System information
Configuring Security
Defining Access Profiles
Cisco Small Business 200 Series Smart Switch Administration Guide 171
16
- User Defined—Applies to only those types of IP addresses defined in
the fields.
• IP Version—Select the supported IP version of the source address, IPv6 or
IPv4.
• IP Address—Enter the source IP address.
• Mask—Select the format for the subnet mask for the source IP address, and
enter a value in one of the fields:
- Network Mask—Select the subnet to which the source IP address
belongs and enter the subnet mask in dotted decimal format.
- Prefix Length—Select the Prefix Length and enter the number of bits
that comprise the source IP address prefix.
STEP 6 Click Apply. The access profile is created, and the switch is updated. You can now
select this access profile as the active access profile.
Defining Profile Rules
Access profiles can contain up to 128 rules to determine who is permitted to
manage and access the switch, and the access methods that may be used.
Each rule in an access profile contains an action and a criteria (one or more
parameters) to match. Each rule has a priority; rules with the lowest priority are
checked first. If the incoming packet matches a rule, the action associated with the
rule is performed. If no matching rule is found within the active access profile, the
packet is dropped.
For example, you can limit access to the switch from all IP addresses except IP
addresses that are allocated to the IT management center. In this way, the switch
can still be managed and has gained another layer of security.
To define profile rules:
STEP 1 Click Security > Mgmt Access Method > Profile Rules. The Profiles Rules Page
displays.
STEP 2 Select the Filter field, and an access profile. Click Go.
The selected access profile is displayed in the Profile Rule Table.