HP 10500 series Specifications page 8
10500 series
Hide thumbs
Also See for 10500 series:
- Security configuration manual (596 pages) ,
- Configuration manual (512 pages) ,
- Datasheet (20 pages)
Advertisement
QuickSpecs
Overview
Multiprotocol Label Switching (MPLS) Layer 2 VPN
establishes simple Layer 2 point-to-point VPNs across a provider network using only MPLS Label Distribution Protocol (LDP);
requires no routing and therefore decreases complexity, increases performance, and allows VPNs of non-routable protocols;
uses no routing information for increased security; supports Circuit Cross Connect (CCC), Static Virtual Circuits (SVCs), Martini
draft, and Kompella-draft technologies
Virtual Private LAN Service (VPLS)
establishes point-to-multipoint Layer 2 VPNs across a provider network
Super VLAN
saves IP address space using the RFC 3069 standard (also called VLAN Aggregation)
Equal-Cost Multipath (ECMP)
enables multiple equal-cost links in a routing environment to increase link redundancy and scale bandwidth
IPv6 tunneling
is an important element for the transition from IPv4 to IPv6; allows IPv6 packets to traverse IPv4-only networks by
encapsulating the IPv6 packet into a standard IPv4 packet; supports manually configured, 6to4, Intra-Site Automatic Tunnel
Addressing Protocol (ISATAP) tunnels, and IPv6 on VPN to Provider Edge (6VPE) router tunnel
Security
Access control list (ACL)
supports powerful ACLs for both IPv4 and IPv6; ACLs are used for filtering traffic to prevent unauthorized users from accessing
the network, or for controlling network traffic to save resources; rules can either deny or permit traffic to be forwarded; rules
can be based on a Layer 2 header or a Layer 3 protocol header; rules can be set to operate on specific dates or times
Remote Authentication Dial-In User Service (RADIUS)
eases switch security access administration by using a password authentication server
Terminal Access Controller Access-Control System (TACACS+)
delivers an authentication tool using TCP with encryption of the full authentication request, providing additional security
Switch management logon security
helps secure switch CLI logon by optionally requiring either RADIUS or TACACS+ authentication
Secure shell (SSHv2)
uses external servers to securely log in to a remote device; with authentication and encryption, it protects against IP spoofing
and plain-text password interception; increases the security of Secure FTP (SFTP) transfers
DHCP snooping
helps ensure that DHCP clients receive IP addresses from authorized DHCP servers and maintain a list of DHCP entries for trusted
ports; prevents reception of fake IP addresses and reduces ARP attacks, improving security
IP Source Guard
filters packets on a per-port basis, which prevents illegal packets from being forwarded
ARP attack protection
protects from attacks using a large number of ARP requests by using a host-specific, user-selectable threshold
Port security
allows access only to specified MAC addresses, which can be learned or specified by the administrator
IEEE 802.1X
provides port-based user authentication with support for Extensible Authentication Protocol (EAP) MD5, TLS, TTLS, and PEAP
with choice of AES, TKIP, and static or dynamic WEP encryption for protecting wireless traffic between authenticated clients and
the access point
Media access control (MAC) authentication
provides simple authentication based on a user's MAC address; supports local or RADIUS-based authentication
Multiple user authentication methods
IEEE 802.1X
is an industry-standard method of user authentication using an IEEE 802.1X supplicant on the client in conjunction with a
RADIUS server
DA - 14167 North America — Version 20 — December 9, 2013
HP 10500 Switch Series
Page 8
Advertisement
