HP MSR20-13-W JF808A Fiche De Données
Codes de produits
JF808A
4
• Multiprotocol Label Switching (MPLS) Layer
3 VPN: allows Layer 3 VPNs across a provider
network; uses Multiprotocol BGP (MP-BGP) to
establish private routes for increased security;
supports RFC 2547bis multiple autonomous system
VPNs for added flexibility; supports IPv6 MPLS VPN
network; uses Multiprotocol BGP (MP-BGP) to
establish private routes for increased security;
supports RFC 2547bis multiple autonomous system
VPNs for added flexibility; supports IPv6 MPLS VPN
• Multiprotocol Label Switching (MPLS) Layer
2 VPN: establishes simple Layer 2 point-to-point
VPNs across a provider network using only MPLS
Label Distribution Protocol (LDP); requires no routing
and therefore decreases complexity, increases
performance, and allows VPNs of non-routable
protocols; uses no routing information for increased
security; supports Circuit Cross Connect (CCC),
Static Virtual Circuits (SVCs), Martini draft, and
Kompella-draft technologies
VPNs across a provider network using only MPLS
Label Distribution Protocol (LDP); requires no routing
and therefore decreases complexity, increases
performance, and allows VPNs of non-routable
protocols; uses no routing information for increased
security; supports Circuit Cross Connect (CCC),
Static Virtual Circuits (SVCs), Martini draft, and
Kompella-draft technologies
• Policy routing: allows custom filters for increased
performance and security; supports ACLs, IP prefix,
AS paths, community lists, and aggregate policies
AS paths, community lists, and aggregate policies
Security
• Access control list (ACL): supports powerful
ACLs for both IPv4 and IPv6; ACLs are used for
filtering traffic to prevent unauthorized users from
accessing the network, or for controlling network
traffic to save resources; rules can either deny or
permit traffic to be forwarded; rules can be based
on a Layer 2 header or a Layer 3 protocol header;
rules can be set to operate on specific dates or times
filtering traffic to prevent unauthorized users from
accessing the network, or for controlling network
traffic to save resources; rules can either deny or
permit traffic to be forwarded; rules can be based
on a Layer 2 header or a Layer 3 protocol header;
rules can be set to operate on specific dates or times
• TACACS+: is an authentication tool using TCP with
encryption of the full authentication request that
provides additional security
provides additional security
• Network login: standard IEEE 802.1x allows
authentication of multiple users per port
• RADIUS: eases security access administration by
using a password authentication server
• Network address translation (NAT): supports
one-to-one NAT, many-to-many NAT, and NAT
control, enabling NAT-PT to support multiple
connections; supports blacklist in NAT/NAT-PT, a
limit on the number of connections, session logs,
and multi-instances
control, enabling NAT-PT to support multiple
connections; supports blacklist in NAT/NAT-PT, a
limit on the number of connections, session logs,
and multi-instances
• Secure Shell (SSHv2): uses external servers to
securely login into a remote device or securely login
into MSR from a remote location; with authentication
and encryption, it protects against IP spoofing and
plain text password interception; increases the
security of SFTP transfers
into MSR from a remote location; with authentication
and encryption, it protects against IP spoofing and
plain text password interception; increases the
security of SFTP transfers
• Unicast Reverse Path Forwarding (URPF):
allows normal packets to be forwarded correctly,
but discards the attaching packet due to lack of
reverse path route or incorrect inbound interface;
prevents source spoofing and distributed attacks
but discards the attaching packet due to lack of
reverse path route or incorrect inbound interface;
prevents source spoofing and distributed attacks
• IPSec VPN: supports DES, 3DES, and AES
128/192/256 encryption, and MD5 and SHA-1
authentication
authentication
• DVPN (Dynamic Virtual Private Network):
collects, maintains, and distributes dynamic public
addresses through the VPN Address Management
(VAM) protocol, making VPN establishment
available between enterprise branches that use
dynamic addresses to access the public network;
compared to traditional VPN technologies, DVPN
technology is more flexible and has richer features,
such as NAT traversal of DVPN packets, AAA
identity authentication, IPSec protection of data
packets, and multiple VPN domains
addresses through the VPN Address Management
(VAM) protocol, making VPN establishment
available between enterprise branches that use
dynamic addresses to access the public network;
compared to traditional VPN technologies, DVPN
technology is more flexible and has richer features,
such as NAT traversal of DVPN packets, AAA
identity authentication, IPSec protection of data
packets, and multiple VPN domains
Convergence
• Internet Group Management Protocol
(IGMP): is used by IP hosts to establish and
maintain multicast groups; supports IGMPv1, v2,
and v3; utilizes Any-Source Multicast (ASM) or
Source-Specific Multicast (SSM) to manage IPv4
multicast networks
maintain multicast groups; supports IGMPv1, v2,
and v3; utilizes Any-Source Multicast (ASM) or
Source-Specific Multicast (SSM) to manage IPv4
multicast networks
• Protocol Independent Multicast (PIM): is used
for IPv4 and IPv6 multicast applications; supports
PIM Dense Mode (PIM-DM), Sparse Mode (PIM-SM),
and Source-Specific Mode (PIM-SSM)
PIM Dense Mode (PIM-DM), Sparse Mode (PIM-SM),
and Source-Specific Mode (PIM-SSM)
• Multicast Source Discovery Protocol
(MSDP): is used for inter-domain multicast
applications, allowing multiple PIM-SM domains to
interoperate
applications, allowing multiple PIM-SM domains to
interoperate
• Multicast Border Gateway Protocol (MBGP):
allows multicast traffic to be forwarded across BGP
networks and kept separate from unicast traffic
networks and kept separate from unicast traffic
Integration
• Embedded NetStream: local and global server
load-balancing module improves traffic distribution
using powerful scheduling algorithms, including
Layer 4 to 7 services; monitors the health status of
servers and firewalls
using powerful scheduling algorithms, including
Layer 4 to 7 services; monitors the health status of
servers and firewalls
• Embedded VPN firewall: provides enhanced
stateful packet inspection and filtering; delivers
advanced VPN services with Triple DES (3DES) and
Advanced Encryption Standard (AES) encryption at
high performance and low latency, Web content
filtering, and application prioritization and
enhancement
advanced VPN services with Triple DES (3DES) and
Advanced Encryption Standard (AES) encryption at
high performance and low latency, Web content
filtering, and application prioritization and
enhancement