Overview of Security Methods
14-2 Matrix NSA Series Configuration Guide
• MAC Locking — locks a port to one or more MAC addresses, preventing connection of
unauthorized devices via the port. For details, refer to Section 14.3.9.
• Multiple User Multiple Authentication – allows multiple users on a given port to simultaneously
authenticate using any or all of the supported protocols (MAC Authentication, PWA, 802.1X),
and for each authenticated user to receive a unique level of network access. For details, refer to
Section 14.3.10.
• Secure Shell (SSH) — provides for secure remote CLI management access. For details, refer to
Section 14.3.11.
• IP Access Lists (ACLs) — permits or denies access to routing interfaces based on protocol and
inbound and/or outbound IP address restrictions configured in access lists. For details, refer to
Section 14.3.12.
• Policy-Based Routing — permits or denies access to routing interfaces based on access lists in
a route map applied to the interface. For details, refer to Section 14.3.13.
• Denial of Service (DoS) Prevention — prevents Denial of Service attacks, including land,
fragmented and large ICMP packets, spoofed address attacks, and UDP/TCP port scanning. For
details, refer to Section 14.3.14.
• Flow Setup Throttling (FST) — prevents the effects of DoS attacks by limiting the number of
new or established flows that can be programmed on any individual switch port. For details,
refer to Section 14.3.15.