Access Policies for Services

You can control access to the switch by creating an access policy. An access policy specifies the hosts or networks that can access the device through various services, such as Telnet, SNMP, Trivial File Transfer Protocol (TFTP), File Transfer Protocol (FTP), Hypertext Transfer Protocol (HTTP), remote shell (rsh), and remote login (rlogin). You can enable or disable access services by setting flags from CLI.

Note

Note

rlogin and rsh are only supported on VSP 8600 Series.

You can define network stations that can explicitly access the switch or stations that cannot access it. For each service you can also specify the level of access, such as read-only or read-write-all.

Important

Important

A third-party security scan shows the switch service ports open and in the listen state. No connections are accepted on these ports unless you enable the particular daemon. The switch does not dynamically start and stop the daemons at runtime and needs to keep them running from system startup.

For more information about configuring access policies, see Access Policies for Services.