Switch AAA
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Fabric Manager Security Options
You can access Fabric Manager using the console (serial connection), Telnet, or Secure Shell (SSH). For
each management path (console, Telnet, and SSH), you can configure one or more of the following
security control options: local, remote (RADIUS or TACACS+), or none.
•
•
These security features can also be configured for the following scenarios:
•
•
SNMP Security Options
The SNMP agent supports security features for SNMPv1, SNMPv2c, and SNMPv3. Normal SNMP
security features apply to all applications that use SNMP (for example, Cisco MDS 9000 Fabric
Manager).
SNMP security options also apply to the Fabric Manager and Device Manager.
See
Switch AAA
Using the CLI or Fabric Manager, you can configure AAA switch functionalities on any switch in the
Cisco MDS 9000 Family.
This section includes the following topics:
•
•
•
•
•
•
•
•
Cisco MDS 9000 Family Fabric Manager Configuration Guide
41-2
Remote security control
Using RADIUS. See the
–
page
41-7.
Using TACACS+. See the
–
page
41-14.
Local security control. See the
iSCSI authentication (see the
page
50-56).
Fibre Channel Security Protocol (FC-SP) authentication (see
DHCHAP")
Chapter 40, "Configuring
Authentication, page 41-3
Authorization, page 41-3
Accounting, page 41-3
Remote AAA Services, page 41-4
Remote Authentication Guidelines, page 41-4
Server Groups, page 41-4
AAA Configuration Options, page 41-4
Authentication and Authorization Process, page 41-6
"Configuring RADIUS Server Monitoring Parameters" section on
"Configuring TACACS+ Server Monitoring Parameters" section on
"Local AAA Services" section on page
"iSCSI Authentication Setup Guidelines and Scenarios" section on
SNMP".
Chapter 41
Configuring RADIUS and TACACS+
41-26.
Chapter 45, "Configuring FC-SP and
OL-17256-03, Cisco MDS NX-OS Release 4.x