SecureStack B3 Configuration Guide 20-1
20
Security Configuration
ThischapterdescribestheSecurityConf igurationsetofcommandsandhowtousethem.
Overview of Security Methods
Thefollowingsecuritymethodsareavailableforcontrollingwhichusersareallowedtoaccess,
monitor,andmanagetheswitch.
•Loginuseraccountsandpasswords–usedtologintotheCLIviaaTelnetconnectionorlocal
COMportconnection.Fordetails,referto“SettingUserAccountsandPasswords”
on
page 3‐1.
•HostAccessControlAuthentication(HACA)–authenticatesuseraccessofTelnet
management,consolelocalmanagementandWebViewviaacentralRADIUSClient/Server
application.WhenRADIUSisenabled,thisessentiallyoverridesloginuseraccounts.When
HACAisactiveperavalidRADIUSconfiguration,theusernamesandpasswordsused
to
accesstheswitchviaTelnet,SSH,WebView,andCOMportswillbevalidatedagainst the
configuredRADIUSserver.OnlyinthecaseofaRADIUStimeoutwillthosecredentialsbe
comparedagainstcredentialslocallyconfiguredontheswitch.
Fordetails,referto
“ConfiguringRADIUS”onpage 20‐3.
•SNMPuserorcommunitynames–allowsaccesstotheSecureStackB3switchviaanetwork
SNMPmanagementapplication.Toaccesstheswitch,youmustenteranSNMPuseror
communitynamestring.Thelevelofmanagementaccessisdependenton
theassociated
accesspolicy.Fordetails,refertoChapter 6.
• 802.1XPortBasedNetworkAccessControlusingEAPOL(ExtensibleAuthentication
Protocol)–providesamechanismviaaRADIUSserverforadministratorstosecurely
authenticateandgrantappropriateaccesstoenduserdevicescommunicatingwith
For information about... Refer to page...
Overview of Security Methods 20-1
Configuring RADIUS 20-3
Configuring 802.1X Authentication 20-9
Configuring MAC Authentication 20-19
Configuring Multiple Authentication Methods 20-30
Configuring VLAN Authorization (RFC 3580) 20-41
Configuring MAC Locking 20-46
Configuring Port Web Authentication (PWA) 20-57
Configuring Secure Shell (SSH) 20-69
To Next Page
Loading...
Need help?
General