Switch login levels – Blade ICE RACKSWITCH G8124-E User Manual

BLADEOS 6.5.2 Application Guide

38 Chapter 1: Switch Administration

BMD00220, October 2010

Switch Login Levels

To enable better switch management and user accountability, three levels or classes of user access
have been implemented on the G8124. Levels of access to CLI, Web management functions, and
screens increase as needed to perform various switch management tasks. Conceptually, access
classes are defined as follows:

User interaction with the switch is completely passive—nothing can be changed on the G8124.
Users may display information that has no security or privacy implications, such as switch
statistics and current operational state information.

Operators can only effect temporary changes on the G8124. These changes will be lost when
the switch is rebooted/reset. Operators have access to the switch management features used for
daily switch operations. Because any changes an operator makes are undone by a reset of the
switch, operators cannot severely impact switch operation.

Administrators are the only ones that may make permanent changes to the switch
configuration—changes that are persistent across a reboot/reset of the switch. Administrators
can access switch functions to configure and troubleshoot problems on the G8124. Because
administrators can also make temporary (operator-level) changes as well, they must be aware
of the interactions between temporary and permanent changes.

Access to switch functions is controlled through the use of unique surnames and passwords. Once
you are connected to the switch via local Telnet, remote Telnet, or SSH, you are prompted to enter
a password. The default user names/password for each access level are listed in the following table.

Note –

It is recommended that you change default switch passwords after initial configuration and

as regularly as required under your network security policies. For more information, see

“Changing

the Switch Passwords” on page 61

.

Note –

With the exception of the “admin” user, access to each user level can be disabled by setting

the password to an empty value.

Table 2

User Access Levels

User Account

Password

Description and Tasks Performed

user

user

The User has no direct responsibility for switch management.
He or she can view all switch status information and statistics,
but cannot make any configuration changes to the switch.

oper

oper

The Operator manages all functions of the switch. The Operator
can reset ports, except the management ports.

admin

admin

The superuser Administrator has complete access to all menus,
information, and configuration commands on the G8124,
including the ability to change both the user and administrator
passwords.