Securing access to management functions, Securing access methods, Chapter 5 – Brocade TurboIron 24X Series Configuration Guide User Manual

Page 97: Chapter

background image

Brocade TurboIron 24X Series Configuration Guide

63

53-1003053-01

Chapter

5

Securing Access to Management Functions

In this chapter

•

Securing access methods. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

•

Restricting remote access to management functions . . . . . . . . . . . . . . . . . 65

•

Setting passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

•

Setting up local user accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

•

Configuring TACACS/TACACS+ security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

•

Configuring RADIUS security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

•

Configuring authentication-method lists . . . . . . . . . . . . . . . . . . . . . . . . . . . 115

This chapter explains how to secure access to management functions on a device.

NOTE

For all devices, RADIUS Challenge is supported for 802.1x authentication but not for login
authentication. Also, multiple challenges are supported for TACACS+ login authentication.

Securing access methods

The following table lists the management access methods available on a device, how they are
secured by default, and the ways in which they can be secured.

TABLE 18

Ways to secure management access to devices

Access method

How the access
method is secured
by default

Ways to secure the access method

See page

Serial access to the CLI

Not secured

Establish passwords for management privilege
levels

Access to the Privileged
EXEC and CONFIG levels
of the CLI

Not secured

Establish a password for Telnet access to the
CLI

Establish passwords for management privilege
levels

Set up local user accounts

Configure TACACS/TACACS+ security

Configure RADIUS security