Cisco DCNM Security Configuration Guide, Release 4.2
Index
Downloads: The complete bookPDF (PDF - 6.11MB) | Feedback

Contents

* - 8 - A - B - C - D - F - G - I - K - L - M - N - P - R - S - T - U - V -

Index

*

*** 1

8

802.1X
configuration process 1
configuring 2
configuring AAA accounting methods 3
controlling on interfaces 4
description 1 2
disabling authenticaiton 6
disabling feature 7
enabling global periodic reauthentication 8
enabling MAC address authentication bypass 9
enabling mulitple hosts mode 10
enabling on interfaces 11
enabling periodic reauthentication on interfaces 12
enabling service 13
enabling single host mode 14
field descriptions 15
guidelines 16
licensing requirements 17
limitations 18
MAC authenication bypass 19
multiple host support 20
prerequisites 21
setting global maximum retransmission retry count 22
setting interface maximum retransmission retry count 23
single host support 24
supported topologies 25
virtualization support 26
802.1X authentication
authorization states for ports 1
changing global timers 2
changing timers on interfaces 3
enabling RADIUS accounting 4
initiation 5
802.1X reauthentication
setting maximum retry count on interfaces 1
802.1X statistics
displaying 1

A

AAA
accounting 1
authentication 2
authorization 3
benefits 4
configuring 5
description 1 2
field descriptions 7
guidelines 8
licensing requirements 9
limitations 10
monitoring TACACS+ servers 11
prerequisites 12
user login process 13
virtualization support 14
AAA accounting
adding rule methods 1
changing rule methods 2
configuring methods for 802.1X 3
deleting rule methods 4
rearranging rule methods 5
AAA authentication
adding a rule method 1
changing rule methods 2
deleting rule methods 3
rearranging rule methods 4
AAA protocols
RADIUS 1
TACACS+ 2
AAA server groups
description 1
AAA servers
FreeRADIUS VSA format 1
specifying SNMPv3 parameters 1 2
specifying user roles 3
specifying user roles in VSAs 4
AAA services
configuration options 1
remote 2
security 3
access control lists
description 1
order of application 2
See also ARP ACLs 3
See also IP ACLs 4
See also MAC ACLs 5
See also policy-based ACLs 6
See also port ACLs 7
See also router ACLs 8
See also VLAN ACLs 9
types of 10
accounting
description 1
VDC support 2
ARP ACLs
description 1
priority of ARP ACLs and DHCP snooping entries 2
ARP inspection
See dynamic ARP inspection 1
authentication
802.1X 1
description 2
methods 3
user logins 4
authentication, authorization, and accounting
See AAA 1
authorization
description 1
user logins 2

B

broadcast storms.
See traffic storm control 1

C

CFS
TACACS+ support 1
changed information
description 1
Cisco
vendor ID 1 2
cisco-av-pair
specifying AAA user parameters 1 2

D

DAI
description 1
guidelines 2
limitations 3
device roles
description for 802.1X 1
DHCP binding database
See DHCP snooping binding database 1
DHCP option 82
description 1
DHCP snooping
binding database 1
description 1 2
guidelines 3
limitations 4
message exchange process 5
option 82 6
overview 7
DHCP snooping binding database
described 1
description 2
entries 3
See DHCP snooping binding database 4
dynamic ARP inspection
ARP cache poisoning 1
ARP requests 2
ARP spoofingattack 3
description 4
DHCP snooping binding database 5
function of 6
interface trust states 7
logging of dropped packets 8
network security issues and interface trust states 9
priority of ARP ACLs and DHCP snooping entries 10
Dynamic Host Configuration Protocol snooping
See DHCP snooping 1

F

field descriptions
802.1X 1
AAA 2
TACACS+ 3
fields descriptions
RADIUS 1
FreeRADIUS
VSA format for role attributes 1 2

G

guidelines
DAI 1
DHCP snooping 2
IP ACLs 3
keychain management 4
MAC ACLs 5
port security 6
RADIUS 7
TACACS+ 8
traffic storm control 9
VACLs 10

I

IDs
Cisco vendor ID 1 2
interface policies
changing in user roles 1
IP ACLs
configuring 1
description 1 2
guidelines 3
licensing 4
limitations 5
prerequisites 6
virtualization support 7
IP Source Guard
description 1 2

K

key chain
end-time 1
lifetime 2
start-time 3
keychain management
description 1 2
guidelines 2
limitations 3
keys
TACACS+ 1

L

licensing
802.1X 1
AAA 2
IP ACLs 3
RADIUS 4
roles 5
TACACS+ 6
traffic storm control 7
user accounts 8
limitations
DAI 1
DHCP snooping 2
IP ACLs 3
keychain management 4
MAC ACLs 5
port security 6
TACACS+ 7
traffic storm control 8
VACLs 9
limitiations
RADIUS 1

M

MAC ACLs
description 1 2
guidelines 2
limitations 3
virtualization support 4
MAC addresses
enabling authentication bypass in 802.1X 1
MAC authentication
bypass for 802.1X 1
multicast storms.
See traffic storm control 1

N

network-admin user role
description 1
network-operator user role
description 1
new information
description 1

P

passwords
changing for user accounts 1
enabling strength checking 2
strong characteristics 3
port ACLs
definition 1
port security
description 1 2
guidelines 2
limitations 3
MAC move 4
violations 5
ports
authorization states for 802.1X 1

R

RADIUS
configuring dead-time intervals 1
configuring global transmission retry count 2
configuring global transmission timeout interval 3
configuring servers 4
description 1 2
field descriptions 6
guidelines 7
licensing 8
limitations 9
network environments 10
operation 11
prerequisites 12
process for configuring 13
virtualization support 14
VSAs 15
RADIUS server groups
adding 1
adding server hosts 2
deleting 3
RADIUS server hosts
copying 1
RADIUS servers
adding 1
adding to server groups 2
allowing specifying at login 3
configuring accounting attributes 4
configuring authentication attributes 5
configuring global keys 6
configuring periodic monitoring 7
configuring transminssion timeout intervals 8
configuring transmission retry counts 9
deleting 10
displaying statistics 11
monitoring 12
RADIUSaccounting
enabling for 802.1X authentication 1
RBAC
description 1 2
field descriptions 2
roles
deleting from user accounts 1
licensing 2
router ACLs
definition 1
rules
adding to roles 1
changing 2
changing VRF policies 3
deleting 4
rearranging 5
rules.
See user role rules 1

S

server groups.
See AAA server groups 1
SNMPv3
specifying AAA parameters 1
specifying parameters for AAA servers 2
statistics
displaying for TACACS+ 1
superuser role.
See network-admin user role 1

T

TACACS+
advantages over RADIUS 1
configuration distribution 2
configuration process 3
configuring 4
configuring dead-time intervals 5
configuring global keys 6
configuring global timeout interval 7
configuring TCP ports 8
description 1 2
disabling 10
enabling 11
field descriptions 12
guidelines 13
keys 14
licensing requirements 15
limitations 16
prerequisites 17
user login operation 18
verifying configuration 19
virtualization 20
VSAs 21
TACACS+ groups
adding 1
adding servers 2
deleting 3
deleting servers 4
TACACS+ server hosts
copying 1
TACACS+ servers
adding 1
adding to groups 2
configuring keys 3
configuring periodic monitoring 4
configuring timeout intervals 5
deleting from groups 6
field descriptions 7
hosts 8
monitoring 9
verifying configuration 10
TACACS+ statistics
displaying 1
TCP ports
configuring for TACACS+ 1
time range
description 1
time ranges
absolute 1
configuring 2
description 3
field descriptions 4
periodic 5
traffic storm control
description 1 2
displaying statistics 2
field descriptions 3
guidelines 4
licensing 5
limitations 6
virtualization support 7

U

unicast storms.
See traffic storm control 1
user accounts
changing expiry date 1
changing passwords 2
configuring 3
copying 4
creating 5
deleting 6
deleting roles 7
description 8
guidelines 9
licensing 10
password characteristics 11
virtualization support 12
user accounts limitations 1
user logins
authentication process 1
authorization process 2
user role rules
description 1
user roles
adding rules 1
changing interface policies 2
changing rules 3
changing VLAN policies 4
configuring 5
copying 6
creating 7
defaults 8
deleting rules 9
description 10
guidelines 11
limitations 12
rearranging rules 13
specifying on AAA servers 1 2
virtualization support 15

V

VACLs
description 1
guidelines 2
limitations 3
vdc-admin user role
description 1
vdc-operator user role
description 1
vendor-specific attributes.
See VSAs 1
virtualization
802.1X 1
AAA 2
DAI 3
RADIUS 4
TACACS+ 5
traffic storm control 6
user accounts 7
user roles 8
virutalization
IP Source Guard 1
VLAN ACLs
definition 1
description 2
VLAN policies
changing in user roles 1
VRF policies
changing in user roles 1
VSAs
format 1
protocol options 1 2 3
support description 3