Cli architecture, Security levels – Avaya C360 User Manual
Page 60
Establishing Switch Access
60 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
CLI Architecture
The C360 stack supports both Layer 2 switching and Layer 3 switching.
The C360 CLI includes two CLI entities to support this functionality.
●
The Switch CLI entity is used to manage Layer 2 switching of the entire stack. CLI
commands for managing Layer 2 switching are described in the Reference Guide for the
Avaya C360 Converged Stackable Switch, 10-300506.
●
The Router CLI entity is used to manage Layer 3 switching of a single module. CLI
commands for managing Layer 3 switching are described in the Reference Guide for the
Avaya C360 Converged Stackable Switch, 10-300506.
To switch between the entities, use the session command.
Security Levels
There are three security access levels - User, Privileged, and Supervisor.
●
The User level ('read-only') is a general access level used to show system parameter
values.
●
The Privileged level ('read-write') is used by site personnel to access stack configuration
options.
●
The Supervisor level ('administrator') is used to define user names, passwords, and
access levels of up to 10 local CLI users, configure SNMPv1 community, configure
SNMPv3, configure RADIUS authentication and control access protocols to the device.
Tip:
Tip:
If you wish to define more than ten users per switch, or accounts for a user on
multiple switches, use RADIUS (Remote Authentication Dial-In User Service).
A login name and password are always required to access the CLI and the commands. The
login name, password, and access-type (i.e., security level) for a user account are established
using the username command.
Switching between the entities does not effect the security level since security levels are
established specifically for each user. For example, if the operator with a privileged security
level in the Switch entity switches to the Router entity, the privileged security level is retained.
Tip:
Tip:
If you wish to increase security, you can disable SNMPv1 and allow only
SNMPv3.