Reference Guide

ManualsBrandsDell ManualsAccess PlatformsBrocade G620

181

182

183

184

185

186

187

188

189

190

Configuring Protocols

∙ Security protocols............................................................................................................................................................................................................185

∙ Secure Copy.......................................................................................................................................................................................................................186

∙ Secure Shell protocol.....................................................................................................................................................................................................187

∙ Configuring the ciphers, KEX, and MAC algorithms....................................................................................................................................194

∙ Secure Sockets Layer protocol .............................................................................................................................................................................. 195

∙ Simple Network Management Protocol...........................................................................................................................................................200

∙ Telnet protocol.....................................................................................................................................................................................................................211

∙ Listener applications...................................................................................................................................................................................................... 213

∙ Ports and applications used by switches........................................................................................................................................................... 213

Security protocols

Security protocols provide endpoint authentication and communications privacy using cryptography.

Typically, you are authenticated to the switch while the switch remains unauthenticated to you. This means that you can be sure with what

you are communicating. The next level of security, in which both ends of the conversation are sure with whom they are communicating,

is known as two-factor authentication. Two-factor authentication requires public key infrastructure (PKI) deployment to clients.

Fabric OS supports the secure protocols shown in the following table.

TABLE 29 Secure protocol support

Protocol Description

CHAP Challenge Handshake Authentication Protocol (CHAP) uses shared

secrets to authenticate switches.

HTTPS HTTPS is a Uniform Resource Identifier scheme used to indicate a secure

HTTP connection. Web Tools supports the use of Hypertext Transfer

Protocol over SSL (HTTPS).

IPsec Internet Protocol Security (IPsec) is a framework of open standards for

providing confidentiality, authentication and integrity for IP data

transmitted over untrusted links or networks.

LDAP Lightweight Directory Access Protocol with TLS uses a certificate

authority (CA). By default, LDAP traffic is transmitted unsecured. With the

import of signed certificates, you can make LDAP traffic confidential and

secure by using Secure Sockets Layer (SSL) / Transport Layer Security

(TLS) technology in conjunction with LDAP.

SCP Secure Copy (SCP) is a means of securely transferring computer files

between a local and a remote host or between two remote hosts, using the

Secure Shell (SSH) protocol. Configuration upload and download support

the use of SCP.

Secure Syslog Secure syslog requires importing syslog CA certificates using the

secCerUtil command.

SFTP Secure File Transfer Protocol (SFTP) is a network protocol for securely

transferring files on a network. Configuration upload and download

support the use of SFTP.

SNMP Simple Network Management Protocol (SNMP) is used in network

management systems to monitor network-attached devices for conditions

that warrant administrative attention. Supports SNMPv1 and v3.

SSH Secure Shell (SSH) is a network protocol that allows data to be exchanged

over a secure channel between two computers. Encryption provides

confidentiality and integrity of data. SSH uses public-key cryptography to

Brocade Fabric OS Administration Guide, 8.0.1

53-1004111-02 185