Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
12345678910
Password recovery.............................................................................................................46
Saving username and password security....................................................................................46
Security settings that can be saved.......................................................................................46
Benefits of saving security credentials....................................................................................46
Saving local manager and operator passwords.....................................................................46
Saving SNMP security credentials........................................................................................47
Storing 802.1X port-access credentials..................................................................................48
Storage states when using include-credentials........................................................................48
Operating Notes....................................................................................................................50
Interaction with include-credentials settings............................................................................51
2 Virus throttling (connection-rate filtering)......................................................53
Configuring connection-rate filtering..........................................................................................53
Viewing the connection-rate configuration ............................................................................53
Enabling global connection-rate filtering and sensitivity...........................................................54
Configuring per-port filtering................................................................................................55
Basic configuration........................................................................................................56
Blocked hosts.........................................................................................................................57
Listing currently-blocked hosts...............................................................................................57
Unblocking currently-blocked hosts.......................................................................................58
Configuring and applying connection-rate ACLs..........................................................................58
Configuring a connection-rate ACL using source IP address criteria...........................................58
Configuring a connection-rate ACL using UDP/TCP criteria......................................................59
Applying connection-rate ACLs............................................................................................62
Using an ACL in a connection-rate configuration example.......................................................62
Connection-rate filtering...........................................................................................................65
Features and benefits..........................................................................................................65
General operation.............................................................................................................65
Filtering options............................................................................................................65
Sensitivity to connection rate detection.............................................................................66
Application options.......................................................................................................66
Selective enable.......................................................................................................66
Connection-rate Access Control Lists (ACLs)..................................................................66
Operating rules............................................................................................................67
Unblocking a currently blocked host.................................................................................67
Applying connection-rate ACLs............................................................................................67
Connection-rate ACL operation.......................................................................................68
Connection-Rate ACL operating notes..............................................................................68
Using CIDR notation to enter the ACE mask...........................................................................69
Connection-rate log and trap messages................................................................................70
Overview..............................................................................................................................70
Overview..........................................................................................................................70
Configuring connection-rate filtering for low risk networks (Overview).......................................70
Configuring connection-rate filtering for high risk networks (Overview)......................................71
3 Web-based and MAC authentication..........................................................72
Configuring MAC authentication on the switch...........................................................................72
Prerequisites for web-based or MAC authentication................................................................72
Preparation for configuring MAC authentication.....................................................................73
Configuring a global MAC authentication password...............................................................74
Commands to configure the global MAC authentication password.......................................74
Configuring a MAC address format.................................................................................74
Enabling/disabling MAC authentication..........................................................................75
Specifying the maximum authenticated MACs allowed on a port.........................................75
Allowing addresses to move without re-authentication.........................................................75
Specifiying the VLAN for an authorized client....................................................................76
Contents 5