Configuring Security
Access Profiles
Cisco Small Business 300 Series Managed Switch Administration Guide 205
16
Defining Profile Rules
Access profiles can contain up to 128 rules to determine who is permitted to
manage and access the switch, and the access methods that may be used.
Each rule in an access profile contains an action and a criteria (one or more
parameters) to match. Each rule has a priority; rules with the lowest priority are
checked first. If the incoming packet matches a rule, the action associated with the
rule is performed. If no matching rule is found within the active access profile, the
packet is dropped.
For example, you can limit access to the switch from all IP addresses except IP
addresses that are allocated to the IT management center. In this way, the switch
can still be managed and has gained another layer of security.
To define profile rules:
STEP 1 Click Security > Mgmt Access Method > Profile Rules. The Profiles Rules Page
displays.
STEP 2 Select the Filter field, and an access profile. Click Go.
The selected access profile is displayed in the Profile Rule Table.
STEP 3 Click Add to add a rule to it. The Add Profile Rule Page displays.
STEP 4 Enter the parameters.
• Access Profile Name—Select an access profile.
• Rule Priority—Enter the rule priority. When the packet is matched to a rule,
user groups are either granted or denied access to the switch. The rule
priority is essential to matching packets to rules, as packets are matched on
a first-fit basis.
• Management Method—Select the management method for which the rule
is defined. The options are:
- All—Assigns all management methods to the rule.
- Telnet—Users requesting access to the switch who meet the Telnet
access profile criteria are permitted or denied access.
- Secure Telnet (SSH)—Users requesting access to the switch who meet
the Telnet access profile criteria, are permitted or denied access.
To Next Page
Loading...
