HP (Hewlett-Packard) 3400CL-24G Switch User Manual


  Open as PDF
of 197
 
15
Enforcing Switch Security
Network Access Security
Network Access Security
This section outlines provisions for protecting access through the switch to the network. For more
detailed information on these features, refer to the indicated manuals.
Access Control Lists (ACLs)
ACLs enable the switch to permit or deny the following:
any inbound IP traffic on a port
specific types of TCP or UDP traffic
While ACLs do not provide user or device authentication, or protection from malicious manipulation
of data in IP packet transmissions, ACLs can enhance network security by blocking selected IP traffic
types. This functionality can be utilized to:
permit or deny in-band management access by limiting or preventing the use of designated
TCP or UDP protocols
permit or deny unwanted IP traffic to or from specific hosts
Refer to the chapter titled “Access Control Lists (ACLs) for the Series 3400cl and Series 6400cl
Switches” in the Advanced Traffic Management Guide for your switch model.
Web and MAC Authentication
These options are designed for application on the edge of a network to provide port-based security
measures for protecting private networks and the switch itself from unauthorized access. Because
neither method requires clients to run any special supplicant software, both are suitable for legacy
systems and temporary access situations where introducing supplicant software is not an attractive
option. Both methods rely on using a RADIUS server for authentication. This simplifies access
security management by allowing you to control access from a master database in a single server. It
also means the same credentials can be used for authentication, regardless of which switch or switch
port is the current access point into the LAN. Web authentication uses a web page login to
authenticate users for access to the network. MAC authentication grants access to a secure network
by authenticating device MAC address for access to the network.
Refer to the chapter titled “Web and MAC Authentication” in the Access Security Guide for your
switch model.
 previous next