Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Panel

In this section:

Table of Contents
maxLevel3

 

 

HTTPS Support

The EMA GUI is available via TLS-secured (https) access either directly through port 443 or indirectly through port 80 to 443. ACL rules are not applicable to prevent unsecured (http) access.

A sample X.509 certificate, which is a copy of the BMC and the EMA Platform Mode certificate, is shipped along with the 

Spacevars
0product
shipment. The size of this certificate is 2,000 bytes.

Info
titleNote

The BMC is not applicable to

Spacevars
0product2
.

The EMA uses the common Local Cert store of the 

Spacevars
0series4
(used also for SIP/TLS) rather than having its own separate certificate store. The operator may replace that sample certificate at any time. The replacement mechanism is implemented with post installation/upgrade scripts.

Certificates with RSA keys up to 4,096 bits are supported.

Info
titleNote

Spacevars
0company
recommends using only 2,048 bit certificates with release 3.1 and discourages the use of 4,096 bit certificates in 3.1 due to anticipated upgrade issues with the current software.

Enter the following URL in the browser to access the

Spacevars
0product
EMA:

https://<hostname>

where, the where <host name> is one of the management IP addresses of the

Spacevars
0product
, or the equivalent DNS name. For example, https://10.54.41.8.

The EMA uses a self-signed certificate which may produce a warning message by from Internet Explorer and Firefox. These messages may be ignored.

Info
titleNote

The

Spacevars
0series4
is delivered with sample self-signed X.509 certificates. Please be Be aware that even though these sample certificates will allow you to use HTTPS to access the
Spacevars
0product
from EMA, BMC and EMA Platform Mode interfaces, using this protocol with the sample certificates is not a truly secure access method. If your organization requires a more secure access, refer to Generating PKI Certificates.

Info
titleNote

The

Spacevars
0series4
supports SHA-256 for certificate verification.

Logging In

Supported Browsers and Client Computers

Refer to 

Link_in_new_tab
TextSupported Browsers and Client Computer Requirements
URLIntroduction to EMA
for a listing list of supported browsers and client platforms when for accessing EMA.

Procedure

Following are the steps to To log into the Embedded Management Application (EMA):

  1. Launch your web browser.
  2. Enter the

    Spacevars
    0product
    EMA URL <ip address/device

    name>

    name> 

    Info
    titleNote

    Sometimes, when When using Internet Explorer/Mozilla Firefox browser, a website security issue may prevent you from going directly to the the SBC application login screen, as shown in example below.

    Click Advanced.

    Caption
    0Figure
    1Certificate Security Error

  3. Click

    Add Exception

    Advanced.

    Caption
    0Figure
    1Firefox Message - Self-Certified Website

    Image Modified

    Uncheck the Permanently store this exception check-box and click
  4. Confirm Security

    Click Add Exception. 

    Caption
    0Figure
    1Firefox Message - Add Security Exception

    Image Modified

     
  5. Uncheck the Permanently store this exception check-box and click Confirm Security ExceptionThe Login window appears as shown below

    :

    Caption
    0Figure
    1Login

  6. Enter your Username

    and

     and Password. Your

    Username

    username and

    the Password

    password will be supplied along with

    the

    the 

    Spacevars
    0product

    installation

     installation package. Once you have successfully logged

    in to

    into the SBC,

    you

    your temporary password expires and you are prompted to change your password.

Info
titleNote

This change password screen appears only for the first

log on

login of the new user.

Caption
0Figure
1Change Password

Image Modified


Ensure your new password meets the following criteria

are met to successfully change the password

:

      • Minimum length of characters is 8.
      • Minimum number of upper case characters is 1.
      • Minimum number of lower case characters is 1.
      • Minimum number of numeric digits is 1.
      • Minimum number of special characters is 1.
      • Maximum number of consecutive repeating characters is 3.
      • Minimum number of differences compared to the old password is 4.
      • Do not repeat any of the last 4 passwords.

7. Once

the

your password is successfully changed, enter

the Username

your username and

the new Password and

new password on the Login screen and click Log In.

Incorrect Username-Password Combination

If you enter incorrect Username-Password combination, the following error message is displayed: Caption0Figure

1EMA Incorrect Login Credentials

Image Removed

 

Information in the Login Window

The Login window displays the following:

  • Username
  • Password

The following table describes the login window components.

Caption
0Table
1Login Window Components

Attributes

Description

Username

Name of the user logging into the application.

Password

Password associated with the user who is logging in.

Info
titleNote
  • You can also change the password in EMA without logging in to the application. The option to change password is available on the SBC Application login screen.
  • The Username and Password is Your username and password are same as that for the CLI.

 

Messages After Successful Login

After you log on to the EMA, you may get one of the following messages:

  • If you enter the correct login credentials:

    Caption
    0Figure
    1Successful EMA Login

    Image Removed

    Last Login Information 

     When

    If you make mistake, or someone had tried to unsuccessfully log on using your username but gave the wrong password:

    AnchorLogin Message - Previous Unsuccessful AttemptsLogin Message - Previous Unsuccessful Attempts
    Caption
    0Figure
    1EMA Login Message - Previous Unsuccessful Message

    Image Removed

    Last Login Display Date

    The last login date of the user is displayed during the login time. When a user logs into either the CLI /or EMA, his/her information on the last successful and failed login date and the IP address attempts is displayed. The user evaluates this information to check illegal activities in the account.The information which are displayed at logininformation shown includes:

    1. Last successful login date and time.
    2. Last successful login IP address.
    3. Last unsuccessful login date and time.
    4. Last unsuccessful login IP address.
    5. Number of failed attempts after successful login.

       

    Info
    titleNote

    Items 3, 4 and 5 display only when the last successful login date is older than the last unsuccessful login date. See the figure Login Message - Previous Unsuccessful Attempts. 

    Info
    titleNote

    The Last Login Information also displays for a new user for the first login. The new user is first authenticated and then allowed to change the system-generated password. 

     

    Configuring a Banner in the Login Screen

    1. On the main screen, navigate to Admin > Application Management. Click Banner chiclet on the left hand side of the page to display the Configure Login Banner window.
    2. Enable Show Login Banner option. You can request the user to acknowledge the Banner by enabling the Require User to Acknowledge Banner before Logging in option and also, you can request the user to acknowledge every time they login or only during the first login.
    3. Add your banner text in the text box next to Banner Text option to display your Banner content.
    4. Click Save to save your edits.

    Logging Out of EMA

    To log out of the EMA:

    Hover the mouse pointer over <your_username> on the menu bar. and click Log Out.

    Caption
    0Figure
    1Log Out

    Image Modified

  • Confirm logging out by clicking Yes on the dialog-box.

    Caption
    0Figure
    1Log Out Confirmation

    Image Removed

  • Security Enhancement to Allow Only One Concurrent EMA Session

    Info

    This security enhancement is available beginning with SBC Core version 06.02.00R000.

    This enhancement enables the EMA application (including EMA in platform mode) to disable concurrent user login sessions. Once a new session is established, any existing session is terminated immediately. When an EMA user attempts to log onin, the system validates checks for any open sessions with the same username. If any existing user session is identified, the that user is immediately logged out from the application and allows the new user to log on in to the system.

    Info
    titleNote

    This feature is applicable to all EMA users (local users, radius users, PKI Certificate certificate-based users, and CAC users). 

    Caption
    0Figure
    1EMA User Logged Out Automatically
    Image Removed

    Pagebreak