beautypg.com

Management access, Viewing management access policies, Chapter 12 – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 681

background image

Brocade Mobility RFS Controller System Reference Guide

669

53-1003099-01

Chapter

12

Management Access

Controllers and service platforms have mechanisms to allow/deny device access for separate
interfaces and protocols (HTTP, HTTPS, Telnet, SSH or SNMP). Management access can be
enabled/disabled as required for unique policies. The Management Access functionality is not
meant to function as an ACL (in routers or other firewalls), where administrators specify and
customize specific IPs to access specific interfaces.

Controllers and service platforms can be managed using multiple interfaces (SNMP, CLI and Web
UI). By default, management access is unrestricted, allowing management access to any enabled
IP interface from any host using any enabled management service.

To enhance security, administrators can apply various restrictions as needed to:

Restrict SNMP, CLI and Web UI access to specific hosts or subnets

Disable un-used and insecure interfaces as required within managed access profiles.
Disabling un-used management services can dramatically reduce an attack footprint and free
resources on managed devices

Provide authentication for management users

Apply access restrictions and permissions to management users

Management restrictions can be applied to meet specific policies or industry requirements
requiring only certain devices or users be granted access to critical infrastructure devices.
Management restrictions can also be applied to reduce the attack footprint of the device when
guest services are deployed.

Viewing Management Access Policies

Management Access policies display in the lower left-hand side of the screen. Existing policies can
be updated as management permissions change, or new policies can be added as needed.

To view existing Management Access policies:

1. Select Configuration > Management > Management Policy to display the main Management

Policy screen and Management Browser.

2. Select a policy from the Management Browser or refer to the Management screen (displayed

by default) to review existing Management Access policy configurations at a higher level.

See also other documents in the category Brocade Computer Accessories: