1. Manuals
  2. Brands
  3. Enterasys Manuals
  4. Switch
  5. Matrix E5 5H153-50-G
  6. User manual

Overview Of Security Methods; Host Access Control Authentication (Haca) - Enterasys Matrix E5 5H153-50-G User Manual

Matrix e5 series
Hide thumbs
Table of Contents

Advertisement

9.3

OVERVIEW OF SECURITY METHODS

Two security methods are available to control which users are allowed access to the switch's host
to configure the switch parameters and monitor its operation.
• Switch Local Management Application Password – allows two levels of SNMP local
management access via serial console or telnet (read-write and read-only) using the Console
Login Configuration screen described in
management access are set using the SNMP Community Names Configuration screen described
in
Section
6.4.1.
• Host Access Control Authentication (HACA) – authenticates user access of Telnet management,
console local management and WebView via a central Radius Client/Server application using the
Port Authentication Configuration screen described in
and a description of how to set the switch to access policy using the Security Configuration
screen, refer to
Section 9.3.1
9.3.1

Host Access Control Authentication (HACA)

To use HACA, the embedded Radius Client on the switch must be configured to communicate with
the Radius Server, and the Radius Server must be configured with the password information. The
Enterasys implementation uses Funk Software Steel-Belted Radius server software, This software
provides the ability to centralize the Authentication, Authorization, and Accounting (AAA) of the
network resources. For more information, refer to the RFC 2865 (Radius Authentication) for a
description of the protocol. Radius Accounting is not supported on the Matrix E5.
Each switch has its own Radius Client, which can be configured using the Security Configuration
screen described in
The IP address of the Radius Server (and, if available, the secondary server IP address) and
shared secret text string must be configured on the Radius Client. The client uses either the
Password Authentication Protocol (PAP) to communicate the user name and encrypted password
to the Radius Server.
On the Radius Server, each user is configured with the following:
• name
• password
• access level
The access level can be set to one of the following levels for each user name:
• read-write
• read-only
and
Section
Section
9.4.
Section
6.5. The two levels of remote SNMP
Section
11.18.
Overview of Security Methods
9.5. For an overview of HACA
Security Menu Screens
9-5

Advertisement

Table of Contents
loading

Related Manuals for Enterasys Matrix E5 5H153-50-G

Related Content for Enterasys Matrix E5 5H153-50-G

This manual is also suitable for:

Matrix e6 5g102-06-g

Table of Contents