Manual Version
20080820-C-3.01
Product Version
SR8800-CMW520-R3125
Organization
The Security Volume is organized as follows:
Features | Description |
802.1x | As a port-based access control protocol, 802.1x authenticates and controls accessing devices at the port level. l 802.1x configuration l Guest VLAN configuration |
AAA | Authentication, Authorization, and Accounting (AAA) provides a uniform framework for configuring these three security functions to implement the network security management. l AAA configuration l RADIUS configuration l HWTACACS configuration |
MAC Authentication | MAC authentication provides a way for authenticating users based on ports and MAC addresses. l MAC authentication overview l MAC authentication configuration |
Portal | The manual introduces the portal authentication. l Basic portal configuration l Portal-free rule configuration l Authentication subnet configuration l Configuration of logging out users |
IP Source Guard | By filtering packets on a per-port basis, IP source guard prevents illegal packets from traveling through, thus improving the network security. l Introduction to IP source guard l Dynamic binding configuration |
ACL | An ACL is a set of rules (or a set of permit or deny statements) for determining which packets can pass and which should be rejected based on matching criteria such as source address, destination address, and port number. Flow templates are not supported. l Creating of a time range l Basic IPv4 ACL configuration l Advanced IPv4 ACL configuration l Configuration of Ethernet frame header ACL l Basic IPv6 ACL configuration l Advanced IPv6 ACL configuration |
Password Control | Password control refers to a set of functions provided by the local authentication server to achieve password security based on predefined policies. l Global password control management l Local user password control management l Super password control management |
SSH2.0 | Secure Shell (SSH) offers an approach to securely logging in to a remote device. By encryption and strong authentication, it protects devices against attacks such as IP spoofing and plain text password interception. l Configuration of a device as an SSH server l Configuration of a device as an SSH client l SFTP configuration l SFTP client configuration |
