Allied-telesis AT-S60 Bedienungsanleitung Seite 507
- Seite / 858
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
AT-S60 Management Software User’s Guide
Section V: Security Features 507
PKI Implementation
The following sections discuss Allied Telesyn’s implementation of PKI for
the AT-8400 Series Switch. The following topics are covered:
❑ PKI Standards
❑ Certificate Retrieval and Storage
❑ Certificate Validation
❑ Root CA Certificates
PKI Standards The following standards are supported by the switch:
❑ draft-ietf-pkix-roadmap-05 — PKIX Roadmap
❑ RFC 1779 — A String Representation of Distinguished Names
❑ RFC 2459 — PKIX Certificate and CRL Profile
❑ RFC 2511 — PKIX Certificate Request Message Format
❑ PKCS #10 v1.7 — Certification Request Syntax Standard
Certificate
Retrieval and
Storage
Certificates are stored by CAs in publicly accessible repositories for
retrieval by end entities. The following repositories used in PKI are
commonly accessed via the following protocols: Hypertext Transfer
Protocol (HTTP), File Transfer Protocol (FTP).
Before the switch can use a certificate, it must be retrieved and manually
added to the switch’s Certificate Database, which is stored in RAM
memory. The switch attempts to validate the certificate, and if validation
is successful the certificate’s public key is available for use.
Root CA Certificate Validation
Root CA certificates are verified out of band by comparing the
certificate’s fingerprint (the encrypted one-way hash with which the
issuing CA signs the certificate) with the fingerprint which the CA has
supplied by a non-network-based method. To view a certificate’s
fingerprint, use the procedure described in Creating Certificates on page
508.
To manually set a verified root certificate to trusted, see Viewing
Certificates on page 518.
- User’s Guide 1
- Section II 5
- Section III 7
- Section V 9
- Section VI 10
- Web Browser Management 10
- Table of Contents 12
- List of Figures 15
- How This Guide is Organized 22
- Document Conventions 24
- Contacting Allied Telesyn 26
- AT-S60 Overview 27
- Local Management Session 29
- Telnet Management Session 30
- SNMP Management Session 32
- Management Access Levels 33
- Specifying Ports 34
- Specifying Time and Date 35
- Basic Features 36
- AT-S80 User’s Guide 37
- Starting a Local or Telnet 38
- Management Session 38
- Starting a Local 40
- Management 40
- Section I: Basic Features 41 41
- Enhanced 42
- Stacking 42
- Quitting from a 42
- Local Session 42
- Section I: Basic Features 44 44
- Basic Switch Parameters 45
- Section I: Basic Features 46 46
- How Do You 47
- Assign an IP 47
- Address? 47
- Section I: Basic Features 48 48
- Section I: Basic Features 49 49
- Section I: Basic Features 50 50
- Displaying Line 51
- Information 51
- Section I: Basic Features 52 52
- Card Statistics 53
- Clearing Line 54
- Clearing System 56
- Statistics 56
- Section I: Basic Features 57 57
- Section I: Basic Features 58 58
- Section I: Basic Features 60 60
- Section I: Basic Features 61 61
- Disabled) -> 62
- Rebooting a Switch 63
- Section I: Basic Features 64 64
- Passwords 65
- Section I: Basic Features 67 67
- Hardware 68
- Section I: Basic Features 70 70
- Section I: Basic Features 72 72
- Init Done! 73
- Section I: Basic Features 74 74
- Enhanced Stacking Overview 76
- Section I: Basic Features 77 77
- IP Address 78
- Section I: Basic Features 79 79
- Section I: Basic Features 81 81
- Chapter 4: Enhanced Stacking 82
- Section I: Basic Features 82 82
- Returning to 83
- SNMPv1 and SNMPv2c 84
- SNMP Overview 85
- Enabling the 86
- SNMP Protocol 86
- Section I: Basic Features 87 87
- Communities 88
- Enter SNMP Community Name: 89
- Enter SNMP Manager IP Addr: 90
- Enter Trap Receiver IP Addr: 90
