Enterasys Networks 4G4282-49 사용자 설명서
Standards Compatibility
Matrix DFE-Gold Series Installation Guide 1-7
Switch Configuration Using CLI Commands
The CLI commands enable you to perform more complete switch configuration
management tasks.
management tasks.
For CLI command set information and how to configure the module, refer to the Matrix
DFE‐Gold Series Configuration Guide.
DFE‐Gold Series Configuration Guide.
Standards Compatibility
The DFE‐Gold modules are fully compliant with the IEEE 802.3‐2002, 802.3ae‐2002,
802.1D‐1998, and 802.1Q‐1998 standards. The DFE‐Gold modules provide IEEE 802.1D‐
1998 Spanning Tree Algorithm (STA) support to enhance the overall reliability of the
network and protect against “loop” conditions.
802.1D‐1998, and 802.1Q‐1998 standards. The DFE‐Gold modules provide IEEE 802.1D‐
1998 Spanning Tree Algorithm (STA) support to enhance the overall reliability of the
network and protect against “loop” conditions.
Secure Networks Policy Support
A fundamental concept that is key to the implementation of the Enterasys Secure
Networks methodology is policy‐enabled networking. This approach provides users of
the network with the resources they need—in a secure fashion—while at the same time
denying access to applications or protocols that are deemed inappropriate based on the
user’s function within the organization. By adopting such a “user‐personalized” model, it
is possible for business policies to be the guidelines in establishing the technology
architecture of the enterprise. Two major objectives are achieved in this way: IT services
are matched appropriately with individual users; and the network itself becomes an
active participant in the organization’s security strategy. The Secure Networks
architecture consists of three tiers:
Networks methodology is policy‐enabled networking. This approach provides users of
the network with the resources they need—in a secure fashion—while at the same time
denying access to applications or protocols that are deemed inappropriate based on the
user’s function within the organization. By adopting such a “user‐personalized” model, it
is possible for business policies to be the guidelines in establishing the technology
architecture of the enterprise. Two major objectives are achieved in this way: IT services
are matched appropriately with individual users; and the network itself becomes an
active participant in the organization’s security strategy. The Secure Networks
architecture consists of three tiers:
•
Classification rules make up the first or bottom tier. The rules apply to devices in the
Secure Networks environment, such as switches and routers. The rules are designed
to be implemented at or near the user’s point of entry to the network. Rules may be
written based on criteria defined in the Layer 2, Layer 3, or Layer 4 information of the
data frame.
Secure Networks environment, such as switches and routers. The rules are designed
to be implemented at or near the user’s point of entry to the network. Rules may be
written based on criteria defined in the Layer 2, Layer 3, or Layer 4 information of the
data frame.
•
The middle tier is Services, which are collections of individual classification rules,
grouped logically to either permit or deny access to protocols or applications based on
the user’s role within the organization. Priority and bandwidth rate limiting may also
be defined in services.
grouped logically to either permit or deny access to protocols or applications based on
the user’s role within the organization. Priority and bandwidth rate limiting may also
be defined in services.
•
Roles, or behavioral profiles, make up the top tier. The roles assign services to various
business functions or departments, such as executive, sales, and engineering.
business functions or departments, such as executive, sales, and engineering.
To enhance security and deliver a true policy‐based infrastructure, the Enterasys Secure
Networks methodology can take advantage of authentication methods, such as 802.1X,
using EAP‐TLS, EAP‐TTLS, or PEAP, as well as other types of authentication.
Authorization information, attached to the authentication response, determines the
application of policy. Authorization information is communicated by means of the policy
Networks methodology can take advantage of authentication methods, such as 802.1X,
using EAP‐TLS, EAP‐TTLS, or PEAP, as well as other types of authentication.
Authorization information, attached to the authentication response, determines the
application of policy. Authorization information is communicated by means of the policy