178 Controlling Management Access
What Other Features Use Authentication?
In addition to controlling access to the management interface, the switch can
use RADIUS, IAS, or the local user database to provide port-based access
control. Port-based access control specifies whether devices that are
connected to the switch ports are allowed access to the network.
The IEEE 802.1X feature (also known as Dot1X) and Captive Portal feature
use RADIUS or the local user database to control network access. IEEE
802.1X can also use the IAS to authenticate users. For information about
IEEE 802.1X, see "Configuring 802.1X and Port-Based Security" on page 505.
For information about Captive Portal, see "Configuring a Captive Portal" on
page 445.
The RADIUS server can provide VLAN assignments to devices connected to
the switch ports. For information about RADIUS-assigned VLANs, see
"Dynamic VLAN Creation" on page 510.
Default Management Security Values
By default, the only management access to the switch is through the console
port, and no authentication is required. Table 9-2 describes the default
settings for the management access features.
Table 9-2. Management Security Default Values
Management Security
Feature
Default
Management Access
Control List (ACL)
No access profiles are configured.
Password management
features
Password minimum length is enabled, and the minimum
password length is 8 characters.
Password aging, limiting the number consecutive passwords
before reuse, and limiting the number of allowed consecutive
login attempts are disabled.
To Next Page
Loading...
