Chapter2SystemOverview
SecurityControl
Thefunctionsofsecuritycontrolarelistedbelow.
1.Userlevelsecuritycontrolisprovided.
i.IEEE802.1ximplementsdynamicandport-basedsecurity,
whichprovidestheuserIDauthenticationfunction.
ii.ItsupportsMAC/IP/VLAN/PORTcombinationatrandom,
whichpreventsillegaluserfromaccessingthenetwork
effectively.
iii.Portisolationishelpfultomakesurethatuserscannot
monitororaccesstootherusersonthesameswitch.
iv.DHCPmonitoringpreventsspitefulusersdeceivingthe
serverandsendingspuriousaddress,soitcanstartIP
sourceprotectionandcreateabindingtablefortheIP
addressoftheuser ,MACaddress,portsandVLANto
preventuserdeceivingorusingIPaddressofotherusers.
2.Equipmentlevelsecurityisprovided.
i.CPUsecuritycontroltechnologycanresistDoSattackfrom
CPU.
ii.SSH/SNMPv3protocolsuppliesnetworkmanagementse-
curity.
iii.Multilevelsecurityofconsolecanpreventunauthenticated
userschangingtheswitchconguration.
iv.RADIUSidenticationauthenticationputstheswitchun-
derthecentralizedcontrolandpreventsunauthorizeduser
frommodifyingconguration.
3.Networksecuritycontrolisprovided.
i.ACLbasedonportorTrunkmakesitpossibleforusersto
applysecuritystrategytotheportsofswitchesorTrunk.
ii.MACaddressbindingandthelterbasedonsourceordes-
tinationprovideeffectiveowcontrolbasedonaddress.
iii.Portmirroringfunctionprovidesaneffectivetoolfornet-
workmanagementanalysis.
QoSGuarantee
ApplicationsofQoSareshownbelow:
1.Standard802.1pCoSandDSCPeldsortcanbelabeledand
sortedagainbasedonsinglepacketwithsourceanddesti-
nationIPaddress,sourceanddestinationMACaddress,and
TCP/UDPportnumber .
2.Itprovidesqueueschedulealgorithm:StrictPriority(SP)and
combinationschedule(SP+WRR).OfwhichWRRistheabbre-
viationofWeightedRoundRobin.
3.ItsupportsCommittedAccessRate(CAR)function.Itman-
agestheasynchronousuplinkanddownlinkdataowfromend
CondentialandProprietaryInformationofZTECORPORATION5
To Next Page
Loading...
