Terms and Definitions
16-18 Configuring Policy
Configuring Dynamic Policy Assignment
Configure the RADIUS server user accounts with the appropriate information using the Filter-ID
attribute for faculty role members and devices. When a faculty member authenticates through the
RADIUS server, the name of the faculty policy is returned in the RADIUS Access-Accept response
message and that policy is applied by the switch to the faculty user.
Terms and Definitions
Table 16-6 lists terms and definitions used in this policy configuration discussion.
Table 16-6 Policy Configuration Terms and Definitions
Term Definition
Admin Rule A policy rule that assigns traffic classified by a specific VLAN tag to a policy role.
Class of Service
(CoS)
A logical container for packet priority, ToS/DSCP, and forwarding treatment that
determines how the firmware treats a packet as it transits the link.
Filter-ID A string that is formatted in the RADIUS Access-Accept packet sent back from the
authentication server to the switch during the authentication process. In the
Enterasys policy context, the string contains the name of the policy role to be
applied to the authenticating user or device.
Policy A component of Secure Networks that provides for the configuration of a role based
profile for the securing and provisioning of network resources based upon the
function the user or device plays within the enterprise network.
Policy Profile A logical container for the rules that define a particular policy role. In a CLI context,
Policy Profile is equivalent to Policy Role.
Policy Rule Rules that define how traffic classified by various criteria should be treated.
Role Within NetSight, the grouping of individual users or devices into a logical behavioral
profile for the purpose of applying policy. In a CLI context, Role = Policy Profile.
Rule Precedence A value associated with classification types that determines the sequence in which
classification rules are applied to a packet.
Traffic Classification A policy element that allows MAC or IP address, packet type, port, or VLAN used to
be used as the basis for identifying the traffic to which the policy will be applied.
Untagged and
Tagged VLAN
Untagged VLAN frames are classified to the VLAN associated with the port it
enters. Tagged VLAN frames are classified to the VLAN specified in the VLAN tag;
the PVID is ignored.
VLAN Egress List A configured list of ports that a frame for this VLAN can exit.
To Next Page
Loading...
Need help?
General