Brocade Communications Systems 6650 Switch User Manual


 
308 Brocade ICX 6650 Security Configuration Guide
53-1002601-01
overview, 211
policy-based classification
, 212
sample application
, 227
source MAC address authentication
, 212
static and dynamic hosts
, 211
using with 802.1x security on the same port
, 216
MAC-VLAN
displaying for a specified interface
, 225
management function restrictions
, 3
management privilege levels
, 15
management privileges
, 17
multi-device port
RADIUS authentication
, 232
supported RADIUS attributes
, 232
multi-device port authentication
802.1x security on the same port
, 234
clearing hardware aging period for blocked MAC
addresses
, 249
clearing MAC addresses
, 247
configuring
, 236
configuring Brocade-specific attributes on RADIUS
server
, 235
configuring dynamic VLAN assignment
, 239
defining MAC address filters
, 239
disabling aging for authenticated MAC addresses
, 248
displaying information
, 252
dynamically applying IP ACLs
, 243
enabling denial of service (DoS) attack protection
, 245
enabling source guard protection
, 246
example configurations
, 260
generating SNMP traps
, 239
how it works
, 231
limiting the number of MAC addresses
, 252
password override
, 251
specifying the aging time for blocked MAC addresses
,
250
specifying the authentication-failure action
, 238
specifying the MAC addresses
, 238
specifying the RADIUS timeout action
, 250
support for dynamic ACLs
, 233
support for dynamic VLAN assignment
, 233
support for source guard protection
, 234
viewing the ACL
, 247
P
password
enable read-only-password
, 15
password logins, enabling
, 71
passwords
changing a local user password
, 24
configuring
, 17
configuring password history
, 20
creating a password option
, 23
enabling user password aging
, 19
enabling user password masking
, 19
enhanced login lockout
, 20
recovering from a lost password
, 16
setting a Telnet password
, 13
setting for management privilege levels
, 14
setting to expire
, 21
specifying a minimum password length
, 16
passwords, used to secure access
, 13
policy-based routing (PBR)
, 119
basic example
, 124
enabling
, 123
setting the next hop
, 124
setting the output interface
, 125
trunk formation
, 126
Port Security
autosave
, 205
Port-based rate limiting
, 273
privilege levels
, 15
Q
QoS
options for IP ACLs
, 114
R
RADIUS
AAA operations
, 43
accounting configuration
, 42
authentication configuration
, 41
authentication method values
, 52
authentication, authorization, and accounting (AAA)
,
41
authentication-method list examples
, 58
authentication-method lists
, 58
authorization configuration
, 42
Brocade-specific attributes on the server
, 45
command authorization and accounting for console
commands
, 54
configuration
, 45
configuration considerations
, 44
configuring accounting for CLI commands
, 55
configuring accounting for system events
, 56
configuring accounting for Telnet/SSH (Shell) access
,