- Attributes 92
- [Yes/No]-> 95
- (Y/N): [Yes/No]-> 96
- Section I: Basic Features 100 100
- Port Parameters 101
- Displaying Port Status 102
- Section I: Basic Features 103 103
- Chapter 6: Port Parameters 104
- Section I: Basic Features 104 104
- Section I: Basic Features 105 105
- Configuring Port Parameters 106
- Section I: Basic Features 107 107
- Section I: Basic Features 108 108
- Section I: Basic Features 109 109
- Section I: Basic Features 110 110
- Section I: Basic Features 111 111
- Displaying Port Statistics 112
- Section I: Basic Features 113 113
- Section I: Basic Features 114 114
- MAC Address Table 115
- MAC Address Overview 116
- Section I: Basic Features 117 117
- Displaying MAC Addresses 118
- High School Switch 142 119
- Enter port-list: 120
- Please enter MAC address: 120
- Section I: Basic Features 121 121
- Return to Previous Menu 122
- XXXXXX XXXXXX 123
- Deleting MAC Addresses 124
- Section I: Basic Features 125 125
- Changing the Aging Time 126
- Port Trunking 127
- Port Trunking Overview 128
- Guidelines 129
- Chapter 8: Port Trunking 130
- Section I: Basic Features 130 130
- Before Creating 131
- Port Trunks 131
- Distribution 131
- Creating a Port Trunk 132
- Enter Trunk Name: -> 133
- Enter Trunk Ports: 133
- New ID = 1 133
- Deleting a Port Trunk 134
- Modifying a Port Trunk 135
- Section I: Basic Features 136 136
- Enter new trunk name: 137
- Enter ports to add to trunk: 138
- Deleting Ports 139
- Replacing Ports 140
- Clearing Ports 141
- Port Mirroring 142
- Port Mirroring Overview 143
- Creating a Port Mirror 144
- Section I: Basic Features 145 145
- Chapter 9: Port Mirroring 146
- Section I: Basic Features 146 146
- Section I: Basic Features 147 147
- Enter Destination Port: 148
- Section I: Basic Features 149 149
- Section I: Basic Features 150 150
- Advanced Features 151
- File System Configuration 152
- File Naming 154
- Conventions 154
- Configuration Files 156
- Creating a 158
- Configuration 158
- Configuration File Menu 160
- Figure 43 161
- Enter Source File Name: 162
- Enter Destination File Name: 162
- Copying file please wait 162
- Renaming please wait 162
- Deleting System Files 163
- Deleting file...please wait 164
- Displaying System Files 165
- File Downloads and Uploads 167
- Overview 168
- Downloading Files 172
- Downloading 173
- Using Xmodem 173
- TFTP server IP address: 174
- Skipping this download 176
- Press any key to continue 176
- [Yes/No] 177
- Downloading a 180
- File Using 180
- Xmodem or 180
- Local file name: 182
- Remote File Name: 185
- File successfully sent! 186
- Uploading Files 187
- Uploading an 188
- Image File 188
- TFTP Server IP address: 193
- Uploading a File 194
- Event Log 203
- Event Log Overview 204
- Configuring the Event Log 205
- Chapter 12: Event Log 206
- Displaying Events 207
- Software 210
- Saving the Event Log 212
- Clearing the Event Log 213
- Class of Service (CoS) 214
- Class of Service Overview 215
- Chapter 13: Class of Service 216
- Configuring CoS 217
- IGMP Snooping 218
- IGMP Snooping Overview 219
- Chapter 14: IGMP Snooping 220
- Configuring IGMP Snooping 221
- RouterIP 227
- STP and RSTP 228
- STP and RSTP Overview 229
- Bridge Priority 230
- Chapter 15: STP and RSTP 232
- Modular Switch System 235
- Edge Port 236
- Mixed STP and 237
- RSTP Networks 237
- Spanning Tree 237
- Configuring STP 242
- Displaying STP 247
- Port Settings 247
- Configuring RSTP 248
- Configuring 252
- RSTP Port 252
- Parameters 252
- Displaying 254
- Chapter 16 257
- MSTP Overview 258
- Multiple 259
- Instance (MSTI) 259
- AT-8400 SERIES 260
- VLAN and MSTI 263
- Associations 263
- Summary of 268
- Configuring MSTP 274
- MSTP Bridge 277
- Settings 277
- Configuring the 279
- CIST Priority 279
- Creating 280
