Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
11121314151617181920
Using HP switch security features............................................................................................435
Physical security...............................................................................................................435
Using the Management Interface wizard.............................................................................436
WebAgent: Management Interface wizard.....................................................................436
SNMP security guidelines..................................................................................................436
General SNMP access to the switch...............................................................................436
SNMP access to the authentication configuration MIB......................................................437
Precedence of security options...........................................................................................437
Precedence of Port-based security options.......................................................................437
Precedence of Client-based authentication: Dynamic Configuration Arbiter.........................438
HP E-Network Immunity Manager......................................................................................438
Arbitrating client-specific attributes.....................................................................................439
HP PCM+ Identity-Driven Manager (IDM)............................................................................440
Access security features....................................................................................................440
Network security features..................................................................................................445
Using named source-port filters..........................................................................................448
Editing a source-port filter.................................................................................................448
Displaying traffic/security filters.........................................................................................449
Overview............................................................................................................................449
Applicable switch models..................................................................................................450
Filter Limits......................................................................................................................450
Using port trunks with filter................................................................................................450
Filter types and operation..................................................................................................450
Source-Port Filters........................................................................................................451
Operating Rules for Source-Port Filters............................................................................451
Name source-port filters...............................................................................................452
Operating rules for named sourceā€”port filters................................................................453
Static multicast filters....................................................................................................453
Protocol filters.............................................................................................................454
Filtering index.............................................................................................................454
CLI Wizard: Operating notes and restrictions.......................................................................454
15 Port-Based and User-Based Access Control (802.1X)...................................455
Configuring Port-Based Access...............................................................................................455
Why Use Port-Based or User-Based Access Control?.............................................................455
User Authentication Methods.............................................................................................455
802.1X User-Based Access Control................................................................................455
802.1X Port-Based Access Control.................................................................................455
Alternative To Using a RADIUS Server............................................................................456
Accounting.................................................................................................................456
General Setup Procedure for 802.1X Access Control.............................................................456
Configuring Switch Ports as 802.1X Authenticators................................................................458
Enable 802.1X Authentication on Selected Ports..............................................................458
Specify User-Based Authentication or Return to Port-Based Authentication............................459
User-Based 802.1X Authentication.............................................................................459
Port-Based 802.1X Authentication..............................................................................459
Reconfigure Settings for Port-Access...............................................................................460
Configure the 802.1X Authentication Method..................................................................461
Enter the RADIUS Host IP Address(es).............................................................................462
Enable 802.1X Authentication on the Switch...................................................................463
Optional: Reset Authenticator Operation........................................................................463
Optional: Configure 802.1X Controlled Direction.............................................................463
Wake-on-LAN Traffic...................................................................................................464
Setting Up and Configuring 802.1X Open VLAN Mode........................................................464
Configuring General 802.1X Operation.........................................................................465
Contents 17