Operating notes, Operating notes -12 – HP 2600 Series User Manual

11-12

Using Authorized IP Managers
Operating Notes

Operating Notes

■

Network Security Precautions:

You can enhance your network’s

security by keeping physical access to the switch restricted to autho-
rized personnel, using the password features built into the switch,
using the additional security features described in this manual, and
preventing unauthorized access to data on your management stations.

■

Modem and Direct Console Access:

Configuring authorized IP

managers does not protect against access to the switch through a
modem or direct Console (RS-232) port connection.

■

Duplicate IP Addresses:

If the IP address configured in an autho-

rized management station is also configured (or "spoofed") in another
station, the other station can gain management access to the switch
even though a duplicate IP address condition exists.

■

Web Proxy Servers:

If you use the web browser interface to access

the switch from an authorized IP manager station, it is recommended
that you avoid the use of a web proxy server in the path between the
station and the switch. This is because switch access through a web
proxy server requires that you first add the web proxy server to the
Authorized Manager IP list. This reduces security by opening switch
access to anyone who uses the web proxy server

. The following two

options outline how to eliminate a web proxy server from the path
between a station and the switch:

•

Even if you need proxy server access enabled in order to use
other applications, you can still eliminate proxy service for web
access to the switch. To do so, add the IP address or DNS name
of the switch to the non-proxy, or “Exceptions” list in the web
browser interface you are using on the authorized station.

•

If you don’t need proxy server access at all on the authorized
station, then just disable the proxy server feature in the station’s
web browser interface.