EasyManua.ls Logo

DragonWave Horizon COMPACT - Advanced Configuration Features; Security and Authentication

DragonWave Horizon COMPACT
144 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
3.0 Advanced Configuration Features
Volume 1 describes the configuration of the basic features that allow the Horizon Compact to provide a
wireless Ethernet link, with a throughput of up to 400 Mbps. A number of advanced configuration features
provide enhanced access and management security, link protection, quality of service and alarm
management. Each advanced feature is described in detail in the following sub-sections.
3.1 RADIUS Server User Authentication
The DragonWave Remote Authentication Dial In User Service (RADIUS) server option enables users to
be centrally authenticated before being allowed access to a modem. This adds another layer of security
by removing user access control away from individual modems and moving it to a central server.
However, all modems must have all approved users entered in the modem user authentication list before
the system will grant access at the appropriate user levels (admin, NOC, Super).
Up to five (5) RADIUS servers can be configured.
When one, or more, RADIUS server is configured, the username and password authentication system on
the modem is bypassed, in favour of the RADIUS system. Access levels are still retained in the local
modem memory, so once a user is verified by the RADIUS server the access level is assigned by the
modem (provided that that user is a valid user on that modem). Any user that is validated by the RADIUS
server, but is not found in the modem user authentication list, can gain access to the modem but only at
an admin user level.
If, on attempting to log in, a user does not receive a response from a configured RADIUS server, the user
will not be allowed to log in. This could be the case if the server was off line. However, the system can be
configured to allow the Super user to still access the modem via the local modem access control, even
when a RADIUS server does not respond.
Only the Super user can issue any of the RADIUS “set” commands and view any of the security related
entries returned with “get” commands (passwords, shared key etc..)

Table of Contents