Configuration Guide Manual
Brocade TurboIron 24X Series Configuration Guide 63
53-1003053-01
Chapter
5
Securing Access to Management Functions
In this chapter
•Securing access methods. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
•Restricting remote access to management functions . . . . . . . . . . . . . . . . . 65
•Setting passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
•Setting up local user accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
•Configuring TACACS/TACACS+ security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
•Configuring RADIUS security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
•Configuring authentication-method lists . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
This chapter explains how to secure access to management functions on a device.
NOTE
For all devices, RADIUS Challenge is supported for 802.1x authentication but not for login
authentication. Also, multiple challenges are supported for TACACS+ login authentication.
Securing access methods
The following table lists the management access methods available on a device, how they are
secured by default, and the ways in which they can be secured.
TABLE 18 Ways to secure management access to devices
Access method How the access
method is secured
by default
Ways to secure the access method See page
Serial access to the CLI Not secured Establish passwords for management privilege
levels
page 74
Access to the Privileged
EXEC and CONFIG levels
of the CLI
Not secured Establish a password for Telnet access to the
CLI
page 74
Establish passwords for management privilege
levels
page 74
Set up local user accounts page 78
Configure TACACS/TACACS+ security page 84
Configure RADIUS security page 100