Table of Contents
Advertisement
14
S
M
ECURITY
You can configure this switch to authenticate users logging into the system
for management access using local or remote authentication methods.
Port-based authentication using IEEE 802.1X can also be configured to
control either management access to the uplink ports or client access to
the data ports. This switch provides secure network management access
using the following options:
AAA
– Use local or remote authentication to configure access rights,
◆
specify authentication servers, configure remote authentication and
accounting.
User Accounts
– Manually configure access rights on the switch for
◆
specified users.
◆
Web Authentication
network in situations where 802.1X or Network Access authentication
methods are infeasible or impractical.
Network Access
- Configure MAC authentication, intrusion response,
◆
dynamic VLAN assignment, and dynamic QoS assignment.
HTTPS
– Provide a secure web connection.
◆
SSH
– Provide a secure shell (for secure Telnet access).
◆
ACL
– Access Control Lists provide packet filtering for IP frames (based
◆
on address, protocol, Layer 4 protocol port number or TCP control
code).
ARP Inspection
– Security feature that validates the MAC Address
◆
bindings for Address Resolution Protocol packets. Provides protection
against ARP traffic with invalid MAC to IP Address bindings, which forms
the basis for certain "man-in-the-middle" attacks.
IP Filter
– Filters management access to the web, SNMP or Telnet
◆
interface.
Port Security
– Configure secure addresses for individual ports.
◆
Port Authentication
◆
access to specific ports.
IP Source Guard
– Filters untrusted DHCP messages on insecure ports
◆
by building and maintaining a DHCP snooping binding table.
– 279 –
EASURES
– Allows stations to authenticate and access the
– Use IEEE 802.1X port authentication to control
Advertisement
Table of Contents
Troubleshooting
