SecureStack C2 Configuration Guide 18-1
18
Security Configuration
ThischapterdescribestheSecurityConf igurationsetofcommandsandhowtousethem.
Overview of Security Methods
Thefollowingsecuritymethodsareavailableforcontrollingwhichusersareallowedtoaccess,
monitor,andmanagetheswitch.
•Loginuseraccountsandpasswords–usedtologintotheCLIviaaTelnetconnectionorlocal
COMportconnection.Fordetails,referto“SettingUserAccountsandPasswords”
on
page 3‐1.
•HostAccessControlAuthentication(HACA)–authenticatesuseraccessofTelnet
management,consolelocalmanagementandWebViewviaacentralRADIUSClient/Server
application.WhenRADIUSisenabled,thisessentiallyoverridesloginuseraccounts.When
HACAisactiveperavalidRADIUSconfiguration,theusernamesandpasswordsused
to
accesstheswitchviaTelnet,SSH,WebView,andCOMportswillbevalidatedagainst the
configuredRADIUSserver.OnlyinthecaseofaRADIUStimeoutwillthosecredentialsbe
comparedagainstcredentialslocallyconfiguredontheswitch.
Fordetails,referto
“ConfiguringRADIUS”onpage 18‐3.
•SNMPuserorcommunitynames–allowsaccesstotheSecureStackC2switchviaanetwork
SNMPmanagementapplication.Toaccesstheswitch,youmustenteranSNMPuseror
communitynamestring.Thelevelofmanagementaccessisdependenton
theassociated
accesspolicy.Fordetails,refertoChapter 6.
• 802.1XPortBasedNetworkAccessControlusingEAPOL(ExtensibleAuthentication
Protocol)–providesamechanismviaaRADIUSserverforadministratorstosecurely
For information about... Refer to page...
Overview of Security Methods 18-1
Configuring RADIUS 18-3
Configuring 802.1X Authentication 18-9
Configuring MAC Authentication 18-19
Configuring Multiple Authentication Methods 18-30
Configuring VLAN Authorization (RFC 3580) 18-41
Configuring MAC Locking 18-46
Configuring Port Web Authentication (PWA) 18-57
Configuring Secure Shell (SSH) 18-68
Configuring Access Lists 18-70
To Next Page
Loading...
Need help?
General