HP 4100GL User Manual

Getting Started

Overview of Access Security Features

Allows access to the switch by a networked device having an IP
address previously configured in the switch as "authorized".

HP recommends that you use local passwords together with the switch’s other
security features to provide a more comprehensive security fabric than if you
use only the local password option. Table 1 lists these features with the
security coverage they provide.

Table 1.

Management Access Security Protection

Security Feature

Offers Protection Against Unauthorized Client Access to

Switch Management Features

Offers Protection

Against

Unauthorized Client

Access to the

Network

Connection Telnet

SNMP

(Net Mgmt)

Web

Browser

SSH

Client

Local Manager and Operator
Usernames and Passwords*

PtP:

Yes

No

Yes

Yes

No

Remote:

Yes

No

Yes

Yes

No

TACACS+*

PtP:

Yes

No

No

Yes

No

Remote:

Yes

No

No

Yes

No

RADIUS*

PtP:

Yes

No

No

Yes

No

Remote:

Yes

No

No

Yes

No

SSH

Ptp:

Yes

No

No

Yes

No

Remote:

Yes

No

No

Yes

No

SSL

PtP:

No

No

Yes

No

No

Remote:

No

No

Yes

No

No

Port-Based Access Control (802.1x)

PtP:

Yes

Yes

Yes

Yes

Yes

Remote:

No

No

No

No

No

Port Security (MAC address)

PtP:

Yes

Yes

Yes

Yes

Yes

Remote:

Yes

Yes

Yes

Yes

Yes

Authorized IP Managers

PtP:

Yes

Yes

Yes

Yes

No

Remote:

Yes

Yes

Yes

Yes

No

*Protection for serial port access includes the local Manager/Operator, TACACS+, and RADIUS options (direct connect
or modem access).

There are two security areas to protect: access to the switch management
features and access to the network through the switch. The above table shows
the type of protection each switch security feature offers.

The Product Documentation CD-ROM shipped with the switch includes a
copy of this guide. You can also download the latest copy from the HP
Procurve website. (Refer to “Getting Documentation From the Web”, below.)

xiii