Security Overview
Network Security Features
Network Security Features
This section outlines features and defence mechanisms for protecting access
through the switch to the network. For more detailed information, see the
indicated chapters.
Table 1-2. Network Security—Default Settings and Security Guidelines
Feature Default
Setting
Security Guidelines More Information and
Configuration Details
Secure File not Secure Copy and SFTP provide a secure alternative to Management and
Transfers applicable TFTP and auto-TFTP for transferring sensitive Configuration Guide,
information such as configuration files and log Appendix A “File Transfers”,
information between the switch and other devices. refer to the section “Using
Secure Copy and SFTP”
USB Autorun enabled
(disabled
once a
password
has been set)
Used in conjunction with ProCurve Manager Plus, this
feature allows diagnosis and automated updates to the
switch via the USB flash drive. When enabled in secure
mode, this is done with secure credentials to prevent
tampering. Note that the USB Autorun feature is
disabled automatically, once a password has been set
on the switch.
Management and
Configuration Guide,
Appendix A “File Transfers”,
refer to the section “USB
Autorun”
Traffic/Security none These statically configured filters enhance in-band
Chapter 12, “Traffic/Security
Filters security (and improve control over access to network
Filters and Monitors”
resources) by forwarding or dropping inbound network
traffic according to the configured criteria. Filter options
include:
• source-port filters: Inbound traffic from a
designated, physical source-port will be forwarded
or dropped on a per-port (destination) basis.
• multicast filters: Inbound traffic having a specified
multicast MAC address will be forwarded to
outbound ports or dropped on a per-port (destination)
basis.
• protocol filters: Inbound traffic having the selected
frame (protocol) type will be forwarded or dropped
on a per-port (destination) basis.
1-7
