Managing Security on Cisco UGM

With the Access Manager, you can set up the following levels of administrative access to Cisco UGM managed devices and their components:

With Read-Write-Admin access, you can create users, user groups, and access specifications, and change certain attributes like IP addresses and so on.

Preset Cisco UGM Feature Lists and Access Specifications

You can assign these features and access specifications to levels of Cisco UGM users.

Feature List	Description
UGM_ASMainEM_All_Properties_Dialogs	All properties dialog boxes for access server chassis.
UGM_ASMainEM_CLIShowCommands	All CLI show command dialog boxes.
UGM_ASMainEM_Chassis_And_Card_Commissioning	Card and chassis commissioning dialog boxes.
UGM_ASMainEM_FileExport_Configuration	All file export configuration dialog boxes.
UGM_ASMainEM_Configure_Admin_States	Configure administrative state dialog box.
UGM_ASMainEM_PerformancePollingConfig	Performance polling configuration and start/stop dialog boxes.
UGM_ASMainEM_Provision_AccessServers	Manual deployment of access servers dialog boxes.
UGM_ASMainEM_TrapForwarding	All trap forwarding configuration dialog boxes.
UGM_ASMainEM_Redundancy_Features	All redundancy feature dialog boxes.
UGM_ASMainEMLaunchTelnetSession	Capability to start a Telnet session.
UGM_LaunchCiscoView	CiscoView application start dialog boxes.
IOSConfigEMDialogFeatureList	Cisco IOS configuration dialog boxes.
IOSConfigEMProvisioningFeatureList	File import dialog boxes.

Access Specification	Permission	Feature Lists
UGM_ASMainEM_All_Features	Read-Write-Admin	UGM_ASMainEM_All_Properties_Dialogs UGM_ASMainEM_CLIShowCommands UGM_ASMainEM_Chassis_And_Card_Commissioning UGM_ASMainEM_FileExport_Configuration UGM_ASMainEM_Configure_Admin_States UGM_ASMainEM_PerformancePollingConfig UGM_ASMainEM_Provision_AccessServers UGM_ASMainEM_TrapForwarding
UGM_ASMainEM_LaunchTelnetSession	Read-Write-Admin	UGM_ASMainEMLaunchTelnetSession
UGM_LaunchCiscoView	Read	UGM_LaunchCiscoView
IOSConfigEM	Read-Write-Admin	IOSConfigEMDialogFeatureList IOSConfigEMProvisioningFeatureList

