Owner's Manual
Chapter 17. Security | 434
17
17. Security
This chapter includes the following sections:
• Overview on page 434
• Safe Defaults Mode on page 436
• MAC Security on page 436
• DHCP Server on page 445
• IP Security on page 446
• Denial of Service Protection on page 461
• Authenticating Management Sessions Through the Local Database on page 465
• Authenticating Management Sessions Through a TACACS+ Server on page 465
• Authenticating Management Sessions Through a RADIUS Server on page 471
• Authenticating Network Login Users Through a RADIUS Server on page 474
• Configuring the RADIUS Client on page 475
• RADIUS Server Configuration Guidelines on page 479
• Configuring a Windows XP Supplicant for 802.1x Authentication on page 503
• Hyptertext Transfer Protocol on page 504
• Secure Shell 2 on page 504
• Secure Socket Layer on page 513
Overview
Security is a term that covers several different aspects of network use and operation. One
general type of security is control of the devices or users that can access the network. Ways of
doing this include authenticating the user at the point of logging in. You can also control access
by defining limits on certain types of traffic. Another general type of security operates to protect
the operation of the switch itself. Security measures in this category include routing policies that
can limit the visibility of parts of the network or denial of service protection that prevents the CPU
from being overloaded. Finally, management functions for the switch can be protected from
unauthorized use. This type of protection uses various types of user authentication.