R211x-HP Flexfabric 11900 Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP FlexFabric 11000 Switch Products

263

security AAA RADIUS username, 26

security MAC authentication user account, 81

fo

rwarding

IP source guard configuration, 211

sec

urity ARP restricted forwarding, 227

sec

urity IP source guard

configuration, 205, 206

sec

urity IPv4 source guard dynamic

configuration with DHCP relay, 214

sec

urity IPv4 source guard dynamic

configuration with DHCP snooping, 213

sec

urity IPv4 source guard static

configuration, 211

sec

urity IPv6 source guard static

configuration, 215

fr

agment

security IPsec packet DF bit configuration, 142

FT

P

security local host public key distribution, 119

sec

urity SSH SFTP client device

configuration, 179

sec

urity SSH SFTP client publickey

authentication, 199

sec

urity SSH SFTP client source IP

address/interface, 179

s

ecurity SSH SFTP configuration, 197

s

ecurity SSH SFTP directories, 18 0

sec

urity SSH SFTP files, 181

sec

urity SSH SFTP server connection

establishment, 179

sec

urity SSH SFTP server connection

termination, 182

sec

urity SSH SFTP server password

authentication, 197

G

gat

eway

security ARP gateway protection, 230, 231

gene

rating

security SSH local DSA key pair, 171

sec

urity SSH local RSA key pair, 171

H

handshak

e function (802.1X online user), 73

har

dware

security crypto engine configuration, 239, 239

hist

ory

security password history, 108

HP

sec

urity AAA RADIUS HP proprietary attributes, 15

HW T

erminal Access Controller Access Control System.

Use HWTACACS

HW

TACACS

AAA configuration, 1, 17

AAA

for SSH user, 46

AAA im

plementation, 7

AAA l

ocal user configuration, 18

AAA

MPLS L3VPN implementation, 13

AAA s

cheme configuration, 18

ac

counting server specification, 33

a

uthentication server specification, 32

author

ization server specification, 33

displa

ying, 37

HW

TACACS/RADIUS differences, 7

main

taining, 37

outgo

ing packet source IP address, 35

pac

ket exchange process, 7

pr

otocols and standards, 13

r

eal-time accounting timer, 36

s

cheme configuration, 31

s

cheme creation, 32

sc

heme VPN specification, 34

se

rver quiet timer, 36

se

rver response timeout timer

(response-timeout), 36

shar

ed keys specification, 34

S

SH user local authentication+HWTACACS

authorization+RADIUS accounting, 48

tr

affic statistics units, 35

tr

oubleshooting, 59

u

sername format, 35

I

id

entity

security IPsec IKE global identity information

configuration, 157

ig

noring

port security server authorization information, 96

IK

E, 150 , S

ee also ISAKMP

configuration, 15 0 , 152

conf

iguration (main mode/pre-shared key

authentication), 161

DH

algorithm, 151