Installation guide

Standards Compatibility

Matrix DFE-Gold Series Installation Guide 1-7

Switch Configuration Using CLI Commands

TheCLIcommandsenableyoutoperformmorecompleteswitchconfiguration

managementtasks.

ForCLIcommandsetinformationandhowtoconfigurethemodule,refertotheMatrix

DFE‐GoldSeriesConfigurationGuide.

Standards Compatibility

TheDFE‐GoldmodulesarefullycompliantwiththeIEEE802.3‐2002,802.3ae‐2002,

802.1D‐1998,and802.1Q‐1998standards.TheDFE‐GoldmodulesprovideIEEE802.1D‐

1998SpanningTreeAlgorithm(STA)supporttoenhancetheoverallreliabilityofthe

networkandprotectagainst“loop”conditions.

Secure Networks Policy Support

AfundamentalconceptthatiskeytotheimplementationoftheEnterasysSecure

Networksmethodologyispolicy‐enablednetworking.Thisapproachprovidesusersof

thenetworkwiththeresourcestheyneed—inasecurefashion—whileatthesametime

denyingaccesstoapplicationsorprotocolsthataredeemedinappropriatebasedonthe



user’sfunctionwithintheorganization.Byadoptingsucha“user‐personalized”model,it

ispossibleforbusinesspoliciestobetheguidelinesinestablishingthetechnology

architectureoftheenterprise.Twomajorobjectivesareachievedinthisway:ITservices

arematchedappropriatelywithindividualusers;andthenetworkitself

becomesan

activeparticipantintheorganization’ssecuritystrategy.TheSecureNetworks

architectureconsistsofthreetiers:

• Classificationrulesmakeupthefirstorbottomtier.Therulesapplytodevicesinthe

SecureNetworksenvironment,suchasswitchesandrouters.Therulesaredesigned

tobeimplementedatornear

theuser’spointofentrytothenetwork.Rulesmaybe

writtenbasedoncriteriadefinedintheLayer2,Layer3,orLayer4informationofthe

dataframe.

•ThemiddletierisServices,whicharecollectionsofindividualclassificationrules,

groupedlogicallytoeitherpermit ordenyaccess

toprotocolsorapplicationsbasedon

theuser’srolewithintheorganization.Priorityandbandwidthratelimitingmayalso

bedefinedinservices.

•Roles,orbehavioralprofiles,makeupthetoptier.Therolesassign servicestovarious

businessfunctionsordepartments,suchasexecutive,sales,andengineering.

Toenhancesecurity

anddeliveratruepolicy‐basedinfrastructu re,theEnterasysSecure

Networksmethodologycantakeadvantageofauthenticationmethods,suchas802.1X,

usingEAP‐TLS,EAP‐TTLS,orPEAP,aswellasothertypesofauthentication.

Authorizationinformation,attachedtotheauthentication response,determinesthe

applicationofpolicy.Authorizationinformationis

communicatedbymeansofthepolicy