Access Security; Data Security - HP 12500 Series Configuration Manual

Authorization—Grants user rights and controls user access to resources and services. For example,
•
a user who has successfully logged in to the device can be granted read and print permissions to
the files on the device.
Accounting—Records all network service usage information, including service type, start time, and
•
traffic. The accounting function provides information required for charging, and allows for network
security surveillance.
AAA can be implemented through multiple protocols, such as RADIUS and HWTACACS, of which
RADIUS is most often used.
PKI
Public Key Infrastructure (PKI) uses a general security infrastructure to provide information security through
public key technologies. PKI employs the digital certificate mechanism to manage the public keys. The
digital certificate mechanism binds public keys to their owners, helping distribute public keys in large
networks securely. With digital certificates, the PKI system provides network communication, e-commerce
and e-Government with security services.
HP's PKI system provides digital certificate management for IPsec and SSL.

Access security

802.1X
802.1X is a port-based network access control protocol for securing wireless LANs (WLANs), and it has
also been widely used on Ethernet networks for access control. 802.1X controls network access by
authenticating the devices connected to 802.1X-enabled LAN ports.
MAC authentication
MAC authentication controls network access by authenticating source MAC addresses on a port. It does
not require client software and users do not need to enter a username and password for network access.
The device initiates a MAC authentication process when it detects an unknown source MAC address on
a MAC authentication enabled port. If the MAC address passes authentication, the user can access
authorized network resources.
Portal authentication
Portal authentication, also called "web authentication", helps control access to the Internet. You can input
a user name and password at the website for authentication. It does not require client software for access
control at the access layer and other data entrance that needs protection.
With portal authentication, an access device redirects all users to the portal authentication page. All
users can access the free services provided on the portal website. However, to access the Internet, a user
must pass portal authentication.

Data security

Managing public keys
Public key configuration enables you to manage the local asymmetric key pairs (such as creating and
destroying a local asymmetric key pair, displaying or exporting the local host public key), and configure
the peer host public keys on the local device.
2