Management; Switch Configuration Using Webview; Switch Configuration Using Cli Commands; Secure Networks Policy Support - Enterasys Matrix 7GR4202-30 Hardware Installation Manual

Management

Management of the module can be either in‐band or out‐of‐band. In‐band remote management is
possible using Telnet, Enterasys Networks' NetSight
application. Out‐of‐band management is provided through the RJ45 COM (Communication) port
on the front panel using a VT100 terminal or a VT100 terminal emulator.

Switch Configuration Using WebView

Enterasys Networks' HTTP‐based Web management application (WebView) is an intuitive web
tool for simple management tasks.

Switch Configuration Using CLI Commands

The CLI commands enable you to perform more complete switch configuration management
tasks.
For CLI command set information and how to configure the module, refer to the Enterasys Matrix
DFE‐Diamond/Platinum Series Configuration Guide.

Secure Networks Policy Support

A fundamental concept that is key to the implementation of the Enterasys Secure Networks
methodology is policy‐enabled networking. This approach provides users of the network with the
resources they need ‐ in a secure fashion – while at the same time denying access to applications or
protocols that are deemed inappropriate based on the user's function within the organization. By
adopting such a "user‐personalized" model, it is possible for business policies to be the guidelines
in establishing the technology architecture of the enterprise. Two major objectives are achieved in
this way: IT services are matched appropriately with individual users; and the network itself
becomes an active participant in the organization's security strategy. The Secure Networks
architecture consists of three tiers:
• Classification rules make up the first or bottom tier. The rules apply to devices in the Secure
Networks environment, such as switches and routers. The rules are designed to be
implemented at or near the user's point of entry to the network. Rules may be written based
on criteria defined in the Layer 2, Layer 3 or Layer 4 information of the data frame.
• The middle tier is Services, which are collections of individual classification rules, grouped
logically to either permit or deny access to protocols or applications based on the user's role
within the organization. Priority and bandwidth rate limiting may also be defined in services.
• Roles, or behavioral profiles, make up the top tier. The roles assign services to various
business functions or departments, such as executive, sales, and engineering.
To enhance security and deliver a true policy‐based infrastructure, the Enterasys Secure Networks
methodology can take advantage of authentication methods, such as 802.1X, using EAP‐TLS, EAP‐
TTLS, or PEAP, as well as other types of authentication. Authorization information, attached to the
authentication response, determines the application of policy. Authorization information is
communicated via the policy name in a RADIUS Filter‐ID attribute. An administrator can also
define a role to be implemented in the absence of an authentication framework. Refer to the
release notes shipped with the module for details.
®
management application, or WebView™
Matrix DFE-Diamond Series Installation Guide 1-7
Management