Abubuwan da ke ciki boye
1 CISCO ASR 920 Series Secure Development Lifecycle Sake saitin Factory
2 Abubuwan da ake buƙata don Yin Sake saitin Factory
3 Iyaka don Yin Sake saitin masana'anta
4 Zaɓuɓɓukan umarni na Sake saitin masana'anta
5 Share Mai amfani Files daga Bootflash akan Sake saitin Factory
6 Takardu / Albarkatu
6.1 Magana

CISCO-logo

CISCO ASR 920 Series Secure Development Lifecycle Sake saitin Factory

CISCO-ASR-920-Series-Tabbataccen-Haɓaka-Masana'antar-Sake saitin-samfurin-Rayuwa

Tebur 1: Tarihin Siffar

Sunan Siffar Bayanin Saki Bayani
Cisco Secure Development Lifecycle-Sake saitin masana'anta Cisco IOS XE Bengaluru 17.6.1 Wannan fasalin yana cire duk abubuwan

bayanan mai amfani da aka adana akan na'urar daga lokacin jigilar kaya. Bayanan da aka goge sun haɗa da

daidaitawa, log files, masu canji na taya, ainihin files, da kuma takaddun shaida kamar maɓallan masu alaƙa da FIPS. Cisco Secure Development Lifecycle (CSDL) tsari ne mai maimaitawa kuma mai iya aunawa wanda aka ƙera don ƙara ƙarfin samfur na Cisco da amincin.

An gabatar da sabbin umarni masu zuwa:

•  factory-sake saitin duk

•  factory-sake saitin

kiyaye-lasisi-bayanai

•  masana'anta-sake saita duk amintattun 3-pass

An fara da Cisco IOS XE Release 17.6.1, Cisco Secure Development Lifecycle (CSDL) - Factory Sake saitin yana cire waɗannan takamaiman bayanan abokin ciniki waɗanda aka adana akan na'urar tun lokacin jigilar sa:

  • Tsarin tsari
  • Shiga files
  • Masu canji na taya
  • Core files
  • Takaddun shaida kamar maɓallan masu alaƙa da FIPS

Tebur mai zuwa yana ba da cikakkun bayanai game da bayanan da aka goge da kuma kiyayewa yayin aikin Sake saitin masana'anta:
Tebur 2: Goge bayanai da Riƙewa yayin Sake saitin masana'anta

Goge bayanai Ajiye bayanai
Duk hotunan Cisco IOS

Lura          Tsarin sake saitin masana'anta yana ɗaukar maajiyar hoton taya idan tsarin ya tashi daga hoton da aka adana a gida (bootflash).

 Bayanai daga raka'a masu maye gurbin filin nesa (FRUs)
Crash bayanai da rajistan ayyukan Darajar rijistar daidaitawa
Bayanan mai amfani, da farawa da tsarin aiki Abubuwan da ke cikin USB
Takaddun shaida kamar maɓallan masu alaƙa da FIPS Takaddun shaida kamar Secure Unique Na'urar Identifier (SUDI) takaddun shaida, maɓallan maɓallin jama'a (PKI)
Akan Failure Logging (OBFL) rajistan ayyukan -
ROMMON mai amfani ya ƙara masu canji -
Lasisi -

Lura Bayan sake saitin masana'anta, na'urar zata dawo zuwa ga tsohon lasisin ta.

Sake saitin masana'anta amintacce yana share duk ma'ajin jiki don shigar da tsaftataccen yanayi da kare bayanai masu mahimmanci. Ana share waɗannan bayanan a matsayin wani ɓangare na sake saitin masana'anta:

  • Duk abin rubutu file tsarin da bayanan sirri
  • Rahoton da aka ƙayyade na OBFL
  • Bayanan mai amfani da saitin farawa
  • ROMMON masu canji
  • Shaidar mai amfani
  • Bayanin lasisi

Ana amfani da tsarin Sake saitin masana'anta a cikin yanayi biyu masu zuwa:

  • Koma Izinin Abu (RMA) don na'ura-Idan dole ne ka dawo da na'ura zuwa Cisco don RMA, cire duk takamaiman bayanan abokin ciniki kafin samun takardar shedar RMA na na'urar.
  • Maido da na'urar da aka lalata - Idan maɓalli ko takaddun shaidar da aka adana akan na'urar sun lalace, sake saita na'urar zuwa tsarin masana'anta, sannan sake saita na'urar.

