Datasheet

ManualsBrandsHewlett Packard Enterprise ManualsNetworkingJG932A

QuickSpecs

HP 5130 EI Switch Series

Overview

c04394228 — DA – 15058 Worldwide — Version 1 —September 29, 2014

Page 6

industry-standard method of user authentication using an IEEE 802.1X supplicant on the client in conjunction with a

RADIUS erver

 MAC-based authentication

client is authenticated with the RADIUS server based on the client's MAC address

 Identity-driven security and access control

 Per-user ACLs

permits or denies user access to specific network resources based on user identity and time of day, allowing multiple

types of users on the same network to access specific network services without risking network security or providing

unauthorized access to sensitive data

 Automatic VLAN assignment

automatically assigns users to the appropriate VLAN based on their identities

 Secure management access

delivers secure encryption of all access methods (CLI, GUI, or MIB) through SSHv2, SSL, and/or SNMPv3

 Secure FTP

allows secure file transfer to and from the switch; protects against unwanted file downloads or unauthorized copying of a

switch configuration file

 Guest VLAN

provides a browser-based environment to authenticated clients that is similar to IEEE 802.1X

 Endpoint Admission Defense (EAD)

provides security policies to users accessing a network

 Port security

allows access only to specified MAC addresses, which can be learned or specified by the administrator

 Port isolation

secures and adds privacy, and prevents malicious attackers from obtaining user information

 STP BPDU port protection

blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged BPDU attacks

 STP root guard

protects the root bridge from malicious attacks or configuration mistakes

 DHCP protection

blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks

 IP source guard

helps prevent IP spoofing attacks

 Dynamic ARP protection

blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or theft of network data

 RADIUS/HWTACACS

eases switch management security administration by using a password authentication server

Convergence

 IEEE 802.1AB Link Layer Discovery Protocol (LLDP)

facilitates easy mapping using network management applications with LLDP automated device discovery protocol

 LLDP-MED

is a standard extension that automatically configures network devices, including LLDP-capable IP phones

 LLDP-CDP compatibility

receives and recognizes CDP packets from Cisco's IP phones for seamless interoperation

 IEEE 802.3af Power over Ethernet

provides up to 15.4 W per port to PoE-powered devices such as IP phones, wireless access points, and video cameras

 PoE allocations

supports multiple methods (automatic, IEEE 802.3af class, LLDP-MED, or user-specified) to allocate PoE power for more

efficient energy savings

 Voice VLAN

automatically assigns VLAN and priority for IP phones, simplifying network configuration and maintenance

 IP multicast snooping (data-driven IGMP)