do not support the IEEE 802.1X supplicant
MAC-based authentication: client is authenticated with the RADIUS server based on the client's MAC address
Authentication flexibility
:
Multiple IEEE 802.1X users per port: provides authentication of up to eight IEEE 802.1X users per port; prevents user
"piggybacking" on another user's IEEE 802.1X authentication
Concurrent IEEE 802.1X and Web or MAC authentication schemes per port: switch port will accept any of IEEE 802.1X and
either Web or MAC authentications
Access control lists
(ACLs): provide IP Layer 3 filtering based on source/destination IP address/subnet and source/destination
TCP/UDP port number
Identity-driven ACL
: enables implementation of a highly granular and flexible access security policy and VLAN assignment
specific to each authenticated network user
Dynamic ARP protection
: blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or theft of network data
Port security
: allows access only to specified MAC addresses, which can be learned or specified by the administrator
MAC address lockout
: prevents particular configured MAC addresses from connecting to the network
Source-port filtering
: allows only specified ports to communicate with each other
RADIUS/
: eases switch management security administration by using a password authentication server
Secure Shell
(SSHv2): encrypts all transmitted data for secure, remote command-line interface (CLI) access over IP networks
Port monitoring for network threats
: Provides sampled port traffic using sFlow technology to the HP Network Immunity
Manager application for Network Behavior Anomaly Detection (NBAD) analysis to detect threats and mitigate threats at the port
where the threat originated
Secure Sockets Layer
(SSL): encrypts all HTTP traffic, allowing secure access to the browser-based management GUI in the
switch
Secure File Transfer Protocol
(FTP): allows secure file transfer to and from the switch; protects against unwanted file
downloads or unauthorized copying of switch configuration file
Switch management logon security
: can require either RADIUS or authentication for secure switch CLI logon
DHCP protection
: blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks
STP BPDU port protection
: blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged
BPDU attacks
STP Root Guard
: protects the root bridge from malicious attacks or configuration mistakes
Convergence
IEEE 802.1AB Link Layer Discovery Protocol
(LLDP): is an automated device discovery protocol for easy mapping by network
management applications
LLDP-MED
(Media Endpoint Discovery): is a standard extension of LLDP that stores values for parameters such as QoS and VLAN
to automatically configure network devices such as IP phones
IP multicast snooping and data-driven IGMP
: automatically prevents flooding of IP multicast traffic
Monitor and diagnostics
Port mirroring
: enables traffic on a port to be simultaneously sent to a network analyzer for monitoring
Warranty and support
Lifetime warranty
: for as long as you own the product with advance replacement and next-business-day delivery (available in
most countries)†
Electronic and telephone support
: limited electronic and telephone support is available from HP; refer to:
www.hp.com/networking/warranty
for details on the support provided and the period during which support is available
Software releases
: refer to:
www.hp.com/networking/warranty
for details on the software releases provided and the period
during which software releases are available for your product(s)
QuickSpecs
HP 2610 Switch Series
Overview
DA - 13032 Worldwide — Version 18 — November 11, 2013
Page 3
