search

Enterasys Networks CSX7000 User Manual Page 162

  • Download
  • Add to my manuals
  • Print
  • Page
    / 729
  • Table of contents
  • BOOKMARKS
    • Rated. / 5. Based on customer reviews
Page view 161
USER’S GUIDE
162 CyberSWITCH
Multilevel security provides both user level security and device level security for local (on-node)
database, Radius, and CSM. This provides added protection; first, a device will be authenticated,
and then a particular user (on the device) will be authenticated.
The feature also allows the configuration of an on-node device database at the same time as an off-
node device database. Calls first check the on-node database (if enabled) and then the off-node
database for the correct device. Authentication is based on device information received from the
first matching database.
SYSTEM OPTIONS AND INFORMATION
The second phase of security configuration involves the proper setting of administrative security
options. We have thus far defined the selected type of security we plan to use. We now need to
enable security options, provide system information, and configure administrative sessions.
System Options: You need to enable/disable PPP Link Security, Bridge MAC Address Security, IP
Host ID Security, or Calling Line ID Security, based upon your network requirements.
System Information: You need to assign a system name, password, and secret to the CyberSWITCH
for identification purposes.
Administrative Session Information: You can achieve secure administration sessions with flexible
control through the configuration of certain options, such as:
Selecting an authentication database for administration sessions.
You may select an on-node database, a RADIUS server, a TACAS Server, or an ACE Server.
Specifying an inactivity session time-out.
Since there are only a limited number of sessions available, this avoids the problem of
administrator lockout because a user forgets to logout from the system.
Restricting Telnet access.
This is done by allowing you to set the number of possible administrative Telnet sessions.
Telnet access to the CyberSWITCH can be disabled, or the number of Telnet sessions can be
limited to less than 3.
Accessing an emergency Telnet Server session.
To access an emergency Telnet Server session, you first need to configure an emergency Telnet
Server port. If the system administrator needs a Telnet session and all available Telnet sessions
are in use, they can then Telnet into this emergency port and disconnect inactive Telnet sessions
and begin a session of their own.
DEVICE LEVEL DATABASES
If device level security or multi-level security has been chosen, then the next phase of security
configuration involves setting up a device level authentication database, and then specifying the
location of that database.
The CyberSWITCH provides dial in/dial out access for remote devices via ISDN connections. The
information required to authenticate the remote device is maintained in a database that the system
queries during connection establishment. The system allows this “device database” to be located in
several optional environments.
Page view 161
1 2 ... 157 158 159 160 161 162 163 164 165 166 167 ... 728 729

Comments to this Manuals

No comments
  • Raider PB Heat Kenton Earth Wise Tascam
  • Alto-Shaam Food warmers Memorex Portable speakers AllerAir Unknown DCS Unknown Harman Kardon Home audio sets
  • KitchenAid KHIMS 66500 Crunch 217B Canon PIXMA G3500 Sony BC-TRV LG BH12NS30
  • Zenith ZDX-313 User Manual Electrolux EHS60200P User Manual Samsung HT-DB120 User Manual Royal Sovereign RSH-380SL Instruction Manual