Extreme Networks Summit X350-24t Скачать руководство пользователя страница 6

Страница: 6 / 10

Summit X350 Series—Page 6

Extreme Networks Data Sheet

Technical Specifications

ExtremeXOS 12.3 Supported
Protocols

Switching

• RFC 3619 Ethernet Automatic Protection

Switching (EAPS) and EAPSv2

• IEEE 802.1D – 1998 Spanning Tree Protocol (STP)
• IEEE 802.1D – 2004 Spanning Tree Protocol

(STP and RSTP)

• IEEE 802.1w – 2001 Rapid Reconfiguration for

STP, RSTP

• IEEE 802.1Q – 2003 (formerly IEEE 802.1s)

Multiple Instances of STP, MSTP

• EMISTP, Extreme Multiple Instances of

Spanning Tree Protocol

• PVST+, Per VLAN STP (802.1Q interoperable)
• Draft-ietf-bridge-rstpmib-03.txt – Definitions of

Managed Objects for Bridges with Rapid
Spanning Tree Protocol

• Extreme Standby Router Protocol

™

(ESRP)

• IEEE 802.1Q – 1998 Virtual Bridged Local Area

Networks

• IEEE 802.3ad Static load sharing configuration

and LACP based dynamic configuration

• Software Redundant Ports
• IEEE 802.1AB – LLDP Link Layer Discovery Protocol
• LLDP Media Endpoint Discovery (LLDP-MED),

ANSI/TIA-1057, draft 08

• Extreme Discovery Protocol (EDP)
• Extreme Loop Recovery Protocol (ELRP)
• Extreme Link State Monitoring (ELSM)
• IEEE 802.1ag L2 Ping and traceroute,

Connectivity Fault Management

Management and Traffic Analysis

• RFC 2030 SNTP, Simple Network Time Protocol v4
• RFC 854 Telnet client and server
• RFC 783 TFTP Protocol (revision 2)
• RFC 951, 1542 BootP
• RFC 2131 BOOTP/DHCP relay agent and DHCP

server

• RFC 1591 DNS (client operation)
• RFC 1155 Structure of Mgmt Information (SMIv1)
• RFC 1157 SNMPv1
• RFC 1212, RFC 1213, RFC 1215 MIB-II,

Ethernet-Like MIB & TRAPs

• RFC 1573 Evolution of Interface
• RFC 1650 Ethernet-Like MIB (update of RFC 1213

for SNMPv2)

• RFC 1901, 1905 – 1908 SNMP v2c, SMIv2 and

Revised MIB-II

• RFC 2576 Coexistence between SNMP Version 1,

Version 2 and Version 3

• RFC 2578 – 2580 SMIv2 (update to RFC 1902 –

1903)

• RFC 3410 – 3415 SNMPv3, user based security,

encryption and authentication

• RFC 3826 – The Advanced Encryption Standard

(AES) Cipher Algorithm in the SNMP User-based
Security Model

• RFC 1757 RMON 4 groups: Stats, History, Alarms

and Events

• RFC 2021 RMON2 (probe configuration)
• RFC 2613 SMON MIB
• RFC 2925 Ping/Traceroute MIB
• RFC 2668 802.3 MAU MIB
• draft-ietf-hubmib-mau-mib-v3-02.txt
• RFC 1643 Ethernet MIB
• RFC 1493 Bridge MIB
• RFC 2096 IPv4 Forwarding Table MIB
• RFC 2737 Entity MIB v2
• RFC 2233 Interface MIB
• RFC 3621 PoE-MIB (PoE switches only)

• Secure Shell (SSH-2) client and server
• Secure Copy (SCP-2) client and server
• Secure FTP (SFTP) server
• sFlow version 5
• Configuration logging
• Multiple Images, Multiple Configs
• RFC 3164 BSD Syslog Protocol with Multiple Syslog

Servers

–

999 Local Messages (criticals stored across
reboots)

• Extreme Networks vendor MIBs (includes FDB,

PoE, CPU, Memory MIBs)

• XML APIs over Telnet/SSH and HTTP/HTTPS
• Web-based device management interface –

ExtremeXOS ScreenPlay

™

• IP Route Compression

Security, Switch and Network Protection

• Secure Shell (SSH-2), Secure Copy (SCP-2) and

SFTP client/server with encryption/authentication
(requires export controlled encryption module)

• SNMPv3 user based security, with encryption/

authentication (see above)

• RFC 1492
• RFC 2138 RADIUS Authentication
• RFC 2139 RADIUS Accounting
• RFC 3579 RADIUS EAP support for 802.1x
• RADIUS Per-command Authentication
• Access Profiles on All Routing Protocols
• Access Policies for Telnet/SSH-2/SCP-2
• Network Login – 802.1x, Web and MAC-based

mechanisms

• IEEE 802.1x – 2001 Port-Based Network Access

Control for Network Login

• Multiple supplicants with multiple VLANs for

Network Login (all modes)

• Fallback to local authentication database (MAC

and Web-based methods)

• Guest VLAN for 802.1x
• RFC 1866 HTML – Used for web-based Network

• SSL/TLS transport – used for web-based Network

• MAC Security – Lockdown and Limit
• IP Security – RFC 3046 DHCP Option 82 with port

and VLAN ID

• IP Security – Trusted DHCP Server
• Layer 2/3/4 Access Control Lists (ACLs)
• RFC 2267 Network Ingress Filtering
• RPF (Unicast Reverse Path Forwarding) Control via

ACLs

• Wire-speed ACLs
• Rate Limiting / Shaping by ACLs
• IP Broadcast Forwarding Control
• ICMP and IP-Option Response Control
• SYN attack protection
• CPU DoS Protection with traffic rate-limiting to

management CPU

• Robust against common Network Attacks:

–

CERT (http://www.cert.org)

–

CA-2003-04: “SQL Slammer”

–

CA-2002-36: “SSHredder”

–

CA-2002-03: SNMP vulnerabilities

–

CA-98-13: tcp-denial-of-service

–

CA-98.01: smurf

–

CA-97.28:Teardrop_Land -Teardrop and “LAND“
attack

–

CA-96.26: ping

–

CA-96.21: tcp_syn_flooding

–

CA-96.01: UDP_service_denial

–

CA-95.01: IP_Spoofing_Attacks_and_Hijacked_
Terminal_Connections

–

IP Options Attack

• Host Attacks

–

Teardrop, boink, opentear, jolt2, newtear,
nestea, syndrop, smurf, fraggle, papasmurf,
synk4, raped, winfreeze, ping –f, ping of
death, pepsi5, Latierra, Winnuke, Simping,
Sping, Ascend, Stream, Land, Octopus

IPv4 Host Requirements

• RFC 1122 Host Requirements
• RFC 768 UDP
• RFC 791 IP
• RFC 792 ICMP
• RFC 793 TCP
• RFC 826 ARP
• RFC 894 IP over Ethernet
• RFC 1027 Proxy ARP
• RFC 2068 HTTP server
• IGMP v1/v2/v3 Snooping with Configurable

Router Registration Forwarding

• IGMP Filters
• PIM Snooping
• Static IGMP Membership
• Multicast VLAN Registration (MVR)

IPv6 Host Requirements

• RFC 2460, Internet Protocol, Version 6 (IPv6)

Specification

• RFC 2461, Neighbor Discovery for IP Version 6,

(IPv6)

• RFC 2463, Internet Control Message Protocol

(ICMPv6) for the IPv6 Specification

• RFC 2464, Transmission of IPv6 Packets over

Ethernet Networks

• RFC 2465, IPv6 MIB, General Group and Textual

Conventions

• RFC 2466, MIB for ICMPv6
• RFC 2462, IPv6 Stateless Address Auto

configuration – Host Requirements

• RFC 1981, Path MTU Discovery for IPv6, August

1996 – Host requirements

• RFC 3513, Internet Protocol Version 6 (IPv6)

Addressing Architecture

• RFC 3587, Global Unicast Address Format
• Telnet server over IPv6 transport
• SSH-2 server over IPv6 transport
• Ping over IPv6 transport
• Traceroute over IPv6 transport

QoS and VLAN Services

Quality of Service and Policies

• Quality of Service and Policies
• IEEE 802.1D – 1998 (802.1p) Packet Priority
• RFC 2474 DiffServ Precedence, including 8

queues/port

• RFC 2598 DiffServ Expedited Forwarding (EF)
• RFC 2597 DiffServ Assured Forwarding (AF)
• RFC 2475 DiffServ Core and Edge Router

Functions

VLAN Services: VLANs, vMANs

• IEEE 802.1Q VLAN Tagging
• IEEE 802.1v: VLAN classification by Protocol

and Port

• Port-based VLANs
• Protocol-based VLANs
• MAC-based VLANs
• Multiple STP domains per VLAN
• Upstream Forwarding Only/Disable Flooding
• draft-sanjib-private-vlan-09.txt Private VLANs
• VLAN Translation
• IEEE 802.1ad Provider Bridge Network, virtual

MANs (vMANs)

• vMAN Ethertype Translation/Secondary vMAN

Ethertype

• Multicast Support for PVLAN
• Multicast Support for VLAN Aggregation