Compliance Statements Important Notes
2.1.4 Security Feature
SSL
Secure Socket Layer (SSL) is an application-level protocol that enables secure transactions of
data through privacy, authentication, and data integrity. It relies upon certificates and public
and private keys. SSL version 3 and TLS version 1 are currently supported.
Port Based Authentication (802.1x)
Port based authentication enables authenticating system users on a per-port basis via an
external server. Only authenticated and approved system users can transmit and receive data.
Ports are authenticated via the Remote Authentication Dial In User Service (RADIUS) server
using the Extensible Authentication Protocol (EAP).
Locked Port Support
Locked Port increases network security by limiting access on a specific port only to users with
specific MAC addresses. These addresses are either manually defined or learned on that port.
When a frame is seen on a locked port, and the frame source MAC address is not tied to that
port, the protection mechanism is invoked.
RADIUS Client
RADIUS is a client/server-based protocol. A RADIUS server maintains a user database, which
contains per-user authentication information, such as user name, password and accounting
information. For more information, see "Configuring RADIUS Global Parameters".
SSH
Secure Shell (SSH) is a protocol that provides a secure, remote connection to an IBP Module.
SSH version 1 and version 2 are currently supported. The SSH server feature enables an SSH
client to establish a secure, encrypted connection with a IBP Module. This connection provides
functionality that is similar to an inbound telnet connection. SSH uses RSA Public Key
cryptography for IBP Module connections and authentication.
TACACS+
TACACS+ provides centralized security for validation of users accessing the IBP Module.
TACACS+ provides a centralized user management system, while still retaining consistency
with RADIUS and other authentication processes.