HP 3012 AC JG409A Manuale Utente
Codici prodotto
JG409A
simplifies the management of large IP networks and supports client and server; DHCP Relay enables DHCP operation across
subnets
subnets
Quality of Service (QoS)
Traffic policing
supports Committed Access Rate (CAR) and line rate
Congestion management
supports FIFO, PQ, CQ, WFQ, CBQ, and RTPQ
Weighted random early detection (WRED)/random early detection (RED)
delivers congestion avoidance capabilities through the use of queue management algorithms
Hierarchical quality of service (HQoS)/Nested QoS
manages traffic uniformly, and hierarchically schedules traffic by user, network service, and application; provides more granular
traffic control and quality assurance services than traditional QoS
Other QoS technologies
supports traffic shaping, MPLS QoS, and MP QoS/LF
supports Committed Access Rate (CAR) and line rate
Congestion management
supports FIFO, PQ, CQ, WFQ, CBQ, and RTPQ
Weighted random early detection (WRED)/random early detection (RED)
delivers congestion avoidance capabilities through the use of queue management algorithms
Hierarchical quality of service (HQoS)/Nested QoS
manages traffic uniformly, and hierarchically schedules traffic by user, network service, and application; provides more granular
traffic control and quality assurance services than traditional QoS
Other QoS technologies
supports traffic shaping, MPLS QoS, and MP QoS/LF
Security
Dynamic Virtual Private Network (DVPN)
collects, maintains, and distributes dynamic public addresses through the VPN Address Management (VAM) protocol, making
VPN establishment available between enterprise branches that use dynamic addresses to access the public network; compared
to traditional VPN technologies, DVPN technology is more flexible and has richer features, such as NAT traversal of DVPN
packets, AAA identity authentication, IPSec protection of data packets, and multiple VPN domains
IPSec VPN
supports DES, 3DES, and AES 128/192/256 encryption, and MD5 and SHA-1 authentication
Access control list (ACL)
supports powerful ACLs for both IPv4 and IPv6; ACLs are used for filtering traffic to prevent unauthorized users from accessing
the network, or for controlling network traffic to save resources; rules can either deny or permit traffic to be forwarded; rules
can be based on a Layer 2 header or a Layer 3 protocol header; rules can be set to operate on specific dates or times
Terminal Access Controller Access-Control System (TACACS+)
delivers an authentication tool using TCP with encryption of the full authentication request, providing additional security
Unicast Reverse Path Forwarding (URPF)
allows normal packets to be forwarded correctly, but discards the attaching packet due to lack of reverse path route or incorrect
inbound interface; prevents source spoofing and distributed attacks
Network login
allows authentication of multiple users per port
RADIUS
eases security access administration by using a user/password authentication server
Network address translation (NAT)
supports one-to-one NAT, many-to-many NAT, and NAT control, enabling NAT-PT to support multiple connections; supports
blacklist in NAT/NAT-PT, a limit on the number of connections, session logs, and multi-instances
Secure Shell (SSHv2)
uses external servers to securely log in into a remote device; with authentication and encryption, it protects against IP spoofing
and plain text password interception; increases the security of SFTP transfers
collects, maintains, and distributes dynamic public addresses through the VPN Address Management (VAM) protocol, making
VPN establishment available between enterprise branches that use dynamic addresses to access the public network; compared
to traditional VPN technologies, DVPN technology is more flexible and has richer features, such as NAT traversal of DVPN
packets, AAA identity authentication, IPSec protection of data packets, and multiple VPN domains
IPSec VPN
supports DES, 3DES, and AES 128/192/256 encryption, and MD5 and SHA-1 authentication
Access control list (ACL)
supports powerful ACLs for both IPv4 and IPv6; ACLs are used for filtering traffic to prevent unauthorized users from accessing
the network, or for controlling network traffic to save resources; rules can either deny or permit traffic to be forwarded; rules
can be based on a Layer 2 header or a Layer 3 protocol header; rules can be set to operate on specific dates or times
Terminal Access Controller Access-Control System (TACACS+)
delivers an authentication tool using TCP with encryption of the full authentication request, providing additional security
Unicast Reverse Path Forwarding (URPF)
allows normal packets to be forwarded correctly, but discards the attaching packet due to lack of reverse path route or incorrect
inbound interface; prevents source spoofing and distributed attacks
Network login
allows authentication of multiple users per port
RADIUS
eases security access administration by using a user/password authentication server
Network address translation (NAT)
supports one-to-one NAT, many-to-many NAT, and NAT control, enabling NAT-PT to support multiple connections; supports
blacklist in NAT/NAT-PT, a limit on the number of connections, session logs, and multi-instances
Secure Shell (SSHv2)
uses external servers to securely log in into a remote device; with authentication and encryption, it protects against IP spoofing
and plain text password interception; increases the security of SFTP transfers
Convergence
Internet Group Management Protocol (IGMP)
utilizes Any-Source Multicast (ASM) or Source-Specific Multicast (SSM) to manage IPv4 multicast networks; supports IGMPv1, v2,
and v3
utilizes Any-Source Multicast (ASM) or Source-Specific Multicast (SSM) to manage IPv4 multicast networks; supports IGMPv1, v2,
and v3
QuickSpecs
HP MSR3000 Series
Overview
DA - 14641 Worldwide — Version 4 — October 14, 2013
Page 7