Enterasys SecureStack C2 User Manual

Provides an overview of tasks manageable via the CLI interface, including network management and switch configuration operations.

Describes the methods available for managing the SecureStack C2 switch, including local and remote access options.

Lists the default settings for basic switch and router operations, covering various features and protocols.

Explains how to start a CLI session, navigate, and utilize CLI commands, including help and keyword lookups.

Explains how SecureStack C2 switches operate and perform when configured in a stack, up to eight units.

Provides a procedure for installing a new stackable system of up to eight units out of the box.

Details the procedure for installing previously configured member units into a stack, including renumbering.

Outlines the procedure for adding a new unit to an existing stack configuration, assuming clean manufacturing configuration.

Describes how to create a virtual switch configuration before adding a physical device to a stack, including port configuration.

Discusses considerations when using the clear config command in a stack environment, including clearing unit IDs and stack parameters.

Addresses issues related to mixing SecureStack C2 and C3 switches in a stack, focusing on feature support and common firmware versions.

Lists and describes commands for reviewing, individually configuring, and managing switches within a SecureStack C2 stack.

Explains how to change default user login and password settings, and add new user accounts and passwords.

Details how to review and set PoE parameters, including power availability, usage thresholds, and per-port settings.

Describes methods for upgrading the operational firmware of the SecureStack C2 switch without physical access.

Explains how to display and set the firmware image the switch loads at startup, including storing a backup image.

Covers enabling or disabling Telnet and starting a Telnet session to a remote host, including simultaneous session limits.

Discusses configuration persistence modes, saving configurations, managing files, and TFTP parameters.

Provides instructions on how to clear the CLI screen or close the CLI session.

Explains how to reset the switch or specific units, and clear user-defined configuration parameters.

Details how to use WebView, the embedded web server, for switch configuration and management tasks, including SSL usage.

Explains how to review and configure the Enterasys CDP discovery protocol for discovering network topology and neighboring devices.

Describes how to review and configure the Cisco discovery protocol for discovering network topology and recognizing PDUs from Cisco phones.

Covers Link Layer Discovery Protocol (LLDP) and LLDP-MED, enabling network devices to advertise identities and capabilities.

Provides a summary of switch ports, including types and specifications for different SecureStack C2 models.

Explains the CLI syntax for designating VLANs and port numbers.

Describes how to display operating status, duplex mode, speed, port type, and statistical information about switch ports.

Covers disabling/enabling ports and assigning aliases for convenience or troubleshooting network issues.

Explains how to review and set operational speed and duplex mode for ports, applicable when auto-negotiation is disabled.

Details how to enable or disable jumbo frame support on ports, allowing Gigabit Ethernet ports to transmit frames up to 10 KB.

Covers reviewing, disabling, or enabling auto-negotiation and configuring port advertisement for speed and duplex.

Explains how to review, enable, or disable port flow control to manage transmission between devices as specified by IEEE 802.3x.

Covers disabling/enabling link traps, displaying link trap status, and configuring link flapping detection.

Details how to review and set the broadcast suppression threshold per port to limit received broadcast frames.

Explains how to mirror or redirect traffic on a port for network traffic analysis and connection assurance.

Describes how LACP logically groups interfaces to create greater bandwidth uplinks or link aggregations according to IEEE 802.3ad.

Explains the Protected Port feature to prevent ports from forwarding traffic to other protected ports in the same VLAN.

Provides an overview of SNMP, its versions, and components for network management.

Describes the components of SNMPv1 and SNMPv2c network management, categorized into managed devices, agents, and applications.

Details SNMPv3, an interoperable standards-based protocol providing secure access with message integrity, authentication, and encryption.

Explains SNMP security models and levels (NoAuthNoPriv, AuthNoPriv, authPriv) for authentication and encryption.

Covers accessing SNMP MIB objects using contexts, allowing restriction of switch management access to specified MIBs.

Explains how to review SNMP statistics and provides details on commands for configuring SNMP.

Provides a summary of Spanning Tree configuration, including Single, Rapid, and Multiple Spanning Tree Protocols.

Lists the functions of the SecureStack C2 device in meeting Spanning Tree Protocol requirements, such as topology management and failure compensation.

Details the Loop Protect feature that prevents or short-circuits loop formation in networks with redundant paths.

Explains how to display and set Spanning Tree bridge parameters like priority, hello time, and forward delay.

Summarizes Virtual LAN capabilities, allowing network partitioning and traffic control within logical groups.

Explains the CLI syntax for designating VLANs and port numbers.

Describes how to create a management-only VLAN for secure device management and access control.

Explains how to display VLANs, their creation methods, port assignments, and traffic transmission behavior.

Details the process of creating new static VLANs or enabling/disabling existing VLANs using CLI commands.

Covers assigning default VLAN IDs to untagged frames, configuring VLAN ingress filtering, and setting frame discard modes.

Explains how to assign or remove ports from a particular VLAN's egress list to control frame transmission eligibility.

Describes how to configure a host VLAN that allows access only to designated devices for secure management tasks.

Details the GVRP purpose for dynamically creating VLANs across a switched network and its operation.

Summarizes SecureStack C2 device capabilities for policy profile-based provisioning of network resources.

Explains how to create, change, and remove user profiles based on business-driven policies for managing network resources.

Covers reviewing, creating, assigning, and unassigning classification rules to policy profiles, mapping user profiles to frame filtering policies.

Details how to assign or unassign ports to policy profiles, ensuring only activated ports transmit frames accordingly.

Explains how to assign mission-critical data higher priority by delaying less critical traffic, implementing priority queueing mechanisms.

Summarizes the Class of Service (CoS) capabilities for assigning mission-critical data higher priority and rate limiting inbound traffic.

Explains how to view or configure port priority characteristics, including default CoS transmit priority and traffic class mapping.

Details how to map 802.1D (802.1p) priorities to transmit queues for prioritizing traffic on ports.

Covers setting priority mode and weight for transmit queues on physical ports, excluding LAGs.

Explains how to limit inbound traffic rate on a per port/priority basis, dropping frames when the programmed limit is exceeded.

Describes the Internet Group Management Protocol (IGMP) for host-to-device communication regarding multicast traffic.

Explains how to configure IGMP snooping from the switch CLI to manage multicast group membership and optimize switched network performance.

Details how to configure IGMP on routing interfaces, applicable when the device is in router mode.

Covers displaying and configuring system logging, including Syslog server settings, default settings, and logging buffer management.

Explains how to display switch events and command history, set history buffer size, and display/disconnect user sessions.

Covers displaying or deleting switch ARP table entries and displaying MAC address information.

Details how to configure SNTP for synchronizing device clocks across a network, including client settings and server configuration.

Explains how to review, disable, and re-enable node (port) alias functionality to determine running network protocols.

Lists RMON monitoring groups, their functions, monitored elements, and associated configuration commands for network fault diagnosis.

Covers displaying, configuring, and clearing RMON statistics measured by the RMON probe for each monitored interface.

Details how to display, configure, and clear RMON history properties and statistics, recording periodic samples.

Explains how to display, configure, and clear RMON alarm entries and properties, generating events when thresholds are crossed.

Covers displaying and clearing RMON events, and configuring RMON event properties for notification.

Details RMON channel and filter configuration, allowing packet capture based on filter matches.

Explains how to display, configure, enable/disable capture entries, and clear capture entries for network analysis.

Describes Dynamic Host Configuration Protocol (DHCP) for IPv4, including automatic/manual IP assignment and relay agent functions.

Explains how the DHCP/BOOTP relay agent function can be configured on routing interfaces to forward client requests to a DHCP server.

Details DHCP server functionality for providing IP configuration information to clients and mechanisms for IP address allocation.

Outlines methods to configure a DHCP server by associating address pools with host port IP or routed interfaces.

Covers configuring DHCP server parameters, displaying, and clearing address binding information, server statistics, and conflict information.

Explains how to configure and clear DHCP address pool parameters and display address pool configuration information.

Lists essential pre-routing tasks required before executing IP configuration and router-specific commands.

Describes different CLI modes for router operation, enabling subsets of commands from each mode.

Explains how to activate license keys to enable advanced features like advanced routing protocols such as OSPF, DVMRP, VRRP, and PIM-SM.

Details enabling routing interface configuration, creating routing interfaces, reviewing IP usability, setting IP addresses, and enabling IP routing.

Covers reviewing and configuring the routing ARP table, enabling proxy ARP, and setting MAC addresses on interfaces.

Explains how to configure IP broadcast settings, specifically enabling or disabling IP directed broadcasts.

Describes how to review IP traffic, configure routes, send ICMP messages, and execute traceroute.

Explains the need for a license key to enable advanced routing protocols like OSPF, DVMRP, VRRP, and PIM-SM.

Details how to enable and configure the Routing Information Protocol (RIP) for routing information exchange.

Provides instructions for enabling and configuring the Open Shortest Path First (OSPF) routing protocol, including interface parameters and areas.

Explains how to enable and configure the Distance Vector Multicast Routing Protocol (DVMRP) on an interface for routing multicast traffic.

Describes how to enable and configure the ICMP Router Discovery Protocol (IRDP) on an interface, allowing hosts to determine router addresses.

Details how to enable and configure the Virtual Router Redundancy Protocol (VRRP) to eliminate single points of failure in routing environments.

Covers enabling and configuring Protocol Independent Multicast in Sparse Mode (PIM-SM) for dynamically learning multicast traffic forwarding.

Reviews available security methods for controlling user access, monitoring, and managing the switch, including login, HACA, SNMP, and 802.1X.

Explains how RADIUS Filter-ID attributes dynamically assign policy profiles and management levels to users upon successful authentication.

Details how to review, enable/disable RADIUS client/server configuration, set login options, server parameters, and accounting servers.

Covers reviewing and configuring 802.1X authentication for ports using EAPOL for network access control based on RADIUS server authorization.

Explains how to review, disable, enable, and configure MAC authentication for securely authenticating source MAC addresses.

Discusses enabling multiple authentication types (MAC, 802.1X, PWA) on the same port and configuring system authentication modes.

Details how RFC 3580 Tunnel Attributes contain 802.1X authenticated users to a VLAN, assigning ports based on RADIUS results.

Covers reviewing, disabling, enabling, and configuring MAC locking to restrict unauthorized devices and prevent MAC spoofing on ports.

Explains how to review, enable, disable, and configure Port Web Authentication for user login and network access control.

Details how to review, enable, disable, and configure the Secure Shell (SSH) protocol for secure Telnet access.

Covers reviewing and configuring security access control lists (ACLs) to permit or deny access to routing interfaces based on protocol and IP address restrictions.