Листовка для HP E2610-24 Switch J9085A#BUN
Модели
J9085A#BUN
3
ProCurve Switch 2610 Series
• Access control lists (ACLs): provide IP Layer 3
filtering based on source/destination IP
address/subnet and source/destination
TCP/UDP port number
address/subnet and source/destination
TCP/UDP port number
• Identity-driven ACL: enables implementation
of a highly granular and flexible access security
policy specific to each authenticated network
user
policy specific to each authenticated network
user
• Port security: allows access only to specified
MAC addresses, which can be learned or
specified by the administrator
specified by the administrator
• MAC address lockout: prevents configured
particular MAC addresses from connecting to
the network
the network
• Source-port filtering: allows only specified
ports to communicate with each other
• TACACS+: eases switch management security
administration by using a password
authentication server
authentication server
• Secure Shell (SSHv2): encrypts all transmitted
data for secure, remote command-line
interface (CLI) access over IP networks
interface (CLI) access over IP networks
• Port monitoring for network threats: Provides
sampled port traffic using sFlow technology to
the ProCurve Network Immunity Manager
application for Network Behavior Anomaly
Detection (NBAD) analysis to detect threats
and mitigate threats at the port where the
threat originated
the ProCurve Network Immunity Manager
application for Network Behavior Anomaly
Detection (NBAD) analysis to detect threats
and mitigate threats at the port where the
threat originated
• Secure Sockets Layer (SSL): encrypts all HTTP
traffic, allowing secure access to the browser-
based management GUI in the switch
based management GUI in the switch
• Secure FTP: allows secure file transfer to/from
the switch; protects against unwanted file
downloads or unauthorized copying of switch
configuration file
downloads or unauthorized copying of switch
configuration file
• Switch management logon security:
can require either RADIUS or TACACS+
authentication for secure switch CLI logon
authentication for secure switch CLI logon
• Dynamic IP lockdown*: works with DHCP
protection to block traffic from unauthorized
host, preventing IP source address spoofing
host, preventing IP source address spoofing
• Dynamic ARP protection*: blocks ARP
broadcasts from unauthorized hosts,
preventing eavesdropping or theft of network
data
preventing eavesdropping or theft of network
data
• DHCP protection*: blocks DHCP packets from
unauthorized DHCP servers, preventing denial-
of-service attacks
of-service attacks
• BPDU port protection: blocks Bridge Protocol
Data Units (BPDU) on ports that do not require
BPDUs, preventing forged BPDU attacks
BPDUs, preventing forged BPDU attacks
• STP Root Guard: protects root bridge from
malicious attack or configuration mistakes
Convergence
• IEEE 802.1AB Link Layer Discovery Protocol
(LLDP): automated device discovery protocol
for easy mapping by network management
applications
for easy mapping by network management
applications
• LLDP-MED (Media Endpoint Discovery):
a standard extension of LLDP that stores values
for parameters such as QoS and VLAN to
automatically configure network devices such
as IP phones
for parameters such as QoS and VLAN to
automatically configure network devices such
as IP phones
• Pre-standard PoE support: detects and
provides power to pre-standard PoE devices;
see list of supported devices in the product FAQ
at www.procurve.eu/faq
see list of supported devices in the product FAQ
at www.procurve.eu/faq
• IP multicast snooping and data-driven IGMP:
automatically prevents flooding of IP multicast
traffic
traffic
Quality of Service (QoS)
• Class of Service (CoS): sets the IEEE 802.1p
priority tag based on IP address, IP Type of
Service (ToS), L3 protocol, TCP/UDP port
number, source port, and DiffServ
Service (ToS), L3 protocol, TCP/UDP port
number, source port, and DiffServ
• Layer 4 prioritization: enables prioritization
based on TCP/UDP port numbers
* Check Web site for availability.