BMD00220, October 2010 55
CHAPTER 3
Securing Administration
Secure switch management is needed for environments that perform significant management
functions across the Internet. Common functions for secured management are described in the
following sections:
“Secure Shell and Secure Copy” on page 55
“End User Access Control” on page 62
Note – SNMP read and write functions are enabled by default. For best security practices, if SNMP
is not needed for your network, it is recommended that you disable these functions prior to
connecting the switch to the network (see “Using Simple Network Management Protocol” on
page 35).
Secure Shell and Secure Copy
Because using Telnet does not provide a secure connection for managing a G8124, Secure Shell
(SSH) and Secure Copy (SCP) features have been included for G8124 management. SSH and SCP
use secure tunnels to encrypt and secure messages between a remote administrator and the switch.
SSH is a protocol that enables remote administrators to log securely into the G8124 over a network
to execute management commands.
SCP is typically used to copy files securely from one machine to another. SCP uses SSH for
encryption of data on the network. On a G8124, SCP is used to download and upload the switch
configuration via secure channels.