beautypg.com

Aaa operations for radius – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 70

background image

52

Multi-Service IronWare Security Configuration Guide

53-1003035-02

Configuring RADIUS security

1

A system event occurs, such as a reboot or reloading of the configuration file

2. The Brocade device checks its configuration to see if the event is one for which RADIUS

accounting is required.

3. If the event requires RADIUS accounting, the Brocade device sends a RADIUS Accounting Start

packet to the RADIUS accounting server, containing information about the event.

4. The RADIUS accounting server acknowledges the Accounting Start packet.

5. The RADIUS accounting server records information about the event.

6. When the event is concluded, the Brocade device sends an Accounting Stop packet to the

RADIUS accounting server.

7. The RADIUS accounting server acknowledges the Accounting Stop packet.

AAA operations for RADIUS

The following table lists the sequence of authentication, authorization, and accounting operations
that take place when a user gains access to a Brocade device that has RADIUS security configured.

User action

Applicable AAA operations

User attempts to gain access to the
Privileged EXEC and CONFIG levels of the
CLI

Enable authentication:
aaa authentication enable default method-list

System accounting start:
aaa accounting system default start-stop method-list

User logs in using Telnet or SSH

Login authentication:
aaa authentication login default method-list

EXEC accounting Start:
aaa accounting exec default start-stop method-list
System accounting Start:
aaa accounting system default start-stop method-list

User logs into the Web Management
Interface

Web authentication:
aaa authentication web-server default method-list

User logs out of Telnet or SSH session

Command authorization for logout command:
aaa authorization commands privilege-level default method-list

Command accounting:
aaa accounting commands privilege-level default start-stop
method-list
EXEC accounting stop:
aaa accounting exec default start-stop method-list

User enters system commands
(for example, reload, boot system)

Command authorization:
aaa authorization commands privilege-level default method-list

Command accounting:
aaa accounting commands privilege-level default start-stop
method-list
System accounting stop:
aaa accounting system default start-stop method-list

See also other documents in the category Brocade Computer Accessories: