2 process overview: security configuration, Process overview: security configuration -2 – Enterasys Networks 1G58x-09 User Manual
Page 684
Process Overview: Security Configuration
14-2
Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide
•
Port Web Authentication (PWA) – locks down a port a user is attached to until after the user logs
in using a web browser to access the switch. The switch will pass all login information from the
end station to a RADIUS server for authentication before turning the port on. PWA is an
alternative to 802.1X and MAC authentication. For details, refer to
.
•
Secure Shell (SSH) – permits or denies remote access based on IP address, ciphers and MAC
algorithms. For details, refer to
.
•
Access Lists (ACLs) – permits or denies access to routing interfaces based on protocol and
source IP address restrictions configured in access lists. For details, refer to
.
•
Denial of Service (DoS) Prevention - prevents Denial of Service attacks, including land,
fragmented and large ICMP packets, spoofed address attacks, and UDP/TCP port scanning. For
details, refer to
•
Flow Setup Throttling (FST) - prevents the effects of DoS attacks by limiting the number of new
or established flows that can be programmed on any individual switch port. For details, refer to
.
14.2 PROCESS OVERVIEW: SECURITY CONFIGURATION
Use the following steps as a guide to configuring security methods on the device:
1. Configuring RADIUS (
2. Configuring EAPOL (
)
3. Configuring MAC Authentication (
4. Configuring MAC Locking (
)
5. Configuring Port Web Authentication (
)
6. Configuring Secure Shell (SSH) (
)
7. Configuring Access Lists (ACLs) (
8. Configuring Denial of Service (DoS) Prevention (
)
9. Configuring Flow Setup Throttling (FST) (
)