Function Description
Security and
management
System
Security
l Command line-based hierarchical protection to
prevent unauthorized access to switching modules
l Secure Shell (SSH)
l RADIUS (IPv4) and RADIUS (IPv6) user login
authentication
l HWTACACS (IPv4) and HWTACACS (IPv6) user
login authentication
l Access control list (ACL) filtering
l Dynamic ARP inspection (DAI)
l DHCP packet filtering (with the Option 82 field)
l Prevention of control packet attacks
l Attack defense
– Defense against flood attacks without IP
payloads, attacks from IGMP null payload
packets, LAND attacks, Smurf attacks, and
attacks from packets with invalid TCP flag bits
– Defense against attacks from many fragments,
attacks from many packets with offsets, attacks
from repeated packet fragments, Tear Drop
attacks, Syndrop attacks, NewTear attacks, Bonk
attacks, Nesta attacks, Rose attacks, Fawx
attacks, Ping of Death attacks, and Jolt attacks
– Defense against TCP SYN flood attacks, UDP
flood attacks (including Fraggle attacks and UDP
diagnosis port attacks), and ICMP flood attacks
l Logs about attacking MAC addresses
l URPF
l 802.1x authentication
Network
management
l ICMP-based Ping and Tracert
l Simple Network Management Protocol Version
1/2c/3 (SNMPv1/v2c/v3)
l Standard Management Information Base (MIB)
l Remote Network Monitoring (RMON)
l NETCONF interfaces
l Network Quality Analysis (NQA)
2.2 Appearance
This section describes the appearances and panels of the CX320, MX517, and MX527, as
well as the installation positions of the CX320 in the chassis.
CX320 Switch Module
User Guide
2 Product Overview
Issue 09 (2019-08-02) Copyright © Huawei Technologies Co., Ltd. 13
To Next Page
Loading...
