Cerio CS-2424G A2S Скачать руководство пользователя | Manualshive

Страница: 78 / 114

background image

V1.0a

11.8

DoS

DoS attack (denial-of-service) is a cyber-attack where the perpetrator seeks to make a machine or
network resource unavailable to its intended users by temporarily or indefinitely disrupting services of
a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted
machine or resource with superfluous requests in an attempt to overload systems and prevent some
or all legitimate requests from being fulfilled.

11.8.1

Property

This default is enabled all DoS protection feature and SYN-FIN / SYN-RST protections. The default
threshold is 60 SYN packets per second. The default period of port recovery is 60 seconds.

«
...
76
77
78
79
80
...
»

Содержание CS-2424G A2S

Страница 1: ...V1 0a User Manual CERIO Corporation CS 2424G_A2S 24 Port 10 100 1000M Gigabit Web Managed Switch with 4 SFP Ports...

Страница 2: ...s operated in a commercial environment This equipment generates uses and can radiates radio frequency energy and if not installed and used in accordance with the user s manual may cause interference i...

Страница 3: ...5 3 3 2 Error Disabled 17 3 3 3 Bandwidth Utilization 18 3 4 Link Aggregation 18 3 5 MAC Address Table 19 4 Network 20 4 1 IP Address 21 4 2 System Time 21 5 Port 22 5 1 Port setting 23 5 2 Error Disa...

Страница 4: ...very LLDP 46 9 1 Property 46 9 2 Port Setting 47 9 3 Packet View 48 9 4 Local Information 50 9 5 Neighbor 52 9 6 Statistics 53 10 Multicast 53 10 1 General 53 10 1 1 Property 53 10 1 2 Group Address 5...

Страница 5: ...rt Security 75 11 6 Protected Port 76 11 7 Storm Control 76 11 8 DoS 78 11 8 1 Property 78 11 8 2 Port Setting 79 11 9 Dynamic ARP Inspection 79 11 9 1 Property 79 11 9 2 Statistics 81 11 10 DHCP Snoo...

Страница 6: ...te 103 14 5 Copper Test 103 14 6 Fiber Module 104 15 Management 104 15 1 User Account 104 15 2 Firmware 105 15 2 1 Upgrade Backup 105 15 2 2 Active Image 105 15 3 Configuration 106 15 3 1 Upgrade Back...

Страница 7: ...V1 0a...

Страница 8: ...llation CS 2424G A2S can be configured through a PC NB by using its web browser such as Internet Explorer 6 0 or later Set the IP segment of the administrator s computer to be in the same range as CS...

Страница 9: ...nt Windows OS Step 1 Please click on the computer icon in the bottom right window and click Open Network and Sharing Center Step 2 In the Network and Sharing Center page click on the left side of Chan...

Страница 10: ...V1 0a Step 3 In Change adapter setting Page right click on Local LAN then select Properties Step 4 In the Properties page click the Properties button to open TCP IP setting...

Страница 11: ...rsion 4 TCP IPv4 and double click to open TCP IPv4 Properties window Step 6 Select Use the following IP address and fix in IP Address to 192 168 2 X ex The X is any number from 1 to 253 Subnet mask 25...

Страница 12: ...There will be a Certificate Error because the browser treats system as an illegal website System login Overview page will appear after successful login 2 2 System login username and password informati...

Страница 13: ...sername root Password default After the authentication procedure the home page will show up Select one of the configurations by clicking the icon 3 System Status 3 1 Device Information This administra...

Страница 14: ...m use MAC address IPv4 v6 Address Display system use IP address System Uptime Display system operating time System Current Display system time Loader Version Display system loader version Loader Time...

Страница 15: ...nistrator can select RAM or Flash Showing Administrator can set pen display 3 3 Port Display detailed information for each port 3 3 1 Statistics Administration can choose to view specified GE or LAG i...

Страница 16: ...1 0a Etherlike page displays statistics per interface according to the Etherlike MIB standard definition This function provides more detailed information regarding errors in the physical layer Layer 1...

