Security Overview
Identity-Driven Manager (IDM)
Key Management System (KMS)
KMS is available in several ProCurve switch models and is designed to
configure and maintain key chains for use with KMS-capable routing protocols
that use time-dependent or time-independent keys. (A key chain is a set of
keys with a timing mechanism for activating and deactivating individual keys.)
KMS provides specific instances of routing protocols with one or more Send
or Accept keys that must be active at the time of a request.
For more information, refer to Chapter 12, “Key Management System”.
Identity-Driven Manager (IDM)
IDM is a plug-in to ProCurve Manager Plus (PCM+) and uses RADIUS-based
technologies to create a user-centric approach to network access manage-
ment and network activity tracking and monitoring. IDM enables control of
access security policy from a central management server, with policy enforce-
ment to the network edge, and protection against both external and internal
threats.
Using IDM, a system administrator can configure automatic and dynamic
security to operate at the network edge when a user connects to the network.
This operation enables the network to:
■ approve or deny access at the edge of the network instead of in the core;
■ distinguish among different users and what each is authorized to do;
■ configure guest access without compromising internal security.
Criteria for enforcing RADIUS-based security for IDM applications includes
classifiers such as:
■ authorized user identity
■ authorized device identity (MAC address)
■ software running on the device
■ physical location in the network
■ time of day
Responses can be configured to support the networking requirements, user
(SNMP) community, service needs, and access security level for a given client
and device.
1-11
To Next Page
Loading...
