Concept Guide

ManualsBrandsDell ManualsAccess PlatformsNetworking S3100 Series

48 Security................................................................................................................................................... 753

AAA Accounting.............................................................................................................................................................753

Conguration Task List for AAA Accounting........................................................................................................ 753

AAA Authentication.......................................................................................................................................................755

Conguration Task List for AAA Authentication.................................................................................................. 756

Obscuring Passwords and Keys...................................................................................................................................759

AAA Authorization......................................................................................................................................................... 759

Privilege Levels Overview.......................................................................................................................................759

Conguration Task List for Privilege Levels..........................................................................................................760

RADIUS........................................................................................................................................................................... 764

RADIUS Authentication...........................................................................................................................................764

Conguration Task List for RADIUS.......................................................................................................................765

Support for Change of Authorization and Disconnect Messages packets...................................................... 769

TACACS+........................................................................................................................................................................780

Conguration Task List for TACACS+................................................................................................................... 780

TACACS+ Remote Authentication.........................................................................................................................782

Command Authorization......................................................................................................................................... 783

Protection from TCP Tiny and Overlapping Fragment Attacks............................................................................... 783

Enabling SCP and SSH..................................................................................................................................................783

Using SCP with SSH to Copy a Software Image.................................................................................................784

Removing the RSA Host Keys and Zeroizing Storage ........................................................................................785

Conguring When to Re-generate an SSH Key ..................................................................................................785

Conguring the SSH Server Key Exchange Algorithm....................................................................................... 786

Conguring the HMAC Algorithm for the SSH Server....................................................................................... 786

Conguring the SSH Server Cipher List............................................................................................................... 787

Conguring DNS in the SSH Server......................................................................................................................787

Secure Shell Authentication....................................................................................................................................788

Troubleshooting SSH...............................................................................................................................................790

Telnet...............................................................................................................................................................................790

VTY Line and Access-Class Conguration.................................................................................................................. 791

VTY Line Local Authentication and Authorization................................................................................................ 791

VTY Line Remote Authentication and Authorization...........................................................................................792

VTY MAC-SA Filter Support...................................................................................................................................792

Role-Based Access Control.......................................................................................................................................... 792

Overview of RBAC...................................................................................................................................................793

User Roles.................................................................................................................................................................795

AAA Authentication and Authorization for Roles.................................................................................................798

Role Accounting........................................................................................................................................................801

Display Information About User Roles...................................................................................................................802

Two Factor Authentication (2FA)................................................................................................................................ 803

Handling Access-Challenge Message................................................................................................................... 803

Conguring Challenge Response Authentication for SSHv2............................................................................. 803

SMS-OTP Mechanism............................................................................................................................................804

Conguring the System to Drop Certain ICMP Reply Messages............................................................................804

Dell EMC Networking OS Security Hardening...........................................................................................................806

Contents