HP FlexFabric 11908-V JG608A Manuel D’Utilisation
Codes de produits
JG608A
allows high-performance backups and disaster-recovery systems with a maximum frame size of 9k bytes
Loopback
supports internal loopback testing for maintenance purposes and an increase in availability; loopback detection protects against
incorrect cabling or network configurations and can be enabled on a per-port or per-VLAN basis for added flexibility
Ethernet operations, administration and maintenance (OAM)
detects data link layer problems that occurred in the "last mile" using the IEEE 802.3ah OAM standard; monitors the status of the
link between two devices
Monitor link
collects statistics on performance and errors on physical links, increasing system availability
Packet storm protection
protects against unknown broadcast, unknown multicast, or unicast storms with user-defined thresholds
Flow control
provides back pressure using standard IEEE 802.3x, reducing congestion in heavy traffic situations
Loopback
supports internal loopback testing for maintenance purposes and an increase in availability; loopback detection protects against
incorrect cabling or network configurations and can be enabled on a per-port or per-VLAN basis for added flexibility
Ethernet operations, administration and maintenance (OAM)
detects data link layer problems that occurred in the "last mile" using the IEEE 802.3ah OAM standard; monitors the status of the
link between two devices
Monitor link
collects statistics on performance and errors on physical links, increasing system availability
Packet storm protection
protects against unknown broadcast, unknown multicast, or unicast storms with user-defined thresholds
Flow control
provides back pressure using standard IEEE 802.3x, reducing congestion in heavy traffic situations
Security
Access control list (ACL)
supports powerful ACLs for both IPv4 and IPv6; ACLs are used for filtering traffic to prevent unauthorized users from accessing
the network, or for controlling network traffic to save resources; rules can either deny or permit traffic to be forwarded; rules
can be based on a Layer 2 header or a Layer 3 protocol header; rules can be set to operate on specific dates or times
Remote Authentication Dial-In User Service (RADIUS)
eases switch security access administration by using a password authentication server
Terminal Access Controller Access-Control System (TACACS+)
delivers an authentication tool using TCP with encryption of the full authentication request, providing additional security
Secure shell (SSHv2)
uses external servers to securely log in to a remote device; with authentication and encryption, it protects against IP spoofing
and plain-text password interception; increases the security of Secure FTP (SFTP) transfers
DHCP snooping
helps ensure that DHCP clients receive IP addresses from authorized DHCP servers and maintain a list of DHCP entries for trusted
ports; prevents reception of fake IP addresses and reduces ARP attacks, improving security
IP Source Guard
filters packets on a per-port basis, which prevents illegal packets from being forwarded
ARP attack protection
protects against attacks that use a large number of ARP requests, using a host-specific, user-selectable threshold
Port security
allows access only to specified MAC addresses, which can be learned or specified by the administrator
IEEE 802.1X support
provides port-based user authentication with support for Extensible Authentication Protocol (EAP) MD5, TLS, TTLS, and PEAP
with choice of AES, TKIP, and static or dynamic WEP encryption for protecting wireless traffic between authenticated clients and
the access point
Multiple user authentication methods
supports powerful ACLs for both IPv4 and IPv6; ACLs are used for filtering traffic to prevent unauthorized users from accessing
the network, or for controlling network traffic to save resources; rules can either deny or permit traffic to be forwarded; rules
can be based on a Layer 2 header or a Layer 3 protocol header; rules can be set to operate on specific dates or times
Remote Authentication Dial-In User Service (RADIUS)
eases switch security access administration by using a password authentication server
Terminal Access Controller Access-Control System (TACACS+)
delivers an authentication tool using TCP with encryption of the full authentication request, providing additional security
Secure shell (SSHv2)
uses external servers to securely log in to a remote device; with authentication and encryption, it protects against IP spoofing
and plain-text password interception; increases the security of Secure FTP (SFTP) transfers
DHCP snooping
helps ensure that DHCP clients receive IP addresses from authorized DHCP servers and maintain a list of DHCP entries for trusted
ports; prevents reception of fake IP addresses and reduces ARP attacks, improving security
IP Source Guard
filters packets on a per-port basis, which prevents illegal packets from being forwarded
ARP attack protection
protects against attacks that use a large number of ARP requests, using a host-specific, user-selectable threshold
Port security
allows access only to specified MAC addresses, which can be learned or specified by the administrator
IEEE 802.1X support
provides port-based user authentication with support for Extensible Authentication Protocol (EAP) MD5, TLS, TTLS, and PEAP
with choice of AES, TKIP, and static or dynamic WEP encryption for protecting wireless traffic between authenticated clients and
the access point
Multiple user authentication methods
IEEE 802.1X
uses an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server to authenticate in accordance with
industry standards
Web-based authentication
provides a browser-based environment, similar to IEEE 802.1X, to authenticate clients that do not support the IEEE
802.1X supplicant
MAC-based authentication
authenticates the client with the RADIUS server based on the client's MAC address
uses an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server to authenticate in accordance with
industry standards
Web-based authentication
provides a browser-based environment, similar to IEEE 802.1X, to authenticate clients that do not support the IEEE
802.1X supplicant
MAC-based authentication
authenticates the client with the RADIUS server based on the client's MAC address
QuickSpecs
HP FlexFabric 11900 Switch Series
Overview
DA - 14585 Worldwide — Version 6 — March 31, 2014
Page 6