Справочник Пользователя для Enterasys Networks 2E253
Overview of Security Methods
Accessing Local Management
3-11
3.4
OVERVIEW OF SECURITY METHODS
Six security methods are available to control which users are allowed access to the switch’s host to
monitor and control the switch.
monitor and control the switch.
•
Login Security Password – used to access the Device Menu screen to start a Local Management
session via a Telnet connection or local COM port connection. Whenever a connection is made
to the switch, the Local Management Password screen displays. Before continuing, you must
enter a login password, which is compared to the stored passwords and associated management
level access policies configured using the Security screen described in
session via a Telnet connection or local COM port connection. Whenever a connection is made
to the switch, the Local Management Password screen displays. Before continuing, you must
enter a login password, which is compared to the stored passwords and associated management
level access policies configured using the Security screen described in
.
•
SNMP Community String – allows access to the switch via a network SNMP management
application. To access the switch, you must enter an SNMP Community Name string. The level
of management access is dependent on the SNMP Community Name and the associated Access
Policy configured in the SNMP Community Names Configuration screen described in
application. To access the switch, you must enter an SNMP Community Name string. The level
of management access is dependent on the SNMP Community Name and the associated Access
Policy configured in the SNMP Community Names Configuration screen described in
.
•
Host Access Control Authentication (HACA) – authenticates user access of Telnet management,
console local management and WebView via a central Radius Client/Server application using the
Password screen described in
console local management and WebView via a central Radius Client/Server application using the
Password screen described in
. For an overview of HACA and a description of how
to set the to access policy using the Radius Configuration screen, refer to
and
.
•
Host Access Control List (ACL) – allows only the defined list of IP Addresses to communicate
with the host for Telnet, WebView (HTTP) and SNMP. To set up these parameters refer to the
Host Access Control List (ACL) screen described in
with the host for Telnet, WebView (HTTP) and SNMP. To set up these parameters refer to the
Host Access Control List (ACL) screen described in
•
802.1X Port Based Network Access Control – provides a mechanism for administrators to
securely authenticate and grant appropriate access to end user devices (supplicants) directly
attached to switch ports. For more information, refer to
securely authenticate and grant appropriate access to end user devices (supplicants) directly
attached to switch ports. For more information, refer to
•
MAC Authentication – provides a mechanism for administrators to securely authenticate and
grant appropriate access to end user devices directly attached to switch ports. For more
information, refer to
grant appropriate access to end user devices directly attached to switch ports. For more
information, refer to
.
NOTES: You can set the same string as a Security login password and SNMP
Community Name. This allows you to access and manage the switch whether you are
starting a Local Management session via a Telnet connection or local COM port
connection, or using a network SNMP management application.
Community Name. This allows you to access and manage the switch whether you are
starting a Local Management session via a Telnet connection or local COM port
connection, or using a network SNMP management application.
If the login security password is different from the SNMP Community Name, the two
cannot be used interchangeably to access the switch.
cannot be used interchangeably to access the switch.