Netgear GS510TP – ProSAFE 8-Port Gigabit Smart Switch with PoE and 2 fiber SFP ports 管理者ガイド
Managing Device Security
149
GS510TP and GS110T Gigabit Smart Switches
•
Mask. Specify the subnet mask associated with the IP address. The subnet mask is a
standard subnet mask, and not an inverse (wildcard) mask that you use with IP ACLs.
•
Priority. Configure priority to the rule. The rules are validated against the incoming
management request in the ascending order of their priorities. If a rule matches,
action is performed and subsequent rules below are ignored. For example, if a
Source IP 10.10.10.10 is configured with priority 1 to permit, and Source IP
10.10.10.10 is configured with priority 2 to Deny, then access is permitted if the profile
is active, and the second rule is ignored.
action is performed and subsequent rules below are ignored. For example, if a
Source IP 10.10.10.10 is configured with priority 1 to permit, and Source IP
10.10.10.10 is configured with priority 2 to Deny, then access is permitted if the profile
is active, and the second rule is ignored.
2.
To modify an access rule, select the check box next to the Rule Type, update the desired
settings, and click Apply
3.
To delete an access rule, select the check box next to the Rule Type, and click Delete.
4.
Click Cancel to cancel the configuration on the screen and reset the data on the screen to
the latest value of the switch.
Port Authentication
In port-based authentication mode, when 802.1X is enabled globally and on the port,
successful authentication of any one supplicant attached to the port results in all users being
able to use the port without restrictions. At any given time, only one supplicant is allowed to
attempt authentication on a port in this mode. Ports in this mode are under bidirectional
control. This is the default authentication mode.
successful authentication of any one supplicant attached to the port results in all users being
able to use the port without restrictions. At any given time, only one supplicant is allowed to
attempt authentication on a port in this mode. Ports in this mode are under bidirectional
control. This is the default authentication mode.
The 802.1X network has three components:
•
Authenticators: Specifies the port that is authenticated before permitting system access.
•
Supplicants: Specifies the host connected to the authenticated port requesting access to
the system services.
•
Authentication Server: Specifies the external server, for example, the RADIUS server
that performs the authentication on behalf of the authenticator, and indicates whether the
user is authorized to access system services.
user is authorized to access system services.
From the Port Authentication link, you can access the following pages:
•
Basic:
•
Advanced:
802.1X Configuration
Use the 802.1X Configuration page to enable or disable port access control on the system.
To display the 802.1X Configuration page, click Security > Port Authentication > Basic >
802.1X Configuration.
802.1X Configuration.