Configuring Switch Information 233
Configuring Switch Information
This section provides all system operations and general information for configuring network
security, ports, address tables, GARP, VLANs, Spanning Tree, Port Aggregation, and Multicast
Support.
Configuring Network Security
Use the
Network Security
page to set network security through both access control lists and locked
ports. To open the
Network Security
page, select
Switch
→
Network Security
.
The
Network Security
page
provides links that enable you to configure port based authentication,
port security, IP based ACLs, MAC based ACLs and ACL bindings.
Port Based Authentication (802.1x)
Port based authentication enables authenticating system users on a per port basis via an external
server. Only authenticated and approved system users can transmit and receive data. Ports are
authenticated via the RADIUS server using the Extensible Authentication Protocol (EAP).
The 802.1x network has three components:
•
Authenticators
— Specifies the port that is authenticated before permitting system access.
•
Supplicants
— Specifies host connected to the authenticated port requesting to access the
system services.
•
Authentication Server
— Specifies the external server, for example, the RADIUS server that
performs the authentication on behalf of the authenticator, and indicates whether the user is
authorized to access system services.
Port based authentication creates two access states:
•
Controlled Access
— Permits communication between the user and the system, if the user is
authorized.
•
Uncontrolled Access
— Permits uncontrolled communication regardless of the port state.
The device currently supports Port Based Authentication via RADIUS servers.
Advanced Port Based Authentication
Advanced Port Based Authentication enables multiple hosts to be attached to a single port.
Advanced Port Based Authentication requires only one host to be authorized for all hosts to have
system access. If the port is unauthorized all attached hosts are denied access to the network.