Use the Admin window to view and configure system administration-related parameters that apply to the SBC system as a whole. 

To View Admin Settings

On the SBC main screen, navigate to to All → System Admin. The Admin window is displayed.

Figure 1: All - System - Admin

To Edit Admin Settings

To edit the Admin settings, click the radio button next to the system name. The Edit Selected Admin window is displayed.

Figure 2: Edit Selected Admin Window

Use the following table to edit the settings as needed, then click Save.

Table 1: System - Admin Parameters

Parameter

Description

Name

Specifies the name of the SBC system.

Actual System Name

Specifies a system name assigned by the user using metadata or userdata (applies to SWe N:1 HA and cloud-based systems).

Note: If a system name was not assigned in this way, this field displays the system name.

HA Mode

Identifies the high-availability (HA) mode for the system.

  • haMode1to1 - Is the traditional HA/redundancy model (1:1 scenario) where one active instance is backed up by one standby instance. In 1:1 HA mode mode, the SBC configuration is synchronized between active and standby SBCs.
  • haModeNto1 - Is supported in SBC SWe cluster deployments where up to N active SBC instances are backed up by a single standby instance (N:1). In this mode, a 1:1 HA pair of dedicated Operations, Administration, and Maintenance (OAM) nodes is deployed to configure and manage SBC nodes. The SBC instances in such deployments have homogeneous configuration. The active OAM node holds the active configuration for the cluster and is responsible for sharing this configuration with the SBC nodes in the cluster.
Cluster IDSpecifies the unique alpha-numeric string for identifying the cluster to which the instance belongs as specified in userdata (applies only to SWe N:1 HA and cloud-based systems that are deployed as clusters that register with the Insight EMS).

Location

A user-editable field to specify the physical location of the SBC system.

Contact

A user-editable field to specify contact information for the SBC system.

Local Authentication Enabled

Specifies that Confd CLI user information stored locally can be used for authentication. Options are:

  • True (default)
  • False

External Authentication Enabled

Specifies that Confd CLI user information stored on a remote Radius Server can be used for authentication. Options are:

  • True
  • False (default)
External Authentication Type

Specifies the external authentication type. Set this option to ldap to use external authentication for LDAP.

  • Ldap
  • Radius (default)

Default Account Local Only

Specifies whether the default admin user must be locally authenticated. Options are:

  • True
  • False (default)

The option can only be set to True when the options that enable/disable local authentication on the SBC generally, Local Authentication Enabled and External Authentication Enabled, are also set to True. If both local and external (RADIUS) authentication are enabled on the SBC then the method for authentication of the default admin user is governed by this option.

Util Monitor Stats Interval

Specifies the time interval for system resource monitoring statistics. The value ranges from 5 to 60 minutes and the default value is 15 minutes.

Note:  

If using the EMS in your network, configure EMS PM data collection intervals for the SBC to be both:

  • Equal to or greater than the SBC interval size, and
  • Not less than the SBC interval size multiplied by the SBC number of intervals.

Refer to Insight EMS Documentation for configuration details.

Util Monitors Stats Num of Past Interval

Specifies the number of past intervals of the system resource monitoring statistics to save.

Audit Log State

Specifies the state of the management audit log. The options are:

  • Disabled
  • Enabled (default)

Dsp Mismatch Action

Specifies the action to take for one of the following DSP mismatch conditions:

  1. Mismatch in DSP card installation across any/all slot locations: Cards must match by slot location. For any mismatched slots, DSP capacity is not used when Preserve Redundancy is configured (and card dried up if calls were already in place when the mismatch occurred), or card is left unprotected when Preserve Capacity is configured.
  2. Mismatch in DSP card type within a slot location: Card installations must match by type – DSP25 (higher capacity) or DSP20 (lower capacity). Same rules as above apply.

The options are:

  • Preserve Redundancy (default): The active instance automatically triggers a graceful dry-up in an attempt to align DSP hardware capabilities. Once the dry-up completes, the active SBC uses protected, matching DSP capacity to preserve redundancy.

Note: During the dry-up period, active calls using the higher capacity DSPs are not protected in the event that a switchover occurs before the dry up completes.

  • Preserve Capacity: The active SBC continues to use the extra DSP capacity, as needed, assuming appropriate session licenses are in place; partial redundancy is in effect.

Note: If a switchover occurs, calls using the higher capacity DSPs on the active instance are not protected during switchover (that is, partial redundancy).

Cli Set Warning Support

Specifies whether or not to enable warning prompts configured for the Set commands. The options are:

  • Disabled
  • Enabled (default)
Verify Auto Index

Set this value to True to specify that the SBC should check before it adds a new entry to a configuration table that has an Auto Index column to that the newly assigned Auto Index value does not already exist in that table. The transaction fails if the configuration database (CDB) already uses that Auto Index number. Provisioning can be slow when this check is enabled since the CDB is queried for each item that uses an Auto Index number. Therefore this option should only be set to True when directed by Technical Support. The options are:

  • False (default)
  • True
Ssh Public Key Authentication Enabled

If set to True and the SSH keys are populated, SSH users can log into their servers without the need to enter their passwords.

  • False (default)
  • True
Ssh Max Auth TriesSpecifies the maximum number of times SSH users can attempt authentication before an account is locked. The valid range is 2 to 6. The default value is 6.

