Installation guide

ManualsBrandsEnterasys ManualsNetworkingMatrix E7 6C107

Management

Matrix DFE-Diamond Series Installation Guide 1-7

Management

Managementofthemodulecanbeeitherin‐bandorout‐of‐band.In‐bandremotemanagementis

possibleusingTelnet,Enterasys Networks’NetSight

managementapplication,orWebView™

application.Out‐of‐bandmanagementisprovidedthroughtheRJ45COM(Communication)port

onthefrontpanelusingaVT100terminaloraVT100terminalemulator.

Switch Configuration Using WebView

Enterasys Networks’HTTP‐basedWebmanagementapplication(WebView)isanintuitiveweb

toolforsimplemanagementtasks.

Switch Configuration Using CLI Commands

TheCLIcommandsenableyoutoperformmorecompleteswitchconfigurationmanagement

tasks.

ForCLIcommandsetinformationandhowtoconfigurethemodule,refertotheEnterasysMatrix

DFE‐Diamond/PlatinumSeriesConfigurationGuide.

Secure Networks Policy Support

AfundamentalconceptthatiskeytotheimplementationoftheEnterasysSecureNetworks

methodologyispolicy‐enablednetworking.Thisapproachprovidesusersofthenetworkwiththe

resourcestheyneed‐inasecurefashion–whileatthesametimedenyingaccesstoapplicationsor

protocolsthataredeemedinappropriate

basedontheuser’sfunctionwithintheorganization.By

adoptingsucha“user‐personalized”model,itispossibleforbusinesspoliciestobetheguidelines

inestablishingthetechnologyarchitectureoftheenterprise.Twomajorobjectivesareachievedin

thisway:ITservicesarematchedappropriatelywithindividualusers;and

thenetworkitself

becomesanactiveparticipantintheorganization’ssecuritystrategy.TheSecureNetworks

architectureconsistsofthreetiers:

• Classificationrulesmakeupthefirstorbottomtier.TherulesapplytodevicesintheSecure

Networksenvironment,suchasswitchesandrouters.Therulesaredesignedtobe

implemented

atorneartheuser’spointofentrytothenetwork.Rulesmaybewrittenbased

oncriteriadefinedintheLayer2,Layer3orLayer4informa tionofthedataframe.

•ThemiddletierisServices,whicharecollectionsofindividualclassificationrules,grouped

logicallytoeitherpermit

ordenyaccesstoprotocolsorapplicationsbasedontheuser’srole

withintheorganization.Priorityandbandwidthratelimitingmayalsobedefinedinservices.

•Roles,orbehavioralprofiles,makeupthetoptier.Therolesassignservicestovarious

businessfunctionsordepartments,suchasexecutive,sales,andengineering.



Toenhancesecurityanddeliveratruepolicy‐basedinfrastructure,theEnterasysSecureNetworks

methodologycantakeadvantageofauthenticationmethods,suchas802.1X,usingEAP‐TLS,

EAP‐TTLS,orPEAP,aswellasothertypesofauthentication.Authorizationinformation,attached

totheauthenticationresponse,determinestheapplicationofpolicy.

Authorizationinformationis

communicatedviathepolicynameinaRADIUSFilter‐IDattribute.Anadministratorcanalso

definearoletobeimplementedintheabsenceofanauthenticationframework.Refertothe

releasenotesshippedwiththemodulefordetails.