Table 5-3 Cisco UGM Features with Associated Permissions

Feature	Permission
ASEMSEventBrowser	Read
ProvisionASMainEMASMainEM	Read-Write
ProvisionASMainEMcontainer	Read-Write
ASMainEMAS5350ChassisOpenShow5350Service	Read-Write
ASMainEMAS5400ChassisOpenShow5400Service	Read-Write
ASMainEMAS5800ChassisOpenShow5800Service	Read-Write
ASMainEMAS5850ChassisOpenShow5850Service	Read-Write
ASMainEMContainerOpenShow5350Service	Read-Write
ASMainEMContainerOpenShow5400Service	Read-Write
ASMainEMContainerOpenShow5850Service	Read-Write
ASMainEMContainerOpenShow5800Service	Read-Write
ASMainEMASGenericChassisOpenAccessServerChassisService	Read
ASMainEMASGenericChassisOpenCardPropertiesService	Read
ASMainEMASGenericChassisOpenDs1e1propertiesService	Read
ASMainEMASGenericChassisOpenDS3PropertiesService	Read
ASMainEMASGenericChassisOpenEthernetPortService	Read
ASMainEMASGenericChassisOpenChannelStatisticsService	Read
ASMainEMASUPCardOpenModemUniversalPortService	Read
ASMainEMASGenericChassisOpenChassisCommissioningService	Read-Write
ASMainEMAS5800ChassisOpenRedundancyStatusService	Read
ASMainEMAS5850ChassisOpenRedStatusAndConfigService	Read
ASMainEMASGenericRedContainerOpenAccessServerChassisService	Read
ASMainEMASGenericRedContainerOpenRedundancyPropertiesService	Read
ASMainEMAS5800RedContainerOpenRedundancyStatusService	Read
ASMainEMAS5850RedContainerOpenRedStatusAndConfigService	Read
ASMainEMAS5300ChassisOpenShow5300Service	Read-Write
ASMainEMAS5800RedContainerOpenShow5800Service	Read-Write
ASMainEMAS5850RedContainerOpenShow5850Service	Read-Write
ASMainEMASGenericRedContainerOpenChassisCommissioningService	Read-Write
ASMainEMContainerOpenShow5300Service	Read-Write
ProvisionASMainEMASTrapForward	Read-Write
ASMainEMASCT3CardOpenDS3PropertiesService	Read
ASMainEMASGenericCardOpenCardPropertiesService	Read
ASMainEMASVFCCardOpenVFCProperties Service	Read
ASMainEMASVFCCardOpenDSPPropertiesService	Read
ASMainEMASDSPOpenDSPPropertiesService	Read
ASMainEMASDS1E1OpenChannelStatisticsService	Read
ASMainEMASEMSOpenEMSAboutService	Read
ASMainEMASEMSOpenEMSSettingsService	Read-Write
ASMainEMContainerOpenStartStopPerfPollingService	Read-Write
ASMainEMASDS1E1OpenDs1e1propertiesService	Read
ASMainEMASPerPollConfigOpenStartStopPerfPollingService	Read-Write
ASMainEMASPerPollConfigOpenGlobalPerfPollConfigService	Read-Write
ASMainEMASGenericNetworkIfOpenEthernetPortService	Read
ASMainEMASGenericChassisOpenModemUniversalPortService	Read
ASMainEMContainerOpenChassisCommissioningService	Read-Write
ASMainEMASModemCardOpenModemUniversalPortService	Read
ASMainEMAST1E1CardOpenDs1e1propertiesService	Read
ASMainEMASDS3PortOpenDS3PropertiesService	Read
ProvisionASMainEMASTrapForwardHost	Read-Write
ASMainEMASSPEOpenModemUniversalPortService	Read
ASMainEMASGenericShutDownableOpenConfigureAdminStateService	Read-Write
ASMainEMASModemOpenModemUniversalPortService	Read
ASMainEMASFileExportOpenFileExportService	Read-Write
ASMainEMASDS0ChannelOpenChannelStatisticsService	Read
ASMainEMContainerOpenAccessServerChassisService	Read
ASMainEMASUniversalPortOpenModemUniversalPortService	Read-Write
ASMainEMASGenericCardOpenCardCommissioningService	Read-Write
ASMainEMASTrapForwardOpenTrapForwardService	Read-Write
ASMainEMASGenericRedContainerOpenStartStopPerfPollingService	Read-Write
ASMainEMContainerOpenPerfPollBulkConfigService	Read-Write
ASMainEMASGenericChassisOpenPerfPollBulkConfigService	Read-Write
ASMainEMASGenericRedContainerOpenPerfPollBulkConfigService	Read-Write
ASMainEMASBulkFileFtpConfigOpenBulkFileFtpConfigService	Read-Write
ASMainEMTelnetSessionService	Read-Write
IOSConfigEMugmCtrlLoggingOpenIOSConfigCtrlLoggingLevelConfigurationService	Read-Write
IOSConfigEMLoggingConfigurationOpenIOSConfigCtrlLoggingLevelConfigurationService	Read-Write
IOSConfigEMContainerOpenBuildConfigFileFrom5300TemplateService	Read-Write
IOSConfigEMContainerOpenBuildConfigFileFrom5350TemplateService	Read-Write
IOSConfigEMContainerOpenBuildConfigFileFrom5400TemplateService	Read-Write
IOSConfigEMContainerOpenBuildConfigFileFrom5800TemplateService	Read-Write
