Enterasys Networks N Standalone (NSA) Series Switch User Manual


  Open as PDF
of 1372
 
Overview of Security Methods
14-2 Matrix NSA Series Configuration Guide
MAC Locking — locks a port to one or more MAC addresses, preventing connection of
unauthorized devices via the port. For details, refer to Section 14.3.9.
Multiple User Multiple Authentication – allows multiple users on a given port to simultaneously
authenticate using any or all of the supported protocols (MAC Authentication, PWA, 802.1X),
and for each authenticated user to receive a unique level of network access. For details, refer to
Section 14.3.10.
Secure Shell (SSH) — provides for secure remote CLI management access. For details, refer to
Section 14.3.11.
IP Access Lists (ACLs) — permits or denies access to routing interfaces based on protocol and
inbound and/or outbound IP address restrictions configured in access lists. For details, refer to
Section 14.3.12.
Policy-Based Routing — permits or denies access to routing interfaces based on access lists in
a route map applied to the interface. For details, refer to Section 14.3.13.
Denial of Service (DoS) Prevention — prevents Denial of Service attacks, including land,
fragmented and large ICMP packets, spoofed address attacks, and UDP/TCP port scanning. For
details, refer to Section 14.3.14.
Flow Setup Throttling (FST) — prevents the effects of DoS attacks by limiting the number of
new or established flows that can be programmed on any individual switch port. For details,
refer to Section 14.3.15.