HP 6200YL User Manual

Introduction to IPv6

Configurable IPv6 Security

that the IP address of a networked management device must be authorized
before the switch will attempt to authenticate the device by invoking any other
access security features. Thus, with Authorized IP Managers configured,
having the correct passwords or MAC address is not sufficient for accessing
the switch through the network unless an IPv6 address configured on the
station attempting the access is also included in the switch's Authorized IP
Managers configuration. This presents the opportunity to combine the Autho­
rized IP Managers feature with other access control features to enhance the
security fabric protecting the switch.

C a u t i o n

The Authorized IP Managers feature does not protect against unauthorized
station access through a modem or direct connection to the Console (RS-232)
port. Also, if an unauthorized station “spoofs” an authorized IP address, then
the unauthorized station cannot be blocked by the Authorized IP Managers
feature, even if a duplicate IP address condition exists.

To configure authorized IPv6 managers, refer to “Authorized IP Managers for
IPv6” on page 6-3.

For related information, refer to:

■

RFC 4864, “Local Network Protection for IPv6”.

2-13