10-2
Using Authorized IP Managers for Increased Management Security
Overview
Usi
ng Aut
h
ori
zed I
P
Ma
nag
ers
Overview
The Authorized IP Managers feature enhances security on the switch by using
IP addresses and masks to determine which stations (PCs or workstations)
can access the switch through the network. This covers access through the
following means:
–
Telnet
–
The switch’s web browser interface
–
SNMP (with a correct community name)
–
File transfers using TFTP (for configurations and software
updates)
Thus, with authorized IP managers configured, having the correct passwords
is not sufficient for accessing the switch through the network unless the
station attempting access is also included in the switch’s Authorized IP
Managers configuration.
You can use Authorized IP Managers, local passwords (page 9-3), and
() to provide a more comprehensive security fabric than if you use
only one or two of these options. Table 10-1 lists these features with the
security coverage they provide.
Table 10-1. Management Access Security Features
Table 10-1 shows the protection each security feature offers for a given type
of access, and the hierarchy the switch applies when using security features
to process access attempts. For example, the switch provides Telnet manage-
ment access security as follows:
1.
If the switch has an Authorized IP Managers list, the management station
must be included in this list.
•
If the station is not authorized, the switch denies access.
•
If the switch has no Authorized IP Manager list, then the switch uses
authentication, if configured and available (step 2, below).
Security Features in Order
of Implementation
Supported Management Access Protection
Serial
Port
Telnet
SNMP
(Net Mgmt)
TFTP
Web
Browser
Authorized IP Mgrs.
No
Yes
Yes
Yes
Yes
Yes
Yes
No
No
No
Local Manager and Operator
User-Names and Passwords
Yes
Yes
No
No
Yes
Summary of Contents for ProCurve 4108gl Bundle
Page 1: ...hp procurve switch 4108gl management and configuration guide www hp com go hpprocurve ...
Page 2: ......
Page 40: ...2 16 Using the Menu Interface Where To Go From Here Using the Menu Interface ...
Page 154: ...8 24 Time Protocols SNTP Messages in the Event Log Time Protocols ...
Page 350: ...14 44 Port Based Virtual LANs VLANs and GVRP GVRP Port Based Virtual LANs VLANs and GVRP ...
Page 383: ...16 13 Spanning Tree Protocol STP How STP Operates Spanning Tree Protocol STP ...
Page 384: ...16 14 Spanning Tree Protocol STP How STP Operates Spanning Tree Protocol STP ...
Page 442: ...18 30 Troubleshooting Restoring a Flash Image Troubleshooting ...
Page 466: ...B 6 MAC Address Management Determining MAC Addresses MAC Address Management ...
Page 470: ......
Page 481: ...Index 11 Index write memory effect on menu interface 2 13 X Xmodem OS download A 6 ...
Page 482: ......