Layer 3 services
User Datagram Protocol (UDP) helper function
allows UDP broadcasts to be directed across router interfaces to specific IP unicast or subnet broadcast addresses and prevents
server spoofing for UDP services such as DHCP
Loopback interface address
defines an address in Routing Information Protocol (RIP) and Open Standard Path First (OSPF), improving diagnostic capability
Route map
provide more control during route redistribution; allow filtering and altering of route metrics
Layer 3 routing
Static IP routing
provides manually configured routing for both IPv4 and IPv6 networks
Routing Information Protocol (RIP)
provides RIPv1 and RIPv2 routing
OSPF
provides OSPFv2 for IPv4 routing and OSPFv3 for IPv6 routing
Border Gateway Protocol (BGP)
provides IPv4 Border Gateway Protocol routing, which is scalable, robust, and flexible
Security
Switch CPU protection
provides automatic protection against malicious network traffic trying to shut down the switch
Virus throttling
detects traffic patterns typical of WORM-type viruses and either throttles or entirely prevents the virus from spreading across
the routed VLANs without requiring external appliances
ICMP throttling
defeats ICMP denial-of-service attacks by enabling any switch port to automatically throttle ICMP traffic
Multiple user authentication methods
:
IEEE 802.1X users per port
: provides authentication of multiple IEEE 802.1X users per port; prevents user "piggybacking"
on another user's IEEE 802.1X authentication
Web-based authentication
: authenticates from Web browser for clients that do not support IEEE 802.1X supplicant;
customized remediation can be processed on an external Web server
MAC-based authentication
: client is authenticated with the RADIUS server based on client's MAC address
Concurrent IEEE 802.1X, Web, and MAC authentication schemes per port
: switch port will accept up to 32 sessions of
IEEE 802.1X, Web, and MAC authentications
Access control lists (ACLs)
provide filtering based on the IP field, source/destination IP address/subnet, and source/destination TCP/UDP port number on a
per-VLAN or per-port basis
Identity-driven ACL
enables implementation of a highly granular and flexible access security policy and VLAN assignment specific to each
authenticated network user
DHCP protection
blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks
STP BPDU port protection
blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged BPDU attacks
Dynamic IP lockdown
QuickSpecs
HP 6200 yl Switch Series
Overview
DA - 12437 North America — Version 17 — December 9, 2013
Page 4
To Next Page
Loading...