Introduction To Aaa And User Management; Aaa And User Management Features Supported By The S9300 - Huawei Quidway S9300 Configuration Manual

Terabit routing switch v100r001c03

Hide thumbs Also See for Quidway S9300:

Configuration manual - network management (630 pages)

Configuration manual (603 pages)

Configuration manual - multicast (262 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

page of 178

/ 178
Contents
Table of Contents
Bookmarks

Table of Contents

1 AAA and User Management Configuration

1.1 Introduction to AAA and User Management

This section describes the knowledge of AAA and user management.

AAA

AAA provides the following types of services:

AAA adopts the client/server model, which features good extensibility and facilitates

concentrated management over user information.

Domain-based User Management

User authentication, authorization, and accounting are performed in the domain view. Users can

be managed based on the domain. You can configure authorization, create authentication and

accounting schemes, and create RADIUS or HWTACACS templates in the domain.

Local User Management

To perform local user management, you need to set up the local user database, maintain user

information, and manage users on the local S9300.

1.2 AAA and User Management Features Supported by the

S9300

This section describes the AAA and user management features supported by the S9300.

AAA

The S9300 provides authentication schemes in the following modes:

The S9300 provides authorization schemes in the following modes:

1-2

Authentication: determines the user who can access the network.

Authorization: authorizes the user to use certain services.

Accounting: records network resource usage of the user.

NOTE

Currently, the S9300 does not support user accounting.

Non-authentication: completely trusts users and does not check their validity. This mode

is seldom used.

Local authentication: configures user information including the user name, password, and

attributes of the local user on the S9300. In local authentication mode, the processing speed

is fast, but the capacity of information storage is restricted by the hardware.

Remote authentication: configures user information including the user name, password,

and attributes of the local user on an authentication server. The S9300 functions as the client

to communicate with the authentication server. Thus, the user is remotely authenticated

through the RADIUS or HWTACACS protocol.

Huawei Proprietary and Confidential

Quidway S9300 Terabit Routing Switch

Configuration Guide - Security

Issue 01 (2009-07-28)

Table of Contents

Introduction To Aaa And User Management; Aaa And User Management Features Supported By The S9300 - Huawei Quidway S9300 Configuration Manual

1.1 Introduction to AAA and User Management

Related Manuals for Huawei Quidway S9300

Related Content for Huawei Quidway S9300

Table of Contents