12.3 Modo de fórmula
12.3.1 Preparación de fórmula sin usar la base de datos de fórmulas
have retained all its pre-upgrade configuration information.
11.3 Configure Date and Time
We recommend that you set the local Date and Time in the console server as soon as it is configured. Features like Syslog and NFS logging use the system time for time-stamping log entries, while certificate generation depends on a correct Timestamp to check the validity period of the certificate.
Select the System: Date & Time menu option.
Manually set the Year, Month, Day, Hour and Minute using the Date and Time selection boxes, then click
Apply.
The gateway can synchronize its system time with a remote time server using the Network Time Protocol (NTP). Configuring the NTP time server ensures that the console server clock will be accurate soon after the Internet connection is established. Also if NTP is not used, the system clock will reset randomly every time the console server is powered up. To set the system time using NTP:
Select the Enable NTP checkbox on the Network Time Protocol page. Enter the IP address of the remote NTP Server and click Apply.
You must now also specify your local time zone so the system clock can show local time (and not UTP): Set your appropriate region/locality in the Time Zone selection box and click Apply.
11.4 Configuration Backup
We recommend that you back up the console server configuration whenever you make significant changes (such as adding new Users or Managed Devices) or before performing a firmware upgrade.
Select the System: Configuration Backup menu option or click the icon.
Remote Console Manager
_____________________________________________________________________
With all console servers, you can save the backup file remotely on your PC and you can restore configurations from remote locations:
Click Save Backup in the Remote Configuration Backup menu.
The config backup file (System Name_date_config.opg) will be downloaded to your PC and saved in the location you nominate.
To restore a remote backup:
Click Browse in the Remote Configuration Backup menu and select the Backup File you want to restore. Click Restore and click OK. This will overwrite all the current configuration settings in your console server. With Advanced Console Servers (LES1208A, LES1216A, LES1248A), you can save the backup file locally on the console server USB storage. To do this you must have an external USB flash drive installed.
To backup and restore using USB:
Make sure the USB flash is the only USB device attached to the console server and click Prepare Storage in the Local Configuration Backup menu.
This will set a Volume Label on the USB storage device. This preparation step is only necessary the first time, and will not affect any other information you have saved onto the USB storage device. We recommend that you back up any critical data from the USB storage device before using it with your console server.
If there are multiple USB devices installed, you will be warned to remove them.
To backup to the USB, enter a brief Description of the backup in the Local Configuration Backups menu and select Save Backup.
The Local Configuration Backup menu will display all the configuration backup files you have stored onto the USB flash.
152
724-746-5500 l www.blackbox.com
To restore a backup from the USB simply select Restore on the particular backup you wish to restore and click
Apply.
After saving a local configuration backup, you may choose to use it as the alternate default configuration. When the console server is reset to factory defaults, it will then load your alternate default configuration instead of its factory settings:
To set an alternate default configuration, check Load On Erase and click Apply.
Note: Before selecting Load On Erase, make sure that you have tested your alternate default configuration by clicking
Restore.
If your alternate default configuration causes the console server to not boot, recover your unit to factory settings using the following steps:
- If the configuration is stored on an external USB storage device, unplug the storage device and reset to factory defaults as per section 11.1 of the user manual.
- If the configuration is stored on an internal USB storage device, reset it to factory defaults using a specially prepared USB storage device:
o The USB storage device must be formatted with a Windows FAT32/VFAT file system on the first partition or the entire disk; most USB thumb drives are already formatted this way.
o The file system must have the volume label: OPG_DEFAULT.
o Insert this USB storage device into an external USB port on the console server and reset to factory defaults as described in Section 11.1.
- After recovering your console server, make sure the problem configuration is no longer selected for Load On Erase.
11.5 FIPS Mode
The Black Box Remote Console Manager console server models all use an embedded cryptographic module that has been validated to meet the FIPS 140-2 standards.
Note The US National Institute of Standards and Technology (NIST) publishes the FIPS (Federal Information
Processing Standard) series of standards. FIPS 140-1 and FIPS 140-2 are both technical standards and
worldwide de-facto standards for the implementation of cryptographic modules. These standards and guidelines are issued by NIST for use government-wide. NIST develops FIPS when there are compelling Federal
government requirements such as for security and interoperability and there are no acceptable industry standards or solutions.
Remote Console Manager
_____________________________________________________________________
Black Box advanced console servers use an embedded OpenSSL cryptographic module that has been validated to meet the FIPS 140-2 standards and has received Certificate #1051
When configured in FIPs mode all SSH, HTTPS and SDTConnector access to all services on the console servers will use the embedded FIPS compliant cryptographic module. To connect you must also be using cryptographic algorithms that are FIPs approved in your browser or client or the connection will fail.
Select the System: Administration menu option
Check FIPS Mode to enable FIPS mode on boot, and check Reboot to safely reboot the console server
Click Apply and the console server will now reboot. It will take several minutes to reconnect as secure
communications with your browser are validated. When reconnected the Management Console will display “FIPs mode: Enabled” in the banner text
Note: To enable FIPS mode from the command line, login and run these commands:
config -s config.system.fips=on touch /etc/config/FIPS
chmod 444 /etc/config/FIPS flatfsd -b
The final command saves to flash and reboots the unit. The unit will take a few minutes to boot into FIPS mode. To disable FIPS mode:
config -d config.system.fips rm /etc/config/FIPS