3com 8807 사용자 가이드
23
L
OGON
U
SER
ACL C
ONTROL
C
ONFIGURATION
Overview
Currently, an Switch 8800 Family series switch provides the following three
measures for remote access:
measures for remote access:
■
Telnet
■
Security shell (SSH)
■
Simple network management protocol (SNMP)
An Switch 8800 Family series switch provides security control for these three
access measures to prevent unauthorized users from logging in/and accessing it.
There are two levels of security controls.
access measures to prevent unauthorized users from logging in/and accessing it.
There are two levels of security controls.
■
The first level is implemented by applying ACLs to filter the users that are to
connect to the switch. Only authorized users are capable of accessing the
switch.
connect to the switch. Only authorized users are capable of accessing the
switch.
At the second level, a connected user can log into the switch only after passing
the password authentication.
the password authentication.
This chapter mainly describes how to configure the first level security control over
these access measures, that is, how to filter the users logging onto the switch with
ACL. For detailed description about how to configure the second level security,
refer to the Getting Started part of this manual.
these access measures, that is, how to filter the users logging onto the switch with
ACL. For detailed description about how to configure the second level security,
refer to the Getting Started part of this manual.
Configuring ACL for
Telnet/SSH Users
Telnet/SSH Users
You can configure ACLs for the users who access the switch through Telnet or SSH
to filter out the malicious or unauthorized connection requests before the
password authentication to secure the switch.
to filter out the malicious or unauthorized connection requests before the
password authentication to secure the switch.
Configuration
Prerequisites
You have correctly configured the switch using Telnet or SSH.
Configuration Tasks
Table 181 Configuration tasks
Configuration procedure
Command
Description
Enter system view
system-view
-
Define an ACL and enter ACL view
acl number acl-number [
match-order { config |
auto } ]
match-order { config |
auto } ]
Required. The command
can only define a
number-identified ACL
can only define a
number-identified ACL