Manualshelf

Specifications

ManualsBrandsHP ManualsSwitchHP ProCurve Series 6600
31323334353637383940
32
Layer 3 services
•Loopback interface address: defines an address in RIP and OSPF that can always be reachable, improving
diagnostic capability
•UDP helper function: UDP broadcasts can be directed across router interfaces to specific IP unicast or subnet
broadcast addresses and prevent server spoofing for UDP services such as DHCP
Layer 3 routing
•RIP: provides RIPv1 and RIPv2 routing
•Static IP routing: provides manually configured routing; includes ECMP capability
•OSPF (requires Premium License): includes host-based ECMP to provide link redundancy/scalable bandwidth
and NSSA
Security
•Source-port filtering: allows only specified ports to communicate with each other
•RADIUS/TACACS+: eases switch management security administration by using a password authentication
server
•Secure Shell (SSHv2): encrypts all transmitted data for secure, remote command-line interface (CLI) access
over IP networks
•Port security: allows access only to specified MAC addresses, which can be learned or specified by the
administrator
•MAC address lockout: prevents particular configured MAC addresses from connecting to the network
•Detection of malicious attacks: monitors 10 types of network traffic and sends a warning when an anomaly
that potentially can be caused by malicious attacks is detected
•Secure FTP: allows secure file transfer to/from the switch; protects against unwanted file downloads or
unauthorized copying of switch configuration file
•Switch management logon security: can require either RADIUS or TACACS+ authentication for secure switch
CLI logon
•Secure management access: all access methods—CLI, GUI, or MIB—are securely encrypted through SSHv2,
SSL, and/or SNMPv3
•ICMP throttling: defeats ICMP denial-of-service attacks by enabling any switch port to automatically throttle
ICMP traffic
•Virus throttling: detects traffic patterns typical of WORM-type viruses and either throttles or entirely prevents
the ability of the virus to spread across the routed VLANs or bridged interfaces, without requiring external
appliances
•STP BPDU port protection: blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs,
preventing forged BPDU attacks
•Dynamic IP lockdown: works with DHCP protection to block traffic from unauthorized hosts, preventing IP
source address spoofing
•DHCP protection: blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks
•Dynamic ARP protection: blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or theft
of network data
•USB Secure Autorun: deploys, diagnoses, and updates switch using USB flash drive; works with secure
credential to prevent tampering
•STP Root Guard: protects root bridge from malicious attack or configuration mistakes
•Management Interface Wizard: CLI-based step-by-step configuration tool helps ensure that management
interfaces such as SNMP, telnet, SSH, SSL, Web, and USB are secured to desired level
•Access control lists (ACLs): provide filtering based on the IP field, source/destination IP address/subnet, and
source/destination TCP/UDP port number on a per-VLAN or per-port basis