manager of how a particular event is affecting the physical connectivity within the network.
The ‘End Node Locate’ tool provides the ability to locate a failing end node and, with one
mouse click, provide access to the RMON statistics for the failing Ethernet port supporting
that end node. These solutions provide visual and statistical tools necessary to quickly resolve
any network event or to manage performance in real-time. The BayStack 325 Switches
support “syslog” capability that helps in troubleshooting network issues.
Advanced management features
BootP and TFTP support allows centralized switch IP address assignment, software
upgrades, and SNMP agent updates over the network. The RADIUS-based (Remote
Authentication Dial-In User Services) security feature uses the RADIUS protocol to
authenticate local console and Telnet logins.
Enhanced security
BayStack 325 Switches offer the highest level of security with features including Secure Shell
(SSH) version 2, IEEE 802.1x based security, (also known as Extensible Authentication
Protocol [EAP]), assignment of proper VLAN and priority, Simple Network Management
Protocol (SNMPv3), MAC-address based security, and RADIUS authentication.
SSHv2 supports strong authentication and encrypted communications. It allows you to log
into the switch from an SSH client and perform a secure Telnet session using CLI commands.
This feature is ideal for security-conscious customers such as federal governments.
For added security, BayStack 325 Switches support the 802.1x-based security feature EAP.
Based on the IEEE 802.1x standard, EAP limits access to the network based on user creden-
tials. A user is required to “login” to the network using a username/password; the user
database is maintained on the authentication server (not the switch).
EAP prevents network connectivity without password authorization for added security and
control in physically non-secure areas. It is used where the network is not 100 percent phys-
ically secure or where physical security needs enhancement—for example, banks, trading
rooms, or classroom training facilities. EAP supports client access to the network and inter-
operates with Microsoft Windows XP and other compliant 802.1x clients.
SNMPv3 provides user authentication and data encryption for higher security. It also offers
secure configuration and monitoring.
BaySecure* MAC-address based security allows authentication of all access, not only to the
switches for management and configurations, but also access to the infrastructure through
these switches. This software feature limits access to only network-authorized and trusted
personnel, including full tracking of network connections. With BaySecure, network access
is granted or denied via proper MAC address identification (up to a maximum of 448).
The RADIUS-based security feature allows you to set up network access control, using the
RADIUS security protocol to authenticate local console and Telnet logins.
Port mirroring
The port mirroring feature (sometimes referred to as ‘conversation steering’) allows the
network administrator to designate a single switch port as a traffic monitor for a specified
port. Port mirroring copies packets flowing into a specified port and sends the replicated
data to the mirrored port for in-depth analysis of switched traffic patterns to troubleshoot
problems and optimize network configurations. Additionally, an external probe device can
be attached to the designated monitor port.
5
