Configuring security level, Overview, Configuring security level 136 – Cabletron Systems CSX1000 User Manual
Page 136: Overview 136

C
ONFIGURING
S
ECURITY
L
EVEL
O
VERVIEW
The CyberSWITCH offers the following levels of network security: no security, device level 
security, user level security, or device and user level security. The network security level 
determines the type of security you want activated on your network. As the name implies, no 
security is used if you configure your network security level as “no security.” Device level security 
and user level security provide a flexible amount of security, but each secure a different entity:
•
Device level security is an authentication process between internetworking devices. The authen-
tication happens automatically without any human intervention. 
•
User level security is an authentication process between a specific user and a device. In contrast 
to the device level security, this authentication process is performed interactively. 
The combination of both device and user level security supports user authentication on top of 
device level authentication. Often referred to as multilevel security, this option increases the 
security on your network. First, authentication takes place at the device level. If the system meets 
these requirements, then user level security begins by telneting to the appropriate authentication 
server.
Note:
The default value on your initial configuration is device level security, with only CHAP 
security enabled.
The following picture illustrates two different levels of security. The picture on the left represents 
User Level Security. The users, not the devices, are authorized before they are allowed access. This 
would be advantageous, for example, for a user traveling to different areas, using different devices, 
but still needing access. No matter what device the user is on, the user can be authenticated.The 
picture on the right represents device level security. The devices are authenticated before access is 
allowed, no matter who the specific user may be. The device level authentication process is 
transparent to the user. 
