HPE FlexNetwork 5510 HI Series Security Configuration Manual page 12
Hide thumbs
Also See for FlexNetwork 5510 HI Series:
- Configuration manual (572 pages) ,
- Mpls configuration manual (505 pages) ,
- Layer 3 - ip routing configuration manual (486 pages)
Table of Contents
Advertisement
Configuration restrictions and guidelines ····················································································· 444
Configuring FIPS mode ··········································································································· 445
Entering FIPS mode ········································································································· 445
Configuration changes in FIPS mode ··················································································· 446
Exiting FIPS mode ··········································································································· 447
FIPS self-tests ······················································································································· 447
Power-up self-tests ·········································································································· 448
Conditional self-tests ········································································································ 448
Triggering self-tests ········································································································· 449
Displaying and maintaining FIPS ······························································································· 449
FIPS configuration examples ···································································································· 449
Entering FIPS mode through automatic reboot ······································································· 449
Entering FIPS mode through manual reboot ·········································································· 450
Exiting FIPS mode through automatic reboot ········································································· 452
Exiting FIPS mode through manual reboot ············································································ 452
Configuring user profiles ································································ 454
Overview ······························································································································ 454
Configuration task list·············································································································· 454
Configuration restrictions and guidelines ····················································································· 454
Creating a user profile ············································································································· 454
Configuring parameters for a user profile ···················································································· 455
Configuring QoS parameters for traffic management ······························································· 455
Displaying and maintaining user profiles ····················································································· 455
User profile configuration examples ··························································································· 455
Local 802.1X authentication/authorization with QoS policy configuration example ························· 455
Configuring attack detection and prevention ······································· 460
Overview ······························································································································ 460
Configuring TCP fragment attack prevention ················································································ 460
Configuring MACsec ····································································· 461
Overview ······························································································································ 461
Basic concepts ··············································································································· 461
MACsec services ············································································································ 461
MACsec applications ········································································································ 462
MACsec operating mechanism ··························································································· 462
Protocols and standards ··································································································· 464
Compatibility information ········································································································· 464
Feature and hardware compatibility ····················································································· 464
Feature and software version compatibility ············································································ 464
MACsec configuration task list ·································································································· 465
Enabling MKA ······················································································································· 465
Enabling MACsec desire ········································································································· 465
Configuring a preshared key ····································································································· 466
Configuring the MKA key server priority ······················································································ 466
Configuring MACsec protection parameters in interface view ··························································· 467
Configuring the MACsec confidentiality offset ········································································ 467
Configuring MACsec replay protection ················································································· 468
Configuring the MACsec validation mode ············································································· 468
Configuring MACsec protection parameters by MKA policy ····························································· 468
Configuring an MKA policy ································································································ 468
Applying an MKA policy ···································································································· 469
Displaying and maintaining MACsec ·························································································· 469
MACsec configuration examples ······························································································· 470
Client-oriented MACsec configuration example ······································································ 470
Device-oriented MACsec configuration example ···································································· 473
Troubleshooting MACsec ········································································································· 476
Configuring ND attack defense ························································ 477
Overview ······························································································································ 477
Feature and software version compatibility ·················································································· 477
x
- Quick Links:
- Radius
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the FlexNetwork 5510 HI Series and is the answer not in the manual?