Страница 17: ...V1 0a 3 3 2 Error Disabled If administrator has set Error disabled functions then can monitor information in page...

Страница 18: ...V1 0a 3 3 3 Bandwidth Utilization This page can display Tx Rx Real time bandwidth information of each port Instant used rate per port 3 4 Link Aggregation...

Страница 19: ...support 8 Link Aggregation group Administrator can enable 8 LAG Name Disable LAGs name Type Display Link Aggregation used Static or LACP mode Link Status Display LA status Active inactive Member Disp...

Страница 20: ...V1 0a VLAN Display each port used VLAN number MAC Address Display device use MAC address information Type Display each port used type for Dynamic or Static Port Display Port number 4 Network...

Страница 21: ...ess will be dispatched by the DHCP server IPv4 Address subnet Gateway DNS1 2 If used static IP address then administrator can modify this IP address and subnet and gateway and DNS IP address of the sy...

Страница 22: ...tem time Note If administrator chooses SNTP Server to synchronization update time then must confirm system gateway and DNS is correct and switch system must be able to connect to the SNTP Server Dayli...

Страница 23: ...Duplex Flow Control by each port Please select port number in checkbox and click apply button to set speed Duplex Flow Control of each port 5 2 Error Disabled This function can block of faulty operat...

Страница 24: ...ll auto immediate block of faulty operation until the after the set time system will auto re enable Recovery Interval Administrator can set time of auto recovery interval 5 3 Link Aggregation setup Li...

Страница 25: ...go to set LA used ports Type LDAP function support Static and LACP Dynamic 2 types Static If used static the number of ports on both sides of the switch is fixed every entity network connection can t...

Страница 26: ...ed and flow control for Link Aggregation Group LAG 5 3 3 LACP The LACP can aggregate multiple Ethernet ports together to form a logical aggregation group To upper layer entities all the physical links...

Страница 27: ...dled into the aggregated bundle and which ports are put in standby mode Port priorities on the other device the no controlling end of the link are ignored In priority comparisons numerically lower val...

Страница 28: ...set Jumbo Frame for switch Note Jumbo frames support takes effect only after it is enabled and after the switch is rebooted 6 VLAN Administrator can set IEEE 802 1q Tag Based VLAN or Port Based VLAN...

Страница 29: ...lect VLANs number in Available VLAN table and move to Created VLAN table will complete the 802 1q VLAN VLAN Table Administrator can checkbox VLAN to edit or delete if check and click Edit button then...

Страница 30: ...member of the VLAN Untagged This interface is an untagged member of the VLAN Frames of the VLAN are sent untagged to the interface VLAN PVID Check to set the PVID of the interface to the VID of the V...

Страница 31: ...agged packets to and from the VLAN Otherwise traffic might leak from one VLAN to another Port Display selected port number Mode Displays the port VLAN mode that was selected on the Interface Settings...

Страница 32: ...nnel This enables the user to use own VLAN arrangements PVID across the provider network PVID Enter the Port VLAN ID PVID of the VLAN to which incoming untagged and priority tagged frames are classifi...

Страница 33: ...ier TPID value for the interface 6 5 Voice VLAN Voice VLAN allows you to enhance VoIP service by configuring ports to carry IP Voice traffic from IP phones on a specific VLAN VoIP traffic has a precon...

Страница 34: ...AC VLAN The MAC VLAN feature allows incoming untagged packets to be assigned to a VLAN and thus classify traffic based on the source MAC address of the packet You define a MAC to VLAN mapping by confi...

Страница 35: ...the VLAN is valid ingress processing on the packet continues otherwise the packet is dropped This implies that you can configure a MAC address mapping to a VLAN that has not been created on the syste...

Страница 36: ...network In addition you can use GVRP to dynamically enable port membership in static VLANs configured on a switch Once GVRP creates a dynamic VLAN will can also reduce unnecessary broadcast traffic a...

Страница 37: ...V1 0a 6 7 3 Statistics When enable and set GVRP function then administrator can check every port in GVRP include Receive Transmit and Error information...

Страница 38: ...d port When administrator select checkbox MACs address and click Add Static Address button then selected MAC address will move to Static Address function 7 2 Static Address If administrator fixed an M...

Страница 39: ...ps but establishes the redundant links as a backup if the initial link should fail If Spanning Tree costs change or if one network segment in the Spanning Tree becomes unreachable the spanning tree al...

Страница 40: ...llo Time The hello time is the time between each bridge protocol data unit BPDU that is sent on a port This time is equal to 2 seconds sec by default but you can tune the time to be between 1 and 10 s...

Страница 41: ...ator can use MAC address will set a name Revision Administrator every time change MST value customary Revision to add 1 value Max Hop Set max hop of switch 8 2 Port Setting State Administrator can set...

Страница 42: ...panning Tree Where more than one port is assigned the highest priority the port with lowest numeric identifier will be enabled Range 0 240 default is 128 Edge Port Use portfast if this port connection...

Страница 43: ...ot Path Cost Displays the root path cost of the selected MST instance Remaining Hops Displays the number of hops remaining to the next destination 8 4 MST Port Setting MST Multiple Spanning Tree is an...

Страница 44: ...rding state Administrator can assign lower cost values to interfaces that you want selected first and higher cost values that you want selected last If all interfaces have the same cost value the MST...

Страница 45: ...he link is working in RSTP or STP mode Internal The port is an internal port Designated Bridge Displays the bridge ID number that connects the link or shared LAN to the root Designated Port ID Display...

Страница 46: ...or advertising their identity capabilities and neighbors on an IEEE 802 local area network principally wired Ethernet LLDP information is sent by devices from each of their interfaces at a fixed inter...

Страница 47: ...or a period of time to be initialized to avoid frequent changed when the port use LLDP mode default value is 2 Transmit Delay Set this value main purpose is to be local device to send LLDPDU delay tim...

Страница 48: ...Optional TLV Administrator can be configuration information into different TLV encapsulates LLDPDU and issued to the neighbor device 802 1 VLAN Name Administrator can choose VLAN group 9 3 Packet View...

Страница 49: ...twork Policy Size Bytes Display total LLDP MED Network Policy packets byte size Operational Status Display the MED Network Policy whether were transmitted or they were overloaded MED Inventory Size By...

Страница 50: ...lay the MED 802 1 TLVs whether were transmitted or they were overloaded Total In Use Bytes Display total bytes of LLDP information Available Bytes Display total available bytes left for additional LLD...

Страница 51: ...rted Port speed auto negotiation support status Auto Negotiation Enabled Port speed auto negotiation active status Auto Negotiation Advertised Capabilities Port speed auto negotiation capabilities for...

Страница 52: ...mation is deleted Based on the value received from the neighbor time to Live TLV during which no LLDP PDU was received from a neighbor Local Port Number of the local port to which the neighbor is conn...

Страница 53: ...of received TLV that were discarded Unrecognized Total number of received TLV that was unrecognized Neighbor Timeout Number of neighbor Timeout on the port 10 Multicast Multicast is the only type of I...

Страница 54: ...rames to Router port Multicast Forward Method Administrator can select destination MAC or destination IP of IPv4 6 10 1 2 Group Address The multicast address range is 224 0 0 0 to 239 255 255 255 and...

Страница 55: ...N Define the VLAN of the group to be displayed IP Version Select either Version 4 or Version 6 Group Address Define the IP address of the Multicast group to be displayed Member Select ports of Multica...

Страница 56: ...d the Multicast streams and propagate the registration messages to other subnets VLAN Select VLAN in available VLAN table IP Version Select either Version 4 or Version 6 that the Multicast router supp...

Страница 57: ...fects only the ports that are members of the selected VLAN VLAN Select VLAN in available VLAN table IP Version Select either Version 4 or Version 6 that the Multicast router supports Type Select the t...

