System Management Guide
Edition: 01 3HE 11018 AAAC TQZZA 3
Table of Contents
1 Preface...........................................................................................11
1.1 About This Guide.......................................................................................11
1.1.1 Audience....................................................................................................12
1.1.2 List of Technical Publications....................................................................12
1.1.3 Technical Support......................................................................................13
2 7705 SAR System Management Configuration Process...........15
3 Security .........................................................................................17
3.1 Authentication, Authorization, and Accounting .........................................18
3.1.1 Authentication............................................................................................19
3.1.1.1 Local Authentication ..................................................................................20
3.1.1.2 RADIUS Authentication .............................................................................21
3.1.1.3 TACACS+ Authentication ..........................................................................21
3.1.2 Authorization..............................................................................................22
3.1.2.1 Local Authorization....................................................................................23
3.1.2.2 RADIUS Authorization...............................................................................23
3.1.2.3 TACACS+ Authorization............................................................................24
3.1.3 Accounting.................................................................................................24
3.1.3.1 RADIUS Accounting ..................................................................................24
3.1.3.2 TACACS+ Accounting...............................................................................25
3.2 Security Controls .......................................................................................26
3.2.1 When a Server Does Not Respond ...........................................................26
3.2.2 Access Request Flow................................................................................26
3.3 Vendor-Specific Attributes (VSAs).............................................................28
3.4 Other Security Features ............................................................................30
3.4.1 Secure Shell (SSH) ...................................................................................30
3.4.1.1 SSH File Transfer Protocol (SFTP) ...........................................................32
3.4.2 CSM Filters and CSM Security..................................................................32
3.4.3 Exponential Login Backoff.........................................................................33
3.4.4 Encryption..................................................................................................34
3.4.5 802.1x Network Access Control ................................................................34
3.4.6 TCP Enhanced Authentication and Keychain Authentication....................34
3.4.6.1 Keychain Authentication............................................................................35
3.4.6.2 Keychain Configuration Guidelines and Behavior .....................................36
3.5 Configuration Notes...................................................................................38
3.5.1 Reference Sources....................................................................................38
3.6 Configuring Security with CLI ....................................................................39
3.7 Setting Up Security Attributes....................................................................40
3.7.1 Configuring Authentication ........................................................................40
3.7.2 Configuring Authorization ..........................................................................41
3.7.3 Configuring Accounting .............................................................................42
3.8 Security Configurations .............................................................................43
3.9 Security Configuration Procedures............................................................45
3.9.1 Configuring IPv4 or IPv6 Management Access Filters ..............................45
To Next Page
Loading...
