SecurityThis chapter describes several ways to provide security to the Dell Networking system.For details about all the commands described in this chapter, refer to the Security chapter in the Dell Networking OS Command ReferenceGuide.Topics:• AAA Accounting• AAA Authentication• Obscuring Passwords and Keys• AAA Authorization• RADIUS• TACACS+• Protection from TCP Tiny and Overlapping Fragment Attacks• Enabling SCP and SSH• Telnet• VTY Line and Access-Class Configuration• Role-Based Access Control• Two Factor Authentication (2FA)• Configuring the System to Drop Certain ICMP Reply MessagesAAA AccountingAccounting, authentication, and authorization (AAA) accounting is part of the AAA security model.For details about commands related to AAA security, refer to the Security chapter in the Dell Networking OS Command Reference Guide.AAA accounting enables tracking of services that users are accessing and the amount of network resources being consumed by thoseservices. When you enable AAA accounting, the network server reports user activity to the security server in the form of accountingrecords. Each accounting record comprises accounting attribute/value (AV) pairs and is stored on the access control server.As with authentication and authorization, you must configure AAA accounting by defining a named list of accounting methods and thenapplying that list to various virtual terminal line (VTY) lines.Configuration Task List for AAA AccountingThe following sections present the AAA accounting configuration tasks.• Enabling AAA Accounting (mandatory)• Suppressing AAA Accounting for Null Username Sessions (optional)• Configuring Accounting of EXEC and Privilege-Level Command Usage (optional)• Configuring AAA Accounting for Terminal Lines (optional)• Monitoring AAA Accounting (optional)48792 Security