Other Provisions For Management Access Security - HP ProCurve Series 3400cl Release Notes

Procurve series

Hide thumbs Also See for ProCurve Series 3400cl:

Management manual (664 pages)

Management and configuration manual (508 pages)

Access security manual (404 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

page of 197

/ 197
Contents
Table of Contents
Bookmarks

Table of Contents

Enforcing Switch Security

Switch Management Access Security

For the commands to implement the above actions, refer to "Front-Panel Security" in the chapter

titled "Configuring Usernames and Passwords" in the Access Security Guide for your switch.

Other Provisions for Management Access Security

Authorized IP Managers. This feature uses IP addresses and masks to determine whether to allow

management access to the switch through the network, and covers access through the following:

■

Telnet and other terminal emulation applications

The switch's web browser interface

■

SNMP (with a correct community name)

Refer to the chapter titled "Using Authorized IP Managers" in the Access Security Guide for your

switch.

Secure Management VLAN. This feature creates an isolated network for managing the ProCurve

switches that offer this feature. When a secure management VLAN is enabled, CLI, Menu interface,

and web browser interface access is restricted to ports configured as members of the VLAN.

Refer to the chapter titled "Static Virtual LANs (VLANs)" in the Advanced Traffic Management Guide

for your switch.

RADIUS Authentication. For each authorized client, RADIUS can be used to authenticate operator

or manager access privileges on the switch via the serial port (CLI and Menu interface), Telnet, SSH,

and Secure FTP/Secure Copy (SFTP/SCP) access methods.

Refer to the chapter titled "RADIUS Authentication and Accounting" in the Access Security Guide

for your switch.

TACACS+ Authentication. This application uses a central server to allow or deny access to

TACACS-aware devices in your network. TACACS+ uses username/password sets with associated

privilege levels to grant or deny access through either the switch's serial (console) port or remotely,

with Telnet. If the switch fails to connect to a TACACS+ server for the necessary authentication

service, it defaults to its own locally configured passwords for authentication control. TACACS+

allows both login (read-only) and enable (read/write) privilege level access.

Refer to the chapter titled "TACACS+ Authentication" in the Access Security Guide for your switch

model.

Access Control Lists (ACLs) for Management Access Protection. ACLs can be used to secure

access to the management interface of the switch by blocking inbound IP traffic that has the switch

itself as the destination address. (Refer also to "Access Control Lists" in the next section.)

Table of Contents

This manual is also suitable for:

Procurve 3400cl-48g Procurve 6400cl-6xg Procurve 6410cl-6xg Procurve 3400cl-24g

Other Provisions For Management Access Security - HP ProCurve Series 3400cl Release Notes

Other Provisions for Management Access Security

Related Manuals for HP ProCurve Series 3400cl

Related Content for HP ProCurve Series 3400cl

This manual is also suitable for:

Table of Contents