Giai phap bao mat - Thiet bi ly tuong cho mang LAN

456 views

Published on

Nếu bạn cho rằng một máy tính cài phần mềm chống virus bản quyền được update liên tục bởi công nghệ đám mây gì đó là an toàn thì vẫn chưa đủ bởi Antivirus chỉ tìm và diệt được khi nó đã có mẫu. Điều gì xảy ra khi một sâu máy tính mới hoặc Attacker/Hacker xâm nhập vào máy tính của bạn rồi lặng lẽ nhân bản sang toàn bộ máy trong mạng LAN của công ty ??? Hiện chúng ta đã có công nghệ bảo mật đủ mạnh cho phòng chống tấn công từ ngoài nhưng chúng ta đang để lỗ hổng rất lớn là không có giải pháp bảo mật, phòng chống tấn xông xâm nhập từ bên trong. Tài liệu Brochure này giới thiệu về thiết bị Switch bảo mật của HDN, một Cty tiên phong thế giới về giải pháp bảo mật cho Access Layer. Nếu bạn cần thêm thông tin vui lòng email tới songk38@gmail.com hoặc điện thoại 0903212322, tôi sẽ hỗ trợ và cung cấp cho bạn.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
456
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Giai phap bao mat - Thiet bi ly tuong cho mang LAN

  1. 1. HanDreamnet Co., Ltd. www.handream.net The World 1 st Security Switch Integrated Management System of IP Resource Control / Access Control Visual Node Manager L2/L3 Security Switch Visual Node Manager Visual IP Manager Should you have any inquiries, feel free to contact us. We will respond as soon as possible. Product and sales inquiry : sales@handream.net / www.handream.net The World 1st Security Switch HanDreamnet acquired the world first L2 security switch patent with HanDreamnet's own technologies and will help to build more safe network. SG Security Switch Series Detect / block malicious traffic caused by virus such as DoS/DDoS, Flooding or Scanning in IPv4/IPv6 environment Prevent information leaking with blocking ARP spoofing and block internal information hacking Guarantee network continuity with Self Loop Detect function Provide the network stability through patented MDS engine (ASIC) Supply integrated network management software (VNM) IPv6 Ready Logo HanDreamnet Co., Ltd. #1209 MarioTower, 28, Digitalro-30-gil, Guro-Gu, Seoul 152-741 Korea TEL : 82-2-890-6650 FAX : 82-2-890-6654 www.handream.net E-mail : sales@handream.net
  2. 2. L2/L3 Security Switch Visual Node Manager www.handream.net Visual IP Manager Network Topology for Security Switch The world 1st Security Switch SG Security Switch SG Security Switch Series Internet UTM (Firewall, VPN, IPS) SG8800 SG8800 Visua l Node Manag er No.1 in L2 security switch market share Traditional L2 Switch VIPM IP Resource & Access Control SG202 4 SG202 4 L2 Security Switch SG202 4 420 2GS L3 Security Switch L2 Security Switch SG202 4 420 2GS 420 2GS SG Security switch blocks malicious traffic in real time such as DoS/DDoS, Flooding, Scanning and Spoofing through packet analysis up to layer 4. SG Security switch blocks virus infection including Zero-Day attack. SG security series are essential to construct safe network environment. VNM Integrated Network Management 420 2GS SG Security Switch Series Prevent trouble in advance by blocking malicious traffic like worm and virus in access level It detects and blocks malicious traffic by worm and virus to prevent network speed reduction and down in advance. The network administrator enables to carry out 'without service interruption’. IP Management (Unauthorized PC detection) Block Zero-Day Attack (DoS/DDoS/Scanning/Flooding) Block ARP Spoofing (Tapping and leaking personal information) Protect confidential and financial information of individual / company / public institution from ARP Spoofing attack Increasing IP phone tapping, financial information and ID/Password hacking cause a huge damage to privacy and banking. SG security switch series detect and block ARP Spoofing in real time and protect user’s confidential information. L2 PoE Security Switch Comparison SG2124GXPoE Simultaneously detect / block malicious traffic in IPv4 and IPv6 network Traditional PoE Switch SG security switch acquired IPv6 ready logo. SG security switch supports secure and stable network in IPv4 and IPv6 network. Performance Up to 32K MAC address support 144G Switching Capacity 131Mpps Throughput Up to 8K MAC address support 176G Switching Capacity 42Mpps Throughput Full wire speed with security function PoE Support internal power supply redundancy 802.3af = 24port 802.3at = 24port Support external power supply redundancy 802.3af = 24port 802.3at = 12port Types of Blocking Malicious Traffic IPv4/IPv6 network (Static IP & Dynamic IP) - Stable network by installing a patented MDS security engine - Real-time blocking malicious traffic such as DoS / DDoS, Flooding, Scanning - Secure network continuity by blocking selective malicious traffic - Prevent information leaking with blocking ARP spoofing - Easy management for malicious traffic IPv4/IPv6 network (Static IP & Dynamic IP) - Security engine not supported - Real-time blocking unavailable (only support storm control) - Malicious traffic blocking not supported - ARP spoofing blocking with static IP address not supported - Takes time to figure out cause of problem and trouble shooting Detect & Block Looping Real-time detect and block cable loop Guarantee network continuity Unable to control cable loop Network downtime by cable loop available Integrated Network Management(VNM) - GUI based integrated network management system - Log and report output at integrated management system screen - Available to check IP, MAC and Network bandwidth in use Extra network management system required Management System MDS(Multi Dimension Security) engine is ASIC based hardware chip and carries out security function by analyzing traffic. MDS engine guarantees the full wire-speed while providing security features. Smart protection (Block only malicious traffic) By blocking virus infected packet or service port only, it provides work continuity like web service, e-mail and groupware. It enables to monitor/control whole network status and condition on a screen. It helps to figure out attacking history, detection/blocking log and history in a table which can be used as internal report. Reliability and stability are proven by large security references in Korea & Overseas market.
