H3C S5830V2 Security Configuration Manual page 4

Configuration guide
AAA
802.1X
MAC authentication
Port security
Password control
Public key management
PKI
SSH
SSL
IP source guard
ARP attack protection
uRPF
FIPS
IPsec
Added and modified features
Added features:
•
Configuring a local user to use the LAN access service.
•
Configuring AAA methods for LAN users.
•
Setting the traffic statistics unit for a RADIUS or HWTACACS server.
•
Configuring the IPv6 address and port number of an LDAP server.
•
Configuring the local user type.
•
Configuring the RADIUS or HWTACACS server to support IPv6.
•
Enabling the session-control feature.
Modified features:
•
Configuring the local user password.
•
Specifying AAA methods in an ISP domain to apply by default or to
login users.
Added features: 802.1X.
Added features: MAC authentication.
Added features: Port security.
Added features: Password control.
N/A
Added features: PKI.
Added features:
•
Configuring the service type as SCP for SSH users.
•
Configuring the device as an SCP client.
•
Specifying the output interface used by a client to connect to the
IPv6 SFTP server.
•
Specifying the output interface used by a client to connect to the
IPv6 Stelnet server.
•
Specifying 256-bit AES_CBC as a preferred client-to-server
encryption algorithm.
Modified features: Setting an ACL for IPv6 SSH clients.
Added features: SSL.
Added features:
•
Displaying IPv4 source guard entries with the specified fields.
•
Clearing IPv4 source guard entries with the specified fields.
Modified features:
•
Setting the aging time of ARP attack entries.
•
Setting the threshold for source MAC address-based ARP attack
detection.
Added features: uRPF.
Added features: FIPS.
Added features: IPsec.