Restricting remote access to management functions – Brocade BigIron RX Series Configuration Guide User Manual
Page 133
BigIron RX Series Configuration Guide
55
53-1002484-04
Restricting remote access to management functions
3
Restricting remote access to management functions
You can restrict access to management functions from remote sources, including Telnet, the Web
management interface, and SNMP. The following methods for restricting remote access are
supported:
•
Using ACLs to restrict Telnet, Web management interface, or SNMP access
•
Allowing remote access only from specific IP addresses
•
Allowing remote access only to clients connected to a specific VLAN
Web management access
SNMP read or read-write
community strings
Regulate Web management access
using ACLs
Allow Web management access only
from specific IP addresses
Allow Web management access only to
clients connected to a specific VLAN
Disable Web management access
Configure SSL security for the Web
management interface
Set up local user accounts
Establish SNMP read or read-write
community strings for SNMP versions 1
and 2
Establishing user groups for SNMP
version 3
Configure TACACS and TACACS+
security
Configure RADIUS security
SNMP (network management
system) access
SNMP read or read-write
community strings and
the password to the
Super User privilege
level
NOTE: SNMP read or
read-write
community
strings are
always required
for SNMP access
to the device.
Regulate SNMP access using ACLs
Allow SNMP access only from specific
IP addresses
Disable SNMP access
Allow SNMP access only to clients
connected to a specific VLAN
Establish passwords to management
levels of the CLI
Set up local user accounts
Establish SNMP read or read-write
community strings
TFTP access
Not secured
Allow TFTP access only to clients
connected to a specific VLAN
TABLE 35
Ways to secure management access to the device (Continued)
Access method
How the access method is
secured by default
Ways to secure the access method
See page