Na'urar tana sake lodawa don sake saitin masana'anta wanda ke haifar da na'ura mai ba da hanya tsakanin hanyoyin sadarwa ta shiga yanayin ROMMON. Bayan sake saitin masana'anta, na'urar tana share duk wani canjin yanayi da suka haɗa da MAC_ADDRESS da IP_ADDRESS, waɗanda ake buƙata don ganowa da loda software. Yi sake saiti a yanayin ROMMON don saita masu canjin yanayi ta atomatik. Bayan sake saitin tsarin a yanayin ROMMON ya cika, zaku iya ƙara hoton Cisco IOS ta hanyar USB ko TFTP.

  • Abubuwan da ake buƙata don Yin Sake saitin masana'anta, a shafi na 3
  • Iyaka don Yin Sake saitin masana'anta, a shafi na 3
  • Zaɓuɓɓukan umarni na Sake saitin masana'anta, a shafi na 3
  • Share Mai amfani Files daga Bootflash akan Sake saitin Factory,

Abubuwan da ake buƙata don Yin Sake saitin Factory

  • Tabbatar cewa duk hotunan software, daidaitawa, da bayanan sirri suna samun tallafi kafin yin aikin sake saitin masana'anta.
  • Tabbatar cewa na'urar ba ta cikin yanayin tarawa kamar yadda ake samun goyan bayan sake saitin masana'anta a cikin keɓewa kawai. Don chassis na zamani a cikin babban yanayin samuwa, ana amfani da sake saitin masana'anta kowane mai kulawa.
  • Tabbatar cewa akwai wutar lantarki mara yankewa lokacin da aikin ke gudana.
  • Tabbatar cewa kun ɗauki madadin hoton na yanzu kafin ku fara aikin sake saitin masana'anta.
  • Tabbatar cewa babu In-Service Software Upgrade (ISSU) ko In-Service Software Downgrade (ISSD) da ke ci gaba kafin fara aikin sake saitin masana'anta.

Tsanaki: Cire rajistan ayyukan OBFL na iya hamper gazawar bincike bayan RMA. Yi taka tsantsan kafin share log ɗin files.

Iyaka don Yin Sake saitin masana'anta

  • Faci na software, idan an shigar da na'urar, ba za a dawo da su ba bayan aikin sake saitin masana'anta.
  • Idan an ba da umarnin sake saitin masana'anta ta wurin zama sosai, ba a dawo da zaman ba bayan kammala aikin sake saitin masana'anta.

Zaɓuɓɓukan umarni na Sake saitin masana'anta

  • Goge Duk Bayanai:
  • Don share duk bayanai:
  • Router> kunna
  • Na'ura mai ba da hanya tsakanin hanyoyin sadarwa # masana'anta-sake saita duk
  • Sake saitin masana'anta duk umarnin yana goge bayanai masu zuwa:
  • Duk abin rubutu file tsarin da bayanan sirri
  • Rahoton da aka ƙayyade na OBFL
  • Bayanan mai amfani da saitin farawa
  • ROMMON masu canji
  • Shaidar mai amfani
  • Bayanin lasisi

Goge Duk Bayanai Banda Bayanin Lasisi

  • Don share duk bayanai ban da bayanin lasisi:
  • Router> kunna
  • Na'ura mai ba da hanya tsakanin hanyoyin sadarwa#ma'aikata-sake saitin kiyaye-lasisi-info
  • Sake saitin masana'anta umarnin kiyaye-lasisi-info yana goge bayanai masu zuwa:
  • Duk abin rubutu file tsarin da bayanan sirri
  • Rahoton da aka ƙayyade na OBFL
  • Bayanan mai amfani da saitin farawa
  • ROMMON masu canji
  • Shaidar mai amfani

Goge Duk Bayanai Ta Amfani da DoD 5220.22-M Ma'aunin Shafawa:

  • Don share duk bayanai ta amfani da Jagoran Ayyukan Tsaro na Masana'antu na Ƙasa (DoD 5220.22-M)
  • Daidaitaccen Shafa:
  • Router> kunna
  • Na'ura mai ba da hanya tsakanin hanyoyin sadarwa#ma'aikata-sake saita duk amintattun 3-pass
  • Bayani na 5220.22-M