- Deleting, and 280
- Modifying MSTI 280
- MSTI ID: [Yes/No] -> 282
- Enter the list of VLANs: 282
- Associating 283
- VLANs to MSTI 283
- MSTP Port 288
- Settings and 290
- SNMPv3 Protocol 292
- SNMPv3 Configuration 293
- SNMPv3 Overview 294
- Authentication 295
- Protocols 295
- SNMPv3 Privacy 296
- Protocol 296
- SNMPv3 MIB 296
- SNMPv3 Storage 297
- Notification 297
- SNMPv3 User Table 299
- SNMPv3 View Table 299
- SNMPv3 Access Table 299
- Creating an 305
- SNMPv3 User 305
- Table Entry 305
- Enter Privacy Password: 308
- Deleting an 309
- Modifying an 310
- Enter User (Security) Name: 313
- SNMPv3 View 315
- 1.3.6.1.2.1.6 317
- Enter View Name: 321
- SNMPv3 Access 324
- P-AuthPriv]: 326
- Enter Read View Name: 327
- Enter Write View Name: 327
- Enter Notify View Name: 327
- Enter Group Name: 334
- SecurityToGroup 340
- Table Entr 344
- SNMPv3 Notify 348
- Enter Notify Name: 353
- SNMPv3 Target 356
- Address Table 356
- Enter Target Address Name: 361
- Enter IP Address: 361
- Enter Tag List: 364
- Enter Target Parameters: 365
- Enter Target Parameters Name: 370
- Community 382
- Enter Security Name: 384
- Enter Transport Tag: 384
- Enter Community Index: 388
- Displaying SNMPv3 Table Menus 391
- Displaying the 393
- Display SNMPv3 393
- View Table 393
- Access Table 394
- Notify Table 396
- Target Address 397
- Table Menu 397
- Section IV 400
- Tagged and Port-based 401
- Virtual LANs 401
- VLAN Overview 402
- Section IV: VLANs 403 403
- Port-based VLAN Overview 404
- Section IV: VLANs 405 405
- Chapter 18: Virtual LANs 406
- Section IV: VLANs 406 406
- Section IV: VLANs 407 407
- Port-Based 408
- Examples 408
- Sales VLAN 409
- Production VLAN 409
- Example 2 410
- Tagged VLAN Overview 412
- Section IV: VLANs 413 413
- General Rules 414
- Tagged VLAN 414
- Section IV: VLANs 416 416
- Basic VLAN Mode Overview 417
- Displaying VLANs 418
- Section IV: VLANs 419 419
- Section IV: VLANs 420 420
- Section IV: VLANs 421 421
- Enter VLAN Name: 422
- Port Based VLAN 422
- Enter VLAN VID: [2 to 4094] 423
- Enter Tagged Port-list: 423
- Enter Untagged Port-list: 423
- Section IV: VLANs 424 424
- Enter VID [2 to 4094]: 425
- Modifying a VLAN 427
- Section IV: VLANs 428 428
- Section IV: VLANs 430 430
- Deleting a VLAN 431
- Setting a Switch’s VLAN Mode 432
- Specifying a Management VLAN 433
- Section IV: VLANs 434 434
- Multiple VLAN Modes 435
- Multiple VLAN Mode Overview 436
- Compliant 437
- Multiple VLANs 437
- Non-802.1Q 438
- Multiple VLAN 439
- Modes and the 439
- Selecting a VLAN Mode 440
- The VLAN mode is changed 441
- Changing the Uplink Port 442
- Displaying VLAN Information 443
- Chapter 20 444
- Section IV: VLANs 445 445
- Section IV: VLANs 446 446
- Section IV: VLANs 447 447
- Section IV: VLANs 448 448
- Attribute 449
- Registration 449
- Protocol (GARP) 449
- Section IV: VLANs 450 450
- Section IV: VLANs 451 451
- Section IV: VLANs 452 452
- Configuring GVRP 453
- > 1000 454
- Section IV: VLANs 455 455
- Section IV: VLANs 456 456
- Section IV: VLANs 457 457
- Section IV: VLANs 458 458
- Section IV: VLANs 459 459
- Section IV: VLANs 460 460
- Section IV: VLANs 461 461
- Section IV: VLANs 462 462
- Section IV: VLANs 463 463
- GIP Connected 464
- Ports Ring 464
- GVRP State 465
- Section IV: VLANs 466 466
- Section IV: VLANs 467 467
- Security Features 468
- Port Security 469
- Port Security Overview 470
- Security 472
- Violations and 472
- Intrusion 472
- Configuring Port Security 473
- Chapter 21: Port Security 474
- Web Server 477
- Web Server Overview 478
- [1 to 2] -> 480
- Enter SSL Key ID -> 480
- Configuring SSL Certificates 481
- Configuring CA 482
- Certificates 482
- Encryption 484
- Encryption Overview 485
- Data Encryption 486
- Asymmetrical 487
- (Public Key) 487
- Chapter 23: Encryption 488
- Data Authentication 489
- Key Exchange Algorithms 490
- Configuring a 491
- Distinguished 491
- Name and Keys 491
- Modifying and 495
- Deleting Keys 495
- Chapter 24 501
- Signatures 503
- Elements of a 504
- Public Key 504
- Infrastructure 504
- Certificate 505
- Validation 505
- Revocation Lists 506
- PKI Implementation 507
- Configuring Certificates 508
- Certificates to 513
- Deleting and 515
- Modifying 515
- Secure Sockets Layer (SSL) 523
- Secure Sockets Layer Overview 524
- Verification 525
- Configuring SSL 528
- Secure Shell (SSH) 529
- SSH Overview 530
- SSH Overall Configuration 534
- Configuring SSH 535
- Displaying SSH Information 538
- TACACS+ and RADIUS Protocols 540
- TACACS+ and RADIUS Overview 541
- Enabling TACACS+ or RADIUS 544
- Configuring TACACS+ 545
- Configuring RADIUS 547
- 802.1x Port-based Network 549
- Access Control 549
- Switch A 554
- Switch B 554
- Authentication Server 555
- Accounting 556
- Setting the Port Access Role 559
- Configuring RADIUS Accounting 568
- Only)-> [1 to 2]-> 1 569
- [30 to 300]-> 60 570
- Displaying Port 571
- Access Status 571
- 00:a0:d2:18:1a:c8 572
- Authenticator 573
- Supplicant 574
- Starting a Web Browser 578
- Switch’s IP Address 580
- Quitting a Web 581
- Setting the System Time 588
- Setting Up SNTP 590
- Displaying System Information 592
- SNMPv1 and 595
- Monitoring Tab 602
- Resetting a Switch 604
- Pinging a Remote System 605
- Downloading a File 609
- Enhanced Stacking 614
- Chapter 32: Enhanced Stacking 616
- Chapter 33: Port Parameters 622
- Chapter 34: MAC Address Table 634
- Creating a Port 642
- Deleting a Port 644
- Chapter 35: Port Trunking 646
- Displaying the Port Trunks 647
- Chapter 36: Port Mirroring 650
- Modifying a Port Mirror 652
- Chapter 37: Event Log 656
- Chapter 38: IGMP Snooping 664
- STP, RSTP, and MSTP 669
- Enabling STP, RSTP, or MSTP 670
- Configuring and Modifying STP 672
- Figure 235 682
- Deleting, or 685
- Removing, or 687
- Modifying VLAN 687
- Associations to 687
- Figure 241 STP Settings Page 693
- 6. Click OK 693
- Enabling the SNMP Protocol 696
- Creating a User 698
- Chapter 40: SNMPv3 Protocol 700
- Deleting a User 701
- Modifying a 702
- User Table 702
- Creating a View 705
- Deleting a View 707
- Deleting a 719
- Figure 259 728
- Displaying SNMPv3 Tables 746
- Displaying User 747
- Table Entries 747
- Displaying View 748
- Port-based VLANs 755
- Creating a Port Based VLAN 756
- 5. Click Add 757
- Figure 277 Add New VLAN Page 757
- Chapter 41: Port-based VLANs 758
- Modifying a Port-Based VLAN 760
- Chapter 42 766
- Displaying the GVRP Settings 771
- Then click View 772
- GVRP Counters 773
- GVRP Database 776
- Displaying GIP 778
- Connected 778
- Chapter 43: Port Security 784
- Web Server Security 787
- Displaying the PKI Settings 790
- Displaying the SSL Settings 794
- 5. Click Apply 798
- Configuring Port Access 807
- Setting the Port 810
- Configuring an 811
- Supplicant Port 814
- AT-S60 Default Settings 820
- Basic Switch Default Settings 821
- RS-232 Port 822
- Default Settings 822
- SNTP Default 822
- Switch State Slave 824
- Event Log Settings 825
- PKI Default Settings 827
- SNMP Default Settings 831
- SSH Default Settings 832
- SSL Default Settings 833
- Switch Settings 834
- STP Default 834
- RSTP Default 835
- MSTP Default 835
- Internal Cost Auto Update 836
- Port Priority 128 836
- MSTP Setting Default 836
- VLAN Default Settings 837
- Web Server Default Settings 838
- SNMPv3 Configuration Examples 840
- Operator 842
- Worksheet 843
Verwandte Produkte und Handbücher für Computerhardware Allied-telesis AT-S60
(2 Seiten)© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.076 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern