Allied Telesis AT-S63

AT-S63 Management Software Features Guide

Interface Monitoring.......................................................................................... .............................................. 342

Port Monitoring................................. .............................................................................................................. 343

VRRP on the Switch.................................................. ..................................................................................... 344

Section VIII: Port Security ..................................................................................... 347

Chapter 30: MAC Address-based Port Security ...................................................... ................................. 349

Supported Platforms................................................................................... .................................................... 350

Overview.................................................................................................................................. ....................... 351

Automatic......................................... ........................................................................................................ 351

Limited...................................................................................................................................................... 351

Secured......................................................................................................... ........................................... 352

Locked.................................................................................................................................................. .... 352

Invalid Frames and Intrusion Actions.. ........................................................................................................... 353

Guidelines................................................................................................................................ ....................... 354

Chapter 31: 802.1x Port-based Network Access Control ............................. ........................................... 355

Supported Platforms................................................................................... .................................................... 356

Overview.................................................................................................................................. ....................... 357

Authentication Process............................................................................................... ....................................359

Port Roles............................................................................................ ........................................................... 360

None Role........................................ ........................................................................................................ 360

Authenticator Role.................................................................................................................................... 360

Supplicant Role....................................................................... ................................................................. 362

Authenticator Ports with Single and Multiple Supplicants............................................................................... 363

Single Operating Mode.......... .................................................................................................................. 363

Multiple Operating Mode...................................................................... .................................................... 367

Supplicant and VLAN Associations........................ ........................................................................................ 370

Single Operating Mode.......... .................................................................................................................. 371

Multiple Operating Mode...................................................................... .................................................... 371

Supplicant VLAN Attributes on the RADIUS Server................................................................................. 371

Guest VLAN................................................................................................................................... ................. 372

RADIUS Accounting..................... .................................................................................................................. 373

General Steps....................................................................................................................................... .......... 374

Guidelines................................................................................................................................ ....................... 375

Section IX: Management Security ......................................................................... 379

Chapter 32: Web Server ............................................................. ................................................................. 381

Supported Platforms................................................................................... .................................................... 382

Overview.................................................................................................................................. ....................... 383

Supported Protocols................................................................................................................................. 383

Configuring the Web Server for HTTP............................................................................................................ 384

Configuring the Web Server for HTTPS................. ........................................................................................ 385

General Steps for a Self-signed Certificate.............................................................................................. 385

General Steps for a Public or Private CA Certificate................................................................................ 385

Chapter 33: Encryption Keys ..................................................................................................................... 387

Supported Platforms................................................................................... .................................................... 388

Overview.................................................................................................................................. ....................... 389

Encryption Key Length ................................................................................................................................... 390

Encryption Key Guidelines ............................................................................................................................. 391

Technical Overview.......................... .............................................................................................................. 392

Data Encryption....................................................................................................................................... . 392

Data Authentication........................................................................................................ ..........................394

Key Exchange Algorithms.......................................................................... .............................................. 395