HPE Community
Switches, Hubs, and Modems
1752307 Members
5329 Online
108786 Solutions
New Discussion юеВ

Re: PCM+ 1.5 Noobie suggestions

 
SOLVED
Go to solution
Les Ligetfalvy
Esteemed Contributor

тАО09-17-2004 06:06 AM

тАО09-17-2004 06:06 AM

PCM+ 1.5 Noobie suggestions

I am new to the world of PCM+, having only a trial copy and am trying to wrap my mind around this to decide if it is worth the coin to license it.

Under Events, I cannot seem to set a filter that excludes only one that includes. For example, I am trying to reduce the noise by filtering out some but not all of the informational like "SNTP". I really don't need to be notified every time the clocks update. Maybe a future version could have rules to combine and replace alerts and the four rudimentary filters.

If someone clears the password by pushing the Clear button on a switch, it logs only as informational. I realize that it is the switch and not PCM that determines the severity, but I might suggest to the switch OS authors that this should at least be a warning.

0 Kudos
10 REPLIES 10
SCOOTER
Esteemed Contributor

тАО09-17-2004 11:48 AM

тАО09-17-2004 11:48 AM

Re: PCM+ 1.5 Noobie suggestions

Les,

I believe that you can set that in the switch itself.

If someone can clear the PW on a switch then they have the authorisation to do so... I.o.w. I hope that your switches are secure and only accessable to the people who need to access them.

Scooter
0 Kudos
Les Ligetfalvy
Esteemed Contributor

тАО09-17-2004 01:01 PM

тАО09-17-2004 01:01 PM

Re: PCM+ 1.5 Noobie suggestions

Scooter,
Thanks for the reply. I have not been able to find where in the switch OS that I can change the level of the event.
I also posed the question to Procurve Support and this is the answer they gave me:

Les,
One option you may want to consider is that you can set the 5300 to reboot when the clear button is pressed. This way no one can clear the passwords without the box going through a full reboot cycle. The thought behind this is that if this were to occur it would cause extra alerts on the network to let you know that something is happening. I will check into the exclusion/inclusion feature as you suggested.


Search as I may, I cannot find the "reboot on clear" feature either.

As for your comment about physically securing the switches, it just is not going to happen. I plan to deploy several of these switches in a mesh over two kilometres of fibre stretched throughout an industrial complex. Real estate is at a premium and I cannot get excusive locked space.
0 Kudos
OLARU Dan
Trusted Contributor

тАО09-19-2004 05:58 PM

тАО09-19-2004 05:58 PM

Re: PCM+ 1.5 Noobie suggestions

Les,
You should insist with your managers to let you put your switches and patch panels in closed, wall-mounted, locked and ventilated racks. Otherwise there is not only a risk of having a jolly worker reset and clear your switches (using the two very small and attractive Reset and Clear buttons on the front of the switch), but a much more serious risk of another jolly worker to plug a small patchcord in two of the switche's ports which, of course, creates a loop.
0 Kudos
SCOOTER
Esteemed Contributor

тАО09-19-2004 08:42 PM

тАО09-19-2004 08:42 PM

Solution

Re: PCM+ 1.5 Noobie suggestions

Les,

Reset on clear:

Check the Access security guide 2-13.

ftp://ftp.hp.com/pub/networking/software/59906052.pdf

Let me check the rest and I'll get back to you.

