Adding or editing a management access policy – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Brocade Mobility RFS Controller System Reference Guide

671

53-1003099-01

12

A green check mark indicates controller or service platform device access is allowed using the
listed protocol. A red X indicates device access is denied using the listed protocol.

4. If it’s determined a Management Access policy requires creation or modification, refer to

Adding or Editing a Management Access Policy on page 12-671. If necessary, select an
existing Management Access policy and select Delete to permanently remove it from the list of
those available.

Adding or Editing a Management Access Policy

Viewing Management Access Policies

To add a new Management Access policy, or edit an existing configuration:

1. Select Configuration > Management > Wireless LAN Policy to the main Management Policy

screen and Management Browser.

Existing policies can be modified by either selecting a policy from the Management
Browser and selecting the Edit button.

New policies can be created by selecting the Add button from the bottom right-hand side of
the Management screen.

2. A name must be supplied to the new policy before the Access Control, SNMP, SNMP Traps and

Administrators tabs become enabled and the policy’s configuration defined. The name cannot
exceed 32 characters.

3. Select OK to commit the new policy name.

Management Policy

Displays the name of the Management Access policy assigned when initially created. The name
cannot be updated when modifying a policy.

Telnet

Telnet provides a command line interface to a remote host over TCP. Telnet provides no encryption,
but it does provide a measure of authentication.

SSHv2

SSH (Secure Shell) version 2, like Telnet, provides a command line interface to a remote host.
However, all SSH transmissions are encrypted, increasing their security.

HTTP

HTTP (Hypertext Transfer Protocol) provides access to the device’s GUI using a Web browser. This
protocol is not very secure.

HTTPS

HTTPS (Hypertext Transfer Protocol Secure) provides fairly secure access to the device’s GUI using
a Web browser. Unlike HTTP, HTTPS uses encryption for transmission, and is therefore more
secure.

SNMPv1

SNMP (Simple Network Management Protocol) exposes a device’s management data so it can be
managed remotely. Device data is exposed as variables that can be accessed and modified. SNMP
is generally used to monitor a system’s performance and other parameters.
SNMP v1 is easy to set up, and only requires a plain text. It does not support 64 bit counters, only
32 bit counters, and that provides little security.

SNMPv2

SNMP v2 is identical to version 1, but it adds support for 64 bit counters. Most devices support
SNMP v2c automatically. However, there are some devices that require you to explicitly enable v2,
and that poses no risk.

SNMPv3

SNMP v3 adds security to the 64 bit counters provided with SNMP v2. SNMP v3 adds both
encryption and authentication, which can be used together or separately. Its setup is more complex
than just defining a community string. But if you require security, SNMP v3 is recommended.

FTP

FTP (File Transfer Protocol) is a standard protocol for files transfers over a TCP/IP network.