Configuration Guide 542
Configuring Network Security Network Security
Prevent ARP Flooding Attack
With the ARP Defend feature the switch can terminate receiving the ARP packets for 300
seconds when the transmission speed of the legal ARP packet on the port exceeds the
defined value so as to avoid ARP flooding attack.
DoS Defend
The DoS (Denial of Service) defend feature provides protection against DoS attacks. DoS
attacks occupy the network bandwidth maliciously by sending numerous service requests
to the hosts. It results in an abnormal service or breakdown of the network.
With DoS Defend feature, the switch can analyze the specific fields of the IP packets,
distinguish the malicious DoS attack packets and discard them directly. Also, DoS Defend
feature can limit the transmission rate of legal packets. When the number of legal packets
exceeds the threshold value and may incur a breakdown of the network, the switch will
discard the packets.
802.1X
802.1X protocol is a protocol for port-based Network Access Control. It is used to
authenticate and control access from devices connected to the ports. If the device
connected to the port is authenticated by the authentication server successfully, its
request to access the LAN will be accepted; if not, its request will be denied.
802.1X authentication uses the typical client-server model which contains three device
roles: client/supplicant, authenticator and authentication server. This is described in the
figure below:
Figure 1-2 802.1X Authentication Model
Authentication Server
Clients
Switch
Authenticator
To Next Page
Loading...
