Configuring Device Security
Configuring Network Security
Page 83
Configuring Network Security
Network security manages both access control lists and locked ports. This section contains the following topics:
•
Network Security Overview
•
Defining Network Authentication Properties
•
Defining Port Authentication
•
Configuring Traffic Control
Network Security Overview
This section provides an overview of network security and contains the following topics:
•
Port-Based Authentication
•
Advanced Port-Based Authentication
Port-Based Authentication
Port-based authentication authenticates users on a per-port basis via an external server. Only authenticated and
approved system users can transmit and receive data. Ports are authenticated via the RADIUS server using the
Extensible Authentication Protocol (EAP). Port-based authentication includes:
•
Authenticators
— Specifies the device port which is authenticated before permitting system access.
•
Supplicants
— Specifies the host connected to the authenticated port requesting to access the system ser-
vices.
•
Authentication Server
— Specifies the server that performs the authentication on behalf of the authentica-
tor, and indicates whether the supplicant is authorized to access system services.
Port-based authentication creates two access states:
•
Controlled Access
— Permits communication between the supplicant and the system, if the supplicant is
authorized.
•
Uncontrolled Access
— Permits uncontrolled communication regardless of the port state.
The device currently supports port-based authentication via RADIUS servers.
Advanced Port-Based Authentication
Advanced port-based authentication enables multiple hosts to be attached to a single port. Advanced port-based
authentication requires only one host to be authorized for all hosts to have system access. If the port is unautho-
rized, all attached hosts are denied access to the network.
Advanced port-based authentication also enables user-based authentication. Specific VLANs in the device are
always available, even if specific ports attached to the VLAN are unauthorized. For example, Voice over IP does
not require authentication, while data traffic requires authentication. VLANs for which authorization is not required
can be defined. Unauthenticated VLANs are available to users, even if the ports attached to the VLAN are defined
as authorized.
Advanced port-based authentication is implemented in the following modes:
•
Single Host Mode
— Only the authorized host can access the port.
•
Multiple Host Mode
— Multiple hosts can be attached to a single port. Only one host must be authorized for
all hosts to access the network. If the host authentication fails, or an EAPOL-logoff message is received, all
attached clients are denied access to the network.
Содержание 3010F - DES Switch
Страница 1: ......
Страница 10: ...D Link DES 3010FA GA Installation Guide Page 9 D Link DES 3010FA GA Installation Guide ...
Страница 49: ...D Link DES 3010FA GA User Guide Page 48 D Link DES 3010FA GA EWS User Guide ...
Страница 251: ...D Link DES 3010FA GA User Guide Page 250 ...
Страница 252: ...Contacting D Link Technical Support Page 251 ...
Страница 253: ...D Link DES 3010FA GA User Guide Page 252 ...
Страница 254: ...Contacting D Link Technical Support Page 253 ...
Страница 255: ...D Link DES 3010FA GA User Guide Page 254 ...
Страница 256: ...Contacting D Link Technical Support Page 255 ...
Страница 257: ...D Link DES 3010FA GA User Guide Page 256 ...
Страница 258: ...Contacting D Link Technical Support Page 257 ...
Страница 259: ...D Link DES 3010FA GA User Guide Page 258 ...
Страница 260: ...Contacting D Link Technical Support Page 259 ...
Страница 261: ...D Link DES 3010FA GA User Guide Page 260 ...
Страница 262: ...Contacting D Link Technical Support Page 261 ...
Страница 263: ...D Link DES 3010FA GA User Guide Page 262 ...
Страница 264: ...Contacting D Link Technical Support Page 263 ...
Страница 265: ...D Link DES 3010FA GA User Guide Page 264 ...
Страница 266: ...Contacting D Link Technical Support Page 265 ...
Страница 267: ...D Link DES 3010FA GA User Guide Page 266 ...
Страница 268: ...Contacting D Link Technical Support Page 267 ...
Страница 269: ...D Link DES 3010FA GA User Guide Page 268 ...
Страница 270: ...Contacting D Link Technical Support Page 269 ...
Страница 271: ...D Link DES 3010FA GA User Guide Page 270 ...
Страница 272: ...Contacting D Link Technical Support Page 271 ...
Страница 273: ...D Link DES 3010FA GA User Guide Page 272 ...
Страница 274: ...Contacting D Link Technical Support Page 273 ...
Страница 275: ...D Link DES 3010FA GA User Guide Page 274 ...
Страница 276: ...Contacting D Link Technical Support Page 275 ...