Filter
Top Products
40 Chapter 1 BayStack 380 Switch
212859-A
RADIUS-based network security
The RADIUS-based security feature allows you to set up network access control,
using the RADIUS (Remote Authentication Dial-In User Services) security
protocol. The RADIUS-based security feature uses the RADIUS protocol to
authenticate local console and Telnet logins.
You will need to set up specific user accounts (user names and passwords, and
Service-Type attributes) on your RADIUS server before the authentication
process can be initiated. To provide each user with appropriate levels of access to
the switch, set the following username attributes on your RADIUS server:
• Read-write access—Set the Service-Type field value to Administrative.
• Read-only access—Set the Service-Type field value to NAS-Prompt.
For detailed instructions to set up your RADIUS server, refer to your RADIUS
server documentation.
For instructions to use the console interface (CI) to set up the RADIUS-based
security feature, see Chapter 3, “Using the console interface,” on page 93.
MAC address-based security
The MAC address-based security feature allows you to set up network access
control, based on source MAC addresses of authorized stations.
You can:
• Create a list of up to 448 MAC addresses and specify which addresses are
authorized to connect to your switch configuration. The 448 MAC addresses
can be configured within a single standalone switch.
• Specify which of your switch ports each MAC address is allowed to access.
The options for allowed port access include: NONE, ALL, and a single port.
The MAC address-based security feature is based on Nortel Networks BaySecure
LAN Access for Ethernet, a real-time security system that safeguards Ethernet
networks from unauthorized surveillance and intrusion.