Filter
Top Products
Managing Switch Security Switch Security Overview
OmniSwitch 6600 Family Switch Management Guide March 2005 page 8-3
Switch Security Overview
Switch security features increase the security of the basic switch login process by allowing management
only through particular interfaces for users with particular privileges. Login information and privileges
may be stored on the switch and/or an external server, depending on the type of external server you are
using and how you configure switch access.
The illustration here shows the components of switch security:
An external RADIUS or LDAP server can supply both user login and authorization information. ACE/
Server can provide login information; user authorization information is available through the switch’s
local user database. External servers may also be used for accounting, which includes logging statistics
about user sessions. For information about configuring the switch to communicate with external servers,
see the “Managing Authentication Servers” chapter in the OmniSwitch 6600 Family Network Configura-
tion Guide.
If an external server is not available or is not configured, user login information and user authorization
may be provided through the local user database on the switch. The user database is described in
Chapter 7, “Managing Switch User Accounts.”
Logging may also be accomplished directly on the switch. For information about configuring local
logging for switch access, see “Configuring Accounting for ASA” on page 8-12. For complete details
about local logging, see the “Using Switch Logging” chapter in the OmniSwitch 6600 Family Network
Configuration Guide.
RADIUS, LDAP, or ACE
Server
OmniSwitch
End User
login request
Servers supply login infor-
mation about the user. User-
privilege information is also
available on RADIUS and
LDAP servers.
Authenticated Switch Access Setup
management interface
OmniSwitch 6648
OmniSwitch 6648
OmniSwitch 6648
local user
database