Страница 58: ...its or denies a range of Multicast groups to be learned when the join group matches the filter profile IP group range 10 1 6 Filtering Binding When the setting is completed of Filtering Profile admini...

Страница 59: ...multicast traffic The IGMP snooping support v2 v3 administrator can forward or drop Unknown Multicast 10 2 1 Property When IGMP Snooping is enabled globally or on a VLAN all IGMP packets are forwarded...

Страница 60: ...inistrator can configure IGMP Snooping for Query Robustness Query Interval Administrator can configure IGMP Snooping for Query Interval Query Max Response Interval Administrator can configure IGMP Sno...

Страница 61: ...click Edit button will be go to set IGMP Snooping version this function can get IGMP Snooping query device regularly to VLAN local segments in all hosts and routers send IGMP Snooping general query p...

Страница 62: ...lists to forward Multicast packets only to switch ports where there are host nodes that are members of the Multicast groups The switch does not support MLD Querier 10 3 1 Property Administrator to ena...

Страница 63: ...Querier Query Interval Enter the query interval value to be used by the switch if the switch cannot derive the value from the messages sent by the elected Querier Query Max Response Interval Enter th...

Страница 64: ...der network for example the broadcast of multiple television channels over a service provider network MVR allows a subscriber on a port to subscribe and unsubscribe to a multicast stream on the networ...

Страница 65: ...rameter to configure a contiguous series of MVR group addresses the range for count is 1 to 128 the default is 1 Query Time Administrator can defines the maximum time to wait for IGMP report membershi...

Страница 66: ...to source ports All source ports on a switch belong to the single multicast VLAN Note If administrator to set a non MVR port with MVR characteristics is operation fails The default configuration is a...

Страница 67: ...along with the other parameters on the RADIUS page Use Default Parameters Retry Enter the number of transmitted requests that are sent to the RADIUS server before a failure is considered to have occur...

Страница 68: ...he RADIUS server If administrator select use default checked in checkbox will use the default key string Retry Select User Defined to enter the number of requests that are sent to the RADIUS server be...

Страница 69: ...not entered for an individual server the value is taken from this field default is 5 Key String Enter the default key string in encrypted or plaintext form used for communicating with all TACACS serv...

Страница 70: ...o enter the key string form used for authenticating and encrypting the communication between the switch and the TACACS server This key must match the key configured on the TACACS server If administrat...

Страница 71: ...ion in menu management user Account Enable RADIUS System login account use remote RADIUS server authentication TACACS System login account use remote TACACS server authentication 11 3 2 Login Authenti...

Страница 72: ...strator can select a specific VLAN only allow this VLAN can to enter the UI management page 11 4 2 Management Service Administrator can select enable Telnet SSH HTTP HTTPS SNMP by different protocol t...

Страница 73: ...ord Retry Count function if login error reaches the set value within then set value of silent time will can t be reopen login page until the set time end 11 4 3 Management ACL Administrator can create...

Страница 74: ...confirmation the rule will apply to ACL profile Administrator can go to management ACL page click Active button to enable the rule After active the rule this management page will can t operating only...

Страница 75: ...to 256 and the default is 1 Action If Interface Status is locked select an action to be applied to packets arriving on a locked interface Forward Forwards packets from an unknown source without learn...

Страница 76: ...otected port packets received from protected ports can be forwarded only to unprotected egress ports and unrestricted by VLAN members 11 7 Storm Control When the rate of Broadcast unknown Multicast or...

Страница 77: ...for Broadcast traffic will count Broadcast traffic towards the bandwidth threshold Unknown Multicast If enable storm control for unknown Multicast will count unknown Multicast traffic towards the band...

Страница 78: ...d to the Internet Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimat...

Страница 79: ...2 Port Setting Administrator can choose protected ports 11 9 Dynamic ARP Inspection Dynamic Address Resolution Protocol ARP is a TCP IP protocol for translating IP addresses into MAC addresses 11 9 1...

