search

Enterasys Networks CSX7000 Manuel d'utilisateur Page 169

  • Télécharger
  • Ajouter à mon manuel
  • Imprimer
  • Page
    / 729
  • Table des matières
  • MARQUE LIVRES
    • Noté. / 5. Basé sur avis des utilisateurs
Vue de la page 168
Central Site Remote Access Switch 169
C
ONFIGURING
S
ECURITY
L
EVEL
User Level Security
The following sections provide information regarding authentication via SecurId cards, system
requirements for user level security, and the authentication process with user level security.
A
UTHENTICATION USING A SECURITY TOKEN CARD
The CyberSWITCH supports interactive, user level security through the TACACS or ACE server
programmed for use with security token cards. Token cards are credit card-sized devices. These
cards are widely used throughout the computer industry for authentication. This concept of
authentication is now available to ISDN connections via the CyberSWITCH. The CyberSWITCH
version of user level security supports a security token card called SecurID, provided by Security
Dynamics.
The SecurID card works on a “passcode” concept, which consists of two factors:
a known value (the device’s password)
a dynamically-generated value (from the SecurID card)
Note: For more information specific to the SecurID card, refer to the documentation provided by
Security Dynamics Technologies Inc.
The user is prompted for the passcode value at login. The following description illustrates how the
user level authentication process works:
The CyberSWITCH provides user level security by having the remote user establish a Telnet
connection to the system. While the remote user is being authenticated, a data filter is placed on the
connection. This filter only allows the Telnet session traffic to flow over the connection between the
user and the CyberSWITCH. During the Telnet session, the system collects user information (user
Id, password and maybe dynamic password) and requests authentication from the configured
server. Once the user is authenticated, the data filter is removed from that connection. All remote
user data is now forwarded on the connection.
If the user fails to be authenticated, the connection is released. The user must establish a new
connection and perform validation again.
If the ISDN connection is released by either the ISDN network or by the remote device, the system
treats this as a new authentication session and starts the validation sequence over.
Note that when a user establishes the Telnet connection to the CyberSWITCH, the user needs to
Telnet into a special TCP port configured for the type of authentication the user wishes to use. For
example, to get validated through the TACACS authentication server, the user needs to Telnet into
port 7000 (the default value for the TACACS port). Different port numbers are used for other types
of authentication servers such as RADIUS or ACE.
The following picture shows the relationship between the security server, an end user, and the
computer that prompts for the input. The security clients and the security server communicate with
each other using some special protocol, such as TACACS.
Vue de la page 168
1 2 ... 164 165 166 167 168 169 170 171 172 173 174 ... 728 729

Commentaires sur ces manuels

Pas de commentaire
  • Ecosolar Conway Spp-pumps Deco Mirror Qualcast
  • Hamilton Beach Stands d'équipement audiovisuel Juwel Non Sony Télévisions LED Ryobi Scies à chaîne Philips Stations d'accueil pour appareils mobiles
  • Whirlpool WCE52424AB Kicker DC12 Starline B92 Dialog FLEX Electrohome G05 Sony DSC-W310
  • Kodak KLIC-7003 Manuel de l'utilisateur Zebra 104531-001 Fiche technique LG DVX556KH Manuel de l'utilisateur Samsung MX-D750D Manuel de l'utilisateur Cisco WVC54GCA Guide de l'utilisateur