Nortel 8300 补充手册
12
Administration and Security
For information about configuring NSNA, see Configuring and Managing
Security using the CLI and NNCLI (NN46200-503) and Configuring and
Managing Security using Device Manager (NN46200-508).
Security using the CLI and NNCLI (NN46200-503) and Configuring and
Managing Security using Device Manager (NN46200-508).
Port authentication modes
Nortel supports three modes of port authentication on the ERS 8300:
•
Default mode
•
802.1x mode
•
NSNA mode
For information about configuring port authentication, see Configuring
and Managing Security using the CLI and NNCLI (NN46200-503) and
Configuring and Managing Security using Device Manager (NN46200-508).
and Managing Security using the CLI and NNCLI (NN46200-503) and
Configuring and Managing Security using Device Manager (NN46200-508).
RADIUS MAC Centralization
Remote Dial In User Services (RADIUS) MAC supports the centralization of
MAC address for non-EAP clients (typically printers). For an EAP-enabled
port with the multi-host feature enabled, multiple clients can connect to
the port. Each of these clients must be authenticated to gain access
to the network. With
MAC address for non-EAP clients (typically printers). For an EAP-enabled
port with the multi-host feature enabled, multiple clients can connect to
the port. Each of these clients must be authenticated to gain access
to the network. With
allow-non-eap-clients
enabled, traffic from
unauthorized hosts is allowed on the port. To restrict access to non-EAP
clients, the MAC address of the client that is to be allowed must be added to
the
clients, the MAC address of the client that is to be allowed must be added to
the
non-eap-mac-list
. Traffic from the clients whose MAC address is
not present in the
non-eap-mac-list
undergoes RADIUS-based MAC
authentication.
For more information about RADIUS MAC Centralization, refer to Nortel
Ethernet Routing Switch 8300 Configuration — Security using CLI
and NNCLI (NN46200-503) and Nortel Ethernet Routing Switch 8300
Configuration — Security using Device Manager (NN46200-508).
Ethernet Routing Switch 8300 Configuration — Security using CLI
and NNCLI (NN46200-503) and Nortel Ethernet Routing Switch 8300
Configuration — Security using Device Manager (NN46200-508).
SSH v1/v2 and Secure Copy
Secure Shell (SSH) is a client/server protocol that you can use to conduct
secure communications over a network. SSH supports a variety of the
public/private key encryption schemes available. Using the public key of the
host server, the client and server negotiate to generate a session key known
only to the client and the server. This one-time key is used to encrypt all
traffic between the client and the server.
secure communications over a network. SSH supports a variety of the
public/private key encryption schemes available. Using the public key of the
host server, the client and server negotiate to generate a session key known
only to the client and the server. This one-time key is used to encrypt all
traffic between the client and the server.
Secure CoPy (SCP) is a secure file transfer protocol. SCP replaces remote
access utilities such as FTP with an encrypted alternative.
access utilities such as FTP with an encrypted alternative.
Nortel Ethernet Routing Switch 8300
Important Notice — Administration and Security
NN46200-601
3.01
Standard
4.0
27 August 2007
Copyright © 2005-2007, Nortel Networks
.