You can control access to the switch by creating an access policy. An access policy specifies the hosts or networks that can access the switch through various services, such as Telnet, Simple Network Management Protocol (SNMP), Hypertext Transfer Protocol (HTTP), Secure Shell version 2 (SSHv2), and remote login (rlogin). You can enable or disable access services by configuring flags.
Note
Rlogin is only supported on VSP 8600 Series.
Use access policies for in-band management to secure access to the switch. When configuring an access policy, a lower precedence takes higher priority if you use multiple policies. For example, preference 120 has priority over preference 128.
You can define network stations that can access the switch or stations that cannot access the switch. For each service you can also specify the level of access, such as read-only or read-write-all.
When you configure access policies, you can perform either of the following actions:
Globally enable the access policy feature, and then create and enable individual policies. Each policy takes effect immediately after you enable it.
Create and enable individual access policies, and then globally enable the access policy feature to activate all the policies at the same time.
HTTP, SSH and rlogin support IPv4 and IPv6 with no difference in configuration or functionality.