Yi amfani da zaɓuɓɓuka masu zuwa don HA da na'urori masu zaman kansu

  • Duk wani zaɓi na sake saitin masana'anta tare da image.bin yana nan a cikin babban fayil ɗin boot flash.
  • Ga kowane zaɓin sake saitin masana'anta tare da boot ɗin tushen packs.conf, idan fakiti. conf yana cikin kowace hanyar babban fayil a ƙarƙashin bootflash, packs.conf da fakitin ana kwafin su zuwa tushen tushen bootflash bayan sake saita masana'anta.
  • Bincika shari'o'in zubar da cikin gaggawa a matsayin "Duba don saurin tabbatarwa." Umarnin sake saitin masana'anta bai kamata ya ci gaba ba lokacin da aka soke shi kafin tabbatarwa ta ƙarshe. Lokacin da na'ura mai ba da hanya tsakanin hanyoyin sadarwa ba zai iya isa ba, dole ne saƙo ya bayyana cewa sake saitin masana'anta za a yi kawai akan na'ura mai ba da hanya tsakanin hanyoyin sadarwa.

Lura

  • Idan ka kunna hoton daga ma'ajiyar gida, hoton (.bin ko packs.conf/packages) ana kiyaye shi bayan sake saitin masana'anta.
  • Idan ka kunna hoton daga uwar garken TFTP, ba a kwafin hoton da aka yi bootflash zuwa bootflash.
  • Ƙimar rajistar saitin sai kawai ake riƙe. An share duk sauran masu canjin ROMMON.

Share Mai amfani Files daga Bootflash akan Sake saitin Factory

Tebur 3: Tarihin Siffar

Sunan Siffar Bayanin Saki Bayani
Share Mai amfani Files daga Bootflash akan Sake saitin Factory tare da "Babu Sabis ɗin Farko na Sabis" An Kunna Kanfigareshan Cisco IOS XE Cupertino 17.9.1 Wannan fasalin yana ba da ƙarin tsaro ta hanyar cire duk mai amfani files daga bootflash yayin sake saitin masana'anta. Yana hana mugayen masu amfani samun damar daidaitawa files waɗanda aka adana a cikin bootflash akan jerin hanyoyin ASR 920.
Ana tallafawa wannan fasalin akan Cisco ASR 920-10SZ-PD, Cisco ASR-920-12CZ-A/D, Cisco ASR-920-4SZ-A/D, Cisco

ASR-920-12SZ-IM

ASR-920U-12SZ-IM, Cisco ASR-920-24SZ-IM, Cisco

ASR-920-24SZ-M, da kuma Cisco ASR-920-24TZ-M magudanar ruwa.

An fara da Cisco IOS XE Cupertino 17.9.1, wannan fasalin yana cire duk mai amfani files daga bootflash yayin sake saitin masana'anta da ke da alaƙa da "babu dawo da kalmar wucewa ta sabis" akan jerin hanyoyin ASR 920. Ana goyan bayan wannan fasalin a sigar ROMMON 15.6(53r)S gaba. Tabbatar cewa kun haɓaka zuwa sigar sakin Sisiko IOS XE 17.9.1 Cupertino don samun haɓaka ta atomatik zuwa wannan takamaiman sigar ROMMON. Yayin tsarin dawo da tsarin dawo da kalmar sirri mara sabis, lokacin da kuke ƙoƙarin yin taya tare da saitunan tsoho (Latsa CTRL + C da “e”), wannan fasalin yana taimakawa wajen cire mai amfani. files daga bootflash tare da saitin farawa. Yana hana mugayen masu amfani samun damar daidaitawa files da aka adana a cikin bootflash. Duk tsarin da ake buƙata files da hotunan software ana kiyaye su a cikin bootflash yayin aikin shafewa.

Takardu / Albarkatu

CISCO ASR 920 Series Secure Development Lifecycle Sake saitin Factory [pdf] Jagorar mai amfani
ASR 920 Series Secure Development Lifecycle Factory Sake saitin, ASR 920 Series, Secure Development Lifecycle Sake saitin Factory, Ci gaba Lifecycle Factory Sake saitin, Lifecycle Factory Sake saitin, Factory Sake saitin, Sake saitin

Magana

Bar sharhi

Ba za a buga adireshin imel ɗin ku ba. Ana yiwa filayen da ake buƙata alama *