Specifications
Enterasys Matrix N Standalone (NSA) Series Configuration Guide 24-1
24
Security Configuration
ThischapterdescribestheSecurityConfigurationsetofcommandsandhowtousethem.
Overview of Security Methods
Thefollowingsecuritymethodsareavailableforcontrollingwhichusersareallowedtoaccess,
monitor,andmanagethedevice.
•Localusercredentials—usedforlocalauthenticationandauthorizationofCLIandWebView
managementsessions.Fordetails,referto“SettingUserAccountsandPasswords”on
page 2‐15and“Setting
theAuthenticationLoginMethod”onpage 25‐50.
•SNMPuserorcommunitynames—usedforauthenticationandauthorizationofallSNMP
requests.Fordetails,refertoChapter 5.
•MACLocking—locksaporttooneormoreMACaddresses,preventingconnectionof
unauthorizeddevicesviatheport.Fordetails,referto
“ConfiguringMACLocking”on
page 24‐2.
•SecureShell(SSH)—providesforsecureremoteCLImanagementaccess.Fordetails,referto
“ConfiguringSecureShell(SSH)”onpage 24‐11.
•IPAccessLists(ACLs)—permitsordeniesaccesstoroutinginterfacesbasedonprotocoland
inboundand/oroutboundIPaddress
restrictionsconfiguredinaccesslists.Fordetails,referto
“ConfiguringAccessLists”onpage 24‐15.
•Policy‐BasedRouting—permitsordeniesaccesstoroutinginterfacesbasedonaccesslistsin
aroutemapappliedtotheinterface.Fordetails,referto“ConfiguringDenialofService(DoS)
Prevention”on
page 24‐22.
•DenialofService(DoS)Prevention—preventsDenialofServiceattacks,includingland,
fragmentedandlargeICMPpackets,spoofedaddressattacks,andUDP/TCPportscanning.
Fordetails,referto“ConfiguringDenialofService(DoS)Prevention”onpage 24‐22.
For information about... Refer to page...
Overview of Security Methods 24-1
Configuring MAC Locking 24-2
Configuring Secure Shell (SSH) 24-11
Configuring Access Lists 24-15
Configuring Denial of Service (DoS) Prevention 24-22
Configuring Flow Setup Throttling (FST) 24-25