I attempted to look through both previous posts, as well as the manual, but with no luck
I was hoping someone could let me know whether or not it is possible to completely disable HTTP configuration access for managing this XS728T switch, so that only HTTPS is used. I have successfully enabled HTTPS, and can successfully log in with HTTPS, but I cannot figure out how to turn off HTTP. I had thought that by going to Security->Authentication List->httpList and setting the first entry to None would disallow HTTP, but unfortunately it had no effect.
Please let me know if there is any easy way to do this, or if the only option would be create an ACL denying all HTTP both in/out.
There is no control to disable the http access indeed.
Newly released switches from the Smart Managed Pro series have got a control which allows to enabled/disable http individually.
"Warning: If you disable HTTP and a problem occurs with the HTTPS certificate of the switch, you might not be able to access the switch UI. In this case, you must reset the switch to factory default settings to regain access to the UI."
@YeZ is here a way to ensure the http enable/disable control will become available on earlier models, eg. along with other updates/security fixes, too?
@schumakuThis switch is a temporary solution, and our security audit team will be banging down the door to make sure HTTP is not accessible for this switch. While we do completely understand the risks of disabling HTTP, if we cannot simply turn off HTTP, then we will set up an ACL to disable HTTP access unless you are telling me that isn't a possibility.
