Manualshelf

Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS6000 - Wireless RF Switch
581582583584585586587588589590
D-62 Motorola RF Switch System Reference Guide
12.Select the IP ACL you created previously. Click OK.
13.Select Save (from the lower left-hand corner) to apply the changes.
D.5.1.4 Disabling Insecure Management Interfaces
Network administrators can secure management access to the RF Switch by disabling less secure
management interfaces. By default, the switch enables all CLI, SNMP and Web UI management interfaces,
of which some do not support encryption or authentication. Security best practices recommend (and certain
regulations require) insecure management interfaces (such as Telnet, HTTP and SNMP) be disabled, and only
secure management interfaces be used to manage the infrastructure.
The table below shows available management interfaces, encryption and authentication capabilities default
states. Again, all management interfaces (except for FTP) are enabled by default.
Industry best practice recommendations include:
Any un-used management interfaces should be disabled. For example, if a device is only being managed
by the Web UI and SNMP, there is no need to enable the CLI interface.
Only use management interfaces that provide encryption and authentication. For example, if CLI access
is required, SSHv2 should be used over Telnet.
If less secure management access is required, access should be restricted to specific hosts and
interfaces by leveraging the Secure Management feature and ACLs.
Management Service Encrypted Authenticated Default State
Telnet No Yes Enabled
SNMP v2 No No Enabled
SNMP v3 Yes Yes Enabled
HTTP No Yes Enabled
HTTPS Yes Yes Enabled
FTP No Yes Disabled
SSH v2 Yes Yes Enabled