Managing Switch User Accounts

Overview of User Accounts

 

 

 

 

Overview of User Accounts

A user account includes a login name, password, and user privileges. The account also includes privilege or profile information, depending on the type of user account. There are two types of accounts: network administrator accounts, and end-user or customer login accounts.

Network administrator accounts are configured with user (sometimes called functional) privileges. These privileges determine whether the user has read or write access to the switch and which command domains and command families the user is authorized to execute on the switch.

Customer login accounts are configured with end-user profiles rather than functional privileges. Profiles are configured separately and then attached to the user account. A profile specifies command areas to which a user has access as well as VLAN and/or port ranges to which the user has access.

The designation of particular command families/domains or command families for user access is some- times referred to as partitioned management. The privileges and profiles are sometimes referred to as authorization.

Note. End-user command areas are different from the command domains/families used for network administrator accounts. In general, command areas are much more restricted groups of commands (see page 7-14).

Functional privileges (network administration) and end-user profiles (customer login) are mutually exclu- sive. Both types of users may exist on the switch, but any given user account can only be one type, network administrator or customer login. The CLI in the switch prevents you from configuring both privi- leges and a profile for the same user.

End-user profiles also cannot be configured on an authentication server; however, users configured on an external authentication server may have profile attributes, which the switch will attempt to match to profiles configured locally.

Note that if user information is configured on an external server (rather than locally on the switch through the CLI) with both functional privilege attributes and profile attributes, the user is seen by the switch as an end-user and will attempt to match the profile name to a profile name configured on the switch. If there is no match, the user will not be able to log into the switch.

Note. For information about setting up user information on an authentication (AAA) server, see the “Managing Authentication Servers” chapter of the OmniSwitch 6600 Family Network Configuration Guide.

Users typically log into the switch through one of the following methods:

Console port—A direct connection to the switch through the console port.

Telnet—Any standard Telnet client may be used for logging into the switch.

FTP—Any standard FTP client may be used for logging into the switch.

HTTP—The switch has a Web browser management interface for users logging in via HTTP. This management tool is called WebView.

OmniSwitch 6600 Family Switch Management Guide March 2005

page 7-3

Page 159
Image 159
Alcatel Carrier Internetworking Solutions omniswitch manual Overview of User Accounts

omniswitch specifications

Alcatel Carrier Internetworking Solutions offers the OmniSwitch series, renowned for its robust capabilities in delivering high-performance networking solutions tailored for a variety of enterprise and service provider environments. The OmniSwitch series is particularly recognized for its scalability, flexibility, and the depth of its feature set, making it a popular choice for organizations that demand reliable and efficient networking solutions.

One of the standout features of the OmniSwitch series is its advanced Layer 2 and Layer 3 switching capabilities, providing organizations with essential support for IP routing and robust Ethernet networking. This versatility ensures that the switch can seamlessly integrate into existing network architectures, facilitating smooth upgrade paths in response to evolving business needs. The OmniSwitch includes support for multiple protocols like RIP, OSPF, and BGP, making it suitable for complex networking topologies.

In terms of performance, OmniSwitch devices are engineered to handle high bandwidth demands. With features such as hardware-based forwarding, they ensure low latency and minimal packet loss, which are critical for applications sensitive to delays such as VoIP and video conferencing. Furthermore, they support Power over Ethernet (PoE), allowing users to power devices like IP phones and security cameras directly through the network.

Security is another key characteristic of the OmniSwitch series. It includes advanced security features such as robust access control lists (ACLs), port security, and built-in support for IEEE 802.1X authentication. These features collectively enhance the security posture of the network, protecting sensitive data and ensuring that only authorized devices can access the network resources.

The OmniSwitch is also designed with redundancy and reliability in mind. Features like Rapid Spanning Tree Protocol (RSTP) and Virtual Router Redundancy Protocol (VRRP) ensure that network uptime is maximized and that failover is swift in the event of a hardware failure. This makes it a viable option for organizations that cannot afford downtime.

In addition to these features, Alcatel's OmniSwitch series comes equipped with a user-friendly management interface. This interface simplifies the setup, configuration, and monitoring of the network, making it accessible even to those with limited networking expertise. Through intuitive dashboards and support for SNMP, administrators can manage their networks effectively.

In conclusion, Alcatel Carrier Internetworking Solutions' OmniSwitch series offers a comprehensive suite of features tailored to meet the needs of modern networks. With its blend of performance, scalability, security, and ease of management, the OmniSwitch stands out as a preferred choice for businesses seeking to enhance their networking infrastructure.