Securing access methods – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Multi-Service IronWare Security Configuration Guide

3

53-1003035-02

Securing access methods

1

NOTE

For the Brocade devices, RADIUS Challenge is supported for 802.1x authentication for login
authentication. Also, multiple challenges are supported for TACACS+ and RADIUS login
authentication.

Securing access methods

Table 3

lists the management access methods available on the Brocade devices, how they are

secured by default, and the ways in which they can be secured.

TABLE 3

Ways to secure management access to the Brocade devices

Access method

How the access method
is secured by default

Ways to secure the access method

Serial access to the CLI

Not secured

Establish passwords for management
privilege levels
Establish username and password to log in
to the console.

Access to the Privileged EXEC
and CONFIG levels of the CLI

Not secured

Establish a password for Telnet access to
the CLI

Establish passwords for management
privilege levels

Set up local user accounts

Configure TACACS or TACACS+ security

Configure RADIUS security

Telnet access
Telnet server is turned off by default.

Regulate Telnet access using ACLs

Allow Telnet access only from specific IP
addresses

Allow Telnet access only to clients
connected to a specific VLAN

Regulate telnet access using Management
VRF.

Disable Telnet access

Establish a password for Telnet access

Establish passwords for privilege levels of
the CLI

Set up local user accounts

Configure TACACS or TACACS+ security

Configure RADIUS security