Enterasys Networks 7H4385-49 사용자 설명서
Secure Networks Policy Support
1-6 Introduction
Secure Networks Policy Support
Policy Enabled Networking manages the allocation of networking infrastructure
resources in a secure and effective manner. Using Secure Networks Policy, an IT
Administrator can predictably assign appropriate resources to the Users, Applications,
and Services that use the network; while blocking or containing access for inappropriate
or potentially dangerous network traffic. Using this technology it is possible, for the first
time, to align IT services with the needs of specific users and applications, and to leverage
the network as a key component of the organization’s security strategy.
resources in a secure and effective manner. Using Secure Networks Policy, an IT
Administrator can predictably assign appropriate resources to the Users, Applications,
and Services that use the network; while blocking or containing access for inappropriate
or potentially dangerous network traffic. Using this technology it is possible, for the first
time, to align IT services with the needs of specific users and applications, and to leverage
the network as a key component of the organization’s security strategy.
The Secure Networks Policy Architecture consists of 3 components: Classification Rules,
Network Services, and Behavioral Profiles. These are defined as follows:
Network Services, and Behavioral Profiles. These are defined as follows:
•
Classification Rules determine how specific traffic flows (identified by Layer 2, Layer
3, and Layer 4 information in the data packet) are treated by each Switch or Router. In
general, Classification Rules are applied to the networking infrastructure at the
network edge/ingress point.
3, and Layer 4 information in the data packet) are treated by each Switch or Router. In
general, Classification Rules are applied to the networking infrastructure at the
network edge/ingress point.
•
Network Services are logical groups of Classification Rules that identify specific
networked applications or services. Users may be permitted or denied access to these
services based on their role within the organization. Priority and bandwidth rate
limiting may also be controlled using Network Services.
networked applications or services. Users may be permitted or denied access to these
services based on their role within the organization. Priority and bandwidth rate
limiting may also be controlled using Network Services.
•
Behavioral Profiles (or roles) are used to assign Network Services to groups of users
who share common needs–for example Executive Managers, Human Resources
Personnel, or Guest Users. Access, resources, and security restrictions are applied as
appropriate to each Behavioral Profile. A variety of authentication methods including
802.1X, EAP‐TLS, EAP‐TTLS, and PEAP may be used to classify and authorize each
individual user; and the IT Administrator may also define a Behavioral Profile to
apply in the absence of an authentication framework.
who share common needs–for example Executive Managers, Human Resources
Personnel, or Guest Users. Access, resources, and security restrictions are applied as
appropriate to each Behavioral Profile. A variety of authentication methods including
802.1X, EAP‐TLS, EAP‐TTLS, and PEAP may be used to classify and authorize each
individual user; and the IT Administrator may also define a Behavioral Profile to
apply in the absence of an authentication framework.
LANVIEW Diagnostic LEDs
LANVIEW diagnostic LEDs serve as an important troubleshooting aid by providing an
easy way to observe the status of individual ports and overall network operations.
easy way to observe the status of individual ports and overall network operations.