Chapter 6: Managing Device Security; Port Access Control - Ubiquiti EdgeSwitch ES-24-250W Administration Manual

EdgeSwitch Administration Guide
™

Chapter 6: Managing Device Security

Use the features in the Security folder on the navigation menu to set management security parameters for
port, user, and server security. The Security folder contains links to the following features:
• "Port Access Control" on page 204
• "RADIUS Settings" on page 218
• "TACACS+ Settings" on page 225

Port Access Control

In port-based authentication mode, when 802.1X is enabled globally and on the port, successful
authentication of any one supplicant attached to the port results in all users being able to use the port
without restrictions. At any given time, only one supplicant is allowed to attempt authentication on a port in
this mode. Ports in this mode are under bidirectional control. This is the default authentication mode.
The 802.1X network has three components:
• Authenticators: Specifies the port that is authenticated before permitting system access.
• Supplicants: Specifies host connected to the authenticated port requesting access to the system services.
Authentication Server: Specifies the external server, for example, the RADIUS server that performs the
authentication on behalf of the authenticator, and indicates whether the user is authorized to access system
services.
The Port Access Control folder contains links to the following pages that allow you to view and configure
802.1X features on the system.
Ubiquiti Networks, Inc.
Managing Device Security
204