Enterasys D-Series - Chapter 17: Security Configuration; Overview of Security Methods

Enterasys D-Series

540 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Enterasys D-Series CLI Reference 17-1

17

Security Configuration

ThischapterdescribestheSecurityConf igurationsetofcommandsandhowtousethem.

Overview of Security Methods

Thefollowingsecuritymethodsareavailableforcontrollingwhichusersareallowe d toaccess,

monitor,andmanagethe switch.

•Loginuseraccountsandpasswords–usedtologintotheCLIviaaTelnetconnectionorlocal

COMportconnection.Fordetails,referto“SettingUserAccountsandPasswords”

on

page 3‐2.

•HostAccessControlAuthentication(HACA)–a uthenti catesuseraccessofTelnet

management,consolelocalmanagementandWebViewviaacentralRADIUSClient/Server

application.WhenRADIUSisenabled,thisessentiallyoverridesloginuseraccounts.When

HACAisactiveperavalidRADIUSconfiguration,theusernamesandpasswordsused

to

accesstheswitchviaTelnet,SSH,WebView,andCOMportswillbevalidatedagainstthe

configuredRADIUSserver.OnlyinthecaseofaRADIUStimeoutwillthosecredentialsbe

comparedagainstcredentialslocallyconfiguredontheswitch.

Fordetails,referto

“ConfiguringRADIUS”onpage 17‐3.

•SNMPuserorcommunitynames–allowsaccesstotheD‐SeriesswitchviaanetworkSNMP

managementapplication.Toaccesstheswitch,youmustenteranSNMPuserorcommunity

namestring.Thelevelofmanagementaccessisdependenton

theassociatedaccesspolicy.For

details,refertoChapter 7 .

• 802.1XPortBasedNetworkAccessControlusingEAPOL(ExtensibleAuthenticationProtocol)

–providesamechanismviaaRADIUSserverforadministratorstosecurelyauthenticateand

grantappropriateaccesstoenduserdevicescommunicatingwithD‐Seriesports.Fordetails

For information about... Refer to page...

Overview of Security Methods 17-1

Configuring RADIUS 17-3

Configuring 802.1X Authentication 17-11

Configuring MAC Authentication 17-21

Configuring Multiple Authentication Methods 17-33

Configuring VLAN Authorization (RFC 3580) 17-45

Configuring MAC Locking 17-51

Configuring Port Web Authentication (PWA) 17-62

Configuring Secure Shell (SSH) 17-74

Table of Contents

Related product manuals

Enterasys Matrix DFE-Gold Series

Preview: Enterasys C5G124-24

Enterasys C5G124-24

Preview: Enterasys C3G124-24

Enterasys C3G124-24

Preview: Enterasys B5G124-24

Enterasys B5G124-24

Preview: Enterasys A4H124-24

Enterasys A4H124-24

Preview: Enterasys 08H20G4-24

Enterasys 08H20G4-24

Preview: Enterasys B5G124-24P2

Enterasys B5G124-24P2

Preview: Enterasys SSA-T1068-0652

Enterasys SSA-T1068-0652

Preview: Enterasys Matrix 2G4072-52

Enterasys Matrix 2G4072-52

Preview: Enterasys Matrix-V V2H124-24

Enterasys Matrix-V V2H124-24

Preview: SecureStack B3 B3G124-48

SecureStack B3 B3G124-48

Preview: SecureStack C2 C2G170-24

SecureStack C2 C2G170-24