Configuring Front Panel Security
Using the front-panel-security command from the global configuration context
in the CLI you can:
├в ┬в Disable or re-enable the password-clearing function of the Clear
button. Disabling the Clear button means that pressing it does not
remove local password protection from the switch. (This action
affects the Clear button when used alone, but does not affect the
operation of the Reset+Clear combination described under ├в Restoring
the Factory Default Configuration├в on page 2-11.)
├в ┬в Configure the Clear button to reboot the switch after clearing any
local usernames and passwords. This provides an immediate, visual
means (plus an Event Log message) for verfiying that any usernames
and passwords in the switch have been cleared.
├в ┬в Modify the operation of the Reset+Clear combination (page 2-11)
that the switch still reboots, but does not restore the switch├в s factory
default configuration settings. (Use of the Reset button alone, to
simply reboot the switch, is not affected.)
├в ┬в Disable or re-enable Password Recovery.
Syntax: show front-panel-security
Displays the current front-panel-security settings:
Clear Password: Shows the status of the Clear button on the front
panel of the switch. Enabled means that pressing the Clear
button erases the local usernames and passwords configured
on the switch (and thus removes local password protection
from the switch). Disabled means that pressing the Clear
button does not remove the local usernames and passwords
configured on the switch. (Default: Enabled.)
Reset-on-clear: Shows the status of the reset-on-clear option
(Enabled or Disabled). When reset-on-clear is disabled and
Clear Password is enabled, then pressing the Clear button
erases the local usernames and passwords from the switch.
When reset-on-clear is enabled, pressing the Clear button
erases the local usernames and passwords from the switch
and reboots the switch. (Enabling reset-on-clear
automatically enables clear-password.) (Default: Disabled.)
Factory Reset: Shows the status of the Reset button on the front
panel of the switch. Enabled means that pressing the Reset
button reboots the switch and also enables the Reset button
be used with the Clear button (page 2-11) to reset the switch
to its factory-default configuration
Les Ligetfalvy
Esteemed Contributor

тАО09-20-2004 04:08 AM

тАО09-20-2004 04:08 AM

Re: PCM+ 1.5 Noobie suggestions

Scooter,
DOH! Security guide makes sense now. Noob mistake to only look in the config guide.

Dan,
I hear what you say and would love to have the locked space but it is just not going to happen. Maybe after someone takes a box cutter to all my fibres they will listen but until then I am just preaching "doom and gloom". I would settle for a lock on the door to the shared space but even that is asking too much. :(

Thanks

BTW, I will go ahead with the "Plus" version of PCM and only hope that they will enhance the filter to full fledged "rules". In the meantime, I can send info traps to a different receiver (Whatsup Gold) and leave them out of PCM.
0 Kudos
Les Ligetfalvy
Esteemed Contributor

тАО09-23-2004 03:58 PM

тАО09-23-2004 03:58 PM

Re: PCM+ 1.5 Noobie suggestions

OK, I enabled reset-on-clear but it still does not help me. Yes, the switch now reboots but still no warning traps get sent.

I would have expected a password reset or a reboot to throw more than an informational trap.

I guess I will have to send informational traps to my Whatsup Gold trap receiver instead of PCM+. At least Whatsup can page me which is more than what PCM+ can do.
0 Kudos
Les Ligetfalvy
Esteemed Contributor

тАО09-25-2004 01:24 AM

тАО09-25-2004 01:24 AM

Re: PCM+ 1.5 Noobie suggestions

Update:
I submitted a feature request to HP to have the reboot and clear events changed to "warning". They really should not be buried in a sea of "informational" traps.

Here's to hoping that a software engineer agrees with me.
0 Kudos
OLARU Dan
Trusted Contributor

тАО09-28-2004 07:04 PM

тАО09-28-2004 07:04 PM

Re: PCM+ 1.5 Noobie suggestions

Les,
you could give a try to Kiwi's CatTools2, which is an excelent tool even for HP switches. You will not believe what you can do with this NZ tool:

http://www.kiwisyslog.com/cattools2.htm
0 Kudos
Les Ligetfalvy
Esteemed Contributor

тАО10-23-2004 04:57 AM

тАО10-23-2004 04:57 AM

Re: PCM+ 1.5 Noobie suggestions

Just what I don't need... yet another tool in my arsenal. TBH, I did not look at it. I already have a plethora of tools and was hoping that PCM+ could be more of a swiss army knife. I did manage to bully my way on to the PCM+ beta program so here's hoping that I can contribute something of value.

Thanks
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.