Operating the switch

47

See the Operations chapter in the AT-8700XL Series Software Reference for:

More information about managing and using accounts with user, manager and security officer privileges

A full list of commands that require security officer privilege when the switch is in secure mode

Information about enabling a remote security officer.

Normal Mode and Security Mode

The switch operates in one of two modes, either normal mode or security mode. By default, the switch is in normal mode.

When the switch is in security mode, the command SHOW DEBUG does not display output of the SHOW FEATURE and SHOW CONFIGURATION DYNAMIC commands, or the current configuration in the SHOW SYSTEM output unless the SHOW DEBUG command is entered by a user with security officer privilege.

If you wish to use the following software features you need to enable security mode:

IP authentication

Secure Shell (see the Secure Shell chapter, AT-8700XL Series Software Reference)

Encryption (see the Compression and Encryption Services chapter, AT-8700XL Series Software Reference)

Public Key Encryption (PKI) (see the Public Key Infrastructure chapter, AT- 8700XL Series Software Reference)

To enable security mode, first create a user with security officer privilege, then enter the command:

ENABLE SYSTEM SECURITY_MODE

To access secure functionality you will need to log in again as the security officer.

When the switch restarts, it restarts in the same normal mode or security mode as it was before restarting. To restore the switch to normal operating mode, enter the command:

DISABLE SYSTEM SECURITY_MODE

When security mode is disabled, the switch automatically deletes all sensitive data files, including encryption keys.

To display the current operating mode, enter the command:

SHOW SYSTEM

When the switch is in security mode, a user with security officer privilege is the only person who can execute commands which affect switch security. Table 5 on page 48 lists commands that only a security officer can execute when the switch is in security mode. A complete list of commands limited by security

Software Release 2.6.1 C613-02030-00 REV B

Page 47
Image 47
Allied Telesis at-8700xl series switch manual Normal Mode and Security Mode

at-8700xl series switch specifications

Allied Telesis AT-8700XL Series Switches are sophisticated networking devices designed to meet the demanding requirements of modern enterprise environments. These managed Ethernet switches are optimized for reliability, performance, and scalability, making them ideal for various applications, from small businesses to large-scale networks.

One of the standout features of the AT-8700XL series is its robust Layer 2 and Layer 3 capabilities. This versatility allows the switches to perform both basic switching and advanced routing functions, facilitating efficient data traffic management. The series supports a wide range of standard protocols, including VLANs, STP, and RSTP, ensuring smooth and flexible network segmentation.

Another critical characteristic is the series' high-speed connectivity options. With multiple Gigabit Ethernet ports, the AT-8700XL series can handle significant data loads, ensuring seamless communication between connected devices. Furthermore, some models within the series offer 10 Gigabit uplink ports, providing the necessary bandwidth to connect to core networks or high-speed servers.

The AT-8700XL series incorporates advanced Quality of Service (QoS) features that enable network administrators to prioritize traffic effectively. This is particularly crucial for applications sensitive to latency, such as VoIP and video conferencing. By ensuring that time-sensitive data packets are transmitted promptly, the switches help maintain optimal performance across the entire network.

Power over Ethernet (PoE) support is yet another advantage of the AT-8700XL series. This feature allows the switches to deliver power to connected devices, such as IP cameras and wireless access points, via the Ethernet cable. This capability simplifies installations by reducing the need for additional power sources, ultimately saving on costs and improving efficiency.

Security is paramount in any network, and the AT-8700XL series does not disappoint. The switches employ robust security protocols, including Access Control Lists (ACLs), MAC address filtering, and DHCP snooping, to protect against unauthorized access and ensure network integrity.

In summary, Allied Telesis AT-8700XL Series Switches offer a comprehensive solution for various networking needs. With their Layer 2 and Layer 3 capabilities, high-speed connectivity, QoS features, PoE support, and security measures, these switches are well-equipped to enhance network efficiency and reliability, making them an excellent choice for organizations looking to future-proof their infrastructure. The AT-8700XL series exemplifies Allied Telesis's commitment to delivering high-quality networking solutions that cater to the evolving demands of businesses today.