  3. 3. L2/L3 Security Switch Visual Node Manager www.handream.net Visual IP Manager Product Feature Product Feature SG security switch makes possible to build more safe network by checking various network attacks in access level through behavior based blocking. Implementation of SG security switch helps IT administrator to have secure and reliable network. Stable network through embedded MDS security engine Secure and reliable IPv6 network MDS developed by HanDreamnet adopts behavior based blocking method which does not require signature file update like other pattern matching(IPS/IDS) products. It blocks only malicious traffic through analyzing traffic up to layer 4 in real-time, so guarantees the safe and reliable network. SG security switch acquired IPv6 ready logo. It can block and detect malicious traffic in IPv6 as well as IPv4 network. It supports various IPv6 routing protocol such as RIPng, OSPFv3, BGP4+ and supports various IPv6 management features. Point!! Point !! Real-time detect / block malicious traffic in IPv4/IPv6 network Full wire speed in all ports with security function Blocking only malicious traffic through smart protection Strong privacy network It secures work continuity without service interruption by blocking malicious traffic only in PC, smart phone, and IP phone. It helps to get rid of hacking hazard by allowing communication between designated uplink port and terminal only in hotel and apartment. It blocks file sharing with NetBIOS. Internet Point!! Secure service continuity of normal traffic by blocking malicious traffic only Smart protection in security switch vs IP/Port blocking in other traditional switch Point!! Room1 Room2 Room3 Room4 Normal traffic Malicious traffic Real-time detection and blocking of malicious traffic such as DoS/DDoS, Flooding and Scanning MDS security engine blocks worm spread so that it prevents secondary damage. SG security switch blocks malicious packet under each stacks in real-time to keep network safety. It is good for financial institutions and ISP that have to carry out guaranteed traffic. Point!! Real-time block malicious traffic Prevent network overload caused by malicious traffic Ring topology support SG security switch supports ERP(Ethernet Ring Protection) protocol for ring topology. So, it can extend its value to carrier or metro ethernet area with powerful security feature. SG21 24GX PoE SG21 24GX PoE SG21 24GX PoE Point!! Primary (Forwarding) SG21 24GX PoE Secondary (Blocking)
  4. 4. L2/L3 Security Switch Visual Node Manager www.handream.net Visual IP Manager Product Feature Product Feature SG security switch detects and blocks the network problems in advance to provide reliable network service. Implementation of SG security switch can support an optimal IPT network. Network continuity with Self Loop Detect function Effective IPT network with LLDP-MED The entire network service is often down by users mistake during the operation. SG security switch detects and blocks cable loop so provides the reliable network. SG security switch supports Voice VLAN and Auto QoS feature with LLDP-MED for IPT network. So regardless of network congestion, it can guarantee voice quality. Point!! Point !! IPT Wizzard helps to build IPT network Easy configuration of Voice VLAN based on LLDP-MED Prevent entire network downtime by cable loop Provide real-time log in case of cable loop Redundancy feature 802.3af/at support with maximum 740W PoE power budget SG2124GXPoE SG security switch provides various redundancy feature. It prevents network suspension due to cable trouble, port trouble, and switch trouble. SG2124GXPoE Master Slave SG security switch supports built-in dual power supply in 1U size. So it supports 15.4W to all 48 ports, and 30W to all 24 ports. SG security switch power supply SSR Point!! SPR Point!! Internal power supply redundancy for reliability Support sufficient PoE/PoE+ SSR: Smart Switch Redundancy SPR: Smart Port Redundancy 2 Power supply Internal power supply redundancy Prevent information leaking with blocking ARP Spoofing Green IT network environment by reducing power consumption SG security switch detects and blocks attacks using internal information. It prevents users to steal personal information in advance. Power for unused port is reduced to cut off power consumption significantly. And SG2100/3100 series can support EEE(Energy Efficient Ethernet). It enables to make green IT network through CO2 reduction. SG2 124G X PoE SG2 124G X PoE SG2 124G X PoE SG2 124G X PoE SG2 124G X PoE Point!! Point!! Prevent IPT/UC tapping Prevent personal information and company confidential resources to be leaked by hacking Save power consumption up to 50% Minimize port power according to port connection Energy Efficient Ethernet 1 Power supply
