HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 255
Terminology, Switch/User Authentication
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 255 highlights
Configuring Secure Socket Layer (SSL) Terminology ProCurve Switch (SSL Server) 1. Switch-to-Client SSL Cert. 2. User-to-Switch (login password and enable password authentication) options: - Local - TACACS+ - RADIUS SSL Client Browser Figure 7-1. Switch/User Authentication SSL on the switches covered in this guide supports these data encryption methods: ■ 3DES (168-bit, 112 Effective) ■ DES (56-bit) ■ RC4 (40-bit, 128-bit) Note: ProCurve Switches use RSA public key algorithms and Diffie-Hellman, and all references to a key mean keys generated using these algorithms unless otherwise noted Terminology ■ SSL Server: An ProCurve switch with SSL enabled. ■ Key Pair: Public/private pair of RSA keys generated by switch, of which public portion makes up part of server host certificate and private portion is stored in switch flash (not user accessible). ■ Digital Certificate: A certificate is an electronic "passport" that is used to establish the credentials of the subject to which the certificate was issued. Information contained within the certificate includes: name of the subject, serial number, date of validity, subject's public key, and the digital signature of the authority who issued the certificate. Certificates on ProCurve switches conform to the X.509v3 standard, which defines the format of the certificate. ■ Self-Signed Certificate: A certificate not verified by a third-party certificate authority (CA). Self-signed certificates provide a reduced level of security compared to a CA-signed certificate. ■ CA-Signed Certificate: A certificate verified by a third party certificate authority (CA). Authenticity of CA-Signed certificates can be verified by an audit trail leading to a trusted root certificate. 7-3