Asset Recovery and Reset Hardware in NSM Overview

If the root device administrator password is lost, the device administrator can restore access in one of two ways as described in Table 32.

Table 32: Asset Recovery and Reset Hardware

Restore Access Methods

Description

Using Asset Recovery

Using a console connection, the device administrator uses the unset all command to clear all existing configuration settings and return the device to factory defaults (for details, see the “Administration” volume in the Concepts & Examples ScreenOS Reference Guide). Device recovery is enabled by default. To disable it, clear the Enable Asset Recovery check box in the CLI Management configuration screen.

Note: A security device in FIPS mode automatically disables asset recovery.

Reset Hardware

The device administrator performs a manual operation on the physical device hardware to return the device to factory defaults (for details, see the “Administration” volume in the Concepts & Examples ScreenOS Reference Guide). Reset Hardware is enabled by default. To disable it, clear the Enable Reset Hardware check box in the CLI Management configuration screen.

All configuration settings stored on the managed device are lost during an asset recovery or hardware reset. After restoring access to the device, the device administrator should perform the following tasks to enable the device to reconnect to NSM:

  1. Configure the interface that connects to the management system.
  2. Send the new root device administrator username and password to the NSM administrator, who should update the existing root username and password for the device in the modeled configuration.

    Note: All passwords handled by NSM are case-sensitive.

  3. Enable the NSM agent on the managed device.

After the device has reconnected to the management system, you (the NSM administrator) can update the device with the modeled configuration.

Related Documentation