  5. 5. L2/L3 Security Switch Visual Node Manager www.handream.net Visual IP Manager Product Feature Product Feature SG security switch detects/blocks malicious traffic, and blocks unauthorized users to access the network, and also support user notification function. SG security switch provides various management feature for administrator convenience. Blocks unauthorized users to access the internal network Management enhancements SG security switch supports powerful authentication function with embedded RADIUS server and external VIPM server. It blocks an unauthorized users and support user access control. By supporting Multi OS and USB interface, the administrator easily manages switch firmware. Also, it supports sFlow and IPv6 management feature for the purpose of management convenience. RADIUS Server / VIPM Point !! Firmware Upgrade USB Point!! ID Pass hdn123 ********* Mac Address F4:1C:XX:12:XX IP Address 192.168.0.254 Powerful IPv4/IPv6 management Firmware upgrade support with USB interface Mac Address + IP Address + Port User notification for malicious traffic (MDS Web Alert) TFM(Traffic Flow Monitoring) It sends alert pop-up message to the user through web browser in case of malicious traffic. So users can do self-check for virus and windows update. FTP, SFTP Firmware Upgrade SG security switch provides N:N monitoring capabilities instead of expensive extra TAP. With TFM, it supports improved monitoring feature. Internet SG8800 Point!! SG8800 Point!! Improved monitoring feature 1:N, N:N monitoring capabilities support with TFM Intrusion Detection Loop Prevention Integrated Management User Access Control Network Security Anti Virus Network Traffic Analysis Tool
  6. 6. L2/L3 Security Switch Visual Node Manager www.handream.net Visual IP Manager Product Feature Integrated Network Management SoftWare Group Policy Switch Auto Config VNM (Visual Node Manager) VNM, integrated network management software is provided as a bundle. It helps to monitor switch and traffic status. Network status analysis Network Topology VNM applies the policy to the individual switch or group. VNM with auto config feature can set IP address, gateway and SNMP community to the new security switch without console access. Switch Configuration Backup Switch Firmware Upgrade Visu al Node VNM supports network status analysis, traffic usage, IP usage and malicious traffic tracking. Real time malicious traffic monitoring Switches and 3rd party products can be configured in the topology map. The administrator can monitor individual devices or groups in topology map. Real time user status monitoring VNM can save up to 10 configuration files per switch. With this feature when a failure occurs, you can easily recover the switch configuration. Mana ger VNM supports firmware upgrade without additional program. Special Report VNM server installation Minimum requirements Recommended requirements (Under 50 devices) (More than 50 devices) Window XP 32Bit (SP2/3) CPU Memory HDD VNM supports malicious traffic monitoring in many security switches. VNM supports real-time monitoring about IP address/ MAC address/Port information of users. Additional information such as department and name can be added. VNM provides network status & malicious traffic status to operator based on daily/weekly/monthly. It also supports the feature of scheduling report. Window 7 32Bit higher Window 7 32Bit higher 2003 Server, Vista OS Window XP 32Bit (SP2/3) 2003 Server, Vista Intel Dual Core 2GHz higher Intel Core i7 higher 2GB higher 4GB higher 200GB higher 500GB higher Should open TCP 8085~8087 and UDP 161~162 service port in firewall.
  7. 7. L2/L3 Security Switch Visual Node Manager www.handream.net Visual IP Manager Product Feature IP resource management Integrated Network Management Powerful authentication feature VIPM (Visual IP Manager) VIPM in conjunction with SG security switch, supports IP resource control, NMS, authentica- - Monitor and control IP/MAC condition - Network access control with IP/MAC/Port tion system and network access control capabilities. VIPM enables to monitor IP/MAC status at a look and prevents IP change, tapping or collision. Network access control with IP/MAC/Port The network which you manage... How many resources are accessed? Are there malicious traffic inside network? Integrated Access M Management rated at ated Ma SSH VIPM access Internet SG8800 Who, when and where accessed? Are there any information leaking or hacking by internal user? How many traffic does it have? Are there any network troubles by IP resources? IP resource authorized? Is batch upgrade of switch firmware available? Network status analysis Malicious traffic and device monitoring Special Report SG8800 Administrator Telnet/SSH direct access is restricted SG2024G SG