KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch

431

432

433

434

435

436

437

438

439

440

Using the Management Interface wizard

The Management Interface wizard provides a convenient step-by-step method to prepare the switch

for secure network operation. It guides you through the process of locking down the following

switch operations or protocols:

• setting local passwords

• restricting SNMP access

• enabling/disabling Telnet

• enabling/disabling SSH

• enabling/disabling remote Web management (WebAgent)

• restricting WebAgent access to SSL

• enabling/disabling USB autorun

• setting timeouts for SSH/Telnet sessions

The wizard can also be used to view the pre-configured defaults and see the current settings for

switch access security. The wizard can be launched either via the CLI or the WebAgent.

NOTE: The wizard's security settings can also be configured using standard commands via the

CLI, Menu, or WebAgent.

WebAgent: Management Interface wizard

To use the Management Inteface wizard from the WebAgent, follow the steps below:

1. In the navigation tree, select Security.

2. Click on the Security Wizard. The Welcome window appears.

This page allows you to choose between two setup types:

• Typical—provides a multiple page, step-by-step method to configure security settings, with

on-screen instructions for each option.

• Advanced—provides a single summary screen in which to configure all security settings

at once.

See the WebAgent Online Help for detailed information about using the Management Interface

wizard.

SNMP security guidelines

In the default configuration, the switch is open to access by management stations running SNMP,

management applications capable of viewing and changing the settings and status data in the

switch MIB (Management Information Base). So controlling SNMP access to the switch and

preventing unauthorized SNMP access should be a key element of your network security strategy.

General SNMP access to the switch

The switch supports SNMP versions 1, 2c, and 3, including SNMP community and trap

configuration. The default configuration supports versions 1 and 2c compatibility, which uses plain

text and does not provide security options.

HP recommends you enable SNMP version 3 for improved security. SNMPv3 includes the ability

to configure restricted access and to block all non-version 3 messages (which blocks version 1 and

2c unprotected operation).

436 Traffic/Security Features and Monitors