59266-01 B 3-1
3 Managing Fabric Security
This chapter describes connection security and user account security concepts. It
also describes the tasks to configure port security, device security, and RADIUS
servers.
Connection Security
Connection security provides an encrypted data path for switch management
methods. The switch supports the Secure Shell (SSH) protocol for the command
line interface and the Secure Socket Layer (SSL) protocol for management
applications such as Enterprise Fabric Suite and Common Information Model
(CIM). For information about enabling SSH, SSL, and CIM services, see
“Managing System Services” on page 5-24.
The SSL handshake process between the workstation and the switch involves the
exchanging of certificates, which contain the public and private keys that define
the encryption. The switch certificate is valid for one year beginning with its
creation date and time. The workstation validates the switch certificate by
comparing the workstation date and time to the switch certificate creation date and
time. For this reason, it is important to synchronize the workstation and switch with
the same date, time, and time zone. If you do not create a certificate, the switch
automatically creates one.
Consider your requirements for connection security: for the command line
interface (SSH), management applications such as Enterprise Fabric Suite (SSL),
or both. If SSL connection security is required, also consider using the Network
Time Protocol (NTP) to synchronize workstations and switches.
To Next Page
Loading...
Need help?
General
