HP ProCurve Switch 2610 Series
3
•
Authentication flexibility:
-
Multiple IEEE 802.1X users per port:
provides authentication of
up to eight IEEE 802.1X users per port; prevents user
"piggybacking" on another user's IEEE 802.1X authentication
-
Concurrent IEEE 802.1X and Web or MAC authentication
schemes per port:
switch port will accept any of IEEE 802.1X
and either Web or MAC authentications
•
Access control lists (ACLs):
provide IP Layer 3 filtering based
on source/destination IP address/subnet and source/destination
TCP/UDP port number
•
Identity-driven ACL:
enables implementation of a highly
granular and flexible access security policy and VLAN assignment
specific to each authenticated network user
•
Dynamic ARP protection:
blocks ARP broadcasts from
unauthorized hosts, preventing eavesdropping or theft of network
data
•
Port security:
allows access only to specified MAC addresses,
which can be learned or specified by the administrator
•
MAC address lockout:
prevents configured particular MAC
addresses from connecting to the network
•
Source-port filtering:
allows only specified ports to
communicate with each other
•
RADIUS/:
eases switch management security
administration by using a password authentication server
•
Secure Shell (SSHv2):
encrypts all transmitted data for secure,
remote command-line interface (CLI) access over IP networks
•
Port monitoring for network threats:
Provides sampled port
traffic using sFlow technology to the HP ProCurve Network
Immunity Manager application for Network Behavior Anomaly
Detection (NBAD) analysis to detect threats and mitigate threats at
the port where the threat originated
•
Secure Sockets Layer (SSL):
encrypts all HTTP traffic, allowing
secure access to the browser-based management GUI in the
switch
•
Secure FTP:
allows secure file transfer to/from the switch;
protects against unwanted file downloads or unauthorized copying
of switch configuration file
•
Switch management logon security:
can require either
RADIUS or authentication for secure switch CLI logon
•
DHCP protection:
blocks DHCP packets from unauthorized
DHCP servers, preventing denial-of-service attacks
•
STP BPDU port protection:
blocks Bridge Protocol Data Units
(BPDUs) on ports that do not require BPDUs, preventing forged
BPDU attacks
•
STP Root Guard:
protects root bridge from malicious attack or
configuration mistakes
Convergence
•
IEEE 802.1AB Link Layer Discovery Protocol (LLDP):
automated device discovery protocol for easy mapping by network
management applications
•
LLDP-MED (Media Endpoint Discovery):
a standard extension
of LLDP that stores values for parameters such as QoS and VLAN
to automatically configure network devices such as IP phones
•
IP multicast snooping and data-driven IGMP:
automatically
prevents flooding of IP multicast traffic
Quality of Service (QoS)
•
Class of Service (CoS):
sets the IEEE 802.1p priority tag based
on IP address, IP Type of Service (ToS), L3 protocol, TCP/UDP
port number, source port, and DiffServ
•
Layer 4 prioritization:
enables prioritization based on TCP/UDP
port numbers
•
Traffic prioritization (IEEE 802.1p):
allows real-time traffic
classification into eight priority levels mapped to eight queues
Monitor and diagnostics
•
Port mirroring:
enables traffic on a port to be simultaneously
sent to a network analyzer for monitoring
Warranty and support
•
ProCurve Lifetime Warranty:
for as long as you own the
product, with next-business-day advance replacement (available
in most countries).
•
Electronic and telephone support:
limited electronic and
telephone support is available from HP. Refer to the HP Web site
at www.procurve.com/support for details on the support provided
and the period during which support is available.
•
Software releases:
refer to the HP Web site at
www.procurve.com/support for details on the software releases
provided and the period during which software releases are
available.
