Enterasys Networks CSX7000 Manuel d'utilisateur télécharger pdf (Page 168)

100

101

USER’S GUIDE

168 CyberSWITCH

OVERVIEW OF DEVICE AUTHENTICATION PROCESS

When a remote device connects, the CyberSWITCH negotiates the required authentication. It then

collects the information which is used to identify and authenticate the remote device. The system

compares this collected information against information maintained in a device database. If the

information collected from the remote device matches the information found in the database, the

connection is valid and the device is allowed access to network resources. If the collected

information does not match the information in the database, the connection is disconnected.

The device database can be maintained either locally on the CyberSWITCH itself, or on a server,

central to the network. When an on-node device database is used, device information is configured

either directly through the CFGEDIT configuration utility or through using Manage Mode

commands.

It is also possible to configure and maintain device information on an off-node, central device

database. This could be useful for networks with a large number of devices or several systems. Only

one device database would need to be configured and maintained. The Remote Authentication Dial

In User Service (RADIUS) and CSM are the off-node, central databases currently supported by the

system. The RADIUS Server option is available for PPP/IP devices (with CHAP or PAP security),

HDLC bridge devices, and RFC 1294 devices.

USER LEVEL SECURITY

CONFIGURING USER LEVEL SECURITY

USING CFGEDIT

1. Select User Level Security from the Security Level Menu. If you need guidance to find this menu,

refer to the instructions provided in the No Security configuration section.

2. Refer to the chapter Configuring User Level Databases in order to select and configure the user

level database.

SING MANAGE MODE

seclevel

Displays the current security level configuration data.

USER LEVEL SECURITY BACKGROUND INFORMATION

User level security is an authentication process between a specific user and a device. The

authentication process is interactive; users connect to a terminal server and need to interact with it

in order to communicate with other devices beyond the server. The CyberSWITCH supports user

level security through the RADIUS, TACACS, or ACE server.

User level security supports the following devices:

• PPP devices

•HDLC bridges

1 2 ... 163 164 165 166 167 168 169 170 171 172 173 ... 728 729

Commentaires sur ces manuels

Pas de commentaire

Enterasys Networks CSX7000 Manuel d'utilisateur Page 168

Commentaires sur ces manuels