Installation guide

Secure Networks Policy Support

Matrix DFE-Platinum Series Installation Guide 1-7

Management

Managementofthemoduleorsystemcanbedoneusingeitherin‐bandorout‐of‐band

typeofaccess.In‐bandremotemanagementispossibleusingTelnet,Enterasys Networks’

NetSight

managementapplication,orWebView™application.Out‐of‐bandlocal

managementisprovidedthroughthe RJ45COM(Communication)portonthefrontpanel

usingaVT100terminaloraVT100terminalemulator.

Switch Configuration Using WebView

Enterasys Networks’HTTP‐basedWebmanagementapplication(WebView)isan

intuitivewebtoolforsimplemanagementtasks.

Switch Configuration Using CLI Commands

TheCLIcommandsenableyoutoperformmorecompleteswitchconfiguration

managementtasks.

ForCLIcommandsetinformationandhowtoconfigurethemodule,refertotheMatrix

DFE‐PlatinumSeriesConfigurationGuide.

Secure Networks Policy Support

AfundamentalconceptthatiskeytotheimplementationoftheEnterasysSecure

Networksmethodologyispolicy‐enablednetworking.Thisapproachprovidesusersof

thenetworkwiththeresourcestheyneed‐inasecurefashion–whileatthesametime

denyingaccesstoapplicationsorprotocolsthataredeemedinappropriate

basedonthe

user’sfunctionwithintheorganization.Byadoptingsucha“user‐personalized”model,it

ispossibleforbusinesspoliciestobetheguidelinesinestablishingthetechnology

architectureoftheenterprise.Twomajorobjectivesareachievedinthisway:ITservices

arematchedappropriatelywithindividualusers;and

thenetworkitselfbecomesan

activeparticipantintheorganization’ssecuritystrategy.TheSecureNetworks

architectureconsistsofthreetiers:

• Classificationrulesmakeupthefirstorbottomtier.Therulesapplytodevicesin

theSecureNetworksenvironment,suchasswitchesandrouters.Therulesare

designedtobeimplemented

atorneartheuser’spointofentrytothenetwork.

RulesmaybewrittenbasedoncriteriadefinedintheLayer2,Layer3orLayer4

informationofthedataframe.

•ThemiddletierisServices,whicharecollectionsofindividualclassificationrules,

groupedlogicallytoeitherpermit

ordenyaccesstoprotocolsorapplications

basedontheuser’srolewithintheorganization.Priorityandbandwidthrate

limitingmayalsobedefinedinservices.

•Roles,orbehavioralprofiles,makeupthetoptier.Therolesassignservicesto

variousbusinessfunctionsordepartments,suchasexecutive,sales,and

engineering.

