Filter
Top Products
Riverstone Networks RS Switch Router User Guide Release 8.0 25-1
25 SECURITY CONFIGURATION
The RS provides security features that help control access to the RS and filter traffic going through the RS. Access
to the RS can be controlled by:
•
Enabling RADIUS
•
Enabling TACACS
•
Enabling TACACS+
•
Password authentication
•
Secure shell protocol
Traffic filtering on the RS enables:
•
Layer-2 security filters - Perform filtering on source or destination MAC addresses.
•
Layer-3/4 Access Control Lists - Perform filtering on source or destination IP address, source
or destination TCP/UDP port, TOS or protocol type for IP traffic. Perform filtering on source
or destination IPX address, or source or destination IPX socket. Perform access control to
services provided on the RS, for example, Telnet server and HTTP server.
Note
Currently, Source Filtering is available on RS WAN cards; however,
application must take place on the entire WAN card.
25.1 CONFIGURING RS ACCESS SECURITY
This section describes the following methods of controlling access to the RS:
•
RADIUS
•
TACACS
•
TACACS+
•
Passwords
•
Secure shell
25.1.1 Configuring RADIUS
You can secure login or Enable mode access to the RS by enabling a Remote Authentication Dial-In Service
(RADIUS) client. A RADIUS server responds to the RS RADIUS client to provide authentication.