Configuring Security; Configuring User Accounts; Command Usage - AMX NXA-ENET8-2POE Instruction Manual

Gigabit poe ethernet switch

Hide thumbs Also See for NXA-ENET8-2POE:

Operation/reference manual (204 pages)

Installation manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

Table of Contents

Click Conf iguration, Ports.

Make any required changes to the connection settings.

Click Save.

Conf iguring Security

You can configure this switch to authenticate users logging into the system for management access or to control client access to

the data ports.

Management Access Security (Switch menu) – Management access to the switch can be controlled through local



authentication of user names and passwords stored on the switch, or remote authentication of users via a RADIUS or

TACACS+ server. Additional authentication methods includes Secure Shell (SSH), Secure Hypertext Transfer Protocol

(HTTPS) over the Secure Socket Layer (SSL), static configuration of client addresses, and SNMP.

General Security Measures (Network menu) – This switch supports many methods of segregating traffic for clients



attached to each of the data ports, and for ensuring that only authorized clients gain access to the network. Private VLANs

and port-based authentication using IEEE 802.1X are commonly used for these purposes. In addition to these methods,

several other options of providing client security are supported by this switch. These include limiting the number of users

accessing a port. The addresses assigned to DHCP clients can also be carefully controlled using static or dynamic bindings

with DHCP Snooping and IP Source Guard commands. ARP Inspection can also be used to validate the MAC address

bindings for ARP packets, providing protection against ARP traffic with invalid MAC to IP address bindings, which forms the

basis for "man-in-the middle" attacks.

Conf iguring User Accounts

Use the User Conf iguration page to control management access to the switch based on manually configured user names and

passwords.

User Configuration

FIG. 37

Users Conf iguration parameters

• User Name

• Password

• Password (again)

• Privilege Level

Command Usage

The default guest name is "guest" with the password guest. The default administrator name is "admin" with the password



admin.

The guest only has read access for most configuration parameters. However, the administrator has write access for all



parameters governing the onboard agent. You should therefore assign a new administrator password as soon as possible,

and store it in a safe place.

The administrator has a privilege level of 15, with access to all process groups and full control over the device. If the



privilege level is set to any other value, the system will refer to each group privilege level. The user's privilege should be

same or greater than the group privilege level to have the access of a group. By default, most of the group privilege levels

are set to 5 which provides read-only access and privilege level 10 which also provides read/write access. To perform

system maintenance (software upload, factory defaults, etc.) the user's privilege level should be set to 15. Generally, the

privilege level 15 can be used for an administrator account, privilege level 10 for a standard user account, and privilege

level 5 for a guest account.

Click Conf iguration, System, Switch, Users

Click Add new user.

Enter the user name, password, and privilege level.

Click Save.

NXA-ENET8-2POE - Instruction Manual

The name of the user. (Maximum length: 8 characters; maximum number of users: 16)

Specifies the user password. (Range: 0-8 characters plain text, case sensitive)

Re-type the string entered in the previous field to ensure no errors were made. The switch will not change the

password if these two fields do not match.

Specifies the user level. (Options: 1 - 15)

Access to specific functions are controlled through the Privilege Levels configuration page (see Conf iguring User

Privilege Levels section on page 48). The default settings provide four access levels:

1 - Read access of port status and statistics.

5 - Read access of all system functions except for maintenance and debugging

10 - Read and write access of all system functions except for maintenance and debugging

15 - Read and write access of all system functions including maintenance and debugging.

Configuring the NXA-ENET8-2POE

Table of Contents

Configuring Security; Configuring User Accounts; Command Usage - AMX NXA-ENET8-2POE Instruction Manual

Command Usage

Related Manuals for AMX NXA-ENET8-2POE

Related Content for AMX NXA-ENET8-2POE

Table of Contents