- Preface
- Using the Command-Line Interface
- Preventing Unauthorized Access
- Preventing Unauthorized Access
- Controlling Switch Access with Passwords and Privilege Levels
- Configuring TACACS+
- Configuring RADIUS
- Configuring Kerberos
- Configuring Local Authentication and Authorization
- Configuring Secure Shell (SSH)
- Configuring Secure Socket Layer HTTP
- Configuring IPv4 ACLs
- Configuring IPv6 ACLs
- Configuring DHCP
- Configuring IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Web-Based Authentication
- Configuring Port-Based Traffic Control
- Configuring IPv6 First Hop Security
- Configuring Wireless Guest Access
- Configuring Intrusion Detection System
- Index
Preface
This book describes configuration information and examples for security management on the switch.
- Audience
- Document Organization
- Document Conventions
- Related Documentation
- Changes to This Document
- Obtaining Documentation and Submitting a Service Request
Audience
This guide is for the networking professional managing the Catalyst 3850 switch, hereafter referred to as the switch module. Before using this guide, you should have experience working with the Cisco IOS software and be familiar with the concepts and terminology of Ethernet and local area networking.
Document Organization
This document is organized into the following chapters:
Chapter |
Title |
Description |
|---|---|---|
Chapter 1 |
Using the Command-Line Interface |
Describes how to use the Cisco IOS command line interface. |
Chapter 2 |
Preventing Unauthorized Access |
Describes how to prevent unauthorized users from reconfiguring your device and viewing configuration information. |
Chapter 3 |
Controlling Switch Access with Passwords and Privilege Levels |
Describes how to control switch access with passwords and privilege levels. |
Chapter 4 |
Configuring TACACS+ |
Describes how to install, configure and troubleshoot general features for TACACS+. |
Chapter 5 |
Configuring RADIUS |
Describes how to install, configure and troubleshoot general features for RADIUS. |
Chapter 6 |
Configuring Kerberos |
Describes how to install, configure and troubleshoot general features for Kerberos. |
Chapter 7 |
Configuring Local Authentication and Authorization |
Describes how to install, configure and troubleshoot general features for Local Authentication and Authorization. |
Chapter 8 |
Configuring Secure Shell (SSH) |
Describes how to install, configure and troubleshoot general features for Secure Shell (SSH). |
Chapter 9 |
Configuring Secure Socket Layer HTTP |
Describes how to install, configure and troubleshoot general features for Secure Socket Layer HTTP. |
Chapter 10 |
Configuring IPv4 ACLs |
Describes how to install, configure and troubleshoot general features for IPv4 ACLs. |
Chapter 11 |
Configuring IPv6 ACLs |
Describes how to install, configure and troubleshoot general features for IPv6 ACLs. |
Chapter 12 |
Configuring DHCP |
Describes how to install, configure and troubleshoot general features for DHCP Snooping and Option 82. |
Chapter 13 |
Configuring IP Source Guard |
Describes how to install, configure and troubleshoot general features for IP Source Guard. |
Chapter 14 |
Configuring Dynamic ARP Inspection | Describes hot to configure and monitor the DAI feature. |
Chapter 15 |
Configuring IEEE 802.1x Port-Based Authentication |
Describes how to install, configure and troubleshoot general features for IEEE 802.1x Port-Based Authentication. |
Chapter 16 |
Configuring Web-Based Authentication |
Describes how to configure and troubleshoot WBA. |
Chapter 17 |
Configuring Port-Based Traffic Control |
Describes how to configure and monitor various port-based security features. |
Chapter 18 |
Configuring IPv6 First Hop Security |
Describes how to configure and monitor IPv6 policy features. |
Chapter 19 |
Configuring Wireless Guest Access |
Describes how to configure and monitor guest access on the embedded wireless controller. |
Chapter 20 |
Configuring Intrusion Detection System |
Describes how to configure the switch to operate with the Cisco IDS. |
Index |
Document Conventions
This publication uses these conventions to convey instructions and information:
Command descriptions use these conventions:
Commands and keywords are in boldface text.
Arguments for which you supply values are in italic.
Square brackets ([ ]) means optional elements.
Braces ({}) group required choices, and vertical bars ( | ) separate the alternative elements.
Braces and vertical bars within square brackets ([{ | }]) mean a required choice within an optional element.
Interactive examples use these conventions:
Terminal sessions and system displays are in screen font.
Information you enter is in boldface screen font
Nonprinting characters, such as passwords or tabs, are in angle brackets (< >).
Notes, cautions, and warnings use these conventions and symbols:
 Note | Means reader take note. Notes contain helpful suggestions or references to materials not contained in this manual. |
Reader Alert Conventions
This document uses the following conventions for reader alerts:
Note | Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual. |
 Tip | Means the following information will help you solve a problem. |
 Caution | Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data. |
 Timesaver | Means the described action saves time. You can save time by performing the action described in the paragraph. |
 Warning | Means reader be warned. In this situation, you might perform an action that could result in bodily injury. |
Related Documentation
Note | Before installing or upgrading the switch, refer to the switch release notes. |
Changes to This Document
This table lists the technical changes made to this document since it was first printed.
| Revision | Date | Change Summary |
|---|---|---|
OL-xxxxx-01 |
July 2012 | Initial release of this document. |
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/c/en/us/td/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
Feedback