HP ProCurve 2600, Техническое описание

Страница: 2 / 9

HP ProCurve Switch 2600 Series
2
Features and benefits
Connectivity
• Dual-personality functionality: two 10/100/1000 ports or
mini-GBIC slots for optional fiber connectivity such as Gigabit-SX,
-LX, or -LH
• Power over Ethernet (IEEE 802.3af) compliant (HP ProCurve
2650-PWR, ProCurve 2626-PWR, ProCurve 2600-8-PWR):
provides up to 15.4 W per port to power IP phones, wireless
access points, Web cameras, and more (HP ProCurve 2650-PWR
may require an external power supply to provide full 15.4 W for all
48 PoE-ready ports)
Performance
• 13.6 Gbps (HP ProCurve 2650 and 2650-PWR)/9.6 Gbps (HP
ProCurve 2626, 2626-PWR, 2600-8-PWR) backplane:
wire-speed non-blocking architecture for low-latency throughput
Resiliency and high availability
• IEEE 802.3ad Link Aggregation Control Protocol (LACP) and
ProCurve trunking: support for up to six trunks, each with up to
eight links (ports) per trunk; trunking across modules is supported
• Spanning Tree Protocol (IEEE 802.1D): provides redundant
links while preventing network loops
• IEEE 802.1w Rapid Convergence Spanning Tree Protocol:
increases network uptime through faster recovery from failed links
• IEEE 802.1s Multiple Spanning Tree: provides high link
availability in multiple VLAN environments by allowing multiple
spanning trees
• Optional external redundant power supply (HP ProCurve
2650-PWR, ProCurve 2626-PWR, ProCurve 2600-8-PWR):
provides uninterrupted power; sold as an accessory
Layer 2 switching
• VLAN support and tagging: support complete IEEE 802.1Q
(4,096 VLAN IDs) and 253 VLANs simultaneously
• GARP VLAN Registration Protocol: allows automatic learning
and dynamic assignment of VLANs
Layer 3 routing
• Basic IP routing: enables automatic routing to the connected
VLANs and up to 16 static routes--including one default route--in
IP networks
Security
• Port security: allows access only to specified MAC addresses,
which can be learned or specified by the administrator
• MAC address lockout: prevents configured particular MAC
addresses from connecting to the network
• Dynamic IP lockdown: works with DHCP protection to block
traffic from unauthorized hosts, preventing IP source address
spoofing
• Dynamic ARP protection: blocks ARP broadcasts from
unauthorized hosts, preventing eavesdropping or theft of network
data
• Multiple user authentication methods:
- IEEE 802.1X: industry-standard method of user authentication
using an IEEE 802.1X supplicant on the client in conjunction with
a RADIUS server
-
Web-based authentication: similar to IEEE 802.1X, provides a
browser-based environment to authenticate clients that do not
support the IEEE 802.1X supplicant
-
MAC-based authentication: client is authenticated with the
RADIUS server based on the client's MAC address
NEW
Authentication flexibility:
- Multiple IEEE 802.1X users per port: provides authentication of
up to eight IEEE 802.1X users per port; prevents user
"piggybacking" on another user's IEEE 802.1X authentication
• Secure FTP: allows secure file transfer to/from the switch;
protects against unwanted file downloads or unauthorized copying
of switch configuration file
• RADIUS/: eases switch management security
administration by using a password authentication server
• Source-port filtering: allows only specified ports to
communicate with each other
• Secure Shell (SSHv2): encrypts all transmitted data for secure,
remote command-line interface (CLI) access over IP networks
• Secure Sockets Layer (SSL): encrypts all HTTP traffic, allowing
secure access to the browser-based management GUI in the
switch
• Switch management logon security: can require either
RADIUS or authentication for secure switch CLI logon
Convergence
• IEEE 802.1AB Link Layer Discovery Protocol (LLDP):
automated device discovery protocol for easy mapping by network
management applications
• LLDP-MED (Media Endpoint Discovery): a standard extension
of LLDP that stores values for parameters such as QoS and VLAN
to automatically configure network devices such as IP phones