Specify the type of authentication keys used on the device; for example, SHA or MD5, as part of the device discovery. See “To commission a device for NFM-P management” in the NSP NFM-P User Guide for more information.

Create a MAF for each device; see How do I configure a MAF? .

Create filter policies for device CPM modules; see How do I configure a CPM filter? .

Create NE DoS protection policies, as required to control the amount of subscriber-based control-plane traffic that the NE interfaces receive; see How do I configure an NE DoS protection policy? .

View NE DoS protection violations, as required; see How do I view NE DoS protection violations? .

Create NE DDoS protection policies, as required to isolate protocols from each other and isolate subscribers so that attacks or misconfigurations affect only the source SAP or protocol; see How do I configure an NE DDoS protection policy? .

Configure NE TLS authentication for client NEs, as required; see How do I configure NE TLS client authentication?.

Configure NE TLS Authentication for servers, as required; see How do I configure NE TLS server authentication?.

Create site user profiles based on job classifications and the access needed to the managed devices; see How do I configure a site user profile? .

Create individual site user accounts based on the configured profiles; see How do I configure a user account on a managed device? .

Specify password policies for access to managed devices and users; see How do I configure an NE password policy? .

Create RADIUS, TACACS+, or LDAP access or security policies for user authentication on the managed device; see How do I configure an LDAP site authentication policy?, How do I configure an NE RADIUS authentication policy?, , How do I configure an NE TACACS+ authentication policy? , or How do I configure an OmniSwitch RADIUS, TACACS+, or LDAP security authentication policy? .

View or configure the system security settings on managed NEs; see How do I configure device system security settings? .

As required, configure X.509 authentication or a PKI certificate authority profile; see How do I configure and manage PKI site security on an NE? or How do I configure a PKI certificate authority profile? .

Configure a PKI Enrolment over Secure Transport profile; see How do I configure an Enrollment over Secure Transport profile?.

Perform PKI CMPv2 actions, as required, to obtain or assign keys from a CA; see How do I perform CMPv2 actions? .

Perform the following NE system security tasks, as required:

1. Delete security policies; see How do I delete a security policy? .

2. Unlock user accounts that are locked due to failed login attempts; see How do I manually unlock a user account? .

3. Clear the password history for a user on a managed object; see How do I clear the password history of a user on a managed device? .

4. Perform CPMv2 certificate administration actions; see How do I perform CMPv2 actions? .

5. Clear collected statistics information on a CPM filter; see How do I clear collected statistics on a CPM filter? .

6. Clear OCSP cache entries on an NE; see How do I manage OCSP cache entries on an NE? .