Switch User Manual
Network Security Policies
Summit 300-48 Switch Software User Guide 87
Network Security Policies
Network security policy refers to a set of network rules that apply to user access. You can base the rules
on a variety of factors, including user identification, time and location, and method of authentication. It
is possible to design network security policies to do all of the following:
• Permit or deny network access based on location and time of day.
• Place the user into a VLAN based on identity or authentication method.
• Limit where the user is permitted to go on the network based on identity or authentication method .
Policy Design
When designing a security policy for your network, keep the following objectives in mind:
• Make each wired and wireless client as secure as possible.
• Protect company resources.
• Make the network infrastructure as secure as possible.
• Be able to track and identify wired and wireless rogues.
To achieve these objectives, it is necessary to work within the constraints of your environment:
• Technology of all the clients
— 802.11 radio technology (b, a, g, a/b, a/g)
— Operating system (W2K, XP, Pocket PC, ….)
— Client readiness for 802.1x; client upgrades
• Authentication servers available or planned
— Operating System Login only (i.e. Domain Access, LDAP)
— RADIUS for Users
— PKI Infrastructure
• Nature of the user population
• Ability to divide users into meaningful groups
• Network resources required by users
• Desired access restrictions based on resources, locations, times, and security level
• Acceptable level of network management and user training
• Anticipated changes in the network