Cisco SR224T Administration Guide - Page 231

Configuring Security Defining Management Access Method 17 • RADIUS-User is authenticated on a RADIUS server. You must have configured one or more RADIUS servers. • None-User is allowed to access the switch without authentication. • Local-Username and password are checked against the data stored on the local switch. These username and password pairs are defined in the User Accounts page. NOTE The Local or None authentication method must always be selected last. All authentication methods selected after Local or None are ignored. STEP 4 Click Apply. The selected authentication methods are associated with the access method. Defining Management Access Method Access profiles determine how to authenticate and authorize users accessing the switch through various access methods. Access Profiles can limit management access from specific sources. Only users who pass both the active access profile and the management access authentication methods are given management access to the switch. There can only be a single access profile active on the switch at one time. Access profiles consist of one or more rules. The rules are executed in order of their priority within the access profile (top to bottom). Rules are composed of filters that include the following elements: • Access Methods-Methods for accessing and managing the switch: - Hypertext Transfer Protocol (HTTP) - Secure HTTP (HTTPS) - All of the above • Action-Permit or deny access to an interface or source address. • Interface-Which ports, LAGs, or VLANs are permitted to access or are denied access to the web-based switch configuration utility. Cisco Small Business 200 Series Smart Switch Administration Guide 232