Home > Cisco > Switch > Cisco Sg2008 Manual

Cisco Sg2008 Manual

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Sg2008 Manual. The Cisco manuals for Switch are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 151

    Page 151 Security Management Access Profile Rules Cisco Small Business SG200 Series 8-port Smart Switch 151 10 To limit access to the web-based switch configuration utility only to specified users, for example, you can create a rule in which HTTP access is denied to all users, and then create another rule in which specific users are permitted. The rule that permits the specific users must have a higher Rule Priority than the rule that denies all users. CAUTION: If a profile is activated that denies access... 
    Security
Management Access Profile Rules
Cisco Small Business SG200 Series 8-port Smart Switch 151
10
 
To limit access to the web-based switch configuration utility only to 
specified users, for example, you can create a rule in which HTTP access is 
denied to all users, and then create another rule in which specific users are 
permitted. The rule that permits the specific users must have a higher Rule 
Priority than the rule that denies all users.
CAUTION: If a profile is activated that denies access...

    Page 152

    Page 152 Security Management Access Profile Rules Cisco Small Business SG200 Series 8-port Smart Switch 152 10 Modifying and Deleting Access Profiles and Rules Before you can delete an Access Profile or modify the rules, you must disable the profile. To disable an access profile: STEP 1Select the profile in the Access Profile Table and click Edit. STEP 2Uncheck the Enable box. STEP 3Click Apply, and then click Close. When you finish making changes, re-enable the access profile. To delete an access profile... 
    Security
Management Access Profile Rules
Cisco Small Business SG200 Series 8-port Smart Switch 152
10
 
Modifying and Deleting Access Profiles and Rules
Before you can delete an Access Profile or modify the rules, you must disable the 
profile.
To disable an access profile:
STEP 1Select the profile in the Access Profile Table and click Edit.
STEP  2Uncheck the Enable box. 
STEP  3Click Apply, and then click Close.
When you finish making changes, re-enable the access profile.
To delete an access profile...

    Page 153

    Page 153 Security Authentication Methods Cisco Small Business SG200 Series 8-port Smart Switch 153 10 STEP 3Click Apply, and then click Close. Authentication Methods You can use the Authentication Methods page to specify how users are allowed access to switch ports. To select the authentication method: STEP 1Click Security > Authentication Methods in the navigation window. STEP 2 an authentication method from the list: •Local—A user ID and password combination from the supplicant is compared with a... 
    Security
Authentication Methods
Cisco Small Business SG200 Series 8-port Smart Switch 153
10
 
STEP  3Click Apply, and then click Close.
Authentication Methods
You can use the Authentication Methods page to specify how users are allowed 
access to switch ports.
To select the authentication method:
STEP 1Click Security > Authentication Methods in the navigation window.
STEP  2 an authentication method from the list:
•Local—A user ID and password combination from the supplicant is 
compared with a...

    Page 154

    Page 154 Security Storm Control Cisco Small Business SG200 Series 8-port Smart Switch 154 10 Storm Control A traffic storm is the result of an excessive number of broadcast, multicast, or unknown unicast messages simultaneously transmitted across a network by a port. Forwarded message responses might create a loop and overload network resources and cause the network to time-out. The switch measures the incoming broadcast, multicast, or unknown unicast packet rate per port and discards packets when a rate... 
    Security
Storm Control
Cisco Small Business SG200 Series 8-port Smart Switch 154
10
 
Storm Control
A traffic storm is the result of an excessive number of broadcast, multicast, or 
unknown unicast messages simultaneously transmitted across a network by a 
port. Forwarded message responses might create a loop and overload network 
resources and cause the network to time-out.
The switch measures the incoming broadcast, multicast, or unknown unicast 
packet rate per port and discards packets when a rate...

    Page 155

    Page 155 Security Por t Securit y Cisco Small Business SG200 Series 8-port Smart Switch 155 10 NOTE: The actual rate of ingress traffic required to activate Storm Control is based on the actual size of incoming packets and the hard-coded average packet size (512 bytes) parameter. A packet-per-second rate is calculated, as the switch requires a pps value to execute or not execute storm control versus an absolute data rate measured in kilobits-per-second (kbps). For example, if the configured pps limit for... 
    Security
Por t Securit y
Cisco Small Business SG200 Series 8-port Smart Switch 155
10
 
NOTE: The actual rate of ingress traffic required to activate Storm Control is 
based on the actual size of incoming packets and the hard-coded average 
packet size (512 bytes) parameter. A packet-per-second rate is calculated, 
as the switch requires a pps value to execute or not execute storm control 
versus an absolute data rate measured in kilobits-per-second (kbps). For 
example, if the configured pps limit for...