IOSConfigEMContainerOpenBuildConfigFileFrom5850TemplateService	Read-Write
IOSConfigEMContainerOpenAssociateConfigFileWithDeviceService	Read-Write
IOSConfigEMContainerOpenAssociateImageFileWithDeviceService	Read-Write
IOSConfigEMContainerOpenAssociateFirmwareFileWithDeviceService	Read-Write
IOSConfigEMContainerOpenDeviceAuthenticationService	Read-Write
IOSConfigEMContainerOpenIOSOperationsService	Read-Write
IOSConfigEMIOS5300ConfigParamOpenBuildConfigFileFrom5300TemplateService	Read-Write
IOSConfigEMIOS5350ConfigParamOpenBuildConfigFileFrom5300TemplateService	Read-Write
IOSConfigEMIOS5400ConfigParamOpenBuildConfigFileFrom5300TemplateService	Read-Write
IOSConfigEMIOS5800ConfigParamOpenBuildConfigFileFrom5300TemplateService	Read-Write
IOSConfigEMIOS5850ConfigParamOpenBuildConfigFileFrom5300TemplateService	Read-Write
IOSConfigEMCiscoTechObjOpenAssociateConfigFileWithDeviceService	Read-Write
IOSConfigEMCiscoTechObjOpenAssociateImageFileWithDeviceService	Read-Write
IOSConfigEMCiscoTechObjOpenAssociateFirmwareFileWithDeviceService	Read-Write
IOSConfigEMCiscoTechObjOpenDeviceAuthenticationService	Read-Write
IOSConfigEMIOSTechObjOpenIOSOperationsService	Read-Write
IOSConfigEMConfigFileCategoryOpenEditConfigFileService	Read-Write
IOSConfigEMConfigFileVersionOpenEditConfigFileService	Read-Write
IOSConfigEMIOSScheduledActionOpenScheduledActionPropertiesService	Read-Write
IOSConfigEMScheduledActionsOpenScheduledActionPropertiesService	Read-Write
IOSConfigEMCiscoTechObjOpenAssociateNASTftpWithDeviceService	Read-Write
IOSConfigEMCiscoTechObjOpenAssociateConfigletWithDeviceService	Read-Write
IOSConfigEMConfigletCategoryOpenEditConfigletService	Read-Write
IOSConfigEMConfigletVersionOpenEditConfigletService	Read-Write
IOSConfigEMContainerOpenAssociateNASTftpWithDeviceService	Read-Write
IOSConfigEMContainerOpenAssociateConfigletWithDeviceService	Read-Write
IOSConfigEMugmFileVersionDeleteService	Read-Write
IOSConfigEMIOSScheduledActionDeleteService	Read-Write
IOSConfigEMugmCtrlLoggingOpenObjectConfigService	Read-Write
IOSConfigEMugmFileCategoryOpenObjectConfigService	Read-Write
IOSConfigEMugmFileVersionOpenObjectConfigService	Read-Write
IOSConfigEMIOSScheduledActionOpenObjectConfigService	Read-Write
ProvisionIOSConfigEMContainer	Read-Write
ProvisionIOSConfigEMIOS5300ImageFileCategory	Read-Write
ProvisionIOSConfigEMConfigFileCategory	Read-Write
ProvisionIOSConfigEMIOS5400ImageFileCategory	Read-Write
ProvisionIOSConfigEMDSPFileCategory	Read-Write
ProvisionIOSConfigEMSPEFileCategory	Read-Write
ProvisionIOSConfigEMIOS5800ImageFileCategory	Read-Write
ProvisionIOSConfigEMIOS5350ImageFileCategory	Read-Write
ProvisionIOSConfigEMConfigletCategory	Read-Write
ProvisionIOSConfigEMNAS-File_Repository	Read-Write
ProvisionIOSConfigEMIOS5850ImageFileCategory	Read-Write
ProvisionIOSConfigEMModemFileCategory	Read-Write
ProvisionIOSConfigEMciscoTechObj	Read-Write
CiscoViewService	Read

Creating an Access Specification

Step 2 In the Access Manager window, choose Edit > Create > Access Specification.

Step 3 Enter an Access Specification name, whether you want to replicate another access specification, features and feature lists, level of access (Read-only, Read-Write, or Read-Write-Admin) a user group to which to assign this Access Specification (blank if this is the first time you are setting up system security).

Creating a User Group

Step 2 Enter a group name, whether you want to replicate another group, users to include in this group (blank if this is the first time you are setting up system security), and access specifications for this group.

Creating a User

Step 2 Enter a login name, first name, surname, e-mail address, and whether you want to replicate another user, group membership, password, and user description.

Modifying a User, a User Group, and an Access Specification

You can modify security entities from the Access Manager GUI by selecting the Edit > Modify menu option, or by selecting the object on the Access Manager GUI screen and double-clicking it.

Table of Contents