Access levels, Defining authorized management stations, Overview of ip mask operation – IronPort Systems 4108GL User Manual

Page 189: Access levels -5, Defining authorized management stations -5, Overview of ip mask operation -5

Advertising
background image

10-5

Using Authorized IP Managers for Increased Management Security

Using Authorized IP Managers

Usin

g

Au
th

o

riz

e

d

IP

Ma
nag

e

rs

Access Levels

For each authorized manager address, you can configure either of these access
levels:

Manager:

Enables full access to all web browser and console interface

screens for viewing, configuration, and all other operations available in
these interfaces.

Operator:

Allows read-only access from the web browser and console

interfaces. (This is the same access that is allowed by the switch’s opera-
tor-level password feature.)

Defining Authorized Management Stations

Authorizing Single Stations:

The table entry authorizes a single man-

agement station to have IP access to the switch. To use this method, just
enter the IP address of an authorized management station in the Autho-
rized Manager IP column, and leave the IP Mask set to

255.255.255.255. This

is the easiest way to use the Authorized Managers feature. (For more on
this topic, see “Configuring One Station Per Authorized Manager IP Entry”
on page 10-10.)

Authorizing Multiple Stations:

The table entry uses the IP Mask to

authorize access to the switch from a defined group of stations. This is
useful if you want to easily authorize several stations to have access to
the switch without having to type in an entry for every station. All stations
in the group defined by the one Authorized Manager IP table entry and its
associated IP mask will have the same access level—Manager or Operator.
(For more on this topic, see “Configuring Multiple Stations Per Authorized
Manager IP Entry” on page 10-11.)

To configure the switch for authorized manager access, enter the appropriate
Authorized Manager IP

value, specify an IP Mask, and select either

Manager

or

Operator for the Access Level. The IP Mask determines how the Authorized

Manager IP value is used to allow or deny access to the switch by a manage-
ment station.

Overview of IP Mask Operation

The default IP Mask is 255.255.255.255 and allows switch access only to a
station having an IP address that is identical to the Authorized Manager IP
parameter value. (“255” in an octet of the mask means that only the exact value
in the corresponding octet of the Authorized Manager IP parameter is allowed
in the IP address of an authorized management station.) However, you can
alter the mask and the Authorized Manager IP parameter to specify ranges of

Advertising
Popular Brands
Popular manuals