Allied Telesis AT-S63 User Manual
Page 10

Contents
10
Chapter 34: PKI Certificates and SSL ........................................................................................................397
Supported Platforms .......................................................................................................................................398
Overview .........................................................................................................................................................399
Types of Certificates .......................................................................................................................................399
Distinguished Names ......................................................................................................................................401
SSL and Enhanced Stacking ..........................................................................................................................403
Guidelines .......................................................................................................................................................404
Technical Overview.........................................................................................................................................405
SSL Encryption.........................................................................................................................................405
User Verification .......................................................................................................................................406
Authentication...........................................................................................................................................406
Public Key Infrastructure ..........................................................................................................................407
Public Keys...............................................................................................................................................407
Message Encryption .................................................................................................................................407
Digital Signatures .....................................................................................................................................407
Certificates................................................................................................................................................408
Elements of a Public Key Infrastructure ...................................................................................................409
Certificate Validation.................................................................................................................................410
Certificate Revocation Lists (CRLs)..........................................................................................................410
PKI Implementation ..................................................................................................................................411
Chapter 35: Secure Shell (SSH) ..................................................................................................................413
Supported Platforms .......................................................................................................................................414
Overview .........................................................................................................................................................415
Support for SSH..............................................................................................................................................416
SSH Server .....................................................................................................................................................417
SSH Clients.....................................................................................................................................................418
SSH and Enhanced Stacking..........................................................................................................................419
SSH Configuration Guidelines ........................................................................................................................421
General Steps to Configuring SSH .................................................................................................................422
Chapter 36: TACACS+ and RADIUS Protocols .........................................................................................423
Supported Platforms .......................................................................................................................................424
Overview .........................................................................................................................................................425
Guidelines .......................................................................................................................................................427
Chapter 37: Management Access Control List ..........................................................................................431
Supported Platforms .......................................................................................................................................432
Overview .........................................................................................................................................................433
Parts of a Management ACE ..........................................................................................................................434
Guidelines .......................................................................................................................................................435
Examples ........................................................................................................................................................436
Appendix A: AT-S63 Management Software Default Settings .................................................................439
Address Resolution Protocol Cache ...............................................................................................................441
Boot Configuration File ...................................................................................................................................442
BOOTP Relay Agent.......................................................................................................................................443
Class of Service ..............................................................................................................................................444
Denial of Service Defenses.............................................................................................................................445
802.1x Port-Based Network Access Control...................................................................................................446
Enhanced Stacking .........................................................................................................................................448
Ethernet Protection Switching Ring (EPSR) Snooping ...................................................................................449
Event Logs ......................................................................................................................................................450
GVRP..............................................................................................................................................................451
