No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Configuration Guide - Security

S1720, S2700, S5700, and S6720 V200R011C10

This document describes the configurations of Security, including ACL, local attack defense, MFF, attack defense, traffic suppression and storm control, ARP security, Port security, DHCP snooping, ND snooping, PPPoE+, IPSG, SAVI, URPF, keychain, MPAC, separating the management plane from the service plane, security risks, PKI.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Licensing Requirements and Limitations for PKI

Licensing Requirements and Limitations for PKI

Involved Network Elements

In the Agile Cloud Network solution, PKI involves the following network elements:

  • PKI authentication center (including CA server, certificate/CRL storage server, and so on)
  • SSH client (such as switch)
  • SSH server (cloud management platform)

Licensing Requirements

PKI is a basic feature of a switch and is not under license control.

Version Requirements

Table 17-3  Products and versions supporting PKI
Series Product

Minimum Version Supporting PKI for Cloud Management

Minimum Version Supporting PKI for NETCONF

S1700 S1720GFR Not supported Not supported
S1720GW, S1720GWR Not supported Not supported
S1720GW-E, S1720GWR-E Not supported Not supported
S1720X, S1720X-E Not supported Not supported
Other S1700 models

Models that cannot be configured using commands. For details about features and versions, see S1700 Documentation Bookshelf.

Models that cannot be configured using commands. For details about features and versions, see S1700 Documentation Bookshelf.

S2700 S2700SI, S2700EI Not supported Not supported
S2710SI Not supported Not supported
S2720EI Not supported Not supported
S2750EI Not supported Not supported
S3700 S3700SI, S3700EI Not supported Not supported
S3700HI Not supported Not supported
S5700 S5700LI, S5700S-LI Not supported Not supported
S5710-C-LI Not supported Not supported
S5710-X-LI Not supported Not supported
S5720LI, S5720S-LI

V200R011C00 (only supported by the S5720-12TP-LI-AC, S5720-12TP-PWR-LI-AC, S5720-28P-LI-AC, S5720-52P-LI-AC, S5720-28P-PWR-LI-AC, S5720-52P-PWR-LI-AC, S5720-28TP-PWR-LI-ACL, S5720-28TP-LI-AC, S5720-28TP-PWR-LI-AC, and S5720-52X-PWR-LI-AC) and V200R011C10

Switched to cloud-based management mode

Not supported
S5700SI, S5700EI Not supported Not supported
S5720S-SI, S5720SI

V200R010C00, V200R011C00, V200R011C10

Switched to cloud-based management mode

Not supported
S5730SI Not supported Not supported
S5730S-EI Not supported Not supported
S5710EI Not supported Not supported
S5700HI Not supported Not supported
S5710HI Not supported Not supported
S5720EI Not supported V200R011C10
S5720HI Not supported V200R011C00, V200R011C10
S6700 S6700EI Not supported Not supported
S6720LI, S6720S-LI Not supported Not supported
S6720SI, S6720S-SI Not supported Not supported
S6720EI Not supported V200R011C00, V200R011C10
S6720S-EI Not supported V200R011C00, V200R011C10

Feature Limitations

When a switch supporting the cloud-based management works in the non-cloud-based management mode, the PKI commands can be run, but do not take effect.

Updated: 2019-03-28

Document ID: EDOC1000178177

Views: 220717

Downloads: 716

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next