170 Configuring System InformationManaging Management SecurityThe Management Security page provides access to security pages that contain fields for setting securityparameters for device management methods, user authentication databases and servers. To open theManagement Security page, click System→ Management Security in the tree view.This section contians the following topics:• "Defining Access Profiles" on page 170• "Defining Authentication Profiles" on page 177• "Selecting Authentication Profiles" on page 181• "Managing Passwords" on page 184• "Displaying Active Users" on page 187• "Defining the Local User Databases" on page 189• "Defining Line Passwords" on page 192• "Defining Enable Passwords" on page 194• "Defining TACACS+ Settings" on page 196• "Configuring RADIUS Settings" on page 200Defining Access ProfilesThe Access Profiles page contains fields for defining profiles and rules for accessing the device. Access tomanagement functions can be limited to user groups, which are defined by ingress interfaces and sourceIP address or source IP subnets.Management access can be separately defined for each type of management access method, includingWeb (HTTP), Secure Web (HTTPS), Telnet, and Secure Telnet.Access to different management methods may differ between user groups. For example, User Group 1can access the device only via an HTTPS session, while User Group 2 can access the device via bothHTTPS and Telnet sessions.Management Access Lists contain up to 256 rules that determine which users can manage the device,and by which methods. Users can also be blocked from accessing the device.The Access Profiles page contains fields for configuring Management Lists and applying them tospecific interfaces.