Edit or override the security configuration of a port.
| Inbound IPv4 Firewall Rules | Use the IPv4 Inbound Firewall Rules drop-down list box
to select the IPv4 specific firewall rules to apply to this
profile‘s Ethernet port configuration. IPv4 is a connectionless protocol for packet switched networking. IPv4 operates as a best effort delivery method, as it does not guarantee delivery, and does not ensure proper sequencing or duplicate delivery, unlike TCP. IPv4 hosts can use link local addressing to provide local connectivity |
| Inbound MAC Firewall Rules | Use the MAC Inbound Firewall Rules drop-down lis box to
select the firewall rules to apply to this profile‘s
Ethernet port configuration. The firewall inspects MAC traffic flows and detects attacks typically not visible to traditional wired firewall appliances |
| Inbound IPv6 Firewall Rules | Use the IPv6 Inbound Firewall Rules drop-down list box
to select the IPv6 specific firewall rules to apply to this
profile‘s Ethernet port configuration. IPv6 is the latest revision of the Internet Protocol designed to replace IPv4. IPv6 provides enhanced identification and location information for computers on networks routing traffic across the Internet. IPv6 addresses are composed of eight groups of four hexadecimal digits separated by colons |
| ARP Responses | Select ARP Responses to activate trust on this port. ARP packets received on this port are considered trusted, and the information from these packets is used to identify rogue devices within the network |
| DHCP Responses | Select DHCP Responses to only allow DHCP responses that are trusted and forwarded on this port. This option allows a DHCP server to connect only to a DHCP trusted port |
| 802.1P COS | Select to activate 802.1P COS on this port |
| IP DSCP | Select to activate IP DSCP values on this port |
| ARP Header Mismatch Validation | Select ARP Header Mismatch Validation to activate mismatch check for the source MAC in both the ARP and Ethernet header |
| ND Requests | Select ND Requests to activate the trust of neighbor discovery requests required on an IPv6 network on this Ethernet port |
| DHCPv6 Responses | Select DHCPv6 Responses to trust
all DHCPv6 responses on this Ethernet port. DHCPv6 is a networking protocol for configuring IPv6 hosts with IP addresses, IP prefixes, or other configuration attributes required on an IPv6 network |
| RA Guard | Select RA Guard to activate router advertisements or ICMPv6 redirects from this Ethernet port |
| ND Header Mismatch Validation | Select ND Header Mismatch Validation to activate a mismatch check for the source MAC within the ND header and Link Layer Option |
| Method | Select username or
trustpoint.
|
| Username | Specify the supplicant's username. Note: Username is
required only if the Method of
authentication is set to
username
|
| Password | Set the password associated with the sipplicant username |
| Trustpoint | Assign a trustpoint name when the selected
Method of authentication is
trustpoint. A trustpoint
represents a CA or identity pair containing the identity of
the CA, CA specific configuration parameters, and an
association with an enrolled identity certificate Note: :
Ensure that the trustpoint certificate is installed on
the supplicant and the RADIUS server
|