Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron

211

212

213

214

215

216

217

218

219

220

FastIron Configuration Guide 159

53-1002494-02

RADIUS security

• A system event occurs, such as a reboot or reloading of the configuration file

2. The Brocade device checks its configuration to see if the event is one for which RADIUS

accounting is required.

3. If the event requires RADIUS accounting, the Brocade device sends a RADIUS Accounting Start

packet to the RADIUS accounting server, containing information about the event.

4. The RADIUS accounting server acknowledges the Accounting Start packet.

5. The RADIUS accounting server records information about the event.

6. When the event is concluded, the Brocade device sends an Accounting Stop packet to the

RADIUS accounting server.

7. The RADIUS accounting server acknowledges the Accounting Stop packet.

AAA operations for RADIUS

The following table lists the sequence of authentication, authorization, and accounting operations

that take place when a user gains access to a Brocade device that has RADIUS security configured.

User action Applicable AAA operations

User attempts to gain access to the

Privileged EXEC and CONFIG levels

of the CLI

Enable authentication:

aaa authentication enable default <method-list>

System accounting start:

aaa accounting system default start-stop <method-list>

User logs in using Telnet/SSH Login authentication:

aaa authentication login default <method-list>

EXEC accounting Start:

aaa accounting exec default start-stop <method-list>

System accounting Start:

aaa accounting system default start-stop <method-list>

User logs into the Web

Management Interface

Web authentication:

aaa authentication web-server default <method-list>

User logs out of Telnet/SSH

session

Command authorization for logout command:

aaa authorization commands <privilege-level> default <method-list>

Command accounting:

aaa accounting commands <privilege-level> default start-stop <method-list>

EXEC accounting stop:

aaa accounting exec default start-stop <method-list>

User enters system commands

(for example, reload, boot system)

Command authorization:

aaa authorization commands <privilege-level> default <method-list>

Command accounting:

aaa accounting commands <privilege-level> default start-stop <method-list>

System accounting stop:

aaa accounting system default start-stop <method-list>