Datasheet

ManualsBrandsHP ManualsNetworkingJ4848B

•

Multiple user authentication methods:

– IEEE 802.1X: industry-standard method of user

authentication using an IEEE 802.1X supplicant on

the client in conjunction with a RADIUS server

– Web-based authentication: similar to IEEE

802.1X, provides a browser-based environment to

authenticate clients that do not support the IEEE

802.1X supplicant

– MAC-based authentication: client is

authenticated with the RADIUS server based on

the client's MAC address

•

Authentication flexibility:

– Multiple IEEE 802.1X users per port:

provides authentication of multiple IEEE 802.1X

users per port; prevents user "piggybacking" on

another user's IEEE 802.1X authentication

– Concurrent IEEE 802.1X and Web or MAC

authentication schemes per port: switch

port will accept any of IEEE 802.1X and either

Web or MAC authentications

•

Access control lists (ACLs): provide IP Layer 3

filtering based on source/destination IP

address/subnet and source/destination TCP/UDP

port number

•

Identity-driven ACL: enables implementation of

a highly granular and flexible access security policy

and VLAN assignment specific to each authenticated

network user

•

Port security: allows access only to specified

MAC addresses, which can be learned or specified

by the administrator

•

MAC address lockout: prevents configured

particular MAC addresses from connecting to the

network

•

Source-port filtering: allows only specified ports

to communicate with each other

•

RADIUS/TACACS+: eases switch management

security administration by using a password

authentication server

•

Secure Shell (SSHv2): encrypts all transmitted

data for secure, remote command-line interface (CLI)

access over IP networks

•

Secure Sockets Layer (SSL): encrypts all HTTP

traffic, allowing secure access to the browser-based

management GUI in the switch

•

Secure FTP: allows secure file transfer to/from the

switch; protects against unwanted file downloads or

unauthorized copying of switch configuration file

•

Secure access to manage the ProCurve

Switch 5300xl series: all access methods--CLI,

GUI, or MIB--are securely encrypted through SSHv2,

SSL, and/or SNMPv3

•

Switch management logon security: can

require either RADIUS or TACACS+ authentication

for secure switch CLI logon

Convergence

•

IP multicast routing (PIM Dense): routes IP

multicast traffic using the PIM Dense routing protocol

•

IP multicast snooping and data-driven

IGMP: automatically prevents flooding of IP

multicast traffic

•

LLDP-MED (Media Endpoint Discovery): a

standard extension of LLDP that stores values for

parameters such as QoS and VLAN to automatically

configure network devices such as IP phones

Quality of Service (QoS)

•

Layer 4 prioritization: enables prioritization

based on TCP/UDP port numbers

•

Traffic prioritization (IEEE 802.1p): allows

real-time traffic classification into eight priority levels

mapped to eight queues

•

Class of Service (CoS): sets the IEEE 802.1p

priority tag based on IP address, IP Type of Service

(ToS), L3 protocol, TCP/UDP port number, source

port, and DiffServ

•

Bandwidth shaping:

– Rate limiting: per-port ingress-based enforced

bandwidth maximums

– Guaranteed minimums: per-port, per-queue

egress-based guaranteed bandwidth minimums