Lucent Technologies 6000 Manuale Utente
Configuration Concepts and Profiles
Overview of MAX configuration
MAX 6000/3000 Network Configuration Guide
2-5
Concentrating Frame Relay connections
The MAX provides extensive support for Frame Relay. Using a T1 or E1 line or serial WAN
port for a nailed connection to a switch, it can function as a Network to Network Interface
(NNI) switch, a Data Circuit-terminating Equipment (DCE) unit responding to users, or as a
Data Terminal Equipment (DTE) unit requesting services from a switch.
port for a nailed connection to a switch, it can function as a Network to Network Interface
(NNI) switch, a Data Circuit-terminating Equipment (DCE) unit responding to users, or as a
Data Terminal Equipment (DTE) unit requesting services from a switch.
Enabling X.25 terminal connections
X.25 is a precursor to Frame Relay and is generally considered less efficient. However, many
sites use it to transmit information between users across the WAN. It accommodates both
high-volume data transfers and interactive use of host machines. The MAX can have one
physical connection to an X.25 DCE unit at the other end of a T1, E1, or BRI line. To support
interactive use, the connection must be nailed.
sites use it to transmit information between users across the WAN. It accommodates both
high-volume data transfers and interactive use of host machines. The MAX can have one
physical connection to an X.25 DCE unit at the other end of a T1, E1, or BRI line. To support
interactive use, the connection must be nailed.
Configuring routing and bridging across the WAN
Routing and bridging configurations enable the MAX to forward packets between the local
network and the WAN and also between WAN connections.
network and the WAN and also between WAN connections.
Enabling protocol-independent packet bridging
The MAX can operate as a link-level bridge, forwarding packets from the Ethernet network to
a WAN connection (and vice versa) on the basis of the destination hardware address in each
packet. Unlike a router, a bridge does not examine packets at the network layer. It simply
forwards packets to another network segment if the address does not reside on the local
segment.
a WAN connection (and vice versa) on the basis of the destination hardware address in each
packet. Unlike a router, a bridge does not examine packets at the network layer. It simply
forwards packets to another network segment if the address does not reside on the local
segment.
Caller-ID and
called-number
authentication
called-number
authentication
You can restrict who can access the MAX, by verifying the caller-ID
before answering the call. You can also use the called number to
authenticate and direct the call.
before answering the call. You can also use the called number to
authenticate and direct the call.
Authentication
servers
servers
You can off load the authentication responsibility to a RADIUS or
TACACS server on the local network.
TACACS server on the local network.
Security card
authentication
authentication
The MAX supports hand-held personal security cards, such as those
provided by Enigma Logic and Security Dynamics. These cards
provide users with a password that changes frequently, usually many
times a day. Support for dynamic passwords requires the use of a
RADIUS server that has access to an authentication server, such as an
Enigma Logic SafeWord AS or Security Dynamics ACE
authentication server.
provided by Enigma Logic and Security Dynamics. These cards
provide users with a password that changes frequently, usually many
times a day. Support for dynamic passwords requires the use of a
RADIUS server that has access to an authentication server, such as an
Enigma Logic SafeWord AS or Security Dynamics ACE
authentication server.
Terminal server
After a dial-in user has met the initial connection-security criteria, you
can demand another password for access to the MAX terminal
services. Within the terminal server, you can restrict commands that
are accessible to users, or you can prevent them from executing any
command other than Telnet.
can demand another password for access to the MAX terminal
services. Within the terminal server, you can restrict commands that
are accessible to users, or you can prevent them from executing any
command other than Telnet.
Filters and firewalls
Packet-level security mechanisms can provide a very high level of
network security.
network security.
Feature Description