Concept Guide
Security
This chapter describes several ways to provide security to the Dell EMC Networking system.
For details about all the commands described in this chapter, refer to the Security chapter in the Dell EMC Networking OS Command
Reference Guide.
Topics:
• AAA Accounting
• AAA Authentication
• Obscuring Passwords and Keys
• AAA Authorization
• RADIUS
• TACACS+
• Protection from TCP Tiny and Overlapping Fragment Attacks
• Enabling SCP and SSH
• Telnet
• VTY Line and Access-Class Conguration
• Role-Based Access Control
• Two Factor Authentication (2FA)
• Conguring the System to Drop Certain ICMP Reply Messages
• Dell EMC Networking OS Security Hardening
AAA Accounting
Accounting, authentication, and authorization (AAA) accounting is part of the AAA security model.
For details about commands related to AAA security, refer to the Security chapter in the Dell EMC Networking OS Command Reference
Guide.
AAA accounting enables tracking of services that users are accessing and the amount of network resources being consumed by those
services. When you enable AAA accounting, the network server reports user activity to the security server in the form of accounting
records. Each accounting record comprises accounting attribute/value (AV) pairs and is stored on the access control server.
As with authentication and authorization, you must congure AAA accounting by dening a named list of accounting methods and then
applying that list to various virtual terminal line (VTY) lines.
Conguration Task List for AAA Accounting
The following sections present the AAA accounting conguration tasks.
• Enabling AAA Accounting (mandatory)
• Suppressing AAA Accounting for Null Username Sessions (optional)
• Conguring Accounting of EXEC and Privilege-Level Command Usage (optional)
• Conguring AAA Accounting for Terminal Lines (optional)
• Monitoring AAA Accounting (optional)
48
770 Security