Filter
Top Products
2-12
Introduction to IPv6
Configurable IPv6 Security
supported between the switch and IPv6 management stations when SSH on
the switch is also configured for IPv6 operation. The switch now offers these
SSHv2 connection types:
■ IPv6 only
■ IPv4 only
■ IPv4 or IPv6
The switch supports up to six inbound sessions of the following types in any
combination at any given time:
■ SSHv2
■ SSHv2 IPv6
■ Telnet-server
■ Telnet6-server
■ SFTP/SCP
■ Console (serial RS-232 connection)
For more information, refer to “Secure Shell for IPv6” on page 6-15.
IP Authorized Managers
The IPv6 Authorized IP Managers feature, like the IPv4 version, uses IP
addresses and masks to determine which stations (PCs and workstations) can
access the switch through the network, and includes these access methods:
■ Telnet, SSH, and other terminal emulation applications
■ the switch's web browser interface
■ SNMP (with a correct community name)
Also, when configured in the switch, the access control imposed by the
Authorized IP Manager feature takes precedence over the other forms of
access control configurable on the switch, such as local passwords, RADIUS,
and both Port-Based and Client-Based Access Control (802.1X). This means
that the IP address of a networked management device must be authorized
before the switch will attempt to authenticate the device by invoking any other
access security features. Thus, with Authorized IP Managers configured,
having the correct passwords or MAC address is not sufficient for accessing
the switch through the network unless an IPv6 address configured on the
station attempting the access is also included in the switch's Authorized IP
Managers configuration. This presents the opportunity to combine the Autho-
rized IP Managers feature with other access control features to enhance the
security fabric protecting the switch.