Monitoring Switch Configuration Changes - Extreme Networks Ridgeline Guide Manual

recommended) on the same system as the Ridgeline client, and installing and running an SSH server
(OpenSSH is recommended) on the same system where the Ridgeline server resides.
Tunneled communication is accomplished through port forwarding.
To configure SSH tunneling between the Ridgeline server and client, you must to do the following:
1 Install PuTTY on the Ridgeline client system
2 Configure the PuTTY client with an Ridgeline session connecting to the Ridgeline server host
3 Install an SSH server on the system with the Ridgeline server (if it is not already installed)
4 Configure any firewall software to allow SSH connects
5 Initiate Ridgeline server/client communication:
a Make sure the SSH server is running on the server system
b Start the SSH client on the client system
c Log into the Ridgeline client with the URL
Ridgeline server is actually located)
PuTTY is now set up to port forward all traffic going to the local host on port 8080. When PuTTY sees a
connection request to the local host on port 8080, PuTTY encrypts the information and sends it across
the encrypted tunnel to the server.
Appendix C, "Using SSH for Secure Communication"
doing these steps in the Windows environment.

Monitoring Switch Configuration Changes

Fundamental to securing your network is verifying that no configuration changes have occurred that
may have a detrimental effect on network security. Something as simple as changing passwords can
introduce a weakness in your security design for the network.
The Ridgeline Configuration Manager provides several features you can use to monitor the integrity of
your device configurations:
You can save baseline configurations for each of your devices. Not only do these provide a known-
●
good backup if needed, but Ridgeline can then compare these to your regularly-scheduled
configuration archive files to determine if any configuration changes have been made. If it detects
changes, Ridgeline will inspect the Syslog file for the device to identify any entries that are related to
the configuration changes observed in the archived configuration file.
Regularly archiving your device configuration files provides a backup in case a configuration is
●
accidentally or intentionally changed.
The Configuration Manager's Diff feature lets you compare two saved configuration files, or
●
compare a saved configuration file against the baseline configuration for the device to see the
differences between the two files. You must have a Differences viewer installed on the system where
you Ridgeline server is installed. You can configure the Diff Viewer using the Difference Viewer
option from the Tools menu.
See Chapter 18, "Managing Network Device Configurations and Updates"
using these features of the Configuration Manager.
Ridgeline Concepts and Solutions Guide
http://localhost:8080/
contains a detailed walk-through example of
(not the host where the
for more information on
195
13