1-34
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 1 Product Overview
Security Features
•
Dynamic ARP Inspection, page 1-37
•
Dynamic Host Configuration Protocol Snooping, page 1-37
•
•
Hardware-Based Control Plane Policing, page 1-37
•
•
IP Source Guard for Static Hosts, page 1-38
•
•
IPv6 First Hop Security, page 1-38
•
Local Authentication, RADIUS, and Authentication, page 1-40
•
Network Admission Control, page 1-40
•
Network Security with ACLs, page 1-41
•
•
PPPoE Intermediate Agent, page 1-41
•
Session Aware Networking, page 1-42
•
•
•
•
Web-based Authentication, page 1-43
802.1X Identity-Based Network Security
This security feature consists of the following:
•
802.1X Authentication for Guest VLANs—Allows you to use VLAN assignment to limit network
access for certain users.
•
802.1X Authentication Failed Open Assignment—Allows you to configure a switch to handle the
case when a device fails to authenticate itself correctly through 802.1X (for example, not providing
the correct password).
•
802.1X Authentication with ACL Assignment—Downloads per-host policies such as ACLs and
redirect URLs to the switch from the RADIUS server during 802.1X or MAB authentication of the
host.
•
802.1X Authentication with Per-User ACL and Filter-ID ACL—Allows ACL policy enforcement
using a third-party AAA server.
•
802.1X Convergence—Provides consistency between the switching business units in 802.1X
configuration and implementation.
•
802.1X Protocol—Provides a means for a host that is connected to a switch port to be authenticated
before it is given access to the switch services.
•
802.1X RADIUS accounting—Allows you to track the use of network devices.
Содержание Catalyst 4500 Series
Страница 2: ......
Страница 4: ......
Страница 2086: ...Index IN 46 Software Configuration Guide Release IOS XE 3 9 0E and IOS 15 2 5 E ...