10-4
Using Authorized IP Managers for Increased Management Security
Using Authorized IP Managers
Using Authorized IP
Managers
Using Authorized IP Managers Authorized IP Manager Features
This feature enables you to enhance security on the switch by using IP
addresses to authorize which stations (PCs or workstations) can access the
switch. Also, when configured in the switch, Authorized IP Managers take
precedence over TACACS+ and local user-name/password pairs as indicated
in table 10-1, "Management Access Security Features" on page 10-2.
Thus, with Authorized IP Management configured, having the correct pass-
words is not sufficient for accessing the switch through the network unless
the station attempting access is also included in the switch’s Authorized IP
Managers configuration.
Options. You can configure:
■Up to 10 authorized manager addresses, where each address applies to
either a single management station or a group of stations
■Manager or Operator access level
Caution Configuring Authorized IP Managers does not protect access to the switch
through a modem or direct connection to the Console (RS-232) port. Also , if
the IP address assigned to an authorized management station is configured in
another station, the other station can gain management access to the switch
even though a duplicate IP address condition exists. For these reasons, you
should enhance your network’s security by keeping physical access to the
switch restricted to authorized personn el, using the TACACS+ and user-name/
password features built into the switch, and preventing unauthorized access
to data on your management stations.
Feature Default Menu CLI Web
Listing (Showing) Authorized
Managers
n/a page 1 0-7 page 10-8 page 10-10
Configuring Authorized IP
Managers
None page 10-7 page 10-8 page 10-10
Building IP Masks n/a page 10-10 page 10-10 page 10- 10
Operating and Troubleshooting
Notes
n/a page 10-13 page 10-13 page 10-13