SECURITY AND ENCRYPTION OPTIONS

The CyberSWITCH product allows you to decide the extent and type of security for your network. This security may consist of standard security options, or it could include data encryption through the purchase of the CyberSWITCH encryption option.

The CyberSWITCH supports standard security options which are independent of the encryption process. These options may or may not be encrypted. These options include: device level security, user level security, a combination of the two, or if preferred, no security. There are different ways to authenticate, as well as different locations (both local and remote) to store security information. This segment addresses these areas.

We include the following chapters in the Security Configuration segment of the User’s Guide:

Security Overview

The “Big Picture” of how our standard security options work, and how they interoperate.

Configuring Security Level

Instructions for enabling the level of security you wish to use for security. You may choose to enable no security, device level security, user level security, or both device and user level security.

Configuring System Options and Information

Instructions for enabling system options, such as PPP Link security, for configuring system information, such as a system password, and for configuring secure yet flexible administration sessions.

Configuring Device Level Databases

Instructions for configuring an on-node device database (formerly known as the local user list) and enabling an off-node device database. Off-node device databases supported are: Connection Services Manager (CSM) and RADIUS.

Configuring User Level Databases

Instructions for enabling an off-node database with user level security. User level databases supported are: RADIUS, TACACS, and ACE.

Configuring Off-node Server Information

Instructions for configuring an off-node server, such as CSM, RADIUS, TACACS, and ACE.

Configuring Network Login Information

Instructions for configuring general network login information (such as Terminal Server security), network login banners, and information specific to RADIUS and TACACS servers.

In addition to standard security options, the CyberSWITCH encryption option is available. This option provides encryption at either the Network Layer level (using IP Security) or the Link Layer level (using PPP only). The following chapter addresses the set up of this encryption feature:

Configuring Encryption

Page 160
Image 160
Enterasys Networks CSX6000, CSX5500, CSX7000 manual Security and Encryption Options, Configuring Security Level