Allied-telesis AT-S60 Instrukcja Użytkownika Strona 364
- Strona / 615
- Spis treści
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
AT-S60 Management Software User’s Guide
Section III: Security Features 363
PKI Implementation
The following sections discuss Allied Telesyn’s implementation of PKI for
the AT-8400 Series Switch. The following topics are covered:
❑ PKI Standards
❑ Certificate Retrieval and Storage
❑ Certificate Validation
❑ Root CA Certificates
PKI Standards The following standards are supported by the switch:
❑ draft-ietf-pkix-roadmap-05 — PKIX Roadmap
❑ RFC 1779 — A String Representation of Distinguished Names
❑ RFC 2459 — PKIX Certificate and CRL Profile
❑ RFC 2511 — PKIX Certificate Request Message Format
❑ PKCS #10 v1.7 — Certification Request Syntax Standard
Certificate
Retrieval and
Storage
Certificates are stored by CAs in publicly accessible repositories for
retrieval by end entities. The following repositories used in PKI are
commonly accessed via the following protocols: Hypertext Transfer
Protocol (HTTP), File Transfer Protocol (FTP).
Before the switch can use a certificate, it must be retrieved and manually
added to the switch’s Certificate Database, which is stored in RAM
memory. The switch attempts to validate the certificate, and if validation
is successful the certificate’s public key is available for use.
Root CA Certificate Validation
Root CA certificates are verified out of band by comparing the
certificate’s fingerprint (the encrypted one-way hash with which the
issuing CA signs the certificate) with the fingerprint which the CA has
supplied by a non-network-based method. To view a certificate’s
fingerprint, use the procedure described in Creating Certificates on
page 364.
To manually set a verified root certificate to trusted, see Viewing
Certificates on page 374.
- User’s Guide 1
- Section III 7
- Section IV 9
- Table of Contents 10
- List of Figures 13
- How This Guide is Organized 18
- Document Conventions 20
- Contacting Allied Telesyn 22
- AT-S60 Overview 25
- Local Management Session 27
- Telnet Management Session 28
- Chapter 1: AT-S60 Overview 29
- Section I: Overview 28 29
- SNMP Management Session 30
- Management Access Levels 31
- Specifying Ports 32
- Specifying Time and Date 33
- Local and Telnet Management 34
- Starting a Local or Telnet 35
- Management Session 35
- Starting a Local 37
- Enhanced 39
- Stacking 39
- Quitting from a 39
- Local Session 39
- Basic Switch Parameters 42
- How Do You 44
- Assign an IP 44
- Address? 44
- Displaying Line 48
- Information 48
- Card Statistics 50
- Disabled) -> 56
- Rebooting a Switch 57
- Passwords 59
- Hardware 61
- Software 63
- [Yes/No] -> 67
- Switch reboots 67
- SNMP Community Strings 69
- Enabling SNMP Communities 70
- Configuring SNMP Communities 72
- Enter SNMP Community Name: 73
- Enter SNMP Manager IP Addr: 73
- Enter Trap Receiver IP Addr: 74
- Deleting a SNMP Community 75
- Modifying a SNMP Community 76
- Displaying a SNMP Community 79
- Enhanced Stacking Overview 81
- IP Address 83
- Chapter 5: Enhanced Stacking 87
- Returning to 88
- Displaying Port Status 90
- Displaying Port Statistics 99
- Chapter 6: Port Parameters 101
- Port Security 102
- Port Security Overview 103
- Security 105
- Violations and 105
- Intrusion 105
- Configuring Port Security 106
- Chapter 7: Port Security 107
- Port Trunking 110
- Port Trunking Overview 111
- Guidelines 112
- Chapter 8: Port Trunking 113
- Before Creating 114
- Port Trunks 114
- Distribution 114
- Creating a Port Trunk 115
- Enter Trunk Name: -> 116
- Enter Trunk Ports: 116
- New ID = 1 116
- Deleting a Port Trunk 117
- Modifying a Port Trunk 118
- Enter new trunk name: 120
- Enter ports to add to trunk: 121
- Deleting Ports 122
- Replacing Ports 123
- Clearing Ports 124
- Port Mirroring 125
- Port Mirroring Overview 126
- Creating a Port Mirror 127
- Chapter 9: Port Mirroring 129
- Enter Destination Port: 131
- File System Configuration 134
- File Naming 136
- Conventions 136
- Configuration Files 138
- Creating a 140
- Configuration 140
- Configuration File Menu 142
- Figure 42 143
- Enter Source File Name: 144
- Enter Destination File Name: 144
- Copying file please wait 144
- Renaming please wait 144
- Deleting System Files 145
- Deleting file...please wait 146
- Displaying System Files 147
- File Downloads and Uploads 149
- Overview 150
- Return to Previous Menu 151
- Downloading Files 154
- Downloading 155
- Using Xmodem 155
- TFTP server IP address: 156
- Skipping this download 158
- Press any key to continue 158
- [Yes/No] 159
- Downloading a 162
- File Using 162
- Xmodem or 162
- Local file name: 164
- Remote File Name: 167
- File successfully sent! 168
- Uploading Files 169
- Uploading an 170
- Image File 170
- TFTP Server IP address: 175
- Uploading a File 176
- STP, RSTP, and MSTP 185
- STP and RSTP Overview 186
- Bridge Priority 187
- Modular Switch System 192
- Edge Port 193
- Mixed STP and 194
- RSTP Networks 194
- Spanning Tree 194
- Configuring STP 199
- Port Parameters 201
- Displaying STP 204
- Port Settings 204
- Configuring RSTP 205
- Configuring 208
- RSTP Port 208
- Parameters 208
- Displaying Port 210
- RSTP Status 210
- MSTP Overview 211
- Multiple 213
- Instance (MSTI) 213
- AT-8400 SERIES 214
- VLAN and MSTI 217
- Associations 217
- Summary of 222
- Configuring MSTP 228
- Configuring the 231
- CIST Priority 231
- Creating 232
- Deleting, and 232
- Modifying MSTI 232
- MSTI ID: [Yes/No] -> 233
- Enter the list of VLANs: 233
- Associating 234
- VLANs to MSTI 234
- MSTP Port 237
- Settings 237
- Displaying 239
- Settings and 239
- STP-compatible mode 240
- Virtual LANs 241
- VLAN Overview 242
- Chapter 13: Virtual LANs 243
- Port-based VLAN Overview 244
- Port-Based 248
- Examples 248
- Sales VLAN 249
- Production VLAN 249
- Example 2 250
- Tagged VLAN Overview 252
- General Rules 254
- Tagged VLAN 254
- Basic VLAN Mode Overview 257
- Displaying VLANs 258
- Enter VLAN Name: 262
- Port Based VLAN 262
- Enter VLAN VID: [2 to 4094] 263
- Enter Tagged Port-list: 263
- Enter Untagged Port-list: 264
- Enter VID [2 to 4094]: 265
- Modifying a VLAN 267
- Deleting a VLAN 271
- Setting a Switch’s VLAN Mode 272
- Specifying a Management VLAN 273
- Multiple VLAN Modes 275
- Multiple VLAN Mode Overview 276
- Compliant 277
- Multiple VLANs 277
- Non-802.1Q 278
- Multiple VLAN 279
- Modes and the 279
- Management 279
- Selecting a VLAN Mode 280
- The VLAN mode is changed 281
- Changing the Uplink Port 282
- Displaying VLAN Information 283
- Chapter 15 284
- Attribute 289
- Registration 289
- Protocol (GARP) 289
- Configuring GVRP 293
- > 1000 294
- Your changes are saved 297
- GIP Connected 304
- Ports Ring 304
- GVRP State 305
- MAC Address Table 308
- MAC Address Overview 309
- Displaying MAC Addresses 311
- High School Switch 142 312
- Enter port-list: 313
- Please enter MAC address: 313
- XXXXXX XXXXXX 316
- Deleting MAC Addresses 317
- Changing the Aging Time 319
- Class of Service (CoS) 320
- Class of Service Overview 321
- Configuring CoS 323
- IGMP Snooping 324
- IGMP Snooping Overview 325
- Configuring IGMP Snooping 327
- Chapter 18: IGMP Snooping 329
- Security Features 333
- Web Server 334
- Web Server Overview 335
- [1 to 2] -> 337
- Enter SSL Key ID -> 337
- Configuring SSL Certificates 338
- Configuring CA 339
- Certificates 339
- Encryption 341
- Encryption Overview 342
- Data Encryption 343
- Asymmetrical 344
- (Public Key) 344
- Chapter 20: Encryption 345
- Data Authentication 346
- Key Exchange Algorithms 347
- Configuring a 348
- Distinguished 348
- Name and Keys 348
- Modifying and 352
- Deleting Keys 352
- 122 on page 349 357
- Chapter 21 358
- Signatures 360
- Elements of a 361
- Public Key 361
- Infrastructure 361
- Certificate 362
- Validation 362
- Revocation Lists 363
- PKI Implementation 364
- Configuring Certificates 365
- Certificates to 370
- Deleting and 372
- Modifying 372
- Secure Sockets Layer (SSL) 381
- Secure Sockets Layer Overview 382
- Verification 383
- Configuring SSL 385
- Secure Shell (SSH) 386
- SSH Overview 387
- SSH Overall Configuration 390
- Configuring SSH 391
- Displaying SSH Information 394
- TACACS+ and RADIUS Protocols 396
- TACACS+ and RADIUS Overview 397
- Enabling TACACS+ or RADIUS 400
- Configuring TACACS+ 401
- Configuring RADIUS 403
- 802.1x Port-Based Network 405
- Access Control 405
- The 802.1x 407
- Implementation 407
- 8021X1_R 408
- Port Authentication Control 409
- The Supplicant 410
- Authentication Server 411
- Displaying Port Access Status 423
- 00:a0:d2:18:1a:c8 424
- Authenticator 425
- Supplicant 426
- Web Browser Management 428
- Starting a Web Browser 429
- Switch’s IP Address 431
- Quitting a Web 432
- Setting the System Time 439
- Setting Up SNTP 441
- Displaying System Information 443
- Communities 446
- Modifying an 449
- Community 449
- Resetting a Switch 453
- Pinging a Remote System 454
- 4. Click Apply 456
- 5. Follow the prompts 456
- Enhanced Stacking 460
- Chapter 28: Enhanced Stacking 463
- Configuring Port Parameters 467
- Chapter 29: Port Parameters 469
- Statistics 475
- Chapter 30: Port Security 479
- Creating a Port 483
- Deleting a Port 485
- Chapter 31: Port Trunking 487
- Displaying the Port Trunks 488
- Chapter 32: Port Mirroring 491
- Modifying a Port Mirror 493
- Enabling STP, RSTP, or MSTP 497
- Deleting, or 512
- Removing, or 514
- Modifying VLAN 514
- Associations to 514
- Figure 194 STP Settings Page 520
- 6. Click OK 520
- Creating a VLAN 522
- Chapter 34: Virtual LANs 523
- Chapter 35 531
- Displaying the GVRP Settings 536
- GVRP Parameters section 537
- Chapter 36: MAC Address Table 543
- Chapter 37: IGMP Snooping 551
- Configuring Port Access 567
- Configuring an 569
- Supplicant Port 571
- Web Server Security 577
- Displaying the PKI Settings 580
- Displaying the SSL Settings 584
- AT-S60 Default Settings 586
- Basic Switch Default Settings 587
- RS-232 Port 588
- Default Settings 588
- SNTP Default 588
- Switch State Slave 590
- PKI Default Settings 592
- SNMP Default Settings 596
- SSH Default Settings 597
- SSL Default Settings 598
- Switch Settings 599
- STP Default 599
- RSTP Default 600
- MSTP Default 600
- Internal Cost Auto Update 601
- Port Priority 128 601
- MSTP Setting Default 601
- VLAN Default 602
- GARP and GVRP 602
- Web Server Default Settings 603
Powiązane produkty i podręczniki dla Sprzęt komputerowy Allied-telesis AT-S60
(72 strony)
(38 strony)© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.077 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji