Secure Protocols
144
G8264 Application Guide for ENOS 8.4
SNMPv2
Telnet (server and client)
FTP (server and client)
Radius (client
TACACS+ (client)
TFTP Server
Except for the TFTP server, these protocols cannot be enabled when the switch is
operating in Secure Mode because the commands to enable or disable them
disappear with SIOM enabled.
The following protocols, although deemed "insecure" by SIOM, are enabled by
default and can be disabled.
DHCP client
SysLog
Note: Service Location Protocol (SLP) Discovery is also deemed "insecure" but is
unaffected by Secure Mode. SLP has the same default settings as in Legacy Mode.
If you can enable or disable SLP in Legacy Mode, you can enable or disable it the
same way in Secure Mode.
The following supported protocols are not enabled by default but can always be
enabled in Secure Mode.
DNS Resolution
TFTP client (for signed items only, such as switch images)
The following protocols, although deemed "insecure" and allowed by SIOM, are
not supported by the G8264:
RCP
SMTP
MIME
TCP command in secure mode (Port 6090)
DHCPv6 client
The following protocols are deemed "secure" and are enabled by default in Secure
Mode:
SCP Server
SNMPv3 Client
SFTP Client
SSHv2 Server
SSHv2 Client
HTTPS Server
You can disable these protocols.