HP (Hewlett-Packard) 2650 (J4899A/B) ユーザーズマニュアル

1-3

Overview of Access Security Features

■

 (page 7-1): Provides remote web access 

to the switch via encrypted authentication paths between the switch 
and management station clients capable of SSL/TLS operation. 

■

 (page 8-1): On point-to-point 

connections, enables the switch to allow or deny traffic between a 
port and an 802.1X-aware device (supplicant) attempting to access 
the switch.  Also enables the switch to operate as a supplicant for 
connections to other 802.1X-aware switches.

■

 (page 9-1): Enables a switch port to maintain a unique 

list of MAC addresses defining which specific devices are allowed to 
access the network through that port. Also enables a port to detect, 
prevent, and log access attempts by unauthorized devices. 

■

 (page 10-1): Source-Port filtering  enhances 

in-band security by enabling outbound destination ports on the switch 
to forward or drop traffic from designated source ports (within the 
same VLAN).

■

 (page 11-1): Allows access to the switch 

by a networked device having an IP address previously configured in 
the switch as "authorized". 

Management Access Security Protection

In considering management access security for your switch, there are two key 
areas to protect: 

■

Unauthorized client access to switch management features

■

Unauthorized client access to the network. 

Table 1-1 on page 1-4 provides an overview of the type of protection offered 
by each switch security feature.  

ProCurve recommends that you use local passwords together with your 
switch’s other security features to provide a more comprehensive security 
fabric than if you use only local passwords.