Switch Features 61For information about configuring access and authentication profiles, see"Configuring Authentication, Authorization, and Accounting" on page 179.Password-Protected Management AccessAccess to the Web, CLI, and SNMP management interfaces is passwordprotected, and there are no default users on the system.For information about configuring local user accounts, see "ConfiguringAuthentication, Authorization, and Accounting" on page 179.Strong Password EnforcementThe Strong Password feature enforces a baseline password strength for alllocally administered users. Password strength is a measure of the effectivenessof a password in resisting guessing and brute-force attacks. The strength of apassword is a function of length, complexity and randomness. Using strongpasswords lowers overall risk of a security breach.For information about configuring password settings, see "ConfiguringAuthentication, Authorization, and Accounting" on page 179.TACACS+ ClientThe switch has a TACACS+ client. TACACS+ provides centralized securityfor validation of users accessing the switch. TACACS+ provides a centralizeduser management system while still retaining consistency with RADIUS andother authentication processes.For information about configuring TACACS+ client settings, see"Configuring Authentication, Authorization, and Accounting" on page 179.RADIUS SupportThe switch has a Remote Authentication Dial In User Service (RADIUS)client and can support up to 32 named authentication and accountingRADIUS servers. The switch also supports RADIUS Attribute 4, which is theconfiguration of a NAS-IP address. You can also configure the switch toaccept RADIUS-assigned VLANs.For information about configuring RADIUS client settings, see "ConfiguringAuthentication, Authorization, and Accounting" on page 179.