Manualshelf

Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron
1941194219431944194519461947194819491950
FastIron Configuration Guide 1887
53-1002494-02
Chapter
46
Web Authentication
Table 315 lists individual Brocade switches and the Web Authentication features they support.
These features are supported in the Layer 2, base Layer 3, edge Layer 3, and full Layer 3 software
images, except where explicitly noted.
Web authentication overview
Authentication is important in enterprise networks because the network is considered a secure
area: it contains sensitive data and a finite amount of resources. Unauthorized users must be
prevented from accessing the network to protect the sensitive data and prevent the unnecessary
consumption of resources.
The ideal authentication method blocks unauthorized users at the earliest possible opportunity.
For internal enterprise networks, this can be controlled at the edge switch port. Two popular forms
of port-based security authentication used at the edge switch are multi-device port authentication
and 802.1x. Multi-device port authentication authenticates the MAC addresses of hosts or users
that are attempting to access the network. This type of authentication requires no intervention from
the host or user who is attempting to be authenticated. It is easy to use, but it can only authorize
hosts; it cannot be used to authorize users. 802.1x authentication can authorize users or hosts. It
is more flexible than the multi-device port authentication method; however, it requires more
support, configuration, maintenance and user intervention than multi-device port authentication.
The Brocade Web authentication method provides an ideal port-based authentication alternative to
multi-device port authentication without the complexities and cost of 802.1x authentication. Hosts
gain access to the network by opening a Web browser and entering a valid URL address using HTTP
or HTTPS services. Instead of being routed to the URL, the host browser is directed to an
authentication Web page on the FastIron switch. The Web page prompts the host to enter a user ID
and password or a passcode. The credentials a host enters are used by a trusted source to
authenticate the host MAC address. (Multiple MAC addresses can be authenticated with the same
user name and password.)
TABLE 315 Supported Web Authentication features
Feature FESX
FSX 800
FSX 1600
FWS FCX ICX 6610 ICX 6430
ICX 6450
Enabling and disabling Web
Authentication
Yes Yes Yes Yes Yes
Configuring the Web Authentication mode Yes Yes Yes Yes Yes
Web Authentication options in this chapter Yes Yes Yes Yes Yes