Management Access Method

This section describes access rules for various management methods.

Access profiles determine how to authenticate and authorize users accessing the device through various access methods. Access Profiles can limit management access from specific sources.

Only users who pass both the active access profile and the management access authentication methods are given management access to the device.

There can only be a single access profile active on the device at one time.

Access profiles consist of one or more rules. The rules are executed in order of their priority within the access profile (top to bottom).

Rules are composed of filters that include the following elements:

• Access Methods-Methods for accessing and managing the device:

  • Telnet

  • Secure Telnet (SSH)

  • Hypertext Transfer Protocol (HTTP)

  • Secure HTTP (HTTPS)

  • Simple Network Management Protocol (SNMP)

  • All of the above

• Action-Permit or deny access to an interface or source address.

• Interface-Which ports, LAGs, or VLANs are permitted to access or are denied access to the web-based configuration utility.

• Source IP Address-IP addresses or subnets. Access to management methods might differ among user groups. For example, one user group might be able to access the device module only by using an HTTPS session, while another user group might be able to access the device module by using both HTTPS and Telnet sessions.