ProxySG设备维护手册

网络机房服务器及网络安全设备安装维护手册1. 介绍1.1 机房服务器和网络安全设备概述本手册旨在提供有关网络机房服务器和网络安全设备的安装、配置和维护的指导。

这些设备对于网络基础设施的性能和安全至关重要。

1.2 目标受众本手册的目标受众包括机房管理员、网络管理员和技术支持人员。

它旨在帮助他们正确地安装、配置和维护这些关键设备，以确保网络的可用性、性能和安全性。

2. 安全须知2.1 电源和电压要求电源要求：确保服务器和网络安全设备的电源满足设备制造商的要求，以避免电源故障导致的损害。

2.2 安全注意事项安全是首要任务。

在安装和维护过程中，始终遵循以下安全注意事项：使用防静电设备，避免静电放电对设备的损害。

在工作时，注意设备的重量和尺寸，以避免受伤。

关闭电源并断开电源线，确保电器设备处于断电状态，然后才进行维护。

2.3 防静电措施防止静电放电：使用防静电手环或防静电地板。

将设备存放在防静电袋中。

3. 安装前准备3.1 机房选址和环境要求选择机房位置：确保机房位置干燥、通风良好，远离水源和潮湿环境。

提供足够的空间，以容纳服务器机架和网络安全设备。

电源和冷却要求：安排稳定的电源供应，使用UPS备电源系统以应对突发停电。

实施有效的空调和温度控制措施，以维持适宜的工作温度。

3.2 电源和冷却系统准备安装UPS系统，确保设备在电源故障时有足够的时间来完成安全关机。

确保空调系统运行正常，维持机房内的稳定温度和湿度。

3.3 数据线和网络连接准备确保提供足够的数据线和网络电缆，以连接服务器和网络安全设备到网络。

4. 服务器安装4.1 机架或机柜准备安装服务器机架或机柜，确保它们坚固、稳定，并正确安装在机房中。

4.2 服务器固定和安装使用合适的工具，将服务器正确安装到机架或机柜中，确保固定稳固。

4.3 电源和数据线连接将服务器的电源线插入电源插座，确保连接牢固。

使用适当的数据线连接服务器到网络设备和交换机。

4.4 服务器开机和基本配置启动服务器并按照制造商的说明进行基本配置，包括设置IP地址、子网掩码、网关等。

Maintenance•Reset Device,page1•Reset Options and Load Upgrades,page2•Remote Lock,page3•Remote Wipe,page3•Boot Alternate Image for Cisco DX70,page4•Boot Alternate Image for Cisco DX80,page4•Boot Alternate Image for Cisco DX650,page5•Data Migration,page5•Debugging Log Profiles,page5•User Support,page6Reset DeviceA device reset provides a way to reset or restore various configuration and security settings or provides a wayto recover the device if the device encounters an error.The following procedure describes the types of resets that you can perform.All three reset methods cause deletion of all user data and reset all settings from the device.NoteThe following occurs on a device when you perform a reset:•User configuration settings-Reset to default values.•Network configuration settings-Reset to default values.•Call histories-Get erased.•Locale information-Reset to default values.•Security settings-Reset to default values;this includes deletion of the CTL file and change of the802.1xDevice Authentication parameter to Disabled.Do not power down the device until it completes the factory reset process.Note ProcedureYou can reset the device with any of these operations.Choose the operation that is appropriate for your situation.•Method 1:Cisco Unified Communications Manager Administrator Web GUI1From the Product Specific Configuration Layout area of the device configuration window,enableWipe Device .2Issue an Apply Config,Restart,or Reset command from the Admin GUI to push the wipe to thedevice.•Method 2:Settings application1In the Settings application,choose Backup &reset >Factory data reset .If a PIN or Password is configured on the device,it will need to be entered before the resetcan proceed.Note •Method 3:Key-press sequencesThis method should be used if the device is secured with a PIN or Password lock and the PIN/password has been lost.Follow these steps to reset a Cisco DX70on boot up:1Power on the device and wait for the Mute LED to blink.2Press and hold the Volume Up button until the Mute button is lit red.3Release the Volume Up button,then press and hold the Mute button for 3seconds.Follow these steps to reset a Cisco DX80on boot up:1Press and hold the Volume Up button and power on the device.2Release the Volume Up button when the Mute button is lit red,then press the Mute button.Follow these steps to reset a Cisco DX650on boot up:1Press and hold the #key and power on the device.2When the Message Waiting Indicator (MWI)flashes red once then stays lit,release the #key.Reset Options and Load UpgradesCisco DX Series devices receive configuration changes and load upgrades from Cisco Unified Communications Manager.The following protocol describes how the device handles change requests:•Reset waits for active call to end.MaintenanceReset Options and Load Upgrades•If the device screen is on,user receives a popup dialog box that notifies the user about the changes and the need for restart.The dialog box provides the following options:◦Restart:Dismisses the popup dialog box and restarts the device (default action).◦Snooze:Dismisses the popup dialog box for an hour.The user can set the device to snooze for amaximum of 24hours,after which the device willrestart.The popup dialog box has a countdown timer of 60seconds.The default action beginsif the user does not act.After the user sets the device to snooze,the user has the option to manually reset thedevice at any time from the notifications list.Note ◦If the device screen is off,active audio keeps the request waiting.Remote LockThis feature allows you to lock a device from the Device Configuration window in Cisco UnifiedCommunications Manager.When the device receives a remote lock request,the device immediately terminates any active calls,and the device locks.If the device is not registered with the system at the time of the request,the device is locked the next time that it registers to thesystem.After you issue a remote lock request,the request cannot be canceled.Note Remote Lock Device ProcedureStep 1In the Phone Configuration window for the device,click Lock .Step 2Click Lock to accept the Lock confirmation message.You can view the Lock status in the Device Lock/Wipe Status section of the Phone Configuration window for the device.Remote WipeThis feature allows you to erase the data on a device from the Device Configuration window in Cisco Unified Communications Manager.MaintenanceRemote LockWhen the device receives a remote wipe request,the device immediately terminates any active calls and erases the device data.If the device is not registered with the system at the time of the request,the data is erased the next time that the device registers to thesystem.After you issue a remote wipe request,the request cannot be canceled.Note Remote Wipe Device ProcedureStep 1In the Phone Configuration window for the device,click Wipe .Step 2Click Wipe to accept the Wipe confirmation message.You can view the Wipe status in the Device Lock/Wipe Status section of the Phone Configuration window for the device.Boot Alternate Image for Cisco DX70ProcedureStep 1Power on the device and wait for the Mute LED to blink.Step 2Press and hold the Volume Down button until the Mute button is lit red.Step 3Release the Volume Down button,then press and hold the Mute button for 3seconds.Boot Alternate Image for Cisco DX80ProcedureStep 1Press and hold the Volume Down button and power on the device.Step 2Release the Volume Down button when the Mute button is lit red,then press the Mute button.MaintenanceRemote Wipe DeviceBoot Alternate Image for Cisco DX650ProcedureStep 1Disconnect the power to turn the device off.Step 2Press and hold the *key,then connect the power supply.Step 3Keep the *key held until the message LED becomes solid.Step 4When the message LED flashes 3times,release the *key.The device uses the alternate image to boot.Data MigrationThe data migration feature ensures that a factory reset is not required when data incompatibility exists after a firmwareupgrade.Data may still be lost upon downgrade to an earlier release of firmware.If you upgrade to a newer firmwarerelease,you may not be able to revert to an earlier release without losing data.Note If you downgrade to earlier firmware and the device is not able to migrate data,you receive an alarm.Instruct the user to back up the user data or perform a remote wipe of the device.When the device registers to Cisco Unified Communications Manager,the device detects prior factory resets,overrides migration,downgrades,and reboots.When the device reboots,it loads the downgraded firmware.Debugging Log ProfilesYou can turn on debugging log profiles remotely for a device or group of devices.Set Debugging Log Profile for Call Processing ProcedureStep 1Go to the Product Specific Configuration Layout area of the individual device configuration window or Common Phone Profile window.Step 2Check Log Profile ,and choose Telephony.Step 3Save your changes.Step 4The user is notified that debug logging is enabled in the notification area.The user can expand the messagefor more information,but cannot dismiss the notification.MaintenanceBoot Alternate Image for Cisco DX650Reset Debugging Log Profile to Default ProcedureStep 1Go to the Product Specific Configuration Layout area of the individual device configuration window or Common Phone Profile window.Step 2Check Log Profile ,and select Default to reset all debugs to the default values.This includes debugs that have been set manually from Android Debug Bridge.Step 3Save and apply your changes.Step 4Choose Preset to keep the current debug levels.Step 5Save your changes.User SupportTo successfully use some of the features on their devices,users must receive information from you or from your network team or be able to contact you for assistance.Make sure to provide end users with the names of people to contact for assistance and with instructions for contacting those people.Cisco recommends that you create a web page on your internal support site that provides users with important information about their device.Problem Report ToolUsers submit problem reports to you with the Problem ReportTool.The Problem Report Tool logs are required by Cisco TAC when troubleshooting problems.Note To issue a problem report,users access the Problem Report Tool and provide the date and time that the problem occurred,and a description of the problem.You must add a server address to the Customer Support Upload URL field on Cisco Unified Communications Manager.If you are deploying devices with Mobile and Remote Access through Expressway,you must also add the PRT server address to the HTTP Server Allow list on the Expressway server.Configure Customer Support Upload URLYou must use a server with an upload script to receive PRT files.The PRT uses an HTTP POST mechanism,with the following parameters included in the upload (utilizing multipart MIME encoding):MaintenanceReset Debugging Log Profile to DefaultMaintenanceProblem Report Tool•devicename(example:“SEP001122334455”)•serialno(example:“FCH12345ABC”)•username(the username configured in CUCM,the device owner)•prt_file(example:“probrep-20141021-162840.tar.gz”)A sample script is shown below.This script is provided for reference only.Cisco does not provide supportfor the upload script installed on a customer's server.<?php//NOTE:you may need to edit your php.ini file to allow larger//size file uploads to work.//Modify the setting for upload_max_filesize//I used:upload_max_filesize=20M//Retrieve the name of the uploaded file$filename=basename($_FILES['prt_file']['name']);//Get rid of quotes around the device name,serial number and username if they exist$devicename=$_POST['devicename'];$devicename=trim($devicename,"'\"");$serialno=$_POST['serialno'];$serialno=trim($serialno,"'\"");$username=$_POST['username'];$username=trim($username,"'\"");//where to put the file$fullfilename="/var/prtuploads/".$filename;//If the file upload is unsuccessful,return a500error and//inform the user to try againif(!move_uploaded_file($_FILES['prt_file']['tmp_name'],$fullfilename)){header("HTTP/1.0500Internal Server Error");die("Error:You must select a file to upload.");}>ProcedureStep 1Set up a server that can run your PRT upload script.Step 2Write a script that can handle the parameters listed above,or edit the provided sample script to suit your needs.Step 3Upload your script to your server.Step 4In Cisco Unified Communications Manager,go to the Product Specific Configuration Layout area of the individual device configuration window,Common Phone Profile window,or Enterprise Phone Configurationwindow.Step 5Check Customer support upload URL and enter your upload server URL.Example:/prtscript.phpStep 6Save your changes.Maintenance Take Screenshot From Web BrowserTake Screenshot From Web BrowserProcedureUse your browser to go to this URL:http://<Endpoint IP Address>/CGI/ScreenshotYou receive a prompt that asks for e the associated user ID name and password. Take Screenshot From DeviceProcedurePress the Vol Down button and Power/Lock button for three seconds.Application SupportEvaluate whether the issue is a device issue or a problem with the application.If the problem is applicationrelated,contact the application support center directly.。

GSM网络操作维护指导书一、例行工作（一）、计费1、例行做计费（1）打开DAIL Y WORK中的CHARGING FOR ALL NES（2）半个小时后看结果，如有THE DISK IS FULL则要换盘。

（3）在维护系统上记录盘号和计费文件，电话通知巡检换盘。

（4）确认盘号正确并格式化。

INMCT：SPG=1；INVOL：IO=OD-1，NODE=A；INVOE：IO=OD-1，NODE=A；INMEI：IO=OD-1，NODE=A，VOL=DGA01X0819；（格式化）END；2、手工做计费（1）挂卷INMCT：SPG=1；INVOL：IO=OD-1，ODE=A；（看卷标）END；（2）COPY到光盘INFMT：SPG=1，DEST=CHARGING，VOL=DGA01X0819；（3）看做了多少文件INFSP：FILE=TTFILE0X，DEST=CHARGING；看硬盘上的文件有否DUMP到光盘INMCT：SPG=1；INVOL：IO=OD-1，NODE=A；INFIP：FILE=OD1A1；看光盘上的文件END；3、常见的问题（1）几种常见得FCFC72：说明未上卷就INFMTFC73：文件识别错，查OD和HD的计费文件，看两边号数对不对FC27：有IOG告警，要先处理IOG问题（2）改卷标名及光盘中的文件名INMCT：SPG=1；INVOL：IO=OD-1，NODE=A；INVOC：VOL1=old，VOL2=new；改卷标INFIC：FILE1=old，FILE2=new；改文件名END；（3）看计费文件是哪天做的INFSP：FILE=TTFILE0X-XXXX，DEST=GSMLINK；4、若立信计费失败，要人工传送（1）看当前做到哪个文件IOIFP：FILE=TTFILE0X；（2）看已发何未发送的子文件序号INFSP：FIEL=TTFILE0X，DEST=GSMLINK；（3）人工传送INFTI：FILE=TTFILE0X-XXXX，DEST=GSMLINK；（4）确认已成功传送INFSP：FILE=TTFILE0X，DEST=GSMLINK；5、若有“COMMON CHARGE OUTPUT ERROR”（计费即将停止），属于重大告警（1）CHODP：FN=ALL；多敲几次，看计费指钟有否停跳，如停则（电话通知室经理和系统管理员）：（2）CHOFP：FN=ALL；看当前开的是哪个FN（一般为00）CHOFI：FN=TT，FILEID=01/02/03；临时打开另一计费文件CHODP：FN=ALL；检查，若还不正常再开另一个。

移动通信基站设备维护手册（一分册）青海盛泰通信网络工程有限公司移动维护中心二O一三年九月基站钥匙管理1?????????概述?????编制背景为更好地做好基站日常维护工作，提高基站维护质量，及时发现和处理基站存在的隐患问题，结合青海移动基站维护的实际情况编写了本手册。

本手册主要针对维护单位基站日常维护巡检编写，力求让每位维护人员根据本手册即可完成基站日常维护巡检工作，随时巡视检查现场，及时发现和排除事故隐患，提高基站维护质量。

?????编制单位青海盛泰通信网络工程有限公司?主要审核人：祁国胜主要起草人：杜常福主编单位：青海盛泰通信网络工程有限公司主要审稿人：祁国胜、杨文忠、赵有元、胡勋。

2?????????基站及配套设备例检维护标准例检周期1.?????对于基站综合维护服务，宏基站每月巡检一次，每月另巡视一次，边际网基站每季度巡检一次，偏远基站按需安排巡检工作。

偏远基站以及其它一些距离维护单位较远、行车不可直达或行车时间较长的基站。

对于室分系统综合维护服务，宏基站每月巡检一次，其它基站每季度巡检一次。

2.?????年检主要是按需安排执行。

巡视要求1.?????巡视基站内各种设备是否正常运行、基站高低压线路、基站卫生、基站内设备及周边环境是否存在安全隐患，主要包括影响机房设施、天线、馈线、屋面立杆、走线架、接地线、机房漏水、机房周边排水，以及铁塔基础周边环境发生施工挖土、打井、挖沟和回填土流失等安全问题。

2.?????负责机房环境安全检查和放置有效的灭火器、挂有进入机房的四十字方针、基站故障处理流程图、灭火流程图及各类警示牌。

3.?????在进行巡视时发现问题，应及时组织检查和排除隐患或故障，同时向移动相关负责人报告。

巡检内容1.????维护人员应严格按要求，完成基站月/季检表中的维护检查测试项目内容，并认真填写维护纪录。

基站综合维护人员必须按计划严格执行日常的例检工作(如确实有特殊原因不能及时完成的，可以前后偏差三天执行，需注明原因)。

中国移动网络设备维护手册 -开关电源-中达电通 （试行）中国移动通信集团网络部1名称 中国移动网络设备维护手册-电源设备-中达电通（试行）编写时间 2011 年 3 月定稿时间 2011 年 7 月版本号 2011-V1总部网络部夏凡超、陈为国、钟亮编写单位 安徽公司 编写人 唐继志福建公司石卫涛审核单位江苏公司、 浙江公司审核人吴维宏、王鹰、颜士军、周平、窦荣启 杨剑宇、胡欢刚、毛松苗、童克波2前言随着中国移动网络规模的不断扩大，几年来纳入代维范围的设备不断增加， 代维工作已经成为网络基础维护工作的重要组成部分。

目前全网 81%的基站、94% 的传输、几乎 100%的集团客户服务支撑工作以及室内分布的维护工作都采用了 代维方式。

代维工作的质量直接决定了中国移动的网络质量，代维工作直接影响 到客户感知和企业形象。

没有规则不成方圆。

制度流程立，则诸事兴，制度流程破，则百事废。

完善 的代维管理制度和流程是做好代维工作的基础。

为此，集团公司组织编制和修订 了中国移动代维管理系列规章。

《中国移动网络设备维护手册-电源设备-中达电 通》由集团公司组织安徽、福建公司编制，共享了设备维护的典型故障案例、例 行维护项目的操作指南、常用板卡的更换要求等。

刘爱力副总裁高度重视代维规范编制工作，要求我们要坚持“问题的提出和 解决方法要从一线中来，形成规范的意见和方法再回到一线中去”的工作方法， 并请省公司主管网络的副总经理对维护手册的完整性、全面性、准确性，以及可 操作性、可执行性进行审核。

从而使规范能够更加切合工作实际，能够有效指导 和服务一线工作。

在此，对参与本手册编写、评审和审核的各位领导和同事表示衷心的感谢！ 特别感谢范秉衡、刘晓宇、吴维宏、杨剑宇等同志对本手册进行了精心编制和认 真审核。

《中国移动网络设备维护手册》的发布，将为提升全网代维管理水平、 确保整体网络质量奠定坚实的基础。

我们已经迈出了坚实的第一步，在后续落实过程中，还需要各省公司坚持“有 章必循、违章必究、务求实效”。

网络设备维护和维修的步骤和注意事项引言如今，互联网已经成为人们生活和工作中不可或缺的一部分。

网络设备的正常运行对于保障网络畅通起着至关重要的作用。

然而，由于各种原因，网络设备可能会出现故障，从而导致网络中断。

因此，网络设备维护和维修具有重要的意义。

本文将讨论网络设备维护和维修的步骤和注意事项，帮助读者提高网络维护和维修的效率。

一、设备维护步骤网络设备的维护工作可以分为准备工作、常规维护和应急处理三个步骤。

1. 准备工作在进行设备维护之前，首先需要做好准备工作。

包括：（1）备份配置文件和数据。

在维护设备之前，应该定期备份设备的配置文件和重要数据，以防止数据丢失。

（2）规划维护时间。

维护设备应该根据需要选择合适的时间段，尽量避免对网络正常使用造成影响。

（3）检查备件和工具。

检查备件和工具的完整性和可用性，确保维护过程中有充足的备件和工具支持。

2. 常规维护常规维护是指定期对设备进行检查和保养的工作，以确保设备的正常运行。

常规维护包括：（1）清洁设备。

使用专业工具和设备，清洁设备的外表和内部部件，保持设备的良好通风和散热能力。

（2）检查设备状态。

通过查看日志信息、运行状态和指示灯等，及时发现设备存在的问题，如过热、降频等。

（3）软件维护升级。

定期检查设备的固件和软件版本，及时升级，以修复漏洞和提升设备性能。

3. 应急处理应急处理是指在设备遇到故障和异常情况时的紧急处置手段。

应急处理包括：（1）设备重启。

对于一些轻微的故障，尝试通过重启设备来解决问题。

（2）故障排查。

使用专业的故障排查工具和方法，根据故障的表现和现象进行逐步排查，并及时修复。

（3）设备替换。

如果故障无法修复，考虑将故障设备进行更换，以恢复网络的正常运行。

二、设备维修注意事项在进行网络设备的维修时，需要注意以下事项，以免造成设备进一步损坏或风险：1. 安全意识设备维修需要遵循安全操作程序，确保不会对自身和他人造成伤害。

维修时，应注意佩戴相应的防护装备，遵循相关安全规范。

中国移动网络设备维护手册-传输线路（2011-V1）中国移动通信集团公司二〇一一年四月目录第一章总则 1 第二章光缆线路日常维护工作内容 1第一节光缆线路维护的主要方法 1 第二节光缆线路障碍点的定位 5 第三节光缆线路障碍点的处理17 第四节光缆线路盯防工作21 第五节光缆线路的维护性修理26 第六节光纤调度原理及方法28 第七节光缆线路割接技术30 第八节光缆线路带业务割接技术33 第九节光缆线路工程竣工测试与验收41第三章光缆线路维护中的安全生产要求63第一节线路勘查与测量安全63 第二节施工现场安全63 第三节施工现场防火65 第四节野外作业安全65 第五节环境保护66第四章编制历史67 第五章附录67第一章总则传输线路维护手册是中国移动通信集团公司代维管理质量规范的重要组成部分。

本手册主要用于中国移动通信集团公司光缆线路代维人员日常维护光缆线路使用，为光缆维护人员日常工作提供工作指南，同时也为日常代维内容管理提供理论依据。

本手册适用于中国移动通信集团一干、省干和本地网的管道、杆路路由及光缆日常维护。

本手册解释权和修改权归属中国移动通信集团公司网络部。

第二章光缆线路日常维护工作内容第一节光缆线路维护的主要方法光缆线路由于敷设方式不同，可分为架空、直埋、管道等几种类型，每种类型都有其不同的特点，其维护工作也同样是不同的。

一、光缆线路维护宣传随着国家经济的发展，基础建设的投入越来越大，开工项目越来越多，由于有些建设施工单位伍在施工中不注意保护光缆线路，加之人为盗窃、恶意破坏等外力事件，已成为光缆线路受损的主要原因，通信阻断的情况日益增多，严重影响了通信网络的正常运行。

特别是人为盗窃、恶意破坏有益日增加的趋势，偷盗破坏手段多种多样，防不胜防，给维护工作造成非常大的压力。

因此在做好日常维护工作外，切实做好护线宣传，提高社会群众的光缆知识，提高群众保护光缆意识，认识保护通信安全畅通的重要性，达到减少光缆故障，确保光缆通信网安全稳定运行的目的。

文件编号：LZYQ-2011-Q1-6772-007Blue Coat Proxy SG基本配置及巡检版本：1.2XX网络2011年3月文件说明本程序文件对公司为客户提供的系统集成及相关服务、网络安全服务的实施过程进行了策划和控制。

文件修订记录目录1设备配置 (5)1.1Console初始化 (5)1.2Web基本配置 (10)1.2.1Hostname配置 (10)1.2.2NTP配置 (10)1.2.3Network配置 (13)1.2.4Proxy配置 (16)1.2.5Policy配置 (18)2设备巡检 (21)2.1巡检内容 (21)2.1.1设备信息 (21)2.1.2CPU利用率 (22)2.1.3Memory利用率 (23)2.1.4Disk利用率 (23)2.1.5当前用户数统计 (24)2.1.6缓存内容统计 (24)2.1.7设备健康自检 (25)2.1.8代理流量统计 (26)2.1.9详细协议代理统计 (27)2.1.10会话统计 (27)2.1.11日志查看 (28)2.2巡检命令 (29)1设备配置1.1 Console初始化设备接通电源——加电开机——Console口输出启动信息如下：The default boot system is:1: Version: SGOS 6.1.3.1, Release id: 56222Press the space key to select an alternate system to boot.Seconds remaining until the default system is booted: 0Booting Version: SGOS 6.1.3.1, Release id: 56222Completed major version system upgrade.Press "enter" three times to activate the serial console //连续敲入3次回车键可以激活Console口进行配置Executing image: Version: SGOS 6.1.3.1, Release id: 56222Interface 0:0: MAC address 00:E0:81:77:20:AF, half duplex, 100 megabits/secInterface 1:0: MAC address 00:E0:81:77:20:B0, no linkWelcome to the SG Appliance Serial ConsoleVersion: SGOS 6.1.3.1, Release id: 56222//连续敲入三次回车键，会弹出菜单，如下：------------------------- MENU -----------------------------1) Command Line Interface2) Setup Console------------------------------------------------------------Enter Option：2 //选择2 ，使用Console向导进行设置--------------- CONFIGURATION START ------------------Welcome to the Blue Coat ProxySG 510 configuration wizard.This appliance's serial number: 2107102111---------------------------------------------------------------------You can get field help by entering a question mark ? in the fields.You can move backwards through the steps by pressing the UP arrow.You can exit the wizard without saving your entries by pressing ESC.---------------------------------------------------------------------//注意这里的提示：输入？可以查看每个选项的功能含义解释；输入ESC 可以不保存并退出配置向导。

网络设备维护手册一、设备维护前的准备工作1. 确保设备已经断电，并且拔掉了所有的连接线，包括网线、电源线等。

2. 准备清洁工具，如吹风机、刷子、棉签等。

3. 确保在进行设备维护时有足够的时间，不要操之过急。

二、设备清洁维护步骤1. 使用吹风机将设备内的灰尘和杂物吹出，注意吹风机不要设置为过热模式，以免损坏设备。

2. 使用刷子清理设备表面的灰尘和污渍，慎重地清理设备内部各个角落，防止灰尘进入设备造成故障。

3. 使用棉签沾取少量清洁液，擦拭设备表面和连接口，清除污渍和油渍。

4. 注意不要将清洁液直接滴在设备内部，以免造成电路短路。

5. 在清理完毕后，等待设备表面干燥后再重新接通电源。

三、设备维护注意事项1. 经常清理设备，防止灰尘积累导致设备散热不良。

2. 切勿用水直接清洁设备表面，以免进水造成电路短路等问题。

3. 切勿在设备运行时进行维护和清洁工作，需断电后才能进行。

四、设备日常维护1. 定期检查设备连接线是否松动，确保连接稳固。

2. 定期更新设备的固件和驱动程序，保持设备的最新状态。

3. 定期备份设备重要数据，以防数据丢失造成损失。

以上就是网络设备维护手册的几项基本步骤和注意事项，希望能够帮助你更好地维护和保养网络设备。

网络设备维护手册五、设备故障排查与处理1. 网络设备故障的常见症状包括断电、无法启动、连接异常、网速缓慢等。

在这种情况下，首先需要排查设备是否存在硬件故障，例如电源故障、散热不良等。

2. 如果是软件问题导致的故障，可以尝试重新启动设备，检查网络设置、驱动程序和固件更新等。

3. 如果无法排除故障，建议联系网络设备厂商或专业的技术人员进行诊断和维修。

4. 维护人员在排查故障时，应严格按照设备维护手册的指导和步骤进行操作，以免造成二次故障。

六、设备安全防护1. 网络设备会存储重要的数据和信息，因此在维护时需确保设备的安全防护措施完善。

2. 定期更改设备的登录密码，确保密码的复杂性和安全性，防止被黑客攻击。

SG300Figure 3Power LEDSystem LEDLED IndicatorsFigure 2ProxySG Deployed In-PathWAN (Router)Power adapter Null modemserial cable ProxySG 300 Series ApplianceLAN (Switch)Power supplyretaining clip Power switchMain Site LAN Router Figure 1ProxySG 300 Series Appliance Switch ProxySG Deployed In-Path InternetTasks1. Unpacking the Appliance2. Connecting the Cables3. Verifying the LEDs4.Performing Initial ConfigurationUnpack the shipment and verify the contents of the box.The Blue Coat ProxySG 300 series appliance ships with the following components:• Blue Coat SG300 appliance• Software License Agreement • External AC power supply adapter with AC power cord and retaining clip • Quick Start Guide (this document) •Null-modem serial cable•Safety and Regulatory Compliance Guide3Unpacking the ApplianceBlue Coat recommends connecting the cables and verifying the LED display to ensure properfunctionality before deploying the appliance.Figure 1 shows a typical Blue Coat ProxySG network deployment:The following installation assumes the network deployment shown in Figure 1 is present. For other deployment options, see the ADN Deployment Guide and the WCCP Reference Guide, available for viewing at:https:///documentation/pubs/view/SGOS 5.5.xBefore connecting the ProxySG into your network, disconnect the existing LAN switch network cable from the WAN router. This cable will be reused during installation.3Connecting the CablesTo verify that the appliance has booted and is operational, check the following:The following illustration shows the location of the LED indicators on the ProxySG 300 series:Verifying the LEDsIf the Power LED light:• Is amber , the appliance is on, but the OS has not loaded. • Blinks amber to green , the OS has loaded but is not configured.•Is green , the OS has loaded and is properly configured. If the System LED light:• Is green , the appliance is functioning properly.• Is amber , the appliance has encountered a warning.• Is flashing amber , the appliance has encountered a critical problem.•Is OFF , the appliance has not determined the system status.5. Logging on and Licensing6. Next Steps7. Troubleshooting 1 2 3 To attach the cables (Figure 2):1. Connect the network cable from the LAN switch and plug it into the 1:1 port networkinterface on the ProxySG. 2. Connect a network cable from the WAN router to the 1:0 port network interface on theProxySG. The interface auto-negotiates 10/100/1000 Base-T speed and duplex settings.3. Connect a null-modem serial cable from the ProxySG to a PC (or serial terminal). Thisconnection is used to perform initial configuration via a direct serial connection. 4. Connect the power adapter to the ProxySG DC power supply inlet, and then connect theAC plug into a power source. Activate the power switch to turn on the appliance. 5. The included power supply cord retaining clip can be used to eliminate cord slippage.Install by squeezing the sides of the clip and inserting the ends into the mounting loops located above the DC power supply inlet. Once the retaining clip is attached, swing over the plug body to secure onto place (see figure 2).Note: The SG300 can be used within a desktop location or in an equipment rack using a rack-mount shelf (not included).Americas:Blue Coat Systems Inc. 410 North Mary Ave Sunnyvale, CA 94085-4121Rest of the World:Blue Coat Systems International SARL 3a Route des Arsenaux1700 Fribourg, SwitzerlandAfter your ProxySG is configured for network access, complete the installation by verifying network connectivity and registering and licensing the appliance.Important: New customers must create a BTO account at Blue Coat’s Customer Care page before they can activate their license. Blue Coat’s Customer Care page can be found at: https:///support/customercareTo complete the ProxySG installation:1. Verify that you can log into the appliance via the Web browser. To log into the appliance:a. Enter the ProxySG IP address into your web browser's Address or Location box usingthe following format: https://proxy_ipaddress:8082.b. Enter the user name and password specified during configuration to access themanagement interface. The management interface loads within your browser window.2. After login, register and activate your license. If you have a Full Proxy Edition license, goto step a; if you have an Acceleration Edition license, go to step b.a. To activate a license from the Advanced Management Console, navigate to theLicense page: Maintenance > Licensing > Install and click Retrieve. The requestLicense Key dialog displays. Go to step c to finish licensing the appliance.b. To activate a license from the Sky Management Console, navigate to the Licensepage: Configure > Device > Licensing.c. Enter your existing BlueTouch Online credentials and click Request license (for theAdvanced Management Console) or Submit credentials and install license (for theSky Management Console).Note: The ProxySG ships with a 60-day trial license. The appliance can be registered and licensed any time during that period.3Logging on and Licensing the ApplianceThis section lists additional resources for using the ProxySG appliance.3Next StepsContext-sensitive information about the ProxySG Online Help. To access, click the Help button in the Sky Management Console or Management Console.Reference Documentation Configuration and Management Guide (CMG), acollection of volumes documenting ProxySG features.To access, click the documentation link in the SkyManagement Console or Management Consoleinterfaces, or visit:https:///documentation/pubs/view/SGOS 5.5.xAnswers to frequently asked questions Blue Coat Knowledge Base, available at: https://Blue Coat User community Blue Coat Support Forums, available at:https:///Classroom and web-based training Blue Coat Training, available at:https:///support/training Deployment planning andconsultationBlue Coat Professional services, available at:https:///support/professionalservicesTechnical Support Blue Coat Support, available online at:https:///support/overviewContact Blue Coat by telephone in North America at(866) 982-2628 or +1(408) 220-2299.This section describes how to troubleshoot several hardware problems.Problem: The system does not power up.Solution: Check the power cords and verify that the outlet is receiving power.Problem: The System and Power LEDs are green, but there is no network connectivity.Solution: Check the network connections to verify that they are not loose. Otherwise,the problem might be a bad network cable or an issue with the router/switch.Problem: I am unable to access the ProxySG’s management console using my browser.Solution: Check all network configuration information, the subnet mask and default-routerconfigurations, and that no other devices on the network are attempting to use thesame IP address.Problem: I receive an invalid certificate warning when attempting to access the managementconsole using my browser.Solution: This is normal. The ProxySG generates a self-signed certificate upon initialconfiguration. You can safely ignore the warning or import the ProxySG’s certificateinto your browser to avoid future warnings.Additional troubleshooting resources:• Blue Coat Knowledgebase: https:///• Blue Coat User Community: 3TroubleshootingHow to Contact Support — For the current list of regional customer support phone numbers,go to: /support/contactsupport/When contacting Blue Coat Systems for technical phone support or to set up an RMA, beprepared to provide your serial number to verify entitlement. If you do not have your serialnumber, supply Blue Coat with your Support Contract Number, which can be found on yourSupport Contract Certificate.If you have purchased a Support Contract but have not received a Support ContractCertificate, go to /support/customercare/BlueTouch Online — BlueTouch Online https:// allows you to create newtechnical support cases, review and comment on open cases at any time. You also haveaccess to exclusive Blue Coat support materials, installation notes, and updates. To obtain aBlueTouch Online login, go to https:///requestloginBlue Coat Support Offerings — For a list, see /support/overview3Service InformationRECYCLE YOUR OLD BLUE COAT APPLIANCE! — Blue Coat offers an easy andsustainable way to recycle your decommissioned Blue Coat appliances. Simply use your newshipping box to send us your old appliance, absolutely free of charge. For details and shippinginformation, please visit: /company/environment/productrecyclingWHY RECYCLE? — According to the Silicon Valley Toxics Coalition, nearly 80% of U.S. e-waste is discarded in toxic waste dumps around the world. Without proper recycling,hazardous chemicals and other materials pose serious environmental and health risks. Byoffering a free and easy-to-use take-back program, Blue Coat enables businesses to efficientlyand responsibly dispose of used technology. Find out how!1. FAST AND EASY TO USEUse your new appliance carton to ship us your old technology2. PROTECTS PEOPLE AND THE PLANETResponsible technology recycling is good for business and the environment3. ABSOLUTELY FREEWe cover all the costs, including Shipping4. COMPLETE DETAILS/company/environment/productrecyclingRecycling Information231-03091 REV A.0Copyright© 1999-2010 Blue Coat Systems, Inc. All rights reserved worldwide. No part of this document may be repro-duced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translatedto any electronic medium or other means without the written consent of Blue Coat Systems, Inc. All right, title and inter-est in and to the Software and documentation are and shall remain the exclusive property of Blue Coat Systems, Inc. andits licensors. BluePlanet™, BlueTouch™, Control Is Yours™, DRTR™, ProxyAV™, ProxyRA Connector™,ProxyRA Manager™, SGOS™ and Webpulse™ and the Blue Coat logo are trademarks of Blue Coat Systems, Inc. andBlue Coat®, BlueSource®, K9®, IntelligenceCenter®, PacketShaper®, ProxyClient®, ProxySG®, Permeo®, and the Per-meo logo are registered trademarks of Blue Coat Systems, Inc. All other trademarks contained in this document and inthe Software are the property of their respective owners.BLUE COAT SYSTEMS, INC. DISCLAIMS ALL WARRANTIES, CONDITIONS OR OTHER TERMS, EXPRESS OR IM-PLIED, STATUTORY OR OTHERWISE, ON SOFTWARE AND DOCUMENTATION FURNISHED HEREUNDER IN-CLUDING WITHOUT LIMITATION THE WARRANTIES OF DESIGN, MERCHANTABILITY OR FITNESS FOR APARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL BLUE COAT SYSTEMS, INC., ITS SUP-PLIERS OR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANYOTHER LEGAL THEORY EVEN IF BLUE COAT SYSTEMS, INC. HAS BEEN ADVISED OF THE POSSIBILITY OFSUCH DAMAGES.567。

中国移动网络设备维护手册（2011-V1）中国移动通信集团网络部目录第一章例行维护项目操作说明 (3)1.1、检查交流供电 (3)1.2、主机运行状况 (3)1.3、光纤直放站检查 (3)1.4、直放站监控模块 (4)1.5、太阳能直放站 (4)1.6、测试接地系统的接地电阻 (5)1.7、运行质量CQT测试。

(5)1.8、网络覆盖DT测试。

(6)1.9、自激检查 (6)1.10、直放站施主信号 (7)1.11、带内波动 (7)1.12、直放站上行低噪 (8)1.13、直放站下行增益 (9)1.14、带外抑制测试（干放不需测试此项）。

(9)1.15、驻波比测试 (10)1.16、分布系统外挂设施 (11)1.17、馈线、天馈线接头与防水 (12)1.18、室内分布系统与器件 (12)1.19、地网检查 (13)1.20、避雷针检查 (13)1.21、UPS设备 (13)第二章常用模块更换要求 (15)2.1、功放模块（低噪放）更换 (15)2.2、modern模块更换 (15)2.3、主板（本振）模块更换 (16)2.4、电源模块更换 (16)第三章直放站与分布系统典型故障处理案例 (18)第一章例行维护项目操作说明1.1、检查交流供电1.检查方法：1）在不断开设备电源的情况下，把交直流钳型电流表的功能转盘打到电流档上，钳头夹在供电部分到设备的电源线上记录当前电流值，查看数值是否稳定；2）用万用表测量供电部分的交流电压值是否稳定，并记录；3）接状态。

2.维护标准：电压范围要求为185V～265V间；3.异常处理：如果电压非常不稳定或超出要求范围，则需考虑增配电源稳压器；4.注意事项：1）保证市电接入电压的稳定性；1.2、主机运行状况1.检查方法：1）检查机内风扇和散热装置是否工作正常，用红外线测温仪测试机内各单元模块和射频头等器件温度；2）用频谱仪或功率计，测量直放站的输入输出功率是否正常；2.维护标准：正常温度： 15°C～85°C正常输出功率参考设备设置功率值，误差小于2dB；3.异常处理：1）温度过高，则查明原因并上报；2）如输出功率异常，打开机内查看各模块LED指示是否正常，如仍没解决，用万用表打在直流档上逐一检查机内各单元模块的工作电压是否正常，如仍异常，用频谱仪逐一测量机内各单元模块的输出波形，分析判断出故障原因，必要时替换备机，并通知厂家维修或更换设备；4.注意事项：1）清洁机内机外卫生时一定要注意断开设备电源，否则容易引起设备短路，清洁机内也不要用湿抹布；2）一定要保证设备整机的整体运行正常，设备有任何非正常工作状态和隐患，必须及时查明原因和上报；1.3、光纤直放站检查1.检查方法：1）把光功率计打到该光频率频段，测试直放站光功率输入，并记录；2）检查光纤接头的是否灰尘污垢3）检查光纤跳线、尾纤与法兰盘是否固定，固定要合理，不得挤压扭曲尾纤。

Bluecoat ProxySG设备维护手册目录1.手册适用范围 (3)2.资源检测 (3)2.1.关键参数描述 (3)2.2.关键参数监控 (4)2.3.非关键参数监控 (12)3.常见故障及排查方法 (13)3.1.用户无法访问某个网站 (13)3.2.用户访问网站慢 (14)3.3.配置错误导致问题 (14)4.常用工具与日常操作 (15)4.1.常用维护操作 (15)4.2.常用信息查看命令 (18)4.3.SG内置常用工具 (19)1. 手册适用范围本手册适用于Bluecoat SG产品日常维护与监控，包含资源检测，基本故障排查，维护常用CLI命令。

2. 资源检测2.1.关键参数描述Bluecoat的proxy产品SG包含多种关键资源，对于关键资源，只要有一种资源利用率达到一定程度，都会影响用户的使用。

在日常维护过程中要密切注意这几种资源的情况。

关键参数：1.CPU使用率2. 内存使用率3. HTTP worker4. DNS worker5. 端口使用率6. License状态非关键参数：1.磁盘状态2.CPU 温度3.主板温度4.电源电平2.2.关键参数监控A．CPU利用率：通常小于90%，突发到90%以上但不持续维持在90%的情况属于正常。

GUI监测方法（日常）：点击Statistics-〉System Usage，在右边的窗口的CPU模版上可以看到在一个小时，一天，一个月内的CPU使用情况。

第一个图表，显示的时间刻度为每分钟，CPU取值是每分钟的尖峰CPU使用率第二个图表，显示的时间刻度为每小时，CPU取值是每小时的平均CPU使用率第三个图表，显示的时间刻度为每天，CPU取值是每天的平均CPU使用率监控时，可参考三个图表的CPU使用情况，在出现故障时主要监控第一个图表的内容。

CPU monitor查看具体CPU消耗（高级）：CPU Monitor工具是SG内置的一个工具，用于在查看CPU具体为何部分的功能所占用。

Tech Note--Audit Support for Blue Coat ProxySGSymantec CloudSOC Tech NoteCopyright statementCopyright (c) Broadcom. All Rights Reserved.The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.Broadcom, the pulse logo, Connecting everything, and Symantec are among the trademarks of Broadcom.The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. For more information, please visit w .Broadcom reserves the right to make changes without further notice to any products or data herein to improve reliability, function, or design. Information furnished by Broadcom is believed to be accurate and reliable. However, Broadcom does not assume any liability arising out of the application or use of this information, nor the application or use of any product or circuit described herein, neither does it convey any license under its patent rights nor the rights of others.Table of ContentsIntroductionSupported ProxySG firewall versionSample log formatsConfiguring ProxySG to FTP logs to SpanVA Create a CloudSOC datasource for the ProxySG Enable access loggingConfigure the log formatCreate an access log for SpanVAConfigure the upload clientSchedule the uploadEnable LoggingConfiguring HTTPS file transfer via SpanVA Specifying custom log file headersIgnoring HTTP CONNECT tunnel traffic Detecting Blue Coat ProxySG denied traffic ReferencesRevision historyIntroductionThis Tech Note describes how the CloudSOC Audit application supports log files from Blue Coat ProxySG devices.Supported ProxySG firewall versionProxySG minimum supported version is SGOS 5.5Sample log formatsBlue Coat ProxySG supports logs in either of the following two formats:●Access logs (Default)●Extended Log File Format (Custom)The Audit application supports the “E xtended Log File Format” (ELFF)for the Blue Coat ProxySG. The delimiter for the log fields is a blank space (\s) and the fields are sometimes wrapped in double quotes as shown in the log sample below.#Software: SGOS 5.2.6.1#Version: 1.0#Start-Date: 2014-04-16 00:41:36#Date: 2013-05-24 17:24:46#Fields: date time time-taken c-ip sc-status s-action sc-bytes cs-bytes cs-methodcs-uri-scheme cs-host cs-uri-port cs-uri-path cs-uri-query cs-username cs-auth-groups-hierarchy s-supplier-name rs(Content-Type) cs(User-Agent) sc-filter-resultcs-category x-virus-id s-ip s-sitename r-ip#Remark: 0606020157 "DFWDLPBCSG01 - 172.16.111.196 - Blue Coat SG400" "155.17.111.196" "main"2014-04-21 06:42:28 164 155.17.4.168 200 TCP_TUNNELED 498 650 CONNECT tcp 443 / - - - DIRECT os-bo-app05-03.boldchat.c om - - OBSERVED "Technology/Internet" - 155.17.111.196 SG-HTTP-Service 63.251.34.612014-04-21 06:42:28 637 155.17.122.61 200 TCP_TUNNELED 7140 1552 CONNECT tcp 443 / - - - DIRECT - "Moz illa/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36" OBSERVED "Web Ads/Analytics" - 155.17.111.196 SG-HTTP-Service98.137.170.332014-04-21 06:42:28 565 155.17.122.61 200 TCP_TUNNELED 5303 2201 CONNECT tcp 443 / - - - DIRECT - "Moz illa/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36" OBSERVED "Web Ads/Analytics" - 155.17. 111.196 SG-HTTP-Service 98.138.47.199Configuring ProxySG to FTP logs to SpanVAThis section describes how to configure a ProxySG to FTP logs to a SpanVA instance within your enterprise perimeter. This procedure assumes that you have already installed and configured SpanVA as described in the CloudSOC Tech Note I nstalling and Configuring SpanVA. Perform all of the procedures described in the following subsections.Note:This procedure was developed using SGOS 6.6.3.2 SWG Edition OS on the ProxySG device. Other versions may have different menu paths and options.Create a CloudSOC datasource for the ProxySGIf you have not already done so, use the procedure below to create a CloudSOC datasource for the ProxySG.1.If you have not already done so, login to CloudSOC with your administrator credentials.2.From the CloudSOC nav bar, choose A udit > Device Logs as shown below.3.On the Device Logs page, click N ew Data Source > SpanVA Data Source.4.On the New SpanVA Data Source panel:●Enter a descriptive name for the data source.●For Firewall Type choose B lue Coat ProxySG.●From the SpanVA menu, choose the SpanVA to which the ProxySG sends logs.●For Source Type, choose S CP/SFTP/FTP/HTTPS Server.5.Click C reate Connection.CloudSOC opens a D atasource Details panel to show you information about theconnection as shown below.6.Record the following information from the Datasource Details panel to use in the ProxySGconfiguration:●Host●Destination Directory●Username●Password--Use the password you recorded earlier for your datasources.Note: I f you lose the password, click R eset to receive a new password. If you resetthe password, you must reconfigure your network devices to use the newpassword for subsequent log uploads.Enable access logging1.If you have not already done so, login to the ProxySG management console.2.Click the C onfiguration tab, and navigate to A ccess Logging > General.3.Near the upper left corner of Default Logging tab, make sure the E nable Access Loggingcheckbox is marked, as shown below.Configure the log format1.On the Configuration tab, navigate to A ccess Logging > Formats.2.On the Log Format tab click N ew.The Create Format box opens as shown below.3.Enter a name for the format, for example "Elastica_SpanVA_Format."4.Mark the W3C Extended Log File Format (ELFF) string radio button.5.In the ELFF string text box, enter the header fields, separated by spaces, that you wantexported in your logs. Then click O K. The example above shows a sample set of header fields.Make sure you configure all mandatory fields as listed below. Click T est Format to check if all your fields are valid.Mandatory fieldsThe following fields must be present in the logs uploaded to CloudSOC Audit application.●date and time OR timestamp OR gmttime●c-ip OR cs-username●cs-host OR cs-uri●cs-bytes●sc-bytes●cs-uri-scheme OR cs-protocolOptional fieldsThe following fields provide additional analytics if present.●c-port●s-action●cs(Referer)●cs(User-Agent) OR c-agent●cs-uri-path●r-ip OR s-supplier-ip (required for destinations support)Create an access log for SpanVA1.On the C onfiguration tab, navigate to A ccess Logging > Logs.2.On the Logs tab, click N ew as shown below.3.On the Create Logs box, give the log a name such as "Elastica_SpanVA" and set the LogFormat to E lastica_SpanVA_Format as shown below. You can also give the log adescription if you want.4.Click O K to create the new log.5.On the Management Console, click A pply to commit the new configuration. Configure the upload client1.On the Configuration > Access Logging > Logs tab, click the U pload Client tab.2.From the Logs menu, choose the SpanVA access log you created earlier.3.For Client type, choose F TP Client and click S ettings.4.Configure the following settings as shown on the CloudSOC Datasource Details panel inthe section C reate a CloudSOC datasource for the ProxySG:●Host●Path (Destination Directory)●Username●PasswordNote:If the CloudSOC Datasource Details panel shows you a path of the form"/home/ds_xxxxxxxxxxxxxxxxxxxxxxxxx/datasources/yyyyyyyyyyyyyyyyyyyyyy," you canshorten it to just "datasources/yyyyyyyyyyyyyyyyyyyyyy" in order to stay within thecharacter limit of the ProxySG Path text box. Do not use a preceding "/" in the shortenedpath. This applies to SCP as well as the FTP connections described in this procedure.5.Leave the Filename box as-is.6.Mark the U se secure connections checkbox if you want the ProxySG to send logs usingSSL. If you use this option, make sure that the appropriate certificates are configured onthe SpanVA.7.Click O K, then click A pply to commit your changes.Schedule the upload1.In Management Console, click the U pload Schedule tab.2.From the Log menu, choose the access log you configured in C reate an access log forSpanVA.3.Create an access schedule that meets your needs. We recommend that you configure theProxySG to send logs to SpanVA on 30 minute intervals.4.Click A pply.Enable Logging1.In the ProxySG Management Console, navigate to C onfiguration (tab) > Policy > VisualPolicy Manager.2.Click L aunch.3.In Visual Policy Manager, choose P olicy > Add Web Access Layer. the new layer "Elastica SpanVA" or similar.5.In the one rule row for the new layer, right-click on A ction and choose S et.6.On the Set Action Object box, click N ew and then choose M odify Access Logging.7.On the Add Access Logging Object box, click E nable logging to:and choose the entry forElastica SpanVA.8.Click O K to close the Add Access Logging Object box.9.Click O K to close the Set Action Object box.10.In Visual Policy Manager, click I nstall Policy to commit the changes to the device.Configuring HTTPS file transfer via SpanVAYou can configure the ProxySG to use HTTPS to upload logs to CloudSOC via SpanVA. To do this, you must configure the ProxySG with a CA certificate as described in the following procedure. For more information about SpanVA, see the CloudSOC Tech Note I nstalling and Configuring SpanVA.1.Make sure your SpanVA is version 1.15.2.88.0 or later.2.If you have not already done so, create a certificate and upload it to SpanVA as describedin the CloudSOC Tech Note I nstalling and Configuring SpanVA.3.In the ProxySG management console, navigate to C onfiguration > SSL > CA Certificatesand click I mport Certificate as shown below.4.In the Import CA Certificate box, give the certificate a unique name, then paste the entirebody of the SpanVA certificate as shown below.5.Click O K.6.On the C onfiguration > SSL > CA Certificates page, click the C A Certificate Lists tab.7.Choose b rowser-trusted, then click E dit as shown below.8.On the Edit CA Certificate List box, locate and select the certificate you imported earlier inthe left-hand list.9.Click A dd >>to move the certificate to the trusted list, then click O K.10.On the C onfiguration > SSL > SSL Client page, find the CCL menu and choosebrowser-trusted as shown below.11.In CloudSOC, create a new datasource as described in the section C reate a CloudSOCdatasource for the ProxySG. Use the following settings:New Data Source type SpanVA DatasourceFirewall Type Blue Coat ProxySGSpanVA Choose your SpanVA instance from the listSource Type SCP/SFTP/FTP/HTTPS Server12.Click C reate Connection.13.On the Datasource Details box, record the following information to use in the ProxySGconfiguration:●Host●Destination Directory●Username●Password--Use the password you recorded earlier for your datasources.Note: I f you lose the password, click R eset to receive a new password. If you resetthe password, you must reconfigure your network devices to use the newpassword for subsequent log uploads.14.In the proxySG management console, navigate to C onfiguration > Access Logging >Logs and click the U pload Client tab.15.In the Upload Client box, choose client type H TTP Client, then click S ettings, as shownbelow.16.Apply the settings you recorded from the CloudSOC Datasource Details box, as shownbelow:●Host●Path (Destination Directory)●Username●PasswordNote:If the CloudSOC Datasource Details panel shows you a path of the form"/home/ds_xxxxxxxxxxxxxxxxxxxxxxxxx/datasources/yyyyyyyyyyyyyyyyyyyyyy," you can shorten it to just "datasources/yyyyyyyyyyyyyyyyyyyyyy" in order to stay within thecharacter limit of the ProxySG Path text box. Do not use a preceding "/" in the shortened path.17.For Port, enter 20200.18.Mark the checkbox for U se secure connections (SSL).19.Click O K.20.On the ProxySG Upload Client tab, click T est Upload.21.Navigate to S tatistics > System > Event Logging.22.Check the log for events that show that the test upload succeeded as shown below.Specifying custom log file headersIf your log files do not have the header row as the fourth or fifth row, and the order of the fields in the log files do not match the defaults described below, use the Custom Headers tools in Audit to specify the custom headers that apply to your Blue Coat proxy. Otherwise CloudSOC cannot process the logs correctly for use in the Audit application.The default header sequence that the Audit app expects is:date time time-taken c-ip cs-username cs-auth-group x-exception-idsc-filter-result cs-categories cs(Referer) sc-status s-action cs-methodrs(Content-Type) cs-uri-scheme cs-host cs-uri-port cs-uri-path cs-uri-querycs-uri-extension cs(User-Agent) s-ip sc-bytes cs-bytes x-virus-idYou can also configure the device itself to change the fields and their ordering to match the included fields and their ordering in your log files. See the ProxySG Admin Guide for descriptionsof the various fields available in Blue Coat logs depending on configuration. Remember that thefield names and their order you specify here must exactly match your log file contents.Do not mix log files with different formats in a single CloudSOC datasource. We recommend you create a separate datasource for each firewall. If you need help figuring out the content of this fields, please contact CloudSOC support. You can export Blue Coat Logs as described in the ProxySG Admin guide available at:https:///documentation/All-Documents/ProxySGFor full procedures on uploading device logs to CloudSOC, see the CloudSOC Tech Note Managing Data Sources for the CloudSOC Audit App.Ignoring HTTP CONNECT tunnel trafficWhen you configure ProxySG data sources in Audit, you can configure them to filter out andignore tunnel traffic that uses the HTTP CONNECT method.ProxySG by default makes a CONNECT request to all sites before applying Allow/Denied policies.if you allow Audit to take into consideration CONNECT traffic, then it will misclassify the blocked sites as “Allowed” if those sites have a very low traffic. For this reason, it is generally advisable to ignore CONNECT traffic. The exception to this rule is when all the traffic is tunneled through ProxySG. In this case, all requests are logged as CONNECT only requests, and if you choose to ignore CONNECT traffic, then all the requests will be filtered out.This features works for SCP and SpanVA datasources, but not for file upload datasources.1.In CloudSOC, choose A udit > Device Logs, then either create a new Proxy SG datasource or choose an existing ProxySG data source.2.On the Device Logs page, click A ctions > Edit Datasource for the data source.3.On the panel, mark the checkbox for I gnore CONNECT traffic as shown below. Configureother settings to suit, then create or save the data source.Detecting Blue Coat ProxySG denied trafficAudit detects that traffic was blocked by policies on Blue Coat Proxy SG by evaluating the value in the sc-filter-result field as well as the values in s-action and sc-status. Audit applies the following rules in the given order; when a field is absent it applies the next rule in sequence:1.If sc-filter-result is DENIED, then the traffic is marked as denied.2.If sc-action is DENIED or TCP_DENIED, then the traffic is marked as denied.3.If sc-action is 403, then the traffic is marked as denied.Note: A ll traffic with sc-status == 407 (proxy authentication required) is filtered out (ignored) from Audit processing.References●https:///documentation/All-Documents/ProxySGTech Note--Audit Support for Blue Coat ProxySGRevision historyDate Version Description2014 1.0 Initial release30 October 2015 1.1 Minor revisions30 November 2015 1.2 Minor revisions3 May 2016 1.3 Update supported versions and log formats11 May 2016 1.4 Add procedure for logging to SpanVA, otherminor changes6 October 2016 2.0 Add content on configuring log format18 October 2016 3.0 Add section on detection of denied traffic16 March 2017 3.1 Remove cs-uri-path from list of mandatoryfields8 September 2017 3.2 Add note about shortening datasource path5 December 2017 4.0 Address HTTPS via SpanVA19 December 2018 5.0 Address Ignoring HTTP CONNECT tunneltraffic29 July 2019 5.1 Modified section “Ignoring HTTP CONNECTtunnel traffic”21。

移动通信基站设备维护手册（一分册）青海盛泰通信网络工程有限公司移动维护中心二O一三年九月1 概述编制背景编制单位2 基站及配套设备例检维护标准例检周期巡视要求巡检内容基站例检前的准备进站要求基站例检维护项目的检查流程图基站例检维护项目的检查基站周围环境及物业检查监控系统告警检查基站油机检查基站防雷及电源巡检基站蓄电池组检查空调设备检查基站GSM、传输系统设备板件资源、固资接地检查3 基站日常维护巡检表填写规范要求4 小油机维护操作手册油机使用维护规程起动运行前的检查工作试机运行的检查工作停机步骤小油机巡检表格的填写基站钥匙管理1概述编制背景为更好地做好基站日常维护工作，提高基站维护质量，及时发现和处理基站存在的隐患问题，结合青海移动基站维护的实际情况编写了本手册。

本手册主要针对维护单位基站日常维护巡检编写，力求让每位维护人员根据本手册即可完成基站日常维护巡检工作，随时巡视检查现场，及时发现和排除事故隐患，提高基站维护质量。

编制单位青海盛泰通信网络工程有限公司主要审核人：祁国胜主要起草人：杜常福主编单位：青海盛泰通信网络工程有限公司主要审稿人：祁国胜、杨文忠、赵有元、胡勋。

2基站及配套设备例检维护标准例检周期1.对于基站综合维护服务，宏基站每月巡检一次，每月另巡视一次，边际网基站每季度巡检一次，偏远基站按需安排巡检工作。

偏远基站以及其它一些距离维护单位较远、行车不可直达或行车时间较长的基站。

对于室分系统综合维护服务，宏基站每月巡检一次，其它基站每季度巡检一次。

2.年检主要是按需安排执行。

巡视要求1.巡视基站内各种设备是否正常运行、基站高低压线路、基站卫生、基站内设备及周边环境是否存在安全隐患，主要包括影响机房设施、天线、馈线、屋面立杆、走线架、接地线、机房漏水、机房周边排水，以及铁塔基础周边环境发生施工挖土、打井、挖沟和回填土流失等安全问题。

2.负责机房环境安全检查和放置有效的灭火器、挂有进入机房的四十字方针、基站故障处理流程图、灭火流程图及各类警示牌。

设备维护平台接口技术规范说明书（版本号 V1.0）杭州天梦科技有限公司二〇一〇年五月更改履历进行修改。

目录1概述 (2)1.1 编写目的 (2)1.2 预期读者 (2)1.3 参考文献 (2)2接口平台设计 (2)2.1 技术架构 (2)2.1.1 接口架构图 (2)2.1.2 业务流图 (3)2.2 部署方式 (4)2.3 接口标准 (4)2.3.1 技术标准 (4)2.3.2 数据规约 (5)2.3.3 示例 (6)3WEBSERVICE服务 (7)3.1 设备维护平台提供的服务 (7)3.1.1 接口服务清单 (7)3.1.2 接口服务设计 (8)1概述1.1编写目的为设备维护平台的信息同步和共享，制定了统一的接口规范，用来指导各系统的接口设计、开发、联调及迁移工作。

范围：本文档主要是对设备维护平台与外围业务系统的数据交互需求进行说明。

1.2调试要求强烈要求第三方调用者，先做测试库的接口调试，确保接口及参数调用正确，否则将对正式库可能出现的系统故障承担主要责任。

1.3预期读者项目组人员、各交互系统涉及到的开发厂家。

1.4参考文献《智能交通设备维护管理系统设备接入标准》杭州天梦科技有限公司2接口平台设计2.1技术架构2.1.1接口架构图（暂缺）2.1.2业务流图说明：用户通过接口。

2.2部署方式接口服务层包括Webservice服务、展现集成服务。

1、Webservice服务各系统提供的接口服务统一部署在设备维护平台接口服务层上，各系统客户端和接口服务层用SOAP协议通过HTTP来交互，客户端根据WSDL描述文档生成SOAP请求消息发送到服务端，服务端解析收到的SOAP请求，调用Web service，然后再生成相应的SOAP应答送回到客户端。

2、展现集成服务展现集成服务主要是应用界面集成服务，由服务提供方提供详细的URL及相关参数说明，调用方传入参数，调用服务方提供的页面进行展现。

3、平台Service组件服务平台Service组件服务统一部署在设备维护平台接口服务层上，通过平台接口服务层进行查询操作。