D-Series CLI Reference 15-1
15
Security Configuration
ThischapterdescribestheSecurity Conf ig urationsetofcommandsandhowtousethem.
Overview of Security Methods
Thefollowingsecuritymethodsareavailableforcontrollingwhichusersareallowe dtoaccess,
monitor,andmanagethe switch.
•Loginuseraccountsandpasswords–usedtologintotheCLIviaaTelnetconnectionorlocal
COMportconnection.Fordetails,referto“SettingUserAccountsandPasswords”
on
page 2 ‐2.
•HostAccessControlAuthentication(HACA)–a uthenti catesuseraccessofTelnet
management,consolelocalmanagementandWebViewviaacentralRADIUSClient/Server
application.WhenRADIUSisenabled,thisessentiallyoverridesloginuseraccounts.When
HACAisactiveperavalidRADIUSconfiguration,theusernamesandpasswordsused
to
accesstheswitchviaTelnet,SSH,WebView,andCOMportswillbevalidatedagainstthe
configuredRADIUSserver.OnlyinthecaseofaRADIUStimeoutwillthosecredentialsbe
comparedagainstcredentialslocallyconfiguredontheswitch.
Fordetails,referto
“ConfiguringRADIUS”onpage 15‐3.
•SNMPuserorcommunitynames–allowsaccesstotheD‐SeriesswitchviaanetworkSNMP
managementapplication.Toaccesstheswitch,youmustenteranSNMPuserorcommunity
namestring.Thelevelofmanagementaccessisdependenton
theassociatedaccesspolicy.For
details,refertoChapter 5.
• 802.1XPortBasedNetworkAccessControlusingEAPOL(ExtensibleAuthentication
Protocol)–providesamechanismviaaRADIUSserverforadministratorstosecurely
authenticateandgrantappropriateaccesstoenduserdevicescommunicatingwithD‐Series
For information about... Refer to page...
Overview of Security Methods 15-1
Configuring RADIUS 15-3
Configuring 802.1X Authentication 15-9
Configuring MAC Authentication 15-19
Configuring Multiple Authentication Methods 15-30
Configuring VLAN Authorization (RFC 3580) 15-41
Configuring MAC Locking 15-46
Configuring Port Web Authentication (PWA) 15-57
Configuring Secure Shell (SSH) 15-68
To Next Page
Loading...
Need help?
General
