Asset Recovery and Reset Hardware in NSM Overview
If the root device administrator password is lost, the device administrator can restore access in one of two ways as described in Table 1.
Table 1: Asset Recovery and Reset Hardware
Restore Access Methods
Using Asset Recovery
Using a console connection, the device administrator uses the unset all command to clear all existing configuration settings and return the device to factory defaults (for details, see the “Administration” volume in the Concepts & Examples ScreenOS Reference Guide). Device recovery is enabled by default. To disable it, clear the Enable Asset Recovery check box in the CLI Management configuration screen.
Note: A security device in FIPS mode automatically disables asset recovery.
The device administrator performs a manual operation on the physical device hardware to return the device to factory defaults (for details, see the “Administration” volume in the Concepts & Examples ScreenOS Reference Guide). Reset Hardware is enabled by default. To disable it, clear the Enable Reset Hardware check box in the CLI Management configuration screen.
All configuration settings stored on the managed device are lost during an asset recovery or hardware reset. After restoring access to the device, the device administrator should perform the following tasks to enable the device to reconnect to NSM:
Configure the interface that connects to the management system.
Send the new root device administrator username and password to the NSM administrator, who should update the existing root username and password for the device in the modeled configuration.
All passwords handled by NSM are case-sensitive.
Enable the NSM agent on the managed device.
After the device has reconnected to the management system, you (the NSM administrator) can update the device with the modeled configuration.