Reference Guide
Security | 803
42
Security
Security features are supported on platforms: e c s
This chapter discusses several ways to provide access security to the Dell Force10 system.
Platform-specific features are identified by the
c, e or s icons (as shown below).
• AAA Accounting on page 803
• AAA Authentication on page 806
• AAA Authorization on page 809
• RADIUS on page 814
• TACACS+ on page 819
• Protection from TCP Tiny and Overlapping Fragment Attacks on page 823
• SCP and SSH on page 823
• Telnet on page 829
• VTY Line and Access-Class Configuration on page 836
• Trace Lists on page 830
For details on all commands discussed in this chapter, see the Security Commands chapter in the FTOS
Command Reference.
AAA Accounting
AAA Accounting is part of the AAA security model (Accounting, Authentication, and Authorization),
which includes services for authentication, authorization, and accounting. For details on commands related
to AAA security, refer to the Security chapter in the FTOS Command Reference.
AAA Accounting enables tracking of services that users are accessing and the amount of network
resources being consumed by those services. When AAA Accounting is enabled, the network server
reports user activity to the security server in the form of accounting records. Each accounting record is
comprised of accounting AV pairs and is stored on the access control server.
As with authentication and authorization, you must configure AAA Accounting by defining a named list of
accounting methods and then applying that list to various VTY lines.
Configuration Task List for AAA Accounting
The following sections present the AAA Accounting configuration tasks: