HP ProCurve 2810 Series Access Security Manual

Manufacturer
Type
Pages 326 Pages
Updated Sep 3, 2021
Category Switch

Table of Contents

  • Contents

    5
  • Product documentation

    13
  • Contents

    17
  • Introduction

    18
  • Management Access Security Protection

    19
  • General Switch Traffic Security Guidelines

    20
  • Conventions

    21
  • Command Prompts

    22
  • Sources for More Information

    23
  • Need Only a Quick Start?

    24
  • To Set Up and Install the Switch in Your Network

    25
  • Configuring Username and Password Security

    27
  • Overview

    28
  • Configuring Local Password Security

    30
  • CLI: Setting Passwords and Usernames

    31
  • Web: Setting Passwords and Usernames

    32
  • Front-Panel Security

    33
  • Front-Panel Button Functions

    34
  • Configuring Front-Panel Security

    36
  • Password Recovery

    41
  • Password Recovery Process

    43
  • Web and MAC Authentication

    45
  • Client Options

    47
  • General Features

    48
  • How Web and MAC Authentication Operate

    49
  • Terminology

    53
  • Operating Rules and Notes

    54
  • General Setup Procedure for Web/MAC Authentication

    56
  • Server To Support MAC Authentication

    58
  • Configuring the Switch To Access a RADIUS Server

    59
  • Configuring Web Authentication

    61
  • Configure the Switch for Web-Based Authentication

    62
  • Configuring MAC Authentication on the Switch

    66
  • Configure the Switch for MAC-Based Authentication

    67
  • Show Status and Configuration of Web-Based Authentication

    70
  • Show Status and Configuration of MAC-Based Authentication

    72
  • Show Client Status

    74
  • TACACS+ Authentication

    75
  • Terminology Used in TACACS Applications:

    77
  • General System Requirements

    79
  • Configuring TACACS+ on the Switch

    82
  • CLI Commands Described in this Section

    83
  • Contact Configuration

    84
  • Configuring the Switch's Authentication Methods

    85
  • Configuring the Switch's TACACS+ Server Access

    89
  • How Authentication Operates

    94
  • Local Authentication Process

    96
  • Using the Encryption Key

    97
  • Authentication

    99
  • Messages Related to TACACS+ Operation

    100
  • Operating Notes

    101
  • RADIUS Authentication and Accounting

    103
  • Switch Operating Rules for RADIUS

    106
  • General RADIUS Setup Procedure

    107
  • Configuring the Switch for RADIUS Authentication

    108
  • Outline of the Steps for Configuring RADIUS Authentication

    109
  • You Want RADIUS To Protect

    110
  • Configure the Switch To Access a RADIUS Server

    112
  • Configure the Switch's Global RADIUS Parameters

    114
  • Configuring RADIUS Accounting

    119
  • Operating Rules for RADIUS Accounting

    121
  • Reports to the radius server

    124
  • Viewing RADIUS Statistics

    127
  • RADIUS Authentication Statistics

    129
  • RADIUS Accounting Statistics

    130
  • Changing RADIUS-Server Access Order

    132
  • Messages Related to RADIUS Operation

    134
  • Configuring Secure Shell (SSH)

    135
  • Prerequisite for Using SSH

    139
  • For Switch and Client Authentication

    140
  • General Operating Rules and Notes

    142
  • Configuring the Switch for SSH Operation

    143
  • Generate the Switch's Public and Private Key Pair

    144
  • Provide the Switch's Public Key to Clients

    147
  • Client Contact Behavior

    149
  • Configure the Switch for SSH Authentication

    152
  • Use an SSH Client To Access the Switch

    156
  • Messages Related to SSH Operation

    162
  • Prerequisite for Using SSL

    169
  • Assign Local Login (Operator) and Enable (Manager) Password

    171
  • Generate the Switch's Server Host Certificate

    173
  • Comments on certificate fields

    175
  • Browser Contact Behavior

    181
  • Common Errors in SSL Setup

    185
  • Configuring Port-Based and Client-Based Access Control (802.1X)

    187
  • Why Use Port-Based or Client-Based Access Control?

    189
  • User Authentication Methods

    190
  • General 802.1X Authenticator Operation

    196
  • Switch-Port Supplicant Operation

    197
  • General Setup Procedure for 802.1X Access Control

    200
  • Overview: Configuring 802.1X Authentication on the Switch

    201
  • Configuring Switch Ports as 802.1X Authenticators

    203
  • Reconfigure Settings for Port-Access

    206
  • Configure the 802.1X Authentication Method

    209
  • Enter the RADIUS Host IP Address(es)

    210
  • Optionally Resetting Authenticator Operation

    211
  • X Open VLAN Mode

    212
  • VLAN Membership Priorities

    213
  • Use Models for 802.1X Open VLAN Modes

    214
  • Unauthorized-Client VLANs

    217
  • Setting Up and Configuring 802.1X Open VLAN Mode

    220
  • X Open VLAN Operating Notes

    224
  • Only 802.1X Devices

    226
  • Configuring Switch Ports To Operate As Supplicants for 802.1X Connections to Other Switches

    228
  • Displaying 802.1X Configuration, Statistics, and Counters

    233
  • Viewing 802.1X Open VLAN Mode Status

    236
  • Show Commands for Port-Access Supplicant

    239
  • How RADIUS/802.1X Authentication Affects VLAN Operation

    240
  • Messages Related to 802.1X Operation

    244
  • Configuring and Monitoring Port Security

    245
  • Basic Operation

    246
  • Blocking Unauthorized Traffic

    247
  • Trunk Group Exclusion

    248
  • Planning Port Security

    249
  • Port Security Command Options and Operation

    250
  • Retention of Static MAC Addresses

    254
  • Configuring Port Security

    256
  • MAC Lockdown

    261
  • Differences Between MAC Lockdown and Port Security

    263
  • Deploying MAC Lockdown

    265
  • MAC Lockout

    269
  • Port Security and MAC Lockout

    271
  • Reading Intrusion Alerts and Resetting Alert Flags

    272
  • How the Intrusion Log Operates

    273
  • Using the Event Log To Find Intrusion Alerts

    279
  • And Resetting Alert Flags

    280
  • Configuring Protected Ports

    282
  • Traffic/Security Filters

    285
  • Using Source-Port Filters

    287
  • Configuring a Source-Port Filter

    288
  • Viewing a Source-Port Filter

    291
  • Filter Indexing

    292
  • Editing a Source-Port Filter

    293
  • Using Authorized IP Managers

    303
  • Configuration Options

    305
  • Defining Authorized Management Stations

    306
  • Menu: Viewing and Configuring IP Authorized Managers

    307
  • CLI: Viewing and Configuring Authorized IP Managers

    308
  • Configuring ip authorized managers for the switch

    309
  • Web: Configuring IP Authorized Managers

    311
  • Configuring Multiple Stations Per Authorized Manager IP Entry

    312
  • Additional Examples for Authorizing Multiple Stations

    314

Related Manuals

Below are links to the text of a wide variety of documents related to the HP ProCurve 2810 Series Access Security Manual.