Dell POWEREDGE M1000E User Manual
Page 60
1-10
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
OL-13270-03
Chapter 1 Overview
Features
•
IEEE 802.1x with open access to allow a host to access the network before being authenticated
•
IEEE 802.1x port-based authentication to prevent unauthorized devices (clients) from gaining
access to the network. These features are supported:
–
Multidomain authentication (MDA) to allow both a data device and a voice device, such as an
IP phone (Cisco or non-Cisco), to independently authenticate on the same IEEE 802.1x-enabled
switch port
–
VLAN assignment for restricting IEEE 802.1x-authenticated users to a specified VLAN
–
Port security for controlling access to IEEE 802.1x ports
–
Voice VLAN to permit a Cisco IP Phone to access the voice VLAN regardless of the authorized
or unauthorized state of the port
–
IP phone detection enhancement to detect and recognize a Cisco IP phone
–
Guest VLAN to provide limited services to non-IEEE 802.1x-compliant users
–
Restricted VLAN to provide limited services to users who are IEEE 802.1x compliant, but do
not have the credentials to authenticate via the standard IEEE 802.1x processes
–
IEEE 802.1x accounting to track network usage
–
IEEE 802.1x with wake-on-LAN to allow dormant PCs to be powered on based on the receipt
of a specific Ethernet frame
–
Voice aware IEEE 802.1x and MAC authentication bypass (MAB) security violation to shut
down only the data VLAN on a port when a security violation occurs
–
IEEE 802.1x readiness check to determine the readiness of connected end hosts before
configuring IEEE 802.1x on the switch
–
Network Edge Access Topology (NEAT) with 802.1x switch supplicant, host authorization with
Client Information Signalling Protocol (CISP), and auto enablement to authenticate a switch
outside a wiring closet as a supplicant to another switch
–
IEEE 802.1x authentication with downloadable ACLs and redirect URLs to allow per-user ACL
downloads from a Cisco Secure ACS server to an authenticated switch
–
Multiple-user authentication to allow more than one host to authenticate on an 802.1x-enabled
port.
•
MAC authentication bypass to authorize clients based on the client MAC address.
•
Network Admission Control (NAC) features:
–
NAC Layer 2 IEEE 802.1x validation of the antivirus condition or posture of endpoint systems
or clients before granting the devices network access.
For information about configuring NAC Layer 2 IEEE 802.1x validation, see the
NAC Layer 2 IEEE 802.1x Validation” section on page 10-55
–
NAC Layer 2 IP validation of the posture of endpoint systems or clients before granting the
devices network access.
For information about configuring NAC Layer 2 IP validation, see the Network Admission
Control Software Configuration Guide.