beautypg.com

Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 20

background image

2

Multi-Service IronWare Security Configuration Guide

53-1003035-02

Securing Access to Management Functions

1

By default, the Brocade devices have all management access disabled. This chapter explains how
to secure access to management functions on the Brocade devices. It contains the following
sections:

“Securing access methods”

lists the management access methods available on the Brocade

devices and the ways you can secure each one

“Restricting remote access to management functions”

explains how to restrict access to

management functions from remote sources, including Telnet, the Web Management
Interface, and SNMP

“Setting passwords”

explains how to set passwords for Telnet access and management

privilege levels

“Setting up local user accounts”

explains how to define user accounts to regulate who can

access management functions.

“Configuring TACACS or TACACS+ security”

explains how to configure TACACS or TACACS+

authentication, authorization, and accounting.

“Configuring RADIUS security”

explains how to configure RADIUS authentication, authorization,

and accounting.

“Configuring AAA on the console”

“Configuring authentication-method lists”

explains how to set the order that authentication

methods are consulted when more than one is used with an access method.

Interactive
multi-factor
RADIUS security
support (e.g., for
RSA SecurID)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

AAA on the
Console

Yes

Yes

Yes

Yes

Yes

Yes

Yes

AAA
Authentication-
Method Lists

Yes

Yes

Yes

Yes

Yes

Yes

Yes

AES Encryption
for SNMPv3

Yes

Yes

Yes

Yes

Yes

Yes

Yes

AES Encryption
for SSHv2

Yes

Yes

Yes

Yes

Yes

Yes

Yes

DSA for SSHv2

Yes

Yes

Yes

Yes

Yes

Yes

Yes

RSA for SSHv2

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Management
VRF

Yes

Yes

Yes

Yes

Yes

Yes

Yes

TABLE 2

Supported Brocade security features

Features
supported

Brocade
NetIron
XMR Series

Brocade
MLX Series

Brocade
NetIron CES
2000 Series
BASE
package

Brocade
NetIron CES
2000 Series
ME_PREM
package

Brocade
NetIron CES
2000 Series
L3_PREM
package

Brocade
NetIron CER
2000 Series
Base
package

Brocade
NetIron CER
2000 Series
Advanced
Services
package

See also other documents in the category Brocade Computer Accessories: