Техническая Спецификация для HP E4210-48G JF845A

3

• IEEE 802.1AB Link Layer Discovery Protocol

(LLDP): automated device discovery protocol
provides easy mapping using network management
applications

• sFlow (RFC 3176): wire-speed traffic accounting

and monitoring

• Advanced IRF technology stacking: locally

connects up to four E4210G switches using 10
Gigabit Ethernet or CX4 local connections; improves
resiliency by spreading aggregated links across
multiple stacked units; provides simplified
management with single IP management and a
unified control interface per stack

Layer 2 switching

• VLAN support and tagging: support IEEE

802.1Q, with 4094 simultaneous VLAN IDs

• GARP VLAN Registration Protocol (GVRP):

allows automatic learning and dynamic assignment
of VLANs

• IP multicast snooping and data-driven

IGMP: automatically prevents flooding of IP
multicast traffic

• Jumbo packet support: supports up to

9220-byte frame size to improve performance of
large data transfers

• IEEE 802.1ad QinQ: increases the scalability of

an Ethernet network by providing a hierarchical
structure; connects multiple LANs on a high-speed
campus or metro network

Layer 3 routing

• Static IP routing: provides manually configured

Layer 3 routing

Security

• Access control lists (ACLs): provide IP Layer 3

filtering based on source/destination IP
address/subnet and source/destination TCP/UDP
port number

• RADIUS/TACACS+: eases switch management

security administration by using a password
authentication server

• Secure Shell (SSHv2): encrypts all transmitted

data for secure, remote command-line interface (CLI)
access over IP networks

• Secure Web management with HTTPS and

SSL: encrypts all HTTP traffic, allowing secure
access to the browser-based management GUI in
the switch

• IEEE 802.1X and RADIUS network logins:

control port-based access for authentication and
accountability

• Secure File Transfer Protocol (FTP): allows

secure file transfer to and from the switch; protects
against unwanted file downloads or unauthorized
copying of switch configuration file

• Port security: allows access only to specified

MAC addresses, which can be learned or specified
by the administrator

• MAC address lockout: prevents particular

configured MAC addresses from connecting to the
network

• Switch management logon security: can

require either RADIUS or TACACS+ authentication
for secure switch CLI logon

• Secure management access: securely encrypts

all access methods (CLI, GUI, or MIB) through
SSHv2, SSL, and/or SNMPv3

• Custom banner: displays security policy when

users log in to the switch

• Automatic VLAN assignment: automatically

assigns users to the appropriate VLAN based on
their identity and location and the time of day

• Management password: provides security so

that only authorized access to the Web browser
interface is allowed

• STP BPDU port protection: blocks Bridge

Protocol Data Units (BPDUs) on ports that do not
require BPDUs, preventing forged BPDU attacks

• Dynamic IP lockdown: works with DHCP

protection to block traffic from unauthorized hosts,
preventing IP source address spoofing

• DHCP protection: blocks DHCP packets from

unauthorized DHCP servers, preventing
denial-of-service attacks

• Dynamic ARP protection: blocks ARP

broadcasts from unauthorized hosts, preventing
eavesdropping or theft of network data

• STP Root Guard: protects root bridge from

malicious attack or configuration mistakes

Convergence

• IEEE 802.1AB Link Layer Discovery Protocol

(LLDP): is an automated device discovery protocol
for easy mapping by network management
applications

• Automated voice VLAN assignment:

recognizes IP phones and automatically assigns
voice traffic to a dedicated VLAN for IP phones