HP E2910-24G-PoE+ al Switch + Care Pack J9146A#ABB-BNDL 데이터 시트

3

• Troubleshooting: ingress and egress port

monitoring enable network problem solving

Layer 2 switching

• VLAN support and tagging: supports IEEE

802.1Q (4,094 VLAN IDs) and 256 VLANs
simultaneously

• GARP VLAN Registration Protocol: allows

automatic learning and dynamic assignment of
VLANs

• Jumbo packet support: supports up to

9220-byte frame size to improve the performance of
large data transfers

• IEEE 802.1v protocol VLANs: isolate select

non-IPv4 protocols automatically into their own
VLANs

Layer 3 routing

• Static IP routing: provides manually configured

routing; includes ECMP capability

• Routing Information Protocol (RIP): provides

RIPv1 and RIPv2 routing

Security

• Multiple user authentication methods:

– IEEE 802.1X: is an industry-standard method of

user authentication using an IEEE 802.1X
supplicant on the client in conjunction with a
RADIUS server

– Web-based authentication: similar to IEEE

802.1X, it provides a browser-based environment
to authenticate clients that do not support the IEEE
802.1X supplicant

– MAC-based authentication: client is

authenticated with the RADIUS server based on
the client's MAC address

• Authentication flexibility:

– Multiple IEEE 802.1X users per port:

provides authentication of up to eight IEEE 802.1X
users per port; prevents user "piggybacking" on
another user's IEEE 802.1X authentication

– Concurrent IEEE 802.1X and Web or MAC

authentication schemes per port: switch
port will accept any of IEEE 802.1X and either
Web or MAC authentications

• Access control lists (ACLs): provide IP Layer 3

filtering based on source/destination IP
address/subnet and source/destination TCP/UDP
port number

• Identity-driven ACL: enables implementation of

a highly granular and flexible access security policy
and VLAN assignment specific to each authenticated
network user

• Dynamic ARP protection: blocks ARP

broadcasts from unauthorized hosts, preventing
eavesdropping or theft of network data

• DHCP protection: blocks DHCP packets from

unauthorized DHCP servers, preventing
denial-of-service attacks

• Port monitoring for network threats:

provides sampled port traffic using sFlow technology
to the HP Network Immunity Manager (NIM)
application for Network Behavior Anomaly
Detection (NBAD) analysis to detect and mitigate
threats at the port where the threat originated

• Source-port filtering: allows only specified ports

to communicate with each other

• RADIUS/TACACS+: eases switch management

security administration by using a password
authentication server

• Secure Shell: encrypts all transmitted data for

secure remote CLI access over IP networks

• Secure FTP: allows secure file transfer to and from

the switch; protects against unwanted file
downloads or unauthorized copying of a switch
configuration file

• Secure Sockets Layer (SSL): encrypts all HTTP

traffic, allowing secure access to the browser-based
management GUI in the switch

• Port security: allows access only to specified

MAC addresses, which can be learned or specified
by the administrator

• MAC address lockout: prevents particular

configured MAC addresses from connecting to the
network

• Switch management logon security: can

require either RADIUS or TACACS+ authentication
for secure switch CLI logon

• STP BPDU port protection: blocks Bridge

Protocol Data Units (BPDUs) on ports that do not
require BPDUs, preventing forged BPDU attacks

• USB Secure Autorun (requires HP PCM+):

deploys, diagnoses, and updates a switch using a
USB flash drive; works with a secure credential to
prevent tampering

• STP Root Guard: protects the root bridge from

malicious attack or configuration mistakes

• Custom banner: displays security policy when

users log in to the switch

• Per-port broadcast throttling: selectively

configures broadcast control on heavy traffic port
uplinks