ZyXEL ES-1552 ZYXES-1552 ユーザーズマニュアル

•  IEEE 802.3 10Base-T Ethernet

•  IEEE 802.3u 100Base-TX Ethernet

•  IEEE 802.ab 1000Base-T Ethernet

•  IEEE 802.3x Flow control

•  IEEE 802.1p Class of service, priority protocols

•  IEEE 802.1Q VLAN tagging

•  IEEE 802.3ad static port aggregation

•  12.8/17.6 Gbps non-blocking switching fabric

•  Switching Forwarding Rate 9.6/13.1 Mpps 

(1488000 pps/1000Base-T/1000Base-X, 148800 

pps/100Base-TX)

• Wire-speed performance

•  8 K MAC entries

•  512 KB Packet Buffer

•  Rate Limiting: Port-based bandwidth control 

with 7 grades (64 kbps, 256 kbps, 1 Mbps,

  10 Mbps, 64 Mbps, 100 Mbps, 1 Gbps)

•  Port-based egress traffic shaping

•  Broadcast Storm Control

•  Congestion control on all ports

•  IEEE 802.1p with 4 priority queues per port for 

different types of traffic

•  WRR (Weighted Round Robin)/SPQ scheduling 

algorithm

Auto VoIP module matches VoIP streams and 

assign the highest priority for following VoIP 

packets

•  SIP — Session Initiation Protocol

•  MGCP — Media Gateway Control Protocol

•  SCCP — Skinny Client Control Protocol 

•  IEEE 802.3ad static port aggregation

•  Up to 6 aggregation groups, per group supports 

up to 8 ports 

•  Specific MAC forwarding per port: only specified 

MAC addresses can access the network (Port 

Security)

•  IEEE 802.1Q tagged VLAN

•  256 static VLAN, up to 4 K dynamic VLAN 

• Dynamic ARP

Denial of Service (DoS) attacks try to disable a 

device or network so users no longer have access 

to network resources. Auto DoS Attack Prevention 

module matches attack types in switches and 

prevent network outage

 

•  Land Attacks — These attacks result from 

sending a specially crafted packet to a machine 

where the source host IP address is the same as 

the destination host IP address. The system 

attempts to reply to itself, resulting in system 

lockup.

•  Blat Attack — These switch result from sending 

a specially crafted packet to a machine where the 

source host port is the same as the destination 

host port. The system attempts to reply to itself, 

resulting in system lockup. 

•  SYNFIN Scans — SYNchronization (SYN, 

ACKnowledgement (ACK) and FINish (FIN) 

packets are used to initiate, acknowledge and 

conclude TCP/IP communication sessions. The 

following scans exploit weakness in the TCP/IP 

specification and try to illicit a response from a 

host to identify ports for an attack:

-  Scan SYNFIN — SYN and FIN bits are set in the 

packet.

 -  Xmascan — TCP sequence number is zero and 

the FIN, URG and PSH bits are set.

-  NULL scan — TCP sequence number is zero and all 

control bits are zeros.

-  SYN with port <1024 — SYN packets with source 

port less than 1024.

•  Smurf Attacks — This attack uses Internet Control 

Message Protocol (ICMP) echo requests packets 

(pings) to cause network congestion or outrages.

•  Ping Flooding — This attack floods the target 

network with ICMP packets.

•  SYN/SYN-ACK Flooding — This attack floods the 

target network with SYN or SYN/ACK packets.

•  Password required for administrators

• Web-based management

•  SNMP v1, v2  

•  IP management: static IP

• RMON

•  Port mirroring: supports Source/Destination/Both 

port mirroring

• Cable Diagnostic 

•  RFC1213 MIB II (System, Interface)

• RFC1398 (Ether-like)