544
C
50: EAD C
HAPTER
EAD Configuration
Configuration
prerequisites
Configuring EAD
ONFIGURATION
software and install system patches. Figure 137 shows the typical network
application of EAD.
Figure 137 Typical network application of EAD
The security client (software installed on PC) checks the security status of a client
that just passes the authentication, and interacts with the security policy server. If
the client is not compliant with the security standard, the security policy server
issues ACL control packets to the switch to control which addresses the client can
access.
After the client is patched and compliant with the required security standard, the
security policy server reissues an ACL to the switch to assign the access right to the
client.
EAD is implemented typically in RADIUS scheme. Before configuring EAD, perform
the following configuration:
Configuring the attributes, such as the user name, user type, and password for
■
access users. If local authentication is performed, you need to configure these
attributes on the switch; if remote authentication is performed, you need to
configure these attributes on AAA sever.
Configuring RADIUS scheme.
■
Associating domain with RADIUS scheme.
■
For the detailed configuration procedure, refer to "AAA & RADIUS & HWTACACS
Configuration" on page 507.
Table 428 EAD configuration
Operation
Enter system view
Command
system-view
Description
-