Users Guide
62 Switch Feature Overview
Security Features
Configurable Access and Authentication Profiles
Rules can be configured to limit access to the switch management interface
based on criteria such as access type and source IP address of the
management host. The user can also be required to be authenticated locally
or by an external server, such as a RADIUS server.
For information about configuring access and authentication profiles, see
"Authentication, Authorization, and Accounting" on page 247.
Password-Protected Management Access
Access to the Web, CLI, and SNMP management interfaces is password
protected, and there are no default users on the system.
For information about configuring local user accounts, see "Authentication,
Authorization, and Accounting" on page 247.
Strong Password Enforcement
The Strong Password feature enforces a baseline password strength for all
locally administered users. Password strength is a measure of the effectiveness
of a password in resisting guessing and brute-force attacks. The strength of a
password is a function of length, complexity and randomness. Using strong
passwords lowers overall risk of a security breach.
For information about configuring password settings, see "Authentication,
Authorization, and Accounting" on page 247.
TACACS+ Client
The switch has a TACACS+ client. TACACS+ provides centralized security
for validation of users accessing the switch. TACACS+ provides a centralized
user management system while still retaining consistency with RADIUS and
other authentication processes.
For information about configuring TACACS+ client settings, see
"Authentication, Authorization, and Accounting" on page 247.