Extreme Networks Altitude 4760 Series Manuel d'utilisateur Page 5
- Page / 13
- Table des matières
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Extreme Networks Data Sheet
© 2010 Extreme Networks, Inc. All rights reser ved. BlackDiamond 8800 Series—Page 5
Comprehensive Security
Directory-Integrated
Link Security
Network Login and
Dynamic Security Profile
Network Login capability implemented in
ExtremeXOS enforces user admission and
usage policies. BlackDiamond 8800 series
switches support a comprehensive range
of Network Login options by providing
an 802.1x agent-based approach, a
Web-based (agentless) login capability for
guests and a MAC-based authentication
model for devices. With these modes of
Network Login, only authorized users and
devices can connect to the network and
be assigned to the appropriate VLAN. The
Universal Port scripting framework
available in BlackDiamond 8800 series
switches lets you implement Dynamic
Security Profiles which, in sync with
Network Login, allows you to implement
fine grained and robust security policies.
Upon authentication, the switch can
load dynamic ACL/QoS for a user or group
of users, to deny/allow access to the
application servers or segments within
the network.
Multiple Supplicant Support
Converged network designs often involve
the use of shared ports for IP Telephony
and wireless access. Multiple supplicant
capability on a switch delivers secured
access in such designs by uniquely
authenticating and applying appropriate
policies and VLANs for each user on a
shared port.
Host Integrity Checking
Host integrity checking helps keep
infected or non-compliant machines off
the network. BlackDiamond 8800 series
switches support a host integrity or
endpoint integrity solution that is
based on the model from the Trusted
Computing Group.
BlackDiamond 8800 series switches
interface with Sentriant AG200, the
endpoint security software from
Extreme Networks, to verify that each
endpoint meets the security policies that
have been set and to quarantine those
that are not in compliance.
Identity Management
Identity Management allows customers to
track users who access their network. User
identity is captured based on NetLogin
authentication, LLDP discovery and Kerberos
snooping. ExtremeXOS uses the information
to then report on the MAC, VLAN, computer
hostname, and port location of the user.
Threat Detection and Response
CLEAR-Flow Security Rules Engine
CLEAR-Flow Security Rules Engine provides
first order threat detection and mitigation,
and mirrors traffic to third-party security
appliances such as an IDS/IPS for further
analysis of suspicious traffic in the network.
CLEAR-Flow provides cost-effective
scalability of security threat detection.
sFlow
sFlow is a sampling technology that provides
the ability to sample application-level traffic
flows on all interfaces simultaneously.
Port Mirroring
BlackDiamond 8800 series switches
support many-to-one and cross module
port mirroring. This can be used to mirror
traffic to an external network appliance
such as an intrusion detection device for
trend analysis or be utilized by a network
administrator as a diagnostic tool when
fending off a network attack.
Line-Rate Access Control Lists
BlackDiamond 8800 series switches
support hardware-based ACLs based on
Layer 2, 3 or 4 header information such as
the MAC address, IP source/destination
address or TCP/UDP port number.
Hardened Network
Infrastructure
DoS Protection
BlackDiamond 8800 series switches
handle DoS attacks gracefully. If the
switch detects an unusually large number
of packets in the CPU input queue, it will
assemble ACLs that automatically stop
these packets from reaching the CPU.
After a period of time, the ACLs are
removed. If the attack continues, they
are reinstalled.
Policy-Based Routing
Policy-based routing provides a flexible
mechanism for network administrators to
customize the flow of traffic within their
networks. ACLs configured on the switch
can redirect packets away from their
normal path to another physical switch
port. Packets are selected according to
their ACL match conditions such as QoS,
VLAN, IP addresses, protocol, port number
or other criteria.
ASIC-Based Longest Prefix Match
LPM routing eliminates the need for control
plane software to learn new flows and allows
the network to be resilient under a DoS attack.
Secure Management
The use of protocols like SSH2, SCP and
SNMPv3 supported by a BlackDiamond 8800
series switch prevents the interception
of management communications and
man-in-the-middle attacks.
MD5 Authentication of
Routing Protocols
MD5 authentication of routing protocols
prevents attackers from tampering with
valid messages and attacking routing sessions.
Implementing a secure network means providing protection at the network perimeter as well as the core. Working together
with Extreme Networks Sentriant
®
family of products, BlackDiamond 8800 series switches use advanced security functions
in protecting your network from known or potential threats.
Produits connexes et manuels pour Commutateurs de réseau Extreme Networks Altitude 4760 Series
(8 pages)
(4 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.618 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels