Overview of Security Methods
14-2 Matrix NSA Series Configuration Guide
•MAC Locking — locks a port to one or more MAC addresses, preventing connection of
unauthorized devices via the port. For details, refer to Section 14.3.9.
•Multiple User Multiple Authentication – allows multiple users on a given port to simultaneously
authenticate using any or all of the supported protocols (MAC Authentication, PWA, 802.1X),
and for each authenticated user to receive a unique level of network access. For details, refer to
Section 14.3.10.
•Secure Shell (SSH) — provides for secure remote CLI management access. For details, refer to
Section 14.3.11.
•IP Access Lists (ACLs) — permits or denies access to routing interfaces based on protocol and
inbound and/or outbound IP address restrictions configured in access lists. For details, refer to
Section 14.3.12.
•Policy-Based Routing — permits or denies access to routing interfaces based on access lists in
a route map applied to the interface. For details, refer to Section 14.3.13.
•Denial of Service (DoS) Prevention — prevents Denial of Service attacks, including land,
fragmented and large ICMP packets, spoofed address attacks, and UDP/TCP port scanning. For
details, refer to Section 14.3.14.
•Flow Setup Throttling (FST) — prevents the effects of DoS attacks by limiting the number of
new or established flows that can be programmed on any individual switch port. For details,
refer to Section 14.3.15.