5 Security
The HP 1810 series switch software includes a robust set of built-in denial-of-service (DoS) and
stormcontrol protections, and allows configuring secure HTTP (HTTPS) management sessions.
Advanced Security
The HP 1810 series switch software provides the following built-in security features:
•
Storm Control—This feature protects against condition where incoming packets flood the LAN,
causing network performance degradation. The software includes Storm Control protection
for unicast, broadcast, and multicast traffic. The traffic is dropped if the rate of incoming traffic
on an interface increases beyond the threshold of 64K pps for 1810-24G/1810-8G or 4K
pps for 1810-24/1810-8.
•
Auto Denial-of-Service (DoS) protections—A DoS attack is an attempt to saturate the switch
with external communication requests to prevent the switch from performing efficiently, or at
all. You can enable Auto DoS protection that prevents common types of DoS attacks.
CAUTION:
The DoS feature does not generate any notifications (such as error messages, syslog
messages, SNMP traps) if a DoS attack occurs.
To display the Advanced Security page, click
Security > Advanced Security
in the navigation pane.
Figure 26 Advanced Security Page
Table 23 Advanced Security Fields
Description
Field
Activate storm control protection for broadcast and multicast globally in the system. The
default threshold is 64K pps on the 1810 Gigabit switches and 4K pps on the Fast
Ethernet switches. Clear to not use the Storm Control feature.
Storm Control
Enable denial of service attack protection, or clear to disable DoS protection. It is
disabled by default.
Auto DoS
Click
Apply
to save any changes for the current boot session; the changes take effect immediately
Secure Connection
The HP 1810 series switch software allows the administrator to enable or disable Secure HTTP
protocol (HTTPS). When enabled, the administrator can establish a secure connection with the
switch using the Secure Sockets Layer (SSL) protocol. Secure HTTP can help ensure that
communication between the management system and the switch is protected from eavesdropping
and man-in-the-middle attacks. The HP 1810 series switch software supports SSL version 3.0.
SSL enables the switch to generate and store a certificate that functions as a digital passport,
enabling client Web browsers to verify the identity of the switch before accessing it.
Advanced Security
39