hit counter script

Cisco WS-C3020 Software Configuration Manual page 45

Catalyst blade switch for hp
Table of Contents

Advertisement

Chapter 1
Overview
Multilevel security for a choice of security level, notification, and resulting actions
Static MAC addressing for ensuring security
Protected port option for restricting the forwarding of traffic to designated ports on the same switch
Port security option for limiting and identifying MAC addresses of the stations allowed to access
the port
VLAN aware port security option shut down the VLAN on the port when a violation occurs, instead
of shutting down the entire port.
Port security aging to set the aging time for secure addresses on a port
BPDU guard for shutting down a Port Fast-configured port when an invalid configuration occurs
Standard and extended IP access control lists (ACLs) for defining security policies in both directions
on routed interfaces (router ACLs) and VLANs and inbound on Layer 2 interfaces (port ACLs)
Extended MAC access control lists for defining security policies in the inbound direction on Layer 2
interfaces
VLAN ACLs (VLAN maps) for providing intra-VLAN security by filtering traffic based on
information in the MAC, IP, and TCP/UDP headers
Source and destination MAC-based ACLs for filtering non-IP traffic
DHCP snooping to filter untrusted DHCP messages between untrusted hosts and DHCP servers
IP source guard to restrict traffic on nonrouted interfaces by filtering traffic based on the DHCP
snooping database and IP source bindings
Dynamic ARP inspection to prevent malicious attacks on the switch by not relaying invalid ARP
requests and responses to other ports in the same VLAN
IEEE 802.1Q tunneling so that customers with users at remote sites across a service-provider
network can keep VLANs segregated from other customers and Layer 2 protocol tunneling to ensure
that the customer's network has complete STP, CDP, and VTP information about all users
Layer 2 point-to-point tunneling to facilitate the automatic creation of EtherChannels
Layer 2 protocol tunneling bypass feature to provide interoperability with third-party vendors
IEEE 802.1x port-based authentication to prevent unauthorized devices (clients) from gaining
access to the network. These features are supported:
MAC authentication bypass to authorize clients based on the client MAC address
Network Admission Control (NAC) features:
OL-8915-03
VLAN assignment for restricting IEEE 802.1x-authenticated users to a specified VLAN
Port security for controlling access to IEEE 802.1x ports
Voice VLAN to permit a Cisco IP Phone to access the voice VLAN regardless of the authorized
or unauthorized state of the port
Guest VLAN to provide limited services to non-IEEE 802.1x-compliant users
Restricted VLAN to provide limited services to users who are IEEE 802.1x compliant, but do
not have the credentials to authenticate via the standard IEEE 802.1x processes
IEEE 802.1x accounting to track network usage
IEEE 802.1x with wake-on-LAN to allow dormant PCs to be powered on based on the receipt
of a specific Ethernet frame
IEEE 802.1x readiness check to determine the readiness of connected end hosts before
configuring IEEE 802.1x on the switch
Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide
Features
1-7

Hide quick links:

Advertisement

Table of Contents
loading

This manual is also suitable for:

Catalyst 3020

Table of Contents