Security Overview
Network Security Features
Network Security Features
This section outlines features for protecting access through the switch to the
network. For more detailed information, see the indicated chapters.
802.1X Access Control
This feature provides port-based or user-based authentication through a
RADIUS server to protect the switch from unauthorized access and to enable
the use of RADIUS-based user profiles to control client access to network
services. Included in the general features are the following:
■ user-based access control supporting up to 32 authenticated clients per
port
■ port-based access control allowing authentication by a single client to
open the port
■ switch operation as a supplicant for point-to-point connections to other
802.1X-compliant ProCurve switches
For more information, refer to Chapter 9 “Configuring Port-Based and User-
Based Access Control (802.1X)”.
Web and MAC Authentication
These options are designed for application on the edge of a network to provide
port-based security measures for protecting private networks and the switch
itself from unauthorized access. Because neither method requires clients to
run any special supplicant software, both are suitable for legacy systems and
temporary access situations where introducing supplicant software is not an
attractive option. Both methods rely on using a RADIUS server for authenti-
cation. This simplifies access security management by allowing you to control
access from a master database in a single server. It also means the same
credentials can be used for authentication, regardless of which switch or
switch port is the current access point into the LAN. Web authentication uses
a web page login to authenticate users for access to the network. MAC
authentication grants access to a secure network by authenticating device
MAC addresses for access to the network. For more information, refer to
Chapter 3, “Web and MAC Authentication”.
1-8
To Next Page
Loading...
