Configuring Secure Socket Layer (SSL)
Configuring the Switch for SSL Operation
Enable SLL
and port number Selection
Figure 7-8. Using the web browser interface to enable SSL and select TCP port number
Note on Port HP recommends using the default IP port number (443). However, you can
Number
use web-management ssl tcp-port to specify any TCP port for SSL connections
except those reserved for other purposes. Examples of reserved IP ports are
23 (Telnet) and 80 (http). Some other reserved TCP ports on the switch are
49, 80, 1506, and 1513.
Caution SSL does not protect the switch from unauthorized access via the Telnet,
SNMP, or the serial port. While Telnet access can be restricted by the use of
passwords local to the switch, if you are unsure of the security this provides,
you may want to disable Telnet access (no telnet). If you need to increase SNMP
security, use SNMP version 3 only for SNMP access. Another security measure
is to use the Authorized IP Managers feature described in the switch’s Security
Guide. To protect against unauthorized access to the serial port (and the Clear
button, which removes local password protection), keep physical access to
the switch restricted to authorized personnel.
7-20