saving security credentials to configuration
file … 2-12, 2-14, 2-21
snooping
authorized server … 10-4, 10-8
binding database … 10-11
changing remote-id … 10-10
DHCP … 10-3
disable MAC check … 10-10
Option 82 … 10-5, 10-8
statistics … 10-5
untrusted-policy … 10-9
verify … 10-5
source port filters
configuring … 11-4
named … 11-6
operating rules … 11-4
See also named source port filters.
selection criteria … 11-3
source-routing, caution … 6-14, 9-19, 9-34
spanning tree
caution about filtering … 11-16
edge port configuration … 3-20, 12-28
security features … 1-9
spanning tree protocol
See STP.
SSH
authenticating switch to client … 7-3, 7-2
caution, security … 7-19, 7-17
CLI commands … 7-8
client behavior … 7-15, 7-16, 7-20, 7-23, 7-27,
7-25, 7-26, 7-19, 7-12, 7-10
disabling … 7-10
enable … 7-16, 8-19, 7-15, 7-10
filetransfer … 7-17
generate host key pair … 7-10, 7-9
host key pair … 7-10
key, babble … 7-11, 7-10, 7-12, 7-13, 7-15
mac selection … 7-17, 7-16, 7-29
OpenSSH … 7-2
operating rules … 7-7
password security … 7-19, 7-20, 7-8
PEM … 7-3
prerequisites … 7-4, 2-21, 7-4, 7-13, 7-14, 2-12,
2-16
reserved IP port numbers … 7-18
security … 7-19
SSHv2 … 7-2
steps for configuring … 7-5, 7-12
terminology … 7-3, 15-2
unauthorized access … 7-28
version … 7-2
zeroing a key … 7-10
SSL
CA-signed … 8-3, 8-15, 8-3, 8-15, 8-7
client behavior … 8-17, 8-18, 8-10
disabling … 8-9, 8-17
enabling … 8-17, 8-9
generate CA-signed … 8-15, 8-9, 8-12, 8-9, 8-12,
8-9, 8-8
host key pair … 8-9
key, babble … 8-12
man-in-the-middle spoofing … 8-18
OpenSSL … 8-2
operating notes … 8-6
passwords, assigning … 8-7, 8-5
remove self-signed certificate … 8-9, 8-20, 8-4
self-signed … 8-3, 8-12, 8-3, 8-9, 8-12, 8-9
SSL server … 8-3, 8-2
steps for configuring…8-5, 8-3
terminology … 8-3
TLSv1 … 8-2
troubleshooting, operating … 8-21
unsecured web browser access … 8-18
version … 8-2
zeroize … 8-10, 8-11
ssl
cert … 7-10
static ACL …9-6
static filter limit … 11-3
static multicast filter …11-15
STP
prerequisite for 802.1X controlled
directions … 12-29, 3-20
STP multicast MAC address
supernetting …9-30
supersede implicit deny any …9-36
Syslog
See ACL, logging.
system delay …10-23
system resource usage … 10-23
T
TACACS
aaa parameters … 4-13, 4-3, 4-24, 4-25, 4-29
Index – 9
