BLADEOS 6.5.2 Application Guide

TACACS+ Authentication Features in BLADEOS

Authentication is the action of determining the identity of a user, and is generally done when the user first attempts to log in to a device or gain access to its services. BLADEOS supports ASCII inbound login to the device. PAP, CHAP and ARAP login methods, TACACS+ change password requests, and one-time password authentication are not supported.

Authorization

Authorization is the action of determining a user’s privileges on the device, and usually takes place after authentication.

The default mapping between TACACS+ authorization levels and BLADEOS management access levels is shown in Table 5. The authorization levels must be defined on the TACACS+ server.

Table 5 Default TACACS+ Authorization Levels

BLADEOS User Access Level

TACACS+ level

 

 

user

0

 

 

oper

3

 

 

admin

6

 

 

Alternate mapping between TACACS+ authorization levels and BLADEOS management access levels is shown in Table 6. Use the following command to set the alternate TACACS+ authorization levels.

RS G8124(config)# tacacs-server privilege-mapping

Table 6 Alternate TACACS+ Authorization Levels

BLADEOS User Access Level

TACACS+ level

 

 

user

0 - 1

 

 

oper

6 - 8

 

 

admin

14 - 15

 

 

If the remote user is successfully authenticated by the authentication server, the switch verifies the privileges of the remote user and authorizes the appropriate access. The administrator has an option to allow secure backdoor access via Telnet/SSH. Secure backdoor provides switch access when the TACACS+ servers cannot be reached. You always can access the switch via the console port, by using notacacs and the administrator password, whether secure backdoor is enabled or not.

Note – To obtain the TACACS+ backdoor password for your G8124, contact Technical Support.

70 ￿ Chapter 4: Authentication & Authorization Protocols

BMD00220, October 2010

Page 69 Page 71
Page 70
Image 70
Blade ICE G8124-E manual TACACS+ Authentication Features in Bladeos, Default TACACS+ Authorization Levels
Page 69 Page 71

G8124-E, G8124 specifications

The Blade ICE G8124 is a cutting-edge networking solution designed for high-performance data center environments. It has emerged as a popular choice among organizations that require reliable and efficient network infrastructure to support their growing demands for bandwidth and low-latency connectivity.

One of the key features of the Blade ICE G8124 is its high port density. This networking device typically offers 24 ports of 10 Gigabit Ethernet, ensuring that businesses can connect numerous devices without requiring extensive physical space. The design is also scalable, accommodating future expansion as organizational needs grow.

Another significant aspect of the G8124 is its advanced switching capabilities. It utilizes a non-blocking architecture, enabling simultaneous data transmissions on all ports. This characteristic ensures that there is no bottleneck in the network traffic, providing the high performance needed in data-intensive applications.

The G8124 incorporates various technologies to enhance its functionalities. It supports Layer 2 and Layer 3 switching, making it versatile for different networking needs. Additionally, it features comprehensive Quality of Service (QoS) settings that prioritize critical applications, such as VoIP and video streaming, ensuring smooth operation even under heavy loads.

In terms of security, the Blade ICE G8124 provides robust measures to protect the network. It supports features such as Access Control Lists (ACLs), port security, and VLANs, allowing administrators to segment the network and restrict unauthorized access. These security capabilities are vital in today’s landscape, where cyber threats are increasingly common.

Moreover, the G8124 offers excellent management features. It includes an intuitive user interface for easy configuration and monitoring of network performance. SNMP support allows integration with network management systems, providing administrators with insights needed to optimize their operations.

Power efficiency is also a hallmark of the Blade ICE G8124. It employs energy-saving technologies that reduce operational costs, an essential factor for environmentally-conscious organizations striving to minimize their carbon footprint.

In summary, the Blade ICE G8124 stands out with its high port density, advanced switching capabilities, robust security features, and efficient management options. This networking solution is designed to meet the demands of modern data centers, providing the performance, reliability, and scalability that organizations require. With its innovative technologies, the G8124 ensures that businesses can navigate the complexities of today's networking landscape effectively.
Top Page Image Contents