Страница 80: ...If Un Enable the port or LAG is not a trusted interface and ARP inspection is performed on the ARP requests or replies sent to or from the interface By default it is disabled Source MAC Address Check...

Страница 81: ...e wrong source MAC addresses Destination MAC Failure Display total number of ARP packets that include wrong destination MAC addresses Source IP Address Validation Failures Display total number of ARP...

Страница 82: ...urces are dropped 11 10 1 Property State Administrator can enable or Un Enable DHCP Snooping VLAN Administrator can to enable DHCP Snooping on a VLAN ensure that DHCP Snooping is globally enabled on t...

Страница 83: ...number of packets that are dropped by Chaddr check Untrust Port Drop Display total number of packets that are dropped by Untrust check Untrust Port With Option82 Drop Display total number of packets...

Страница 84: ...ps DHCP packets with Option 82 information Drop Drops DHCP packets with Option 82 information Replace Replaces DHCP packets with Option 82 information 11 10 4 Option82 Circuit ID Administrator can use...

Страница 85: ...isplay selected Port number State Check Enable or Un Enable this IP Source Guard Mainly restricts the client IP traffic to those source IP addresses configured Check Enable to enable IP Source Guard o...

Страница 86: ...orded in the IP Source Guard database Port Administrator can select port number VLAN Set VLAN with which the IP address is associated Binding Select IP MAC Port VLAN or IP Port VLAN binding MAC Addres...

Страница 87: ...A single ACL may contain one or more ACEs which are matched against the contents of incoming frames Either a DENY or PERMIT action is applied to frames whose contents match the filter Note When a pack...

Страница 88: ...ACL Name Display ACL name Rule Display the number of conditions 12 2 MAC ACE MAC ACEs will check all frames for a match ACL Name Displays selected MAC ACL name Sequence This sequence is priority of A...

Страница 89: ...o enter a destination MAC address or a range of destination MAC addresses Note Set F is show value 0 is mask value E g If an MAC is 8C 4D EA 11 22 33 the mask value FF FF FF 00 00 00 indicates that on...

Страница 90: ...over IPv4 route through a gateway IPV6 FRAG Matches packets belonging to the IPv6 over IPv4 Fragment Header RSVP IPV6 ICMP OSPF PIM L2TP protocols Source IP If administrator select any then all source...

Страница 91: ...tion port TCP Flags Select one or more TCP flags with which to filter packets Filtered packets are either forwarded or dropped Filtering packets by TCP flags increases packet control Set Match if the...

Страница 92: ...IPv6 based ACLs do not check IPv6 over IPv4 or ARP packets ACL Name Create a name of ACL ACL Table Display created IPv6 ACL name list 12 6 IPv6 ACE ACL Name Displays selected IPv6 ACL name Sequence T...

Страница 93: ...t the network uses to help provide the appropriate QoS commitments This model uses the 3 most significant bits of the service type byte in the IP header as described in RFC 791 and RFC 1349 Source Por...

Страница 94: ...packets arriving at that interface Packets that do not match any of the ACEs in the ACL are matched to a default rule whose action is to drop unmatched packets Port Displays selected Port number MAC A...

Страница 95: ...the VLAN tag or based on the per port default CoS value if there is no VLAN tag on the incoming packet the actual mapping of the VPT to queue can be configured on the CoS to Queue page DSCP All IP tra...

Страница 96: ...can be configured on the DSCP to Queue page If traffic is not IP traffic it is mapped to the best effort queue IP Precedence Traffic is mapped to queues based on the IP precedence The actual mapping...

Страница 97: ...e weight value for each queue Weight Administrator can set weight priority queue 13 3 CoS Mapping CoS to Queue mapping or Queue to CoS Mapping is queue schedule method and bandwidth allocation it is p...

Страница 98: ...riority values range from 1 through 8 Any DSCP value within a given range is mapped to the same internal forwarding priority value These include the CS Class Selector AF Assured Forwarding and EF Expe...

Страница 99: ...highest Because IP Precedence and ToS use different bits in the ToS byte to mark the priority of a packet they can co exist in the same packet header without interfering with each other 13 6 Rate Limi...

Страница 100: ...send to remote log server Administrator can enable or disable this function Property Remote Server Use the Remote Log Servers page to define the remote SYSLOG servers where log messages are sent usin...

Страница 101: ...ssages are sent Facility Select a facility from which system logs are sent to the remote server Only one facility can be assigned to a server Minimum Severity Select the minimum level of system log me...

Страница 102: ...ss Port Administrator can choose mirrored ports for ingress Egress Port Administrator can choose mirrored ports for egress 14 3 Ping Administrators can use this ping function to check connected device...

Страница 103: ...y sending an IP packet to the target host and back to the switch The Traceroute page displays each hop between the switch and a target host and the round trip time to each hop 14 5 Copper Test Adminis...

Страница 104: ...ber Module Display Fiber module messenger 15 Management 15 1 User Account The default username password is root default Administrator can modify login password or create new username password and defi...

Страница 105: ...ackup firmware method can choose use TFTP or HTTP protocol If choose backup then administrator can choose firmware image to backup 15 2 2 Active Image If the Switch has upload multiple firmware in sys...

Страница 106: ...tem 15 3 2 Save Configuration When administrator to click Apply on any window changes that you made to the switch configuration settings are stored only in the Running Configuration To preserve the pa...

Страница 107: ...tem to default 15 4 SNMP The SNMP supports SNMP v1 v2 and v3 It also reports system events to trap receivers using the traps defined in the Management Information Base MIB that it supports 15 4 1 View...

Страница 108: ...mmunity string acts as a password to gain access to an SNMP agent However neither the frames nor the community string are encrypted So SNMPv1 and SNMPv2 are not secure In SNMPv3 can configure Authenti...

Страница 109: ...o the community Read Write Management access is read write Changes can be made to the switch configuration but not to the community 15 4 4 User An SNMP user is defined by the login credentials usernam...

Страница 110: ...Engine ID is comprised of the enterprise number and the default MAC address The SNMP Engine ID must be unique for the administrative domain so that no two devices in a network have the same Engine ID...

Страница 111: ...ents are defined as the targets of trap messages A trap receiver entry contains the IP address of the node and the SNMP credentials corresponding to the version that will be included in the trap messa...

Страница 112: ...mount of traffic that is both sent and received and its dispersion Unicast Multicast and Broadcast 15 5 2 History Use the History Control Table page to define the sampling frequency amount of samples...

Страница 113: ...f logs and traps If the action includes logging of the events they are displayed on the Event Log Table page 15 5 4 Alarm RMON alarms provide a mechanism for setting thresholds and sampling intervals...

Страница 114: ...V1 0a...

Отзывы:

Нет отзывов

Похожие инструкции для CS-2424G A2S

Бренд: KELCO Страницы: 22

SUPERSTACK 3 3226

Бренд: 3Com Страницы: 5

Бренд: 3Com Страницы: 139

CoreBuilder 7000

Бренд: 3Com Страницы: 150

CoreBuilder 7000

Бренд: 3Com Страницы: 264

Бренд: 3Com Страницы: 574

Бренд: 3Com Страницы: 333

SUPERSTACK 3 3226

Бренд: 3Com Страницы: 70

OfficeConnect 3C16790C

Бренд: 3Com Страницы: 18

Бренд: 3Com Страницы: 1314

SuperStack II Switch 1100

Бренд: 3Com Страницы: 62

D-PFS4226-24ET-240

Бренд: Dahua Страницы: 58

Бренд: echoflex Страницы: 8

Бренд: Kathrein Страницы: 8

Бренд: Nayar Systems Страницы: 21

Бренд: Kathrein Страницы: 24

Бренд: Kasia Страницы: 5

Бренд: Raritan Страницы: 4

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды