Management Interface Wizard
Management Interface Wizard
Management Interface Wizard
Management Interface Wizard: helps ensure that management interfaces such as SNMP, telnet, SSH, SSL, Web, and USB are
secured at the desired level
Switch CPU protection
Switch CPU protection
Switch CPU protection
Switch CPU protection: provides automatic protection against malicious network traffic trying to shut down the switch
ICMP throttling
ICMP throttling
ICMP throttling
ICMP throttling: defeats ICMP denial-of-service attacks by enabling any switch port to automatically throttle ICMP traffic
Identity-driven ACL
Identity-driven ACL
Identity-driven ACL
Identity-driven ACL: enables implementation of a highly granular and flexible access security policy and VLAN assignment
specific to each authenticated network user
STP BPDU port protection
STP BPDU port protection
STP BPDU port protection
STP BPDU port protection: blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged
BPDU attacks
Dynamic IP lockdown
Dynamic IP lockdown
Dynamic IP lockdown
Dynamic IP lockdown: works with DHCP protection to block traffic from unauthorized hosts, preventing IP source address
spoofing
Dynamic ARP protection
Dynamic ARP protection
Dynamic ARP protection
Dynamic ARP protection: blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or theft of network data
Detection of malicious attacks
Detection of malicious attacks
Detection of malicious attacks
Detection of malicious attacks: monitors 10 types of network traffic and sends a warning when an anomaly that potentially
can be caused by malicious attacks is detected
Port security
Port security
Port security
Port security: allows access only to specified MAC addresses, which can be learned or specified by the administrator
MAC address lockout
MAC address lockout
MAC address lockout
MAC address lockout: prevents particular configured MAC addresses from connecting to the network
Source-port filtering
Source-port filtering
Source-port filtering
Source-port filtering: allows only specified ports to communicate with each other
RADIUS/
RADIUS/
RADIUS/
RADIUS/: eases switch management security administration by using a password authentication server
Secure Shell
Secure Shell
Secure Shell
Secure Shell: encrypts all transmitted data for secure remote CLI access over IP networks
Secure Sockets Layer
Secure Sockets Layer
Secure Sockets Layer
Secure Sockets Layer (SSL): encrypts all HTTP traffic, allowing secure access to the browser-based management GUI in the
switch
Secure FTP
Secure FTP
Secure FTP
Secure FTP: allows secure file transfer to and from the switch; protects against unwanted file downloads or unauthorized
copying of a switch configuration file
Switch management logon security
Switch management logon security
Switch management logon security
Switch management logon security: can require either RADIUS or authentication for secure switch CLI logon
Security banner
Security banner
Security banner
Security banner: displays a customized security policy when users log in to the switch
USB Secure Autorun
USB Secure Autorun
USB Secure Autorun
USB Secure Autorun (requires HP PCM+): deploys, diagnoses, and updates a switch using a USB flash drive; works with a
secure credential to prevent tampering
STP Root Guard
STP Root Guard
STP Root Guard
STP Root Guard: protects the root bridge from malicious attack or configuration mistakes
Integrated Threat Management applications
Integrated Threat Management applications
Integrated Threat Management applications
Integrated Threat Management applications: includes advanced, scalable, switch-integrated security tools such as stateful
firewall, intrusion detection/prevention system (IDS/IPS), and VPN concentrator via the HP Threat Management Services zl
Module
Convergence
Convergence
Convergence
Convergence
IP multicast routing
IP multicast routing
IP multicast routing
IP multicast routing: includes PIM Sparse and Dense modes to route IP multicast traffic
IP multicast snooping
IP multicast snooping
IP multicast snooping
IP multicast snooping (data-driven IGMP): automatically prevents flooding of IP multicast traffic
LLDP-MED
LLDP-MED
LLDP-MED
LLDP-MED (Media Endpoint Discovery): is a standard extension of LLDP that stores values for parameters such as QoS and
VLAN to automatically configure network devices such as IP phones
RADIUS VLAN for voice
RADIUS VLAN for voice
RADIUS VLAN for voice
RADIUS VLAN for voice: uses a standard RADIUS attribute and LLDP-MED to automatically configure a VLAN for IP phones
PoE allocations
PoE allocations
PoE allocations
PoE allocations: support multiple methods (automatic, IEEE 802.3af class, LLDP-MED, or user specified) to allocate PoE
power for more efficient energy savings
Flexibility
Flexibility
Flexibility
Flexibility
Unified Wired and Wireless Deployment and Management
Unified Wired and Wireless Deployment and Management
Unified Wired and Wireless Deployment and Management
Unified Wired and Wireless Deployment and Management: employs the MSM765zl mobility controller, and offers secure,
advanced wireless services with simplified management and unified wired and wireless operation across the network
Complete feature set
Complete feature set
Complete feature set
Complete feature set: provides Gigabit PoE for edge VoIP solutions, scalable 10 GbE for enterprise-class distribution-layer
implementations, advanced wireless management for comprehensive mobility solutions, and critical high-availability features
for midmarket core network deployments
Programmable ASIC design
Programmable ASIC design
Programmable ASIC design
Programmable ASIC design: allows the seamless addition of new QoS and security features over time without costly hardware
upgrades
Warranty and support
Warranty and support
Warranty and support
Warranty and support
QuickSpecs
HP E8200 zl Switch Series
HP E8200 zl Switch Series
HP E8200 zl Switch Series
HP E8200 zl Switch Series
Overview
DA - 12862 North America — Version 19 — September 26, 2011
Page 5