Cabletron Systems CSX1200 User Manual

Also see for CyberSWITCH CSX1000: User guide Quick start

Contents

USER’S GUIDE140 CyberSWITCHO VERVIEW OF D EVICE A UTHENTICATION P ROCESSWhen a remote device connects, the CyberSWITCH negotiates the required authentication. It thencollects the information which is used to identify and authenticate the remote device. The systemcompares this collected information against information maintained in a device database. If theinformation collected from the remote device matches the information found in the database, theconnection is valid and the device is allowed access to network resources. If the collectedinformation does not match the information in the database, the connection is disconnected.The device database can be maintained either locally on the CyberSWITCH itself, or on a server,central to the network. When an on-node device database is used, device information is configuredeither directly through the CFGEDIT configuration utility or through using Manage Modecommands.It is also possible to configure and maintain device information on an off-node, central devicedatabase. This could be useful for networks with a large number of devices or several systems. Onlyone device database would need to be configured and maintained. The Remote Authentication DialIn User Service (RADIUS) and the SecureFast Virtual Remote Access (VRA) Manager are the off-node, central databases currently supported by the system. The RADIUS Server option is availablefor PPP/IP devices (with CHAP or PAP security), HDLC bridge devices, and RFC 1294 devices.U SER L EVEL S ECURITYCONFIGURING USER LEVEL SECURITYU SING CFGEDIT1. Select User Level Security from the Security Level Menu. If you need guidance to find this menu,refer to the instructions provided in the No Security configuration section.2. Refer to the chapter Configuring User Level Databases in order to select and configure the userlevel database.U SING M ANAGE M ODEseclevelDisplays the current security level configuration data.USER L EVEL SECURITY BACKGROUND I NFORMATIONUser level security is an authentication process between a specific user and a device. Theauthentication process is interactive; users connect to a terminal server and need to interact with itin order to communicate with other devices beyond the server. The CyberSWITCH supports userlevel security through the RADIUS, TACACS, or ACE server.User level security supports the following devices:• PPP devices• HDLC bridges