1-7
Security Overview
Network Security Features
Network Security Features
This section outlines features and defence mechanisms for protecting access 
through the switch to the network. For more detailed information, see the 
indicated chapters. 
Table 1-2. Network Security—Default Settings and Security Guidelines 
Feature Default 
Setting
Security Guidelines More Information and 
Configuration Details
Secure File 
Transfers
not 
applicable
Secure Copy and SFTP provide a secure alternative to 
TFTP and auto-TFTP for transferring sensitive 
information such as configuration files and log 
information between the switch and other devices.
Management and 
Configuration Guide, 
Appendix A “File Transfers”, 
refer to the section “Using 
Secure Copy and SFTP”
USB Autorun enabled 
(disabled 
once a 
password 
has been set)
Used in conjunction with HP E-PCM Plus, this feature 
allows diagnosis and automated updates to the switch 
via the USB flash drive. When enabled in secure mode, 
this is done with secure credentials to prevent 
tampering. Note that the USB Autorun feature is 
disabled automatically, once a password has been set 
on the switch.
Management and 
Configuration Guide, 
Appendix A “File Transfers”, 
refer to the section “USB 
Autorun”
Traffic/Security 
Filters
none These statically configured filters enhance in-band 
security (and improve control over access to network 
resources) by forwarding or dropping inbound network 
traffic according to the configured criteria. Filter options 
include:
• source-port filters: Inbound traffic from a 
designated, physical source-port will be forwarded 
or dropped on a per-port (destination) basis.
• multicast filters: Inbound traffic having a specified 
multicast MAC address will be forwarded to 
outbound ports or dropped on a per-port (destination) 
basis.
• protocol filters: Inbound traffic having the selected 
frame (protocol) type will be forwarded or dropped 
on a per-port (destination) basis.
Chapter 12, “Traffic/Security 
Filters and Monitors”