Standards Compatibility
Matrix DFE-Gold Series Installation Guide 1-7
Switch Configuration Using CLI Commands
TheCLIcommandsenableyoutoperformmorecompleteswitchconfiguration
managementtasks.
ForCLIcommandsetinformationandhowtoconfigurethemodule,refertotheMatrix
DFE‐GoldSeriesConfigurationGuide.
Standards Compatibility
TheDFE‐GoldmodulesarefullycompliantwiththeIEEE802.3‐2002,802.3ae‐2002,
802.1D‐1998,and802.1Q‐1998standards.TheDFE‐GoldmodulesprovideIEEE802.1D‐
1998SpanningTreeAlgorithm(STA)supporttoenhancetheoverallreliabilityofthe
networkandprotectagainst“loop”conditions.
Secure Networks Policy Support
AfundamentalconceptthatiskeytotheimplementationoftheEnterasysSecure
Networksmethodologyispolicy‐enablednetworking.Thisapproachprovidesusersof
thenetworkwiththeresourcestheyneed—inasecurefashion—whileatthesametime
denyingaccesstoapplicationsorprotocolsthataredeemedinappropriatebasedonthe
user’sfunctionwithintheorganization.Byadoptingsucha“user‐personalized”model,it
ispossibleforbusinesspoliciestobetheguidelinesinestablishingthetechnology
architectureoftheenterprise.Twomajorobjectivesareachievedinthisway:ITservices
arematchedappropriatelywithindividualusers;andthenetworkitself
becomesan
activeparticipantintheorganization’ssecuritystrategy.TheSecureNetworks
architectureconsistsofthreetiers:
• Classificationrulesmakeupthefirstorbottomtier.Therulesapplytodevicesinthe
SecureNetworksenvironment,suchasswitchesandrouters.Therulesaredesigned
tobeimplementedatornear
theuser’spointofentrytothenetwork.Rulesmaybe
writtenbasedoncriteriadefinedintheLayer2,Layer3,orLayer4informationofthe
dataframe.
•ThemiddletierisServices,whicharecollectionsofindividualclassificationrules,
groupedlogicallytoeitherpermitordenyaccess
toprotocolsorapplicationsbasedon
theuser’srolewithintheorganization.Priorityandbandwidthratelimitingmayalso
bedefinedinservices.
•Roles,orbehavioralprofiles,makeupthetoptier.Therolesassignservicestovarious
businessfunctionsordepartments,suchasexecutive,sales,andengineering.
Toenhancesecurity
anddeliveratruepolicy‐basedinfrastructu re,theEnterasysSecure
Networksmethodologycantakeadvantageofauthenticationmethods,suchas802.1X,
usingEAP‐TLS,EAP‐TTLS,orPEAP,aswellasothertypesofauthentication.
Authorizationinformation,attachedtotheauthentication response,determinesthe
applicationofpolicy.Authorizationinformationis
communicatedbymeansofthepolicy