User Level Security

USER’S GUIDE

OVERVIEW OF DEVICE AUTHENTICATION PROCESS

When a remote device connects, the CyberSWITCH negotiates the required authentication. It then collects the information which is used to identify and authenticate the remote device. The system compares this collected information against information maintained in a device database. If the information collected from the remote device matches the information found in the database, the connection is valid and the device is allowed access to network resources. If the collected information does not match the information in the database, the connection is disconnected.

The device database can be maintained either locally on the CyberSWITCH itself, or on a server, central to the network. When an on-node device database is used, device information is configured either directly through the CFGEDIT configuration utility or through using Manage Mode commands.

It is also possible to configure and maintain device information on an off-node, central device database. This could be useful for networks with a large number of devices or several systems. Only one device database would need to be configured and maintained. The Remote Authentication Dial In User Service (RADIUS) and CSM are the off-node, central databases currently supported by the system. The RADIUS Server option is available for PPP/IP devices (with CHAP or PAP security), HDLC bridge devices, and RFC 1294 devices.

CONFIGURING USER LEVEL SECURITY

USING CFGEDIT

1.Select User Level Security from the Security Level Menu. If you need guidance to find this menu, refer to the instructions provided in the No Security configuration section.

2.Refer to the chapter Configuring User Level Databases in order to select and configure the user level database.

USING MANAGE MODE

seclevel

Displays the current security level configuration data.