User Guide

36 Chapter 1 Overview

320818-A

Authentication methods

You can configure more than one authentication method within a Nortel

SNAS 4050 domain. Nortel Secure Network Access Switch Software Release 1.0

supports the following authentication methods:

• external database

— Remote Authentication Dial-In User Service (RADIUS)

— Lightweight Directory Access Protocol (LDAP)

The Nortel SNAS 4050 authenticates the user by sending a query to an

external RADIUS or LDAP server. This makes it possible to use

authentication databases already existing within the intranet. The Nortel

SNAS 4050 device includes username and password in the query and requires

the name of one or more access groups in return. The name of the RADIUS

and LDAP access group attribute is configurable.

• local database

The Nortel SNAS 4050 itself can store up to 1,000 user authentication entries,

each defining a username, password, and relevant access group. You can

populate the database by manually adding entries on the Nortel SNAS 4050,

or you can import a database from a TFTP/FTP/SCP/SFTP server.

Use the local authentication method if no external authentication databases

exist, for testing purposes, for speedy deployment, or as a fallback for external

database queries. You can also use the local database for authorization only, if

an external server provides authentication services but cannot be configured to

return a list of authorized groups.

For information about configuring authentication on the Nortel SNAS 4050, see

“Configuring authentication” on page 233.

For more information about the Nortel SNA solution and the way the Nortel

SNAS 4050 controls network access, see Nortel Secure Network Access Solution

Guide (320817-A).