Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

1451

Version Description

9.7(0.0) Introduced on the S6000-ON.

9.5(0.1) Introduced on the Z9500.

9.5(0.0) Introduced on the Z9000, S6000, S4820T, S4810, MXL.

Usage Information

Instead of using the system defined user roles, you can create a new user role that best matches your

organization. When you create a new user role, you first inherit permissions from one of the system defined roles.

Otherwise you would have to create a user role from scratch. You then restrict commands or add commands to

that role. For information about this topic, See Modifying Command Permissions for Roles.

NOTE: You can change user role permissions on system pre-defined user roles or user-defined user

roles.

Important Points to Remember

Consider the following when creating a user role:

• Only the system administrator and user-defined roles inherited from the system administrator can create roles

and usernames. Only the system administrator, security administrator, and roles inherited from these can use

the role command to modify command permissions. The security administrator and roles inherited by

security administrator can only modify permissions for commands they already have access to.

• Make sure you select the correct role you want to inherit.

NOTE: If you inherit a user role, you cannot modify or delete the inheritance. If you want to change or

remove the inheritance, delete the user role and create it again. If the user role is in use, you cannot

delete the user role.

role mode { { { addrole | deleterole } role-name } | reset } command – Modifies (adds

or deletes) command permissions for newly created user roles and system defined roles.

Related Commands

• role mode { { { addrole | deleterole } role-name } | reset } command — modifies (adds or deletes) command

permissions for newly created user roles and system defined roles.

ICMP Vulnerabilities

The internet control message protocol (ICMP) is a network-layer internet protocol that provides message packets to report errors and

other information regarding IP packet processing back to the source. Dell Networking OS mainly addresses the following ICMP

vulnerabilities:

• ICMP Mask Reply

• ICMP Timestamp Request

• ICMP Replies

• IP ID Values Randomness

You can configure the Dell Networking OS to drop ICMP reply messages. When you configure the drop icmp command, the system

drops the ICMP reply messages from the front end and management interfaces. By default, the Dell Networking OS responds to all the

ICMP messages. You can configure the Dell Networking OS to suppress the following ICMPv4 and ICMPv6 message types:

Security

1451