Support User Manuals

IronPort Systems 4108GL Switch User Manual

Open as PDF

of 483

10-5

Using Authorized IP Managers for Increased Management Security

Using Authorized IP Managers

Using Authorized IP

Managers

Access Levels

For each authorized manager address, you can configure either of these access

levels:

■ Manager: Enables full access to all web browser and console interface

screens for viewing, configuration, and all other operations available in

these interfaces.

■ Operator: Allows read-only access from the web browser and console

interfaces. (This is the same access that is allowed by the switch’s opera-

tor-level password feature.)

Defining Authorized Management Stations

■ Authorizing Single Stations: The table entry authorizes a single man-

agement station to have IP access to the switch. To use this method, just

enter the IP address of an authorized management station in the Autho-

rized Manager IP column, and leave the IP Mask set to 255.255.255.255. This

is the easiest way to use the Authorized Managers feature. (For more on

this topic, see “Configuring One Station Per Authorized Manager IP Entry”

on page 10-10.)

■ Authorizing Multiple Stations: The table entry uses the IP Mask to

authorize access to the switch from a defined group of stations. This is

useful if you want to easily authorize several stations to have access to

the switch without having to type in an entry for every station. All stations

in the group defined by the one Authorized Manager IP table entry and its

associated IP mask will have the same access level—Manager or Operator.

(For more on this topic, see “Configuring Multiple Stations Per Authorized

Manager IP Entry” on page 10-11.)

To configure the switch for authorized manager access, enter the appropriate

Authorized Manager IP value, specify an IP Mask, and select either Manager

or Operator for the Access Level. The IP Mask determines how the Authorized

Manager IP value is used to allow or deny access to the switch by a manage-

ment station.

Overview of IP Mask Operation

The default IP Mask is 255.255.255.255 and allows switch access only to a

station having an IP address that is identical to the Authorized Manager IP

parameter value. (“255” in an octet of the mask means that only the exact value

in the corresponding octet of the Authorized Manager IP parameter is allowed

in the IP address of an authorized management station.) However, you can

alter the mask and the Authorized Manager IP parameter to specify ranges of

previous next