Admin Commands

Use the Admin commands to perform system administration actions such as restart and regenerating SSH encryption keys. A partial list of the commands appears in the following figure.

Figure 3: Admin Commands

Select one of the commands and click Select.  A pop-up window opens where you can specify any required command options and initiate the selected command. Some commands are only available in cloud-based deployments.

The commands are:

Table 2: Admin Commands

Parameter

Description

Ad Manual SyncUse this command to initiate a request to sync with the Active Directory (AD) server to retrieve subscriber data.
Delete Config Store File

Use to delete a configuration file on an external cloud object store service.

Note: This action command is applicable only for SBC SWe N:1 HA and cloud-based deployments.

Discard Candidate ConfigurationUse to discard candidate configuration changes that have been committed on the OAM node, but not yet activated on the managed SBC nodes with the saveAndActivate command. This command also restarts the OAM nodes, although it does not impact the managed SBC nodes. Applies only to SBC SWe cluster deployments operating in OAM configuration mode.
Re Generate Ssh Rsa KeysUse this command to regenerate all SSH keys.

Re Key Confd Encryption Key

Use this command to trigger encryption keys used by the system configuration database to be regenerated.

Note: Ribbon recommends backing up current encrypted parameters in plain text, if possible. Ribbon further recommends performing a full configuration backup immediately after this activity has successfully completed.

Reenable OS Account

Use this command as an admin user of a system (hardware server or SWe instance) to re-enable an OS account for a specific user. In the pop-up window, specify the following:

  • User Name

For more information, refer to the Configure Accounts sub-section of the page Users and Application Management - Application Management.

Remove Instance From Group

Use this command to remove an instance from a Redundancy Group.

Note: This action command is applicable only for SBC SWe N:1 HA deployments.

Reset Software Upgrade State

Use this command to reset the selected system's software upgrade state and clean up all the previous upgrade files. Select one of the following options in the pop-up window:

  • Forced - continue reset even in the middle of software upgrade.
  • Normal (default) - do not continue reset if in the middle of software upgrade.

Warning: This command should only be run when directed by Ribbon Technical Support.

Remove Saved Config

Use this command to remove a saved configuration file from the system.

  • File Name Specify filename of configuration to remove from the system.
Restore RevisionUse this command to revert the configuration to a prior configuration. Specify the revision number in the pop-up window provided. The OAM nodes and the SBC nodes automatically restart when you restore a prior configuration.  
Retrieve Config Store File

Use this command to retrieve a configuration file from an external cloud object store service to the active configuration.

Note: This action command is applicable only for SBC SWe N:1 HA and cloud-based deployments.

Save and Activate

Use to save and activate cluster configuration. This parameter applies only to SBC SWe clusters operating in OAM or Direct Single configuration mode.

  • Saves the configuration to the EMS.
  • Activates the configuration on the managed VMs if the cluster is using OAM configuration mode.
Save Config Store File

Use this command to save the current configuration to an external cloud object store service.

Note: This action command is applicable only for SBC SWe N:1 HA and cloud-based deployments.

Save LIGeneric KeyUse this command to encrypt the master key.
Search Ad DataUse this command to search of the data stored in the local AD database. In the search request you specify an AD attribute and search string to use to retrieve data.
Set Config Store Parameters

Use this command to set the parameters used to access an external cloud object store service.

Note: This action command is applicable only for SBC SWe N:1 HA and cloud-based deployments.

RestartUse this command to restart a server/CE.
Set Ha Config

Use this command to configure the SBC for Geographical Redundancy High Availability (GRHA) mode when active and standby servers are located in two different data centers to protect SBCs against data center and network failures. To configure/change just one setting, use the Current Value option for the other setting. In the pop-up window, specify the following:

  • Bond Monitoring – Select the bond monitoring type for GRHA mode.
    • Current Value 
    • Direct-connect
    • Network-connect
  • Leader Election – Select the leader election algorithm type to use for GRHA mode.
    • Current Value 
    • Enhanced
    • Standard

Refer to:


Note

Geographical Redundancy High Availability (GRHA) is supported on SBC hardware platforms and SWe 1:1 HA deployments. It is not supported in N:1 HA or cloud-based deployments.


Soft ResetUse this command to restart the applications on the system without rebooting the server(s).
SwitchoverUse this command to perform a switchover of the management applications and restart all applications on currently active server.
Verify Database Integrity

Use this command to verify that the SBC policy and configuration databases on the active server are in sync and that the policy databases on the active and standby servers are in sync. Because these commands take a few seconds to execute, it is not advisable to run these commands repeatedly on the system. In the pop-up window, specify the following:

  • Active And Standby Policy – Check if policy databases on the active and standby servers are in sync.
  • Active Config And Active Policy – Check if the policy and configuration databases on the active server are in sync.
  • All – Perform both of the above checks.
View Configuration Changes

Use to review the list of changes associated with a specified revision. Specify the revision number in the pop-up window provided.

Note that viewing of configuration related to lawful intercept (LI) is restricted to authorized users and therefore output is filtered accordingly. LI-related changes are not present in the output shown to users that lack LI privileges. Similarly, users with only LI privileges can see only LI-related configuration changes.

Zeroize Persistent Keys

Use this control to securely erase all persistent CSPs from the system. The SBC server reboots after confirmation.