Displaying, Adding, Or Activating An Access Profile - Cisco 200 Series Administration Manual

Configuring Security
Defining Access Profiles
STEP 1
STEP 2
Cisco Small Business 200 Series Smart Switch Administration Guide
Rules are composed of filters that include the following elements:
• Access Methods—The HTTP access method is available.
• Action—Permit or deny access to an interface or source address.
• Interface—Which ports, LAGs, or VLANs are permitted to access or
denied access to the web-based switch configuration utility.
• Source IP Address—IP addresses or subnets that are allowed access.
Active Access Profile
The Access Profiles Page displays the active access profile and all access
profiles created by users. Only one access profile can be active on the switch and
any attempt to access the switch must fit the rules in the active access profile.
The lookup in the active access profile is done by using a first-match method. The
switch looks to see if the active access profile explicitly permits management
access to the switch. If no match is found, access is denied.
When an attempt to access the switch is in violation of the active access profile,
the switch generates a SYSLOG message to alert the system administrator of the
attempt.
After an access profile has been defined, additional rules can be added or edited
by using the Profiles Rules Page.

Displaying, Adding, or Activating an Access Profile

To display, add, or select a different active access profile:
Click Security > Mgmt Access Method > Access Profiles. The Access Profiles
Page displays.
This page displays all of the access profiles, active and inactive.
To change the active access profile, select a profile from the Active Access
Profile drop down menu and click Apply. This makes the chosen profile the active
access profile.
16
176