Setting Up Security for a Device

Switch Port Security

Access Levels

For each authorized manager address, you can configure either one of these access levels:

Manager—Enables full access to all web browser and console interface screens for viewing, configuration, and all other operations available in these interfaces

Operator—Allows view-only access from the web browser and console interfaces. This is the same access that is allowed by the switch’s operator- level password feature

Defining Authorized Management Stations

Authorizing Single Stations. Enable only one station per Authorized Manager IP parameter to access the switch (the default). To use this method, just enter the IP address of an authorized management station in the Authorized Manager IP parameter, and leave the IP Mask set to 255.255.255.255. This is the easiest way to use the Authorized Managers feature.

Authorizing Multiple Stations. Using one Authorized Manager IP parameter, enable a defined group of stations to access the switch. This is useful if you want to authorize several stations for either manager- or operator- level access to the switch. All stations in a group defined by one Authorized Manager IP parameter and its associated IP mask will have the same access level—Manager or Operator.

To configure the switch for authorized manager access, enter the appropriate Authorized Manager IP parameter, specify an IP Mask, and select either Manager or Operator for the Access Level. The IP Mask determines how the Authorized Manager IP parameter is used to define authorized IP addresses for management station access.

Overview of IP Mask Operation

The default IP Mask is 255.255.255.255 and allows switch access only to a station having an IP address that is identical to the Authorized Manager IP parameter. (“255” in an octet of the mask means that only the exact value in the corresponding octet of the Authorized Manager IP parameter is allowed in the IP address of an authorized management station.) However, you can alter the mask and the Authorized Manager IP parameter to specify ranges of authorized IP addresses. For example, a mask of 255.255.255.0 and any value for the Authorized Manager IP parameter allows a range of 0 through 255 in the 4th octet of the authorized IP address, which enables a block of up to 256 IP addresses for IP management access. A mask of 255.255.255.252 uses the 4th octet of a given Authorized Manager IP address to authorize four IP addresses for management station access.

14-15

Page 194 Page 196
Page 195
Image 195
HP Networking TopTool Products manual Overview of IP Mask Operation, Access Levels, Defining Authorized Management Stations
Page 194 Page 196
Top Page Image Contents