Configurable ipv6 security, Sshv2 on ipv6, Ip authorized managers – HP 6200YL User Manual

Introduction to IPv6
Configurable IPv6 Security

Configurable IPv6 Security

This section outlines the configurable IPv6 security features supported in
software release K.14.01.

SSHv2 on IPv6

SSHv2 provides for the authentication between clients and servers, and
protection of data integrity, and privacy. It is used most often to provide a
secure alternative to Telnet and is also used for secure file transfers (SFTP
and SCP). Beginning with software release K.13.01, SSH functionality is
supported on ProCurve switches running either IPv4 or IPv6. Beginning with
software release K.14.01, when SSH operation is enabled (the default setting),
it automatically runs for both IPv4 and IPv6 traffic.

The switch supports up to six inbound sessions of the following types in any
combination at any given time:

■

SSHv2

■

SSHv2 IPv6

■

Telnet-server

■

Telnet6-server

■

SFTP/SCP (One SFTP or SCP session allowed at a given time.)

■

Console (serial RS-232 connection)

For more information, refer to “Secure Shell (SSH) for IPv6” on page 6-15.

IP Authorized Managers

The IPv6 Authorized IP Managers feature, like the IPv4 version, uses IP
addresses and masks to determine which stations (PCs and workstations) can
access the switch through the network, and includes these access methods:

■

Telnet, SSH, and other terminal emulation applications

■

the switch's web browser interface

■

SNMP (with a correct community name)

Also, when configured in the switch, the access control imposed by the
Authorized IP Manager feature takes precedence over the other forms of
access control configurable on the switch, such as local passwords, RADIUS,
and both Port-Based and Client-Based Access Control (802.1X). This means

2-12