Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4248FB-ON /S4248FBL-ON
1321132213231324132513261327132813291330
Security
Dell EMC SmartFabric OS10 has several security features to protect the usability and integrity of the data available in the
switch. OS10 also has security features to the user network from attacks and restrict network traffic.
Switch security
Dell EMC SmartFabric OS10 has various inbuilt security features to secure the administrative access to the switch.
User management
OS10 controls the user access to the switch and what can they do after login based on the set roles and privileges.
Configuration notes
All Dell EMC PowerSwitches except MX-Series, S4200-Series, S5200 Series, and Z9332F-ON:
Admin User - You can delete the default admin username, as long as there is a local user with sysadmin role present. The
default admin user sees a warning message in MOTD, unless the user password is changed or the user is deleted.
Linux Admin User - Password of the linuxadmin user must be modified via OS10 Command Line Interface (CLI). The
linuxadmin user can also be enabled or disabled via another CLI.
Example (password modification):
OS10(config)# system-user linuxadmin password Dell@Force10!@
OS10(config)# exit
OS10# write memory
OS10#
OS10# exit
Example (disable):
OS10(config)# system-user linuxadmin disable
OS10(config)#
Example (enable):
OS10(config)# no system-user linuxadmin disable
OS10(config)#
User accounts
OS10 allows you to create user accounts to access the OS10 switches. Each user account is defined with username, password
and a role to limit OS10 switch access.
Role-based access control
RBAC provides control for access and authorization. Users are granted permissions based on defined roles not on their
individual system user ID. Create user roles based on job functions to help users perform their associated job functions. You can
assign each user only a single role, and many users can have the same role. A user role authenticates and authorizes a user at
login, and places the user in EXEC mode. For more information, see CLI basics.
OS10 supports four pre-defined roles: sysadmin, secadmin, netadmin, and netoperator. Each user role assigns
permissions that determine the commands a user can enter, and the actions a user can perform. RBAC provides an easy and
efficient way to administer user rights. If a users role matches one of the allowed user roles for a command, command
authorization is granted.
The OS10 RBAC model provides separation of duty and greater security. It places limitations on each roles permissions to allow
you to partition tasks. For greater security, only some user roles can view events, audits, and security system logs.
18
Security 1323