Filter
Top Products
Installing the switch 19
• Switch IP settings
• VLAN settings
• XFP settings
• Port names and types
• Port trunking settings
• Interswitch X-Connect port settings
• SNMP settings
• User name and password settings
• Default access to various management interfaces
• NTP settings
IMPORTANT: See "Runtime switching software default settings (on page 33)" for a complete
list of default configuration settings.
Switch security
When planning the switch configuration, secure access to the management interface by:
• Creating users with various access levels
• Enabling or disabling access to various management interfaces to fit the security policy
• Changing default SNMP community strings for read-only and read-write access
User, operator, and administrator access rights
To enable better switch management and user accountability, three levels or classes of user access have
been implemented on the switch. Levels of access to CLI, Web management functions, and screens
increase as needed to perform various switch management tasks. Conceptually, access classes are
defined as:
• User interaction with the switch is completely passive. Nothing can be changed on the switch. Users
can display information that has no security or privacy implications, such as switch statistics and
current operational state information.
• Operators can only effect temporary changes on the switch. These changes will be lost when the
switch is rebooted/reset. Operators have access to the switch management features used for daily
switch operations. Because any changes an operator makes are undone by a reset of the switch,
operators cannot severely impact switch operation.
• Administrators are the only ones that can make permanent changes to the switch configuration,
changes that are persistent across a reboot/reset of the switch. Administrators can access switch
functions to configure and troubleshoot problems on the switch. Because administrators can also
make temporary (operator-level) changes as well, they must be aware of the interactions between
temporary and permanent changes.
Access to switch functions is controlled through the use of unique user names and passwords. Once
connected to the switch via the local console, Telnet, or SSH, a password prompt appears.