    Page 156

    Page 156 Security Por t Securit y Cisco Small Business SG200 Series 8-port Smart Switch 156 10 •Interface Status—Select Lock to enable port security on the interface. When an interface transitions from unlocked to locked, all addresses that had been dynamically learned by the switch on that port are removed from its MAC address list. •Max No. of Static MAC Addresses—Specify the maximum number of static secure MAC addresses at the port/LAG. Static secure MAC address are configured on the Static Addresses... 
    Security
Por t Securit y
Cisco Small Business SG200 Series 8-port Smart Switch 156
10
 
•Interface Status—Select Lock to enable port security on the interface. 
When an interface transitions from unlocked to locked, all addresses that 
had been dynamically learned by the switch on that port are removed from 
its MAC address list.
•Max No. of Static MAC Addresses—Specify the maximum number of static 
secure MAC addresses at the port/LAG. Static secure MAC address are 
configured on the Static Addresses...

    Page 157

    Page 157 Security 802.1X Cisco Small Business SG200 Series 8-port Smart Switch 157 10 •Reset Port—Select to reset the port if it has been shut down by the Port Security feature. STEP 4Click Apply and then click Close. Your changes are saved to the Running Configuration. Viewing and Configuring Secure MAC Addresses To view the current list of secure MAC addresses, associated ports, and VLANs, click Secure Address Table on the Por t Security page. For each interface, the Secure Address Table lists each... 
    Security
802.1X
Cisco Small Business SG200 Series 8-port Smart Switch 157
10
 
•Reset Port—Select to reset the port if it has been shut down by the Port 
Security feature.
STEP  4Click Apply and then click Close. Your changes are saved to the Running 
Configuration.
Viewing and Configuring Secure MAC Addresses
To view the current list of secure MAC addresses, associated ports, and VLANs, 
click Secure Address Table on the Por t Security page.
For each interface, the Secure Address Table lists each...

    Page 158

    Page 158 Security 802.1X Cisco Small Business SG200 Series 8-port Smart Switch 158 10 on the network—the authenticator—uses to request authentication from a server. • Authenticator: An entity that facilitates the authentication of the supplicant on the remote end of a link. An authenticator grants port access to a supplicant if the authentication succeeds. • Authentication Server: A server, such as a RADIUS server, that performs the authentication on behalf of the authenticator, and indicates whether the... 
    Security
802.1X
Cisco Small Business SG200 Series 8-port Smart Switch 158
10
 
on the network—the authenticator—uses to request authentication from a 
server.
• Authenticator: An entity that facilitates the authentication of the supplicant 
on the remote end of a link. An authenticator grants port access to a 
supplicant if the authentication succeeds. 
• Authentication Server: A server, such as a RADIUS server, that performs the 
authentication on behalf of the authenticator, and indicates whether the...

    Page 159

    Page 159 Security 802.1X Cisco Small Business SG200 Series 8-port Smart Switch 159 10 •Local—The switch performs local authentication of a remote supplicant based on EAP-MD5. The supplicant identification must be one of the management users configured on the switch (see Managing User Accounts). •RADIUS—The switch depends on one or more external RADIUS servers to perform the authentication. You must configure the supplicant identity and authentication directly the servers. (See RADIUS for information.)... 
    Security
802.1X
Cisco Small Business SG200 Series 8-port Smart Switch 159
10
 
•Local—The switch performs local authentication of a remote supplicant 
based on EAP-MD5. The supplicant identification must be one of the 
management users configured on the switch (see Managing User 
Accounts).
•RADIUS—The switch depends on one or more external RADIUS servers to 
perform the authentication. You must configure the supplicant identity and 
authentication directly the servers. (See RADIUS for information.)...

    Page 160

    Page 160 Security 802.1X Cisco Small Business SG200 Series 8-port Smart Switch 160 10 STEP 3Select the role for the port: •Authenticator—Select this option if the port must authenticate the remote supplicant before granting access to a local port. •Supplicant—Select this option if the port must be connected to an authenticator and ask permission from the remote authenticator before accessing a remote port. When a port is acting as a Supplicant, the user name and password defined in the User Accounts list... 
    Security
802.1X
Cisco Small Business SG200 Series 8-port Smart Switch 160
10
 
STEP  3Select the role for the port:
•Authenticator—Select this option if the port must authenticate the remote 
supplicant before granting access to a local port. 
•Supplicant—Select this option if the port must be connected to an 
authenticator and ask permission from the remote authenticator before 
accessing a remote port. When a port is acting as a Supplicant, the user 
name and password defined in the User Accounts list...
    Start reading Cisco Sg2008 Manual

    Related Manuals for Cisco Sg2008 Manual

    All Cisco manuals