Secure Protocols - Lenovo RackSwitch G8264CS Application Manual

Secure Protocols

572
G8264CS Application Guide for ENOS 8.4
 FTP (server and client)
 Radius (client
 TACACS+ (client)
 TFTP Server
Except for the TFTP server, these protocols cannot be enabled when the switch is
operating in Secure Mode because the commands to enable or disable them
disappear with SIOM enabled.
The following protocols, although deemed "insecure" by SIOM, are enabled by
default and can be disabled.
 DHCP client
 SysLog
Note: Service Location Protocol (SLP) Discovery is also deemed "insecure" but is
unaffected by Secure Mode. SLP has the same default settings as in Legacy Mode.
If you can enable or disable SLP in Legacy Mode, you can enable or disable it the
same way in Secure Mode.
The following supported protocols are not enabled by default but can always be
enabled in Secure Mode.
 DNS Resolution
 TFTP client (for signed items only, such as switch images)
The following protocols, although deemed "insecure" and allowed by SIOM, are
not supported by the G8264CS:
RCP

 SMTP
MIME

 TCP command in secure mode (Port 6090)
DHCPv6 client

The following protocols are deemed "secure" and are enabled by default in Secure
Mode:
 SCP Server
SNMPv3 Client

 SFTP Client
SSHv2 Server

 SSHv2 Client
HTTPS Server

You can disable these protocols.
The following protocols are deemed "secure" and cannot be disabled in any mode:
 NTP Client v4