Security Overview

Getting Started with Access Security

Keeping the switch in a locked wiring closet or other secure space helps to prevent unauthorized physical access.

As additional precautions, you can do the following:

Disable or re-enable the password-clearing function of the Clear button.

Configure the Clear button to reboot the switch after clearing any local usernames and passwords.

Modify the operation of the Reset+Clear button combination so that the switch reboots, but does not restore the switch’s factory default settings.

Disable or re-enable password recovery.

For the commands used to configure the Clear and Reset buttons, refer to “Front-Panel Security” on page 2-23.

Quick Start: Using the Management Interface Wizard

The Management Interface wizard provides a convenient step-by-step method to prepare the switch for secure network operation. It guides you through the process of locking down the following switch operations or protocols:

setting local passwords

restricting SNMP access

enabling/disabling Telnet

enabling/disabling SSH

enabling/disabling remote Web management

restricting web access to SSL

setting timeouts for SSH/Telnet sessions

The wizard can also be used to view the pre-configured defaults and see the current settings for switch access security. The wizard can be launched either via the CLI (see page 1-10)or the Web browser interface (see page 1-12).

N o t e

The wizard’s security settings can also be configured using standard

 

commands via the CLI, Menu or Web browser interfaces. For full details on

 

preparing and configuring the switch for SSH and SSL operation, refer to

 

chapters 6 and 7 respectively.

 

 

CLI: Management Interface Wizard

To configure security settings using the CLI wizard, follow the steps below: 1. At the command prompt, type setup mgmt-interfaces.

1-10