Sign In
Upload
Manuals
Brands
HP Manuals
Printer
Business Inkjet 2800
HP Business Inkjet 2800 Manuals
Manuals and User Guides for HP Business Inkjet 2800. We have
1
HP Business Inkjet 2800 manual available for free PDF download: Manual
HP Business Inkjet 2800 Manual (300 pages)
Access Security Guide
Brand:
HP
| Category:
Switch
| Size: 3.68 MB
Table of Contents
Table of Contents
5
Getting Started
14
Introduction and Applicable Switches
14
About the Feature Descriptions
14
Overview of Access Security Features
15
General Switch Traffic Security Guideline
17
Command Syntax Conventions
18
Simulating Display Output
18
Command Prompts
18
Screen Simulations
19
Port Identity Convention for Examples
19
Related Publications
19
Getting Documentation from the Web
21
Sources for more Information
22
Need Only a Quick Start
23
To Set up and Install the Switch in Your Network
23
Contents
25
Overview
26
Configuring Username and Password Security
26
Configuring Local Password Security
28
Menu: Setting Passwords
28
CLI: Setting Passwords and Usernames
29
Web: Setting Passwords and Usernames
30
Front-Panel Security
31
When Security Is Important
31
Front-Panel Button Functions
33
Configuring Front-Panel Security
36
Password Recovery
41
Password Recovery Process
43
Web and MAC Authentication for the Series 2600/2600-PWR and 2800 Switches
45
Contents
45
Overview
46
Client Options
47
General Features
48
How Web and MAC Authentication Operate
49
Authenticator Operation
49
Terminology
53
Operating Rules and Notes
54
Do These Steps before You Configure Web/Mac Authentication
56
General Setup Procedure for Web/Mac Authentication
56
Additional Information for Configuring the RADIUS Server to Support MAC Authentication
58
Configuring the Switch to Access a RADIUS Server
59
Configuring Web Authentication on the Switch
61
Overview
61
Configure the Switch for Web-Based Authentication
62
Configuring MAC Authentication on the Switch
66
Overview
66
Configure the Switch for MAC-Based Authentication
67
Show Status and Configuration of Web-Based Authentication
70
Show Status and Configuration of MAC-Based Authentication
72
Client Status
74
Contents
75
Overview
76
TACACS+ Authentication
76
Terminology Used in TACACS Applications
77
General System Requirements
79
General Authentication Setup Procedure
79
Configuring TACACS+ on the Switch
82
Beforeyou Begin
82
CLI Commands Described in this Section
83
Viewing the Switch's Current Authentication Configuration
83
Viewing the Switch's Current TACACS+ Server Contact Configuration
84
Configuring the Switch's Authentication Methods
85
Configuring the Switch's TACACS+ Server Access
89
How Authentication Operates
94
General Authentication Process Using a TACACS+ Server
94
Local Authentication Process
96
Using the Encryption Key
97
Controlling Web Browser Interface Access When Using TACACS+ Authentication
98
Controlling Web Browser Interface Access When Using TACACS
98
Authentication
98
Messages Related to TACACS+ Operation
99
Operating Notes
99
RADIUS Authentication and Accounting
101
Contents
101
Overview
102
Terminology
103
Switch Operating Rules for RADIUS
104
General RADIUS Setup Procedure
105
Outline of the Steps for Configuring RADIUS Authentication
106
Configuring the Switch for RADIUS Authentication
106
Configure Authentication for the Access Methods You Want RADIUS
108
To Protect
108
Configure the Switch to Access a RADIUS Server
110
Configure the Switch's Global RADIUS Parameters
112
Local Authentication Process
116
Controlling Web Browser Interface Access When Using RADIUS Authentication
117
Configuring RADIUS Accounting
117
Authentication
117
Operating Rules for RADIUS Accounting
119
Steps for Configuring RADIUS Accounting
119
Configuring RADIUS Accounting
119
Reports to the Radius Server
122
Viewing RADIUS Statistics
125
General RADIUS Statistics
125
RADIUS Authentication Statistics
127
RADIUS Accounting Statistics
128
Changing RADIUS-Server Access Order
129
Messages Related to RADIUS Operation
131
Configuring Secure Shell (SSH)
133
Contents
133
Overview
134
Terminology
136
Prerequisite for Using SSH
137
Public Key Formats
137
Steps for Configuring and Using SSH for Switch and Client Authentication
138
General Operating Rules and Notes
140
Configuring the Switch for SSH Operation
141
Assigning a Local Login (Operator) and Enable (Manager) Password
141
Generating the Switch's Public and Private Key Pair
142
Providing the Switch's Public Key to Clients
144
Enabling SSH on the Switch and Anticipating SSH Client Contact
147
Behavior
147
Configuring the Switch for SSH Authentication
150
Use an SSH Client to Access the Switch
153
Further Information on SSH Client Public-Key Authentication
153
Messages Related to SSH Operation
159
Configuring Secure Socket Layer (SSL)
161
Contents
161
Overview
162
Terminology
163
Prerequisite for Using SSL
165
Steps for Configuring and Using SSL for Switch and Client Authentication
165
General Operating Rules and Notes
166
Configuring the Switch for SSL Operation
167
Assigning a Local Login (Operator) and Enable (Manager)Password
167
Generating the Switch's Server Host Certificate
169
Comments on Certificate Fields
171
Enabling SSL on the Switch and Anticipating SSL Browser Contact
177
Behavior
181
Common Errors in SSL Setup
181
Contents
183
Configuring Port-Based Access Control (802.1X)
183
General Features
185
Why Use Port-Based Access Control
185
Overview
185
How 802.1X Operates
188
Authenticator Operation
188
Switch-Port Supplicant Operation
189
Terminology
190
General Operating Rules and Notes
192
General Setup Procedure for Port-Based Access Control (802.1X)
194
Do These Steps before You Configure 802.1X Operation
194
Overview: Configuring 802.1X Authentication on the Switch
195
Configuring Switch Ports as 802.1X Authenticators
197
Enable 802.1X Authentication on Selected Ports
197
Configure the 802.1X Authentication Method
201
Enable 802.1X Authentication on the Switch
202
Enter the RADIUS Host IP Address(Es)
202
802.1X Open VLAN Mode
203
Introduction
203
Use Models for 802.1X Open VLAN Modes
204
Operating Rules for Authorized-Client and Unauthorized-Client Vlans
207
Setting up and Configuring 802.1X Open VLAN Mode
209
802.1X Open VLAN Operating Notes
213
Option for Authenticator Ports: Configure Port-Security to Allow Only
214
802.1X Devices
214
To Other Switches
216
Displaying 802.1X Configuration, Statistics, and Counters
220
Show Commands for Port-Access Authenticator
220
Viewing 802.1X Open VLAN Mode Status
222
Show Commands for Port-Access Supplicant
225
How RADIUS/802.1X Authentication Affects VLAN Operation
226
Messages Related to 802.1X Operation
230
Configuring and Monitoring Port Security
231
Contents
231
Overview
232
Basic Operation
232
Blocking Unauthorized Traffic
233
Trunk Group Exclusion
234
Planning Port Security
235
Port Security Command Options and Operation
236
Retention of Static MAC Addresses
240
Displaying Current Port Security Settings
240
Configuring Port Security
242
MAC Lockdown
247
Differences between MAC Lockdown and Port Security
249
Deploying MAC Lockdown
251
MAC Lockout
255
Port Security and MAC Lockout
257
Web: Displaying and Configuring Port Security Features
257
Reading Intrusion Alerts and Resetting Alert Flags
258
Notice of Security Violations
258
How the Intrusion Log Operates
259
Keeping the Intrusion Log Current by Resetting Alert Flags
259
Using the Event Log to Find Intrusion Alerts
265
Web: Checking for Intrusions, Listing Intrusion Alerts, and Resetting
265
Operating Notes for Port Security
266
Alert Flags
266
Contents
269
Traffic/Security Filters
269
(HP Procurve Series 2600/2600-PWR and 2800 Switches)
269
Overview
270
Using Source-Port Filters
272
Operating Rules for Source-Port Filters
272
Configuring a Source-Port Filter
273
Viewing a Source-Port Filter
275
Filter Indexing
276
Editing a Source-Port Filter
277
Contents
279
Overview
280
Using Authorized IP Managers
280
Options
281
Access Levels
281
Defining Authorized Management Stations
282
Overview of IP Mask Operation
282
Menu: Viewing and Configuring IP Authorized Managers
283
CLI: Viewing and Configuring Authorized IP Managers
284
Configuring Ip Authorized Managers for the Switch
285
Web: Configuring IP Authorized Managers
287
Building Ip Masks
287
Configuring One Station Per Authorized Manager Ip Entry
287
Configuring Multiple Stations Per Authorized Manager Ip Entry
289
Additional Examples for Authorizing Multiple Stations
291
Advertisement
Advertisement
Related Products
HP 635n - JetDirect IPv6/IPsec Print Server
HP Intelligent Series
HP Intel HD Graphics 2500
HP Integrity Superdome Servers 64- processor Systems
HP Integrity Superdome X
HP Integrity Superdome
HP Integrated NetRAID Controller
HP Insight Control
HP Infrared Adapter
HP Indigo Division Series
HP Categories
Desktop
Laptop
Server
Monitor
Switch
More HP Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL