Netgear XCM8810 - 8800 SERIES 10-SLOT CHASSIS SWITCH ハードウェアマニュアル
Chapter 15. Security Commands
|
555
NETGEAR 8800 Chassis Switch CLI Manual
NETGEAR 8800 switches are also capable of sending RADIUS accounting information. You can
configure RADIUS accounting servers to be the same as the authentication servers, but this is
not required.
configure RADIUS accounting servers to be the same as the authentication servers, but this is
not required.
Terminal Access Controller Access Control System Plus (TACACS+) is a mechanism for
providing authentication, authorization, and accounting on a centralized server, similar in function
to the RADIUS client. The NETGEAR 8800 version of TACACS+ is used to authenticate
prospective users who are attempting to administer the switch. TACACS+ is used to
communicate between the switch and an authentication database.
providing authentication, authorization, and accounting on a centralized server, similar in function
to the RADIUS client. The NETGEAR 8800 version of TACACS+ is used to authenticate
prospective users who are attempting to administer the switch. TACACS+ is used to
communicate between the switch and an authentication database.
Note:
You cannot use RADIUS and TACACS+ at the same time.
Denial of Service
You can configure the NETGEAR 8800 to protect your NETGEAR switches in the event of a
denial of service attack. During a typical denial of service attack, the CPU on the switch gets
flooded with packets from multiple attackers, potentially causing the switch to fail. To protect
against this type of attack, you can configure the software so that when the number of
packets received is more than the configured threshold limit of packets per second, a
hardware ACL is enabled.
denial of service attack. During a typical denial of service attack, the CPU on the switch gets
flooded with packets from multiple attackers, potentially causing the switch to fail. To protect
against this type of attack, you can configure the software so that when the number of
packets received is more than the configured threshold limit of packets per second, a
hardware ACL is enabled.
clear ip-security anomaly-protection notify cache
clear ip-security anomaly-protection notify cache {slot [<slot> | all ]}
Description
Clear the local protocol anomaly event cache.
Syntax Description
Default
N/A.
Usage Guidelines
This command clears the local protocol anomaly event cache.
clear ip-security arp validation violations
clear ip-security arp validation violations
slot
Specifies the slot to be used.
all
Specifies all IP addresses, or all IP addresses in a particular state.