Allied Telesis AT-S63 User Manual
Page 11
AT-S63 Management Software Features Guide
11
Chapter 39: PKI Certificates and SSL ........................................................................................................ 463
Supported Platforms....................................................................................................................................... 464
Overview......................................................................................................................................................... 465
Types of Certificates....................................................................................................................................... 465
Distinguished Names...................................................................................................................................... 467
SSL and Enhanced Stacking.......................................................................................................................... 469
Guidelines....................................................................................................................................................... 470
Technical Overview ........................................................................................................................................ 471
SSL Encryption ........................................................................................................................................ 471
User Verification....................................................................................................................................... 472
Authentication .......................................................................................................................................... 472
Public Key Infrastructure .......................................................................................................................... 473
Public Keys .............................................................................................................................................. 473
Message Encryption................................................................................................................................. 473
Digital Signatures ..................................................................................................................................... 473
Certificates ............................................................................................................................................... 474
Elements of a Public Key Infrastructure ................................................................................................... 475
Certificate Validation ................................................................................................................................ 476
Certificate Revocation Lists (CRLs) ......................................................................................................... 476
PKI Implementation.................................................................................................................................. 477
Chapter 40: Secure Shell (SSH) ................................................................................................................. 479
Supported Platforms....................................................................................................................................... 480
Overview......................................................................................................................................................... 481
Support for SSH ............................................................................................................................................. 482
SSH Server..................................................................................................................................................... 483
SSH Clients .................................................................................................................................................... 484
SSH and Enhanced Stacking ......................................................................................................................... 485
SSH Configuration Guidelines........................................................................................................................ 487
General Steps to Configuring SSH................................................................................................................. 488
Chapter 41: TACACS+ and RADIUS Protocols ......................................................................................... 489
Supported Platforms....................................................................................................................................... 490
Overview......................................................................................................................................................... 491
Guidelines....................................................................................................................................................... 493
Chapter 42: Management Access Control List ......................................................................................... 497
Supported Platforms....................................................................................................................................... 498
Overview......................................................................................................................................................... 499
Parts of a Management ACE.......................................................................................................................... 500
Guidelines....................................................................................................................................................... 501
Examples........................................................................................................................................................ 502
Appendix A: AT-S63 Management Software Default Settings ................................................................ 505
Address Resolution Protocol Cache............................................................................................................... 507
Boot Configuration File ................................................................................................................................... 508
BOOTP Relay Agent ...................................................................................................................................... 509
Class of Service.............................................................................................................................................. 510
Denial of Service Defenses ............................................................................................................................ 511
802.1x Port-Based Network Access Control .................................................................................................. 512
Enhanced Stacking......................................................................................................................................... 514
Ethernet Protection Switching Ring (EPSR) Snooping................................................................................... 515
Event Logs...................................................................................................................................................... 516
GVRP ............................................................................................................................................................. 517
IGMP Snooping .............................................................................................................................................. 518