Securing Access to Management Functions
This chapter explains how to secure access to management functions on an HP device.The ProCurve Routing
Switches provide the following methods for securing access to the device. You can use one or more of these
methods:
•
"Securing Access Methods" on page 2-1 lists the management access methods available on an HP device
and the ways you can secure each one
•
"Restricting Remote Access to Management Functions" on page 2-3 explains how to restrict access to
management functions from remote sources, including Telnet, the Web management interface, and SNMP
•
"Setting Passwords" on page 2-13 explains how to set passwords for Telnet access and management
privilege levels
•
"Setting Up Local User Accounts" on page 2-16 explains how to define user accounts to regulate who can
access management functions
•
"Configuring TACACS/TACACS+ Security" on page 2-20 explains how to configure SNMP read-only and
read-write community strings on an HP device
•
"Configuring TACACS/TACACS+ Security" on page 2-20 explains how to configure TACACS/TACACS+
authentication, authorization, and accounting
•
"Configuring RADIUS Security" on page 2-38 explains how to configure RADIUS authentication,
authorization, and accounting
•
"Configuring Authentication-Method Lists" on page 2-54 explains how to set the order that authentication
methods are consulted when more than one is used with an access method
Securing Access Methods
The following table lists the management access methods available on an HP device, how they are secured by
default, and the ways in which they can be secured.
Access method
Serial access to the CLI
June 2005
Table 2.1: Ways to secure management access to HP devices
How the access
method is secured
by default
Not secured
Ways to secure the access method
Establish passwords for management privilege
levels
Chapter 2
See
page
2-14
2 - 1