manualshive.com logo in svg

Pakedge SX-8P, User Manual, Page: 14 / 61

Share
Download
Pakedge SX-8P User Manual Download Page 14

14 

 

DoS 

page 

 

A Denial of Service (DoS) attack is an attempt to make a device unavailable to its users. DoS attacks 
saturate the device with external communication requests, so that it cannot respond to legitimate 
traffic. These attacks usually lead to a device CPU overload. 

The DoS protection feature is a set of predefined rules that protect the network from malicious attacks. 
The 

Property

 section allows activation of the security settings. 

POD:

 Avoids ping of death attack. 

Land:

 Drops the packets if the source IP address is equal to the destination IP address.   

UDP Blat:

 Drops the packets if the UDP source port equals to the UDP destination port.   

TCP Blat:

 Drops the packages if the TCP source port is equal to the TCP destination port. 

DMAC = SMAC:

 Drops the packets if the destination MAC address is equal to the source MAC address.   

Null Scan Attack:

 Drops the packets with NULL scan. 

X-Mas Scan Attack:

 Drops the packets if the sequence number is zero, and the FIN, URG and PSH bits 

are set. 

TCP SYN-FIN Attack:

 Drops the packets with SYN and FIN bits set. 

Summary of Contents for SX-8P

Page 1: ...SX 8P Enterprise AV Smart Managed Switches User Guide...

Page 2: ...ssly approved by the party responsible for compliance could void the user s authority to operate this equipment WARNING TO PREVENT FIRE OR SHOCK HAZARD DO NOT EXPOSE THIS PRODUCT TO RAIN OR MOISTURE T...

Page 3: ...and pull out all cables such as the power cord fiber Ethernet cable etc in lightening days 7 Disconnect the power supply and pull out the plug if the device is out of use for a longtime 8 Keep the dev...

Page 4: ...rd 9 System 9 Basic Settings 10 Ports 16 Port Settings 16 PoE 24 MAC Control 26 VLANs 27 Voice VLAN 33 Traffic menu 35 QoS 36 STP 41 IGMP 45 Maintenance 49 SNMP 50 LLDP 51 Syslog 53 Network Diagnostic...

Page 5: ...s you may contact us at Customer Service Email customerservice pakedge com Phone 650 385 8701 Technical Support Email support pakedge com Phone 650 385 8703 Website www pakedge com Visit our website f...

Page 6: ...Front panel LED explanation from left to right LED Status Operation SFP Blue Port is online link established Flashing Blue Activity Off No device connected Ports 1 8 PoE Blue PoE in use Flashing Blue...

Page 7: ...d SYS LED will be blinking indicating restoring to default factory settings Note 1 Please keep the switch in a dry and well ventilated environment 2 Keep the work bench stable and well earthed 3 Do no...

Page 8: ...your computer to a static IP of 192 168 1 10 The following image is an example of this 4 Open any Internet browser and go to the address http 192 168 1 205 Note For best results we recommend using Mo...

Page 9: ...ashboard provides frequently used quick links to help with more efficient setup SYSTEM The System section contains the three sub sections System Settings Security and Time Range Management each of wil...

Page 10: ...he Management VLAN indicates the VLAN on which the management GUI of the switch will reside on The MAC Age field indicates how long a mac address that was dynamically learned will be kept in the forwa...

Page 11: ...ht Saving Time to have the switch automatically adjust the time when Daylight Savings occurs and set the dates and times it will take effect Select Server Configuration to specify an SNTP server for t...

Page 12: ...te a new user by selecting New under Multi user Management Configuration Enter the new Username Enter a password in the New Password field You will need to re enter the password to confirm The Privile...

Page 13: ...allows the user to prevent the selected ports from communication with each other Protected ports are allowed to communicate only with unprotected ports No traffic will be allowed to pass between any...

Page 14: ...ecurity settings POD Avoids ping of death attack Land Drops the packets if the source IP address is equal to the destination IP address UDP Blat Drops the packets if the UDP source port equals to the...

Page 15: ...Size Checks the minimum TCP header and drops the TCP packets with the header smaller than the minimum size The length range is from 0 to 31 bytes and default length is 20 bytes IPv6 Min Fragment Chec...

Page 16: ...ETTINGS Common Configuration page The Common Configuration page will allow you to change a port state or port speed You can simply click on a port to select it you can also select multiple ports and t...

Page 17: ...to only clear the statistics of the selected port Flow Control The Flow Control page allows you to enable or disable flow control per port With flow control enabled on both the switch and its link par...

Page 18: ...18 flow control feature is disabled To change the state of flow control select the ports you want to change and then change the State down below Click Apply to finalize the settings...

Page 19: ...rate calculated by kilobit Storm Control IFG Calculates traffic with or w o preamble 8 bytes Inter Frame Gap 12 bytes taken into account Exclude exclude the preamble IFG 20 bytes when counting ingres...

Page 20: ...rate Unit pps packet per second range 1 262143 or Kbps Kbits per second range16 1000000 depends on global mode setting Action Select the state of setting Drop Packets exceed storm control rate will b...

Page 21: ...at the actual connection speed The rate of the aggregation group equals the total rate of its member ports LACP For LACP aggregation you must manually maintain the aggregation state of the member port...

Page 22: ...o this aggregation group Click Apply to finalize the settings and create the aggregation group The LACP Protocol page allows you to modify the system priority or the change the LACP timeout setting To...

Page 23: ...You can attach a monitoring device to the mirroring destination port to view details about the packets passing through the copied port s This is useful for network monitoring and troubleshooting purpo...

Page 24: ...The PoE page allows you to modify power over Ethernet settings The PoE global Setup configures PoE Power Management Mode When it is Static you can configure power allocation manually When power suppl...

Page 25: ...e access to available power from the switch Devices with high priority will have access to available power first PoE power Timerange If you created a time range object under Time Range Management you...

Page 26: ...wing image illustrates this After you have selected a port you can click bind on a mac address entry and the switch will bind that mac address to the current port Data from any other mac address will...

Page 27: ...connections VLANs allow a network to be logically segmented into different broadcast domains All members in a VLAN are treated as in the same broadcast domain and communicate as if they were on the s...

Page 28: ...You can continue adding VLANs in this manner To add ports to a VLAN click on the VLAN under Port Assignments Note All ports will belong to VLAN 1 by default Select the ports you wish to add to this VL...

Page 29: ...ed to add any additional VLANs you configured to the Hybrid ports To do this click the edit icon next to one of the Hybrid ports There will be a blue outline around the box under the U column The U in...

Page 30: ...rt Click Apply Repeat these steps for any other Hybrid ports you need to configure If you need to add another Hybrid port click the add symbol under the Hybrid section Select the VLAN you wish to be u...

Page 31: ...e same net segment regardless of their physical locations Logically a VLAN can be equated to a broadcast domain because broadcast packets are forwarded to only members of the VLAN on which the broadca...

Page 32: ...k like the following image Click Next to continue Step 3 Select your zone link ports The zone link ports are ports that connect to other VLAN aware devices such as Routers Access Points and other mana...

Page 33: ...ded as voice data flow and the port which has received the voice data flow will automatically join the voice VLAN Thus the voice VLAN tagged voice traffic of voice devices connected to this port can b...

Page 34: ...default VLAN cannot be VLAN 1 CoS 802 1p Remarking Enable or Disable 1p remarking If enabled qualified packets will be remarked by this value Also select a CoS value of VPT Qualified packets will use...

Page 35: ...Auto indicates that the switch will automatically place a port s into the Voice VLAN when it detects voice data Manual indicates that the switch will simply place the port s into the Voice VLAN perma...

Page 36: ...in cellular data communication QoS Property page The QoS Property page allows for the configuration of global QoS mode settings and individual ports It also provides the individual port configurations...

Page 37: ...efault CoS priority value for the selected ports Trust Port trust state Enabled Traffic will follow trust mode in global setting Disabled Traffic will always use best efforts Remarking CoS Port CoS re...

Page 38: ...tional to the weight of the queue the higher the weight the more frames are sent The queuing modes can be selected on the Queue page When the queuing mode is by Strict Priority the priority sets the o...

Page 39: ...Mapping page The CoS Mapping table determines the egress queues of the incoming packets based on the 802 1p priority in their VLAN tags For incoming untagged packets the 802 1p priority will be the de...

Page 40: ...es The original VLAN Priority Tag VPT of the packet isunchanged Use the Queues to DSCP page to remark DSCP value for egress traffic from eachqueue D DSCP Priority Value in numbered format P Priority t...

Page 41: ...oadcast storm However spare redundant links are indispensable to ensure reliability Spanning tree allows a network design to include spare redundant links to provide automatic backup paths if an activ...

Page 42: ...on of an Edge port and a P2P port is shown below Edge port The edge port is a configurable designation port that is directly connected to a segment where a loop cannot be created Usually it would be a...

Page 43: ...the STP hello time in second to broadcast its hello message to other bridges by Designated Ports Its valid range is from 1 to 10 seconds Forward Delay Specify the STP forward delay time which is the a...

Page 44: ...ccurred in the short time before the STP state change P2P Port Specify the Point to Point operation mode Enable Force the true state as link to an RSTP participating switch Disable Force to false stat...

Page 45: ...ined the group It provides switches with a mechanism to prune multicast traffic from links that do not contain a multicast listener an IGMP client State Set the enabling status of IGMP Snooping functi...

Page 46: ...e IGMP Leave message Enable If checked Enable immediate leave else disable immediate leave Query Robustness The Admin Query Robustness allows tuning for the expected packet loss on a subnet Query Inte...

Page 47: ...3 Querier version 3 IGMP Snooping version should be IGMPv3 IGMP Statistics Receive Packet Total Total RX IGMP packet include ipv4 multicast data to CPU Valid The valid IGMP snooping process packet InV...

Page 48: ...on MAC and VLAN ID DIP VID Forward method is the Destination IP and VLAN ID Multicast Group VLAN The VLAN ID of group Group Address The group IP address Member The member ports of group Type The type...

Page 49: ...es and factory reset the switch To create a backup of your configuration simply click Backup To restore a configuration click the icon and navigate to your configuration file Click Restore The Firmwar...

Page 50: ...ce and detect potential problems in the Switch switch group or network Community Community The SNMP community name Its maximum length is 20 characters Access Right SNMP access mode Read Only Read only...

Page 51: ...name for notification LLDP LLDP Link Layer Discovery Protocol is a Layer 2 protocol that is used for network devices to advertise their own device information periodically to neighbors on the same IE...

Page 52: ...X Only Receive LLDP PDUs only TX Only Transmit LLDP PDUs only TX And RX Transmit and receive LLDP PDUs both Neighbor Info Local Port Number of the local port to which the neighbor is connected Chassis...

Page 53: ...on by the LLDP agent on the corresponding port Receive Frame Error Number of invalid LLDP frames received by the LLDP agent on the corresponding port while the LLDP agent is enabled Receive TLV Discar...

Page 54: ...e allows you to input a Syslog Server IP address to collect logs Check the Enable Logging box Check the Enable Server box Select a Log Severity Level Enter a Server IP address Click Apply to finalize...

Page 55: ...55 Ping page Destination IP Address Specify the Hostname IPv4 IPv6 address for the remote logging server Sending Times Specify the number of ICMP ping requests...

Page 56: ...TECHNICAL SUPPORT Please visit our website for up to date support information Website www pakedge com Email support pakedge com CONTACT INFORMATION Pakedge Device Software Inc 11734 Election Road Dra...

Page 57: ...on 228 mm 128 mm 31 mm Weight 5 lbs 2 25 kg Features Specification Switching capacity 18 Gbps Packet forwarding 13 3 Mpps Packet Buffer 4Mbits MAC address table 8K VLAN 1 VLAN distribution based on po...

Page 58: ...rust mode 2 IP DSCP port trust mode 3 IP Precedence port trust mode 4 Bandwidth control 5 Up to 8 queue QoS mapping Firmware Configuration Upgrade TFTP Trivial File Transfer Protocol WEB Management 1...

Page 59: ...and does not cover normal maintenance This warranty does not cover any appearance item any damage to living structure failure resulting from accident for example flood electrical shorts insulation mi...

Page 60: ...ry to the end user For your convenience keep the original bill of sale as evidence of the purchase date from your authorized dealer Important Warranty Registration Please register your product at www...

Page 61: ...61 11734 Election Road Draper UT 8402045 U S A Visit Us At www pakedge com Pakedge Device Software Inc 2017 All Rights Reserved DOC 00251 C 2017 06 19 MS...

Reviews:

No comments