EPICenter Concepts and Solutions Guide
109
7 Managing Network Security
This chapter describes how you can use the features of EPICenter to help you ensure the security of
your network. It covers the following topics:
● Security Overview on page 109
● Management Access Security on page 109
● Using RADIUS for EPICenter User Authentication on page 110
● Securing Management Traffic on page 112
● Securing EPICenter Client-Server Traffic on page 115
● Monitoring Switch Configuration Changes on page 115
● Using the MAC Address Finder on page 116
● Using Alarms to Monitor Potential Security Issues on page 117
● Device Syslog History on page 118
● Network Access Security on page 118
Security Overview
Network security is one of the most important aspects of any enterprise-class network. Security
provides authentication and authorization for both access to the network and management access to the
network devices. Network administrators must protect their networks from unauthorized external
access as well as from internal access to sensitive company information. Extreme Networks products
incorporate multiple security features, such as IP access control lists and virtual LANs (VLANs), to
protect enterprise networks from unauthorized access.
EPICenter provides multiple features that control and monitor the security features on Extreme
Networks products. Using EPICenter, you can set up VLANs, configure security policies, and monitor
security aspects of your network.
Management Access Security
Along with securing the traffic on your network, you must set up your network switches to allow only
authorized access to the switch configuration and traffic monitoring capabilities. This requires securing
the switch to allow only authenticated, authorized access, and securing the management traffic between
the switch and the administrator’s host to ensure confidentiality.
EPICenter provides authentication and authorization for login to EPICenter itself, so you can control
who can access EPICenter and what functions they are allowed to perform. You can provide read-only
access to selected functions for some users, so they can monitor the network but not make any
configuration changes, while allowing other users to make changes to device configurations, policy
settings, and so on.
To Next Page
Loading...
Need help?
General
