Configuring Security
Defining Access Profiles
Cisco Small Business 200 1.1 Series Smart Switch Administration Guide
236
17
NOTE
The
Local
or
None
authentication method must always be
selected last. All authentication methods selected after
Local
or
None
are ignored.
STEP 4
Click
Apply
. The selected authentication methods are associated with the access
method.
Defining Access Profiles
Access profiles determine how to authenticate and authorize users accessing the
switch through various access methods. Access Profiles can limit management
access from specific sources.
Only users who pass both the active access profile and the management access
authentication methods are given management access to the switch.
There can only be a single access profile active on the switch at one time.
Access profiles consist of one or more rules. The rules are executed in order of
their priority within the access profile (top to bottom).
Rules are composed of filters that include the following elements:
•
Access Methods
—Methods for accessing and managing the switch:
-
Hypertext Transfer Protocol (HTTP)
-
Secure HTTP (HTTPS)
-
All of the above
•
Action
—Permit or deny access to an interface or source address.
•
Interface
—Which ports, LAGs, or VLANs are permitted to access or are
denied access to the web-based switch configuration utility.
•
Source IP Address
—IP addresses or subnets that are allowed access.
Active Access Profile
The
Access Profiles
page displays the access profiles that are defined and
enables selecting one access profile to be the active one.