| |
Management
-
Port mirroring: enables traffic on a port to be simultaneously sent to a network analyzer for monitoring
-
sFlow (RFC 3176): provides scalable, ASIC-based, wire-speed network monitoring and accounting with no impact on network performance; this allows network operators to gather a variety of sophisticated network statistics and information for capacity planning and real-time network monitoring purposes
-
IEEE 802.1AB Link Layer Discovery Protocol (LLDP): automated device discovery protocol for easy mapping by network management applications
-
RMON and XRMON: provide advanced monitoring and reporting capabilities for statistics, history, alarms, and events
-
Command authorization: leverages RADIUS to link a custom list of CLI commands to individual network administrator's login; also provides an audit trail
-
Friendly port names: allow assignment of descriptive names to ports
-
Dual flash images: provides independent primary and secondary OS files for backup while upgrading
-
Find-Fix-and-Inform: finds and fixes common network problems automatically, then informs administrator
-
Uni-Directional Link Detection (UDLD): monitors a link between two switches and blocks the ports on both ends of the link if the link goes down at any point between the two devices
Connectivity
-
IPv6: NEW!
-
IPv6 Host the switches can be managed and deployed at the edge of IPv6 networks
-
Dual Stack (IPv4/IPv6) provides transition mechanism from IPv4 to IPv6; supports connectivity for both protocols
-
MLD Snooping forwards IPv6 multicast traffic to the appropriate interface; prevents IPv6 multicast traffic from flooding the network
-
Plug-n-Play 10-Gbps Ethernet for stacking and uplink: four integrated 10-GbE ports (two CX4 and two X2) built-in on the switch
-
Dual-personality functionality: four 10/100/1000 ports or SFP slots for optional fiber connectivity such as Gigabit-SX, -LX, -LH, or 100-FX
-
Stacking capability: single IP address management for a virtual stack of up to 16 switches, including the ProCurve 2500 series, 2510 series, 2600 series, 2800 series, 2810 series, 2900 series, 3400cl series, 3500yl series, 4200vl series, 6108, 6200yl-24G-mGBIC, and 6400cl series
-
Auto-MDIX: automatically adjusts for straight-through or crossover cables on all 10/100/1000 ports
Performance
-
High-performance architecture: 115 Gbps switching fabric with up to 74 million pps (Switch 2900-24G) and 173 Gbps switching fabric with up to 110 million pps (Switch 2900-48G)
-
Selectable queue configurations: increase performance by selecting the number of queues and associated memory buffering that best meet the requirements of your network applications
Resiliency and high availability
-
IEEE 802.3ad Link Aggregation Protocol (LACP) and ProCurve trunking: support up to 24 trunks, each with up to 8 links (ports) per trunk
-
IEEE 802.1s Multiple Spanning Tree: provides high link availability in multiple VLAN environments by allowing multiple spanning trees; provides legacy support for IEEE 802.1d and IEEE 802.1w
Layer 2 switching
-
VLAN support and tagging: supports the IEEE 802.1Q (4,096 VLAN IDs) and 256 VLANs simultaneously
-
GARP VLAN Registration Protocol: allows automatic learning and dynamic assignment of VLANs
-
Jumbo frames: on Gigabit and 10-Gigabit ports, allow high-performance remote backup and disaster-recovery services
Layer 3 routing
-
Static IP routing: provides manually configured routing
-
RIP: provides RIPv1 and RIPv2 routing at media speed
Security
-
USB Secure Autorun (requires ProCurve Manager Plus): deploys, diagnoses, and updates switch using USB flash drive; works with secure credential to prevent tampering NEW!
-
Port security: allows access only to specified MAC addresses, which can be learned or specified by the administrator
-
MAC address lockout: prevents configured particular MAC addresses from connecting to the network
-
Multiple user authentication methods:
-
IEEE 802.1X industry-standard way of user authentication using an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server
-
Web-based authentication authenticates from Web browser for clients that do not support 802.1X supplicant; customized remediation can be processed on an external Web server
-
MAC-based authentication client is authenticated with the RADIUS server based on client's MAC address
-
Authentication flexibility:
-
Multiple IEEE 802.1X users per port provides authentication of up to 8 IEEE 802.1X users per port; prevents user "piggybacking" on another user's IEEE 802.1X authentication
-
Concurrent IEEE 802.1X and Web or MAC authentication schemes per port switch port will accept any of IEEE 802.1X and either Web or MAC authentications
-
BPDU port protection: blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged BPDU attacks
-
Source-port filtering: allows only specified ports to communicate with each other
-
Secure FTP: allows secure file transfer to/from the switch; protects against unwanted file downloads or unauthorized copying of switch configuration file
-
TACACS+: eases switch management security administration by using a password authentication server
-
Secure Shell (SSHv2): encrypts all transmitted data for secure, remote command-line interface (CLI) access over IP networks
-
Secure Sockets Layer (SSL): encrypts all HTTP traffic, allowing secure access to the browser-based management GUI in the switch
-
Switch management logon security: can require either RADIUS or TACACS+ authentication for secure switch CLI logon
-
Custom banner: displays security policy when users log in to the switch
Convergence
-
IP multicast snooping (data-driven IGMP): automatically prevents flooding of IP multicast traffic
-
LLDP-MED (Media Endpoint Discovery): a standard extension of LLDP that stores values for parameters such as QoS and VLAN to automatically configure network devices such as IP phones
-
Software updates: free downloads from the Web
Quality of Service (QoS)
-
Traffic prioritization (IEEE 802.1p): allows real-time traffic classification into 8 priority levels mapped to 4 queues
-
Class of Service (CoS): sets the IEEE 802.1p priority tag based on IP address, IP Type of Service (ToS), L3 protocol, TCP/UDP port number, source port, and DiffServ
-
Layer 4 prioritization: enables prioritization based on TCP/UDP port numbers
» Return to top
|  | |
