Configuring Administration Settings : Configuring Security Settings : Configuring SCC Security
  
Configuring SCC Security
You can configure SCC Security Settings in the SCC Security page.
The SCC security feature enables strict key verification to prevent rogue appliances from accessing the network with a forged IP address (also known as spoofing). Riverbed strongly recommends enabling this feature if appliance configurations contain sensitive data.
To set SCC security
1. Choose Administration > Security: SCC Security to display the SCC Security page.
Figure: Setting SCC Security
2. Under Web Auto Sign On, complete the configuration as described in this table.
Control
Description
Never
Select to require the current user to log in when the SCC opens.
When logged in as admin
Select to log in as the admin user for the appliance when the SCC opens.
Note: The registered user must have administrative privileges.
When logged in as the appliance registered user
Select to log in when the SCC opens using the same name as the registered user to log in to the SCC.
For this option to function properly, the SCC login must match the registered user login for the system.
3. Under Appliance Connection, complete the configuration as described in this table.
Control
Description
 
These settings control the log in information used when the SCC for an individual appliance is accessed directly from the Dashboard of the SCC. These settings control how the URLs are generated for the appliances shown on the Dashboard.
Always use http
Select to always generate the appliance URL using the HTTP protocol.
Always use https
Select to always generate the appliance URL using the HTTPS protocol.
Use https if enabled, otherwise http
Select to generate the appliance URL automatically based on whether the appliance is SSL-enabled (HTTPS) or not (HTTP).
Use the Fully-Qualified Domain Name provided by the appliance
Select to use the fully-qualified domain name provided by the appliance. This is the default setting.
If the FQDN is not obtainable, the registered address will be used.
Note: The SCC resolves the FQDN to an IP.
Use the IP Address/Hostname registered with the SCC
Select to use the IP Address/Hostname registered with the SCC.
4. Under Common Administration Login, complete the configuration as described in this table.
Control
Description
Use Common Appliance Credentials
Displays the controls for the common administration login. When enabled, the Common Appliance Username/Password is used for all appliance connections. The appliance-specific username/password is ignored
User Name
Enter the username.
Password
Enter the password.
Confirm Password
Confirm the password.
5. Optionally, under SSL, select Strict Key Verification to prevent the SCC from inadvertently connecting with rogue appliances. If you select this option, the SCC does not connect with appliances whose correct SSH public keys are not known by the SCC.
The SCC requires you to enter the appliance SSH public key before allowing communication. The existing appliances whose SSH public keys are not trusted are disconnected when strict key verification is enabled. For details, see Trusting Appliances Using Security Keys.
6. Click Apply to apply the changes to the running configuration.
7. Click Save to Disk to save the settings permanently.