Brocade FastIron Ethernet Switch Security Configuration Guide User Manual
Page 3
Contents
Text formatting conventions................................................................ 13
Command syntax conventions............................................................ 13
Notes, cautions, and warnings............................................................ 14
Brocade resources.......................................................................................... 15
Getting technical help......................................................................................15
Document feedback........................................................................................ 16
Supported security access features................................................................ 19
Securing access methods............................................................................... 20
Remote access to management function restrictions..................................... 23
ACL usage to restrict remote access ................................................. 23
Defining the console idle time............................................................. 25
Remote access restrictions................................................................. 25
Restricting access to the device based on IP orMAC address........... 26
Defining the Telnet idle time................................................................27
Specifying the maximum number of login attemptsfor Telnet
access........................................................................................... 27
Changing the login timeout period for Telnet sessions....................... 28
Restricting remote access to the device tospecific VLAN IDs.............28
Designated VLAN for Telnet management sessionsto a Layer 2
Passwords used to secure access..................................................................31
Setting a Telnet password ..................................................................32
Setting passwords for management privilege levels........................... 32
Recovering from a lost password........................................................34
Displaying the SNMP community string.............................................. 35
Specifying a minimum password length..............................................35
Enhancements to username and password........................................36
Local user account configuration........................................................ 40
Changing a local user password......................................................... 41
TACACS and TACACS+ security....................................................................42
How TACACS+ differs from TACACS.................................................42
TACACS/TACACS+ authentication, authorization,and accounting.....42
TACACS authentication...................................................................... 44
TACACS/TACACS+ configuration considerations.............................. 47
Enabling TACACS...............................................................................48
Identifying the TACACS/TACACS+ servers........................................48
Specifying different servers for individual AAA functions.................... 49
FastIron Ethernet Switch Security Configuration Guide
3
53-1003088-03