R21xx-HP FlexFabric 11900 Security Configuration Guide
198
ARP source MAC address based attack
detection, 127
FIPS, 147
host public key, 69, 70
HWTACACS, 35
IP attack protection (unresolvable), 124
IP source guard, 117
IPsec, 169
IPv4 source guard, 117
IPv6 source guard, 117
LDAP, 38
password control, 64
public key, 72
RADIUS, 29
SFTP help information, 89
SSH, 91
distributing
local host public key, 69
DoS attack (uRPF), 139
DSA
public key management, 67
SSH client host public key configuration, 81
SSH DSA host key pair, 79
DSA signature authentication (IKE), 177
dst-mac validity check (ARP), 132
dynamic
IP source guard dynamic binding entries, 114
IPv4 source guard dynamic configuration with
DHCP relay, 121
IPv4 source guard dynamic configuration with
DHCP snooping, 120
early notification of password expiration, 58
ECDSA
public key management, 67
enabling
ACL checking for de-encapsulated IPsec packets,
165
ARP black hole routing, 124
FIPS mode, 146
invalid SPI recovery, 185
IPv4 source guard on interface, 115
IPv6 source guard on interface, 116
logging of IPsec packets, 168
password control, 60
QoS pre-classify (IPsec), 167
RADIUS session-control feature, 42
SFTP server function, 80
SSH server function, 80
encapsulation
transport mode (IPsec), 152
tunnel mode (IPsec), 152
encrypting
entering peer public key, 72
public key import from file, 74
public key management, 67
SSH configuration, 77
SSH server configuration, 79
encryption
algorithms (IPsec), 154
IPsec, 153
entering
peer public key, 71, 72
establishing
SSH SFTP server connection, 87
SSH Stelnet server connection, 85
expiration of password
early notification, 58
exporting
host public key to file, 69
file
host public key export to file, 69
peer host public key import from file, 71