Multiple spanning tree
protocol groups
The BayStack 460 Switch supports multi-
ple spanning tree groups (STGs). It
supports a maximum of eight STGs, either
all in one standalone switch or across a
stack consisting of several BayStack 460
Switches. Multiple STGs provide multiple
data paths, which can be used for load-
balancing and redundancy.
ASCII configuration file
The BayStack 460 Switch can download a
user-editable ASCII configuration file from
a Trivial File Transfer Protocol (TFTP)
server. The ASCII configuration file can
be loaded automatically at boot time or on
demand using the management systems
(console menus or CLI). Once down-
loaded, the configuration file automatically
configures the switch or stack according to
the CLI commands in the file. This feature
allows the flexibility of creating command
configuration files that can be used on
several switches or stacks with minor
modifications.
Security
The BayStack* 460 Switch features
BaySecure, which allows authentication
of all access, not only to the switches for
management and configurations, but also
access to the infrastructure through these
switches. This software feature limits access
to only network authorized and trusted
users including full tracking of network
connections. With BaySecure, network
access is granted or denied by proper MAC
address identification (maximum of 448).
In addition, with the Distributed Access
List Security feature, network access is
granted or denied on a per port basis.
The BayStack 460 Switch also provides
Remote Authentication Dial-In User
Service (RADIUS) for switch security
management.
IP Manager List limits access to the manage-
ment features of the BayStack 460 Switch
by a defined list of IP addresses, providing
greater network security and manageability.
SNMPv3 provides user authentication and
data encryption for higher security. It also
offers secure configuration and monitoring.
For even greater security, the BayStack 460
Switch also supports the IEEE 802.1x
standard (Extensible Authentication Protocol
or EAP). EAP limits access to the network
based on user credentials. A user needs to
“log in” to the network using username/
password; the user database is maintained on
the authentication server (not the switch). EAP
prevents network connectivity without pass-
word authorization for added security and
control in physically non-secure areas. For
example, banks, trading rooms, or classroom
training facilities could take advantage of this
feature. EAP supports client access to the
network and interoperates with Microsoft
Windows XP.
Web-based management
Web-based management using a Web browser
simplifies the task of managing the BayStack
460 Switch. This feature provides summary,
configuration, fault, statistics, application,
administration, and support pages for entire
stack. Traffic classification and prioritization
can be set via the Web-based QoS Wizard
and advanced configuration tool. Real-time
sampling provides up-to-date LED stats info
for stacked units. The Web interface also
allows for static configuration of numerous
parameters of the device.
4
Figure 5: Small to medium
enterprise solution
Business Communications
Manager 400
BayStack 460 Stack
Business Series
Terminals
Servers
Desktop
users
802.11
Wireless
LAN
i2004
Standard LAN
Power over Ethernet
Power
10/100
Mbps
Net
camera
