26 Introduction
SSH
Secure Shell (SSH) is a protocol that provides a secure, remote connection to a device. SSH version 2 is
currently supported. The SSH server feature enables an SSH client to establish a secure, encrypted
connection with a device. This connection provides functionality that is similar to an inbound telnet
connection. SSH uses RSA and DSA Public Key cryptography for device connections and authentication.
TACACS +
TACACS+ provides centralized security for validation of users accessing the device. TACACS+ provides
a centralized user management system, while still retaining consistency with RADIUS and other
authentication processes.
For more information, see "Defining TACACS+ Settings."
Password Management
Password management provides increased network security and improved password control. Passwords
for SSH, Telnet, HTTP, HTTPS, and SNMP access are assigned security features. For more information
on Password Management, see "Managing Passwords".
Access Control Lists (ACL)
Access Control Lists (ACL) allow network managers to define classification actions and rules for specific
ingress ports. Packets entering an ingress port, with an active ACL, are either admitted or denied entry
and the ingress port is disabled. If they are denied entry, the user can disable the port.
For more information, see "ACL Overview" on page276.
DHCP Snooping
DHCP Snooping expands network security by providing firewall security between untrusted interfaces
and DHCP servers. By enabling DHCP Snooping network administrators can differentiate between
trusted interfaces connected to end-users or DHCP Servers and untrusted interfaces located beyond the
network firewall.
For more information, see "Configuring DHCP Snooping" on page288.
Additional CLI DocumentationThe CLI Reference Guide, which is available on the Documentation CD, provides information about the
CLI commands used to configure the device. The document provides information about the command
description, syntax, default values, guidelines, and examples.