Access Security Guide K/KA/KB.15.15
Table 47 Access Security and Switch Authentication Features
More information and configuration
details
Security guidelinesDefault settingFeature
“Using the Management Interface
wizard” (page 436)
Configuring a local Manager
password is a fundamental step in
no passwordManager password
“Using SNMP to view and configure
switch authentication features”
(page 180)
reducing the possibility of
unauthorized access through the
switch's WebAgent and console
(CLI and Menu) interfaces. The
Manager password can easily be
set by any one of the following
methods:
• CLI: password manager
command, or Management
interface wizard
• WebAgent: the password
options under the Security tab,
or Management interface
wizard
• Menu interface: Console
Passwords option
• SNMP
“Using the Management Interface
wizard” (page 436)
For more on Telnet and the
WebAgent, see "Interface Access
The default remote management
protocols enabled on the switch
are plain text protocols, which
transfer passwords in open or
plain text that is easily captured.
enabledTelnet and
Web-browser access
(WebAgent)
and System Information" in the
To reduce the chances of
Management and Configuration
Guide.
unauthorized users capturing your
passwords, secure and encrypted
For RADIUS accounting, see
“RADIUS Authentication,
protocols such as SSH and SSL
(see below for details) should be
Authorization, and Accounting”
(page 141)
used for remote access. This
enables you to employ increased
access security while still retaining
remote client access.
Also, access security on the switch
is incomplete without disabling
Telnet and the standard Web
browser access (WebAgent).
Among the methods for blocking
unauthorized access attempts using
Telnet or the WebAgent are the
following two CLI commands:
• no telnet-server: This
command blocks inbound
Telnet access.
• no web-management: This
command prevents use of the
WebAgent through http (port
80) server access.
If you choose not to disable Telnet
and the WebAgent, you may want
to consider using RADIUS
accounting to maintain a record
of password-protected access to
the switch.
Using HP switch security features 441