- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
XS728T - Disable HTTP Access?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
XS728T - Disable HTTP Access?
Hi all,
I attempted to look through both previous posts, as well as the manual, but with no luck
I was hoping someone could let me know whether or not it is possible to completely disable HTTP configuration access for managing this XS728T switch, so that only HTTPS is used. I have successfully enabled HTTPS, and can successfully log in with HTTPS, but I cannot figure out how to turn off HTTP. I had thought that by going to Security->Authentication List->httpList and setting the first entry to None would disallow HTTP, but unfortunately it had no effect.
Please let me know if there is any easy way to do this, or if the only option would be create an ACL denying all HTTP both in/out.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: XS728T - Disable HTTP Access?
There is no control to disable the http access indeed.
Newly released switches from the Smart Managed Pro series have got a control which allows to enabled/disable http individually.
"Warning: If you disable HTTP and a problem occurs with the HTTPS certificate of the switch, you might not be able to access the switch UI. In this case, you must reset the switch to factory default settings to regain access to the UI."
@YeZ is here a way to ensure the http enable/disable control will become available on earlier models, eg. along with other updates/security fixes, too?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: XS728T - Disable HTTP Access?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: XS728T - Disable HTTP Access?
@schumakuThis switch is a temporary solution, and our security audit team will be banging down the door to make sure HTTP is not accessible for this switch. While we do completely understand the risks of disabling HTTP, if we cannot simply turn off HTTP, then we will set up an ACL to disable HTTP access unless you are telling me that isn't a possibility.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: XS728T - Disable HTTP Access?
The risk does not really exist if the policy is using https - easy mitigation. 8-)
if its a temporary thing, they will survive and allow an exception anyway.