Manualshelf

Specifications

ManualsBrandsExtreme Networks ManualsComputer equipmentExtremeWare XOS Command
61626364656667686970
Authenticating Users
ExtremeWare XOS 11.0 Concepts Guide 63
Authenticating Users
ExtremeWare XOS provides three methods to authenticate users who log in to the switch:
RADIUS client
TACACS+
Local database of accounts and passwords
NOTE
You cannot configure RADIUS and TACACS+ at the same time.
RADIUS Client
Remote Authentication Dial In User Service (RADIUS, RFC 2138) is a mechanism for authenticating and
centrally administrating access to network nodes. The ExtremeWare XOS RADIUS client
implementation allows authentication for Telnet or console access to the switch.
TACACS+
Terminal Access Controller Access Control System Plus (TACACS+) is a mechanism for providing
authentication, authorization, and accounting on a central server, similar in function to the RADIUS
client. The ExtremeWare XOS version of TACACS+ is used to authenticate prospective users who are
attempting to administer the switch. TACACS+ is used to communicate between the switch and an
authentication database.
Configuring RADIUS Client and TACACS+
For detailed information about configuring a RADIUS client or TACACS+, see Chapter 10, “Security.”
Management Accounts
ExtremeWare XOS supports two levels of management accounts (local database of accounts and
passwords): User and Administrator. A user level account can view but not change all manageable
parameters, with the exception of the user account database and SNMP community strings. An
administrator level account can view and change all manageable parameters. For detailed information
about the configuring management accounts, see Chapter 2, “Accessing the Switch.”
Using the Simple Network Time Protocol
ExtremeWare XOS supports the client portion of the Simple Network Time Protocol (SNTP) Version 3
based on RFC1769. SNTP can be used by the switch to update and synchronize its internal clock from a
Network Time Protocol (NTP) server. After SNTP has been enabled, the switch sends out a periodic
query to the indicated NTP server, or the switch listens to broadcast NTP updates. In addition, the
switch supports the configured setting for Greenwich Mean time (GMT) offset and the use of Daylight
Saving Time. These features have been tested for year 2000 compliance.