Denial Of Service - Extreme Networks ExtremeWare Command Reference Manual
Hide thumbs
Also See for ExtremeWare:
- Command reference manual (2620 pages) ,
- Command reference manual (2546 pages) ,
- Command reference manual (1598 pages)
Table of Contents
Advertisement
• Campus mode, used when a port in a VLAN will move to another VLAN when authentication has
been completed successfully. This mode is for the roaming user who will not always be using the
same port for authentication. Campus mode requires a DHCP server and a RADIUS server
configured for Extreme Network Login.
• ISP mode, used when the port and VLAN used will remain constant. All network settings are
configured for that VLAN.
A DHCP server is included to support Network Login functionality.
Denial of Service
You can configure ExtremeWare to protect your Extreme switches in the event of a Denial of Service
(DoS) attack. During a typical denial of service attack, the CPU on the switch gets flooded with packets
from multiple attackers, potentially causing the switch to fail. To protect against this type of attack, you
can configure the software so that when the number of packets received is more than the configured
threshold limit of packets per second, a hardware ACL is enabled.
Unified Access Security
The Extreme Unified Access™ Security architecture provides secure access for all wired and wireless
stations within the unified network. You can maintain the network with a single, unified security policy,
provide service to all stations without requiring upgrades, and take advantage of integrated policy and
management capabilities not available in overlay networks or those with "thick" access points. Unified
Access Security provides the following capabilities:
• Consolidated management — greater network support with reduced management overhead
• Scalable encryption — ASIC based AES encryption, WPA with TKIP support, and RC4 based WEP
support on the Altitude 300 wireless port
• 802.1x Authentication — 802.1x authentication (PEAP, EAP-TTLS, EAP-TLS)
• Web-based network login—http and https based user authentication
The unified structure simplifies security policies without compromising protection and provides the
following benefits:
• Single user experience — Same authentication procedures for wired and wireless users
• Unified management — Single management platform for wired and wireless networks
• Unified configuration — Consistent CLI for wired and wireless functions
• Single authentication infrastructure — Single set of policies, RADIUS, and certificate servers
ExtremeWare Software 7.3.0 Command Reference Guide
Denial of Service
763
Advertisement
Table of Contents
