Security Features in EFA

The following provides an overview of the security features in EFA.

This document provides security hardening guidance for Extreme Fabric Automation (EFA), with an emphasis on the installation and usage of open source security tools to achieve a hardened operational security stance. Some basic knowledge of security principles and operations of the Linux operating system and associated technologies is assumed.

Note: This document assumes that EFA has been installed in secure mode and is operational. For details on how to achieve this, refer to the Extreme Fabric Automation Administration Guide, 2.7.0 , which includes details on EFA security options and commands.

The following security features are describes in the sections below:

Authentication and authorization: Explains how EFA users are validated with Unix authentication or LDAP and managed with Role-based Access Control (RBAC).
BGP MD5 authentication on edge links: How to authenticate all the BGP peer and peer-group used for edge connectivity.
BGP MD5 authentication on fabric links: How to use MD5 for BGP connections across all fabric links.