Security Overview

Getting Started with Access Security

Getting Started with Access Security

ProCurve switches are designed as “plug and play” devices, allowing quick and easy installation in your network. In its default configuration the switch is open to unauthorized access of various types. When preparing the switch for network operation, therefore, ProCurve strongly recommends that you enforce a security policy to help ensure that the ease in getting started is not used by unauthorized persons as an opportunity for access and possible malicious actions.

Since security incidents can originate with sources inside as well as outside of an organization, your access security provisions must protect against internal and external threats while preserving the necessary network access for authorized clients and users. It is important to evaluate the level of management access vulnerability existing in your network and take steps to ensure that all reasonable security precautions are in place. This includes both configurable security options and physical access to the switch.

Switch management access is available through the following methods:

Front panel access to the console serial port (see “Physical Security”)

Inbound Telnet access

Web-browser access

SNMP access

For guidelines on locking down your switch for remote management access, see “Quick Start: Using the Management Interface Wizard” on page 1-10.

Physical Security

Physical access to the switch allows the following:

use of the console serial port (CLI and Menu interface) for viewing and changing the current configuration and for reading status, statistics, and log messages.

use of the switch’s USB port for file transfers and autorun capabilities.

use of the switch’s Clear and Reset buttons for these actions:

clearing (removing) local password protection

rebooting the switch

restoring the switch to the factory default configuration (and erasing any non-default configuration settings)

1-9