EasyManuals Logo

Dell S3048-ON User Manual

Dell S3048-ON
1036 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1033 background imageLoading...
Page #1033 background image
NOTE: The command contains multiple options with the Common Name being a required eld and blanks being lled in
for unspecied elds.
Information about installing trusted certicates
Dell Networking OS also enables you to install a trusted certicate. The system can then present this certicate for authentication to
clients such as SSH and HTTPS.
This trusted certicate is also presented to the TLS server implementations that require client authentication such as Syslog. The
certicate is digitally signed with the private key of a CA server.
You can download the trusted certicate for a device from ash, usbash, tftp, ftp, or scp. This certicate is stored in the BSD le system
and can be used to authenticate the switch to clients.
Installing trusted certicates
To install a trusted certicate, perform the following step:
In global conguration mode, enter the following command:
crypto cert inatall {path}
Transport layer security (TLS)
Transport Layer Security (TLS) provides cryptographic protection for TCP-based application protocols.
In Dell Networking OS, TLS already protects secure HTTP for the REST and HTTPD server implementations.
NOTE
: There are three modern versions of the TLS protocol: 1.0, 1.1, and 1.2. Older versions are called “SSL” v1, v2, and v3, and
should not be supported.
The TLS protocol implementation in Dell Networking OS takes care of the following activities:
Session negotiation and shutdown
Protocol Version
Cryptographic algorithm selection
Session resumption and renegotiation
Certicate revocation checking, which may be accomplished through OCSP
When operating in FIPS mode, the system is restricted to only the TLS 1.2 protocol version and support the following cipher suites in line
with the NIST SP800-131A Rev 1 policy document—published July 2015:
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
TLS_DH_RSA_WITH_AES_256_CBC_SHA256
TLS_DH_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
When not operating in FIPS mode, the system may support TLS 1.0 up to 1.2, and older ciphers and hashes:
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
X.509v3
1033

Table of Contents

Other manuals for Dell S3048-ON

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Dell S3048-ON and is the answer not in the manual?

Dell S3048-ON Specifications

General IconGeneral
Rack Units1U
Form FactorRack-mountable
Input Voltage100-240V AC
Power Supply2 hot-swappable power supplies
ManagementCLI, Web, SNMP
Product TypeSwitch
MAC Address Table Size32K entries
Jumbo Frame SupportYes
Latency< 3 microseconds
Ports48 x 1GbE RJ45, 4 x 10GbE SFP+

Related product manuals