Safe Defaults Mode - Extreme Networks ExtremeWare XOS Guide Manual

Security
Denial of Service Protection—Denial of Service (DoS) protection is a dynamic response mechanism
●
used by the switch to prevent critical network or computing resources from being overwhelmed and
rendered inoperative. In essence, DoS protection protects the switch, CPU, and memory from attacks
and attempts to characterize the attack (or problem) and filter out the offending traffic so that other
functions can continue. If the switch determines it is under attack, the switch reviews the packets in
the input buffer and assembles ACLs that automatically stop the offending packets from reaching the
CPU. For increased security, you can turn on DoS protection and establish CLEAR-Flow rules at the
same time.
For more information about DoS attacks and DoS protection, see
page 320. For more information about CLEAR-Flow, see
Network Login—Network login controls the admission of user packets and access rights thereby
●
preventing unauthorized access to the network. Network login is controlled on a per port basis.
When network login is enabled on a port in a VLAN, that port does not forward any packets until
authentication takes place. Network login is capable of three types of authentication: web-based,
MAC-based, and 802.1x.
For more information about network login, see
Policy Files—Policy files are text files that contain a series of rule entries describing match conditions
●
and actions to take. Policy files are used by both routing protocol applications (routing policies) and
the ACL application (ACLs).
For more information about policy files, see
Routing Policies—Routing policies are policy files used by routing protocol applications to control
●
the advertisement, reception, and use of routing information by the switch. By using policies, a set of
routes can be selectively permitted or denied based on their attributes for advertisements in the
routing domain. Routing policies can be used to "hide" entire networks or to trust only specific
sources for routes or ranges of routes.
For more information about using routing policies to control and limit network access, see
Chapter 14,
Sentriant—Sentriant is an external security appliance used by the BlackDiamond 10K switch to
●
detect and defend against threats without interfering with network traffic. Sentriant can actively
engage, determine, and terminate malicious behavior occurring in your network. Sentriant and
CLEAR-Flow provide a rapid response to network threats. Sentriant can add to or modify the
BlackDiamond 10K switch's CLEAR-Flow rules and ACLs in real-time to inspect additional traffic or
change inspection thresholds.
For more information about Sentriant, contact your Extreme Networks representative. For more
information about CLEAR-Flow, see
sFlow—sFlow
●
packets received on each port. sFlow also uses IP headers to gather information about the network.
By gathering statistics about the network, sFlow becomes an early warning system notifying you
when there is a spike in traffic activity. Upon analysis, common response mechanisms include
applying an ACL, changing Quality of Service (QoS) parameters, or modifying VLAN settings.
For more information about sFlow, see the section
and Statistics."

Safe Defaults Mode

Beginning with ExtremeWare XOS 11.2, when you set up your switch for the first time, you must
connect to the console port to access the switch. After logging in to the switch, you enter safe defaults
314
"Routing Policies."
®
is a technology designed to monitor network traffic by using a statistical sampling of
Chapter
Chapter 17, "Network
Chapter 12, "Policy
Chapter 18, "CLEAR-Flow."
"Using sFlow"
"Denial of Service Protection" on
18, "CLEAR-Flow."
Login."
Manager."
in Chapter 8, "Status Monitoring
ExtremeWare XOS 11.3 Concepts Guide