monitoring
- System Configuration Settings
- Backing Up and Restoring Data
- Upgrading Software and Firmware
- Specifications for the Cisco Physical Access Manager Appliance
- Troubleshooting
- Security
- Glossary
Cisco Physical Access Manager Appliance User Guide, Release 1.1.0
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
- Updated:
- October 31, 2013
Chapter: Security
Security
This appendix includes information used to ensure the security of your Cisco PAM appliance.
Contents
•
Cisco PAM TCP Port Requirements for Firewall Connections
•Related Security Documentation
•Manually Disable or Enable the Cisco PAM TFTP Server
Cisco PAM TCP Port Requirements for Firewall Connections
Table E-1 lists the TCP ports used by the Cisco PAM appliance. Cisco PAM desktop clients require access to these ports when connecting to a Cisco PAM appliance that is behind a firewall.
Related Security Documentation
Refer to the following documentation for security information related to Cisco PAM.
•Red Hat Enterprise Linux 4.5.0 Security Guide
http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/en-US/Security_Guide/
•Security in MySQL
http://dev.mysql.com/doc/mysql-security-excerpt/5.0/en/index.html
Manually Disable or Enable the Cisco PAM TFTP Server
You can manually enable or disable the Cisco PAM TFTP server.
Note If the TFTP server is disabled, the Image Manager cannot be used to upgrade Gateway firmware images. You must use image files stored on an external TFTP server instead. See Upgrading Gateway Firmware Images Using Cisco PAM, page B-8 for more information.
To manage the TFTP server, do the following:
Step 1 Connect to the Cisco PAM appliance using a console connection or via SSH.
Step 2 Enter the cpamadmin username and password.
Step 3 Enter the following commands:
Stop the TFTP server
$ sudo /sbin/chkconfig tftp off
Start the TFTP server
$ sudo /sbin/chkconfig on
Check the status of the TFTP server
$ sudo /sbin/chkconfig --list tftp
Feedback