Configuring a Server-Derived Role

If the client is authenticated through an authentication server, the user role for the client can be based on one or more attributes returned by the server during authentication. You configure the user role to be derived by specifying condition rules; when a condition is met, the specified user role is assigned to the client. You can specify more than one condition rule; the order of rules is important as the first matching condition is applied. You can also define server rules based on client attributes such as ESSID, BSSID, or MAC address, even though these attributes are not returned by the server.

For information about configuring a server-derived role, see "Configuring Server-Derivation Rules" on page 182.

Configuring a VSA-Derived Role

Many Network Address Server (NAS) vendors, including Dell, use VSAs to provide features not supported in standard RADIUS attributes. For Dell systems, VSAs can be employed to provide the user role and VLAN for RADIUS- authenticated clients, however the VSAs must be present on your RADIUS server. This involves defining the vendor (Dell) and/or the vendor-specific code (14823), vendor-assigned attribute number, attribute format (such as string or integer), and attribute value in the RADIUS dictionary file. VSAs supported on Dell controllers conform to the format recommended in RFC 2865, “Remote Authentication Dial In User Service (RADIUS)”.

Dictionary files that contain Dell VSAs are available on the Dell support website for various RADIUS servers. Log into the Dell support website to download a dictionary file from the Tools folder.

Understanding Global Firewall Parameters

Table 84 describes optional firewall parameters you can set on the controller for IPv4 traffic. To set these options in the WebUI, navigate to the Configuration > Advanced Services > Stateful Firewall > Global Setting page and select or enter values in the IPv4 column. To set these options in the CLI, use the firewall configuration commands.

See IPv6 Support on page 128 for information about configuring firewall parameters for IPv6 traffic.

Table 84: IPv4 Firewall Parameters

Parameter

Description

Monitor Ping Attack

Number of ICMP pings per second, which if exceeded, can indicate a denial of

 

service attack. Valid range is 1-255 pings per second. Recommended value is 4.

 

Default: No default

 

 

Monitor TCP SYN Attack rate

Number of TCP SYN messages per second, which if exceeded, can indicate a denial

 

of service attack. Valid range is 1-255 messages per second. Recommended value is

 

32.

 

Default: No default

 

 

Monitor IP Session Attack

Number of TCP or UDP connection requests per second, which if exceeded, can

 

indicate a denial of service attack. Valid range is 1-255 requests per second.

 

Recommended value is 32.

 

Default: No default

 

 

Monitor/Police CP Attack rate (per

Rate of misbehaving user’s inbound traffic, which if exceeded, can indicate a denial

sec)

or service attack.

 

Recommended value is 100 frames per second.

Deny Inter User Bridging

Prevents the forwarding of Layer-2 traffic between wired or wireless users. You can

Dell PowerConnect W-Series ArubaOS 6.2 User Guide

Roles and Policies 310

Page 309 Page 311
Page 310
Image 310
Dell 6.2 manual Understanding Global Firewall Parameters, Configuring a Server-Derived Role, Configuring a VSA-Derived Role
Page 309 Page 311

6.2 specifications

Dell 6.2 is an advanced enterprise solution that caters to the needs of businesses seeking robust performance and efficiency. As a part of Dell's commitment to innovation, the 6.2 series combines cutting-edge technologies and features that enhance productivity and deliver reliable computing experiences.

One of the standout features of the Dell 6.2 is its impressive processing power. Equipped with the latest Intel processors, it offers exceptional speed and multitasking capabilities. This allows businesses to run demanding applications effortlessly, making it ideal for data-intensive tasks such as data analysis, software development, and virtualization. The series also supports substantial RAM configurations, enabling users to manage extensive workloads without experiencing slowdowns.

In terms of storage, the Dell 6.2 line includes advanced SSD options that significantly boost data access speeds compared to traditional hard drives. This rapid access to information is vital for businesses that require quick retrieval of large datasets. Furthermore, the devices support RAID configurations, which enhances data redundancy and security, protecting critical business information from loss.

Connectivity is another critical aspect of the Dell 6.2 series. It includes multiple USB ports, HDMI outputs, and high-speed Ethernet options, ensuring that users can easily connect to various peripherals and networks. The integration of Wi-Fi 6 technology enables faster wireless connections, resulting in improved internet speeds and bandwidth efficiency, which is crucial in today’s increasingly connected workplaces.

Dell has also prioritized security in the 6.2 series. It features enhanced biometric authentication and advanced encryption methods, safeguarding sensitive data from unauthorized access. Additionally, the system's BIOS protection and automatic updates provide an added layer of security, ensuring that the device remains safe from emerging threats.

The design of the Dell 6.2 is not only sleek and modern but also built for durability. Its robust chassis is engineered to withstand the rigors of daily use, making it suitable for various business environments. This durability ensures that the investment in Dell 6.2 will last for years while maintaining performance integrity.

In summary, the Dell 6.2 series embodies a blend of speed, storage efficiency, connectivity, and security, making it a top choice for enterprises looking to enhance their computing capabilities. With its modern features and durable design, Dell 6.2 is positioned as a reliable partner in driving business success.
Top Page Image Contents