Manual Version
T2-08165E-20080425-C-1.23
Product Version
S9500-CMW310-R1640
Organization
The Security Volume is organized as follows:
Features (operation manual) | Description |
Protocol Port Security | The protocol port security function is short for TCP, UDP protocol port shutdown check function. It reduces the unnecessary communications between the boards and the CPU operation of the SRPU, and enhances the anti-interference ability of the switch to the packet. The volume describes: l Introduction to protocol port security l Protocol port security configuration |
802.1x | IEEE 802.1x (hereinafter simplified as 802.1x) is a port-based network access control protocol that is used as the standard for LAN user access authentication. The volume describes: l 802.1x overview l 802.1x configuration |
AAA RADIUS HWTACACS | Authentication, Authorization and Accounting (AAA) provide a uniform framework used for configuring these three security functions to implement the network security management. The volume describes: l Introduction to AAA, RADIUS and HWTACACS l AAA configuration l RADIUS configuration l HWTACACS configuration |
Password Control | S9500 series switches provide the password control function. Before a user can log in to the switch, a system login password must be configured. After a password is configured, the user must enter the password each time he or she wants to log in to the switch. The user and can successfully log in to the switch and proceed with operations only if he or she passes the authentication. If the password authentication fails, the user will not be able to log in to the switch. The volume describes: l Introduction to password configuration l Password control configuration |
SSH | When a user telnets to the switch from an insecure network, the SSH feature can provide secure information and powerful authentication functionality, thereby protecting the switch from attacks. The volume describes: l SSH terminal service overview l SFTP service configuration |
IDS Linage | The switch supports IDS linkage, namely cooperation between the switch and IDS, to ensure effectively the security of the entire network. The volume describes: l IDS linkage overview l IDS linkage configuration |
Portal | Portal is also known as portal website, and Portal authentication is also known as the Web authentication. The volume describes: l Portal overview l Basic Portal configuration l Portal Authentication-free User and Free IP Address Configuration l Portal Rate Limit Function Configuration |
VBAS | Virtual Band Access Server (VBAS) protocol provides a method for the band access server to acquire band access to the user port number, and solves the problem that a server can not confirm a user’s information according to the IP after the band access user (including ADSL, VDSL and LAN) uses IP to access to the server. The volume describes: l VBAS overview l VBAS configuration |
Traffic Accounting | Traffic accounting is to account the traffic generated by the authenticated online users in their switches, and send the traffic accounting statistics to the accounting servers to charge the internet users. The volume describes: l Traffic accounting overview l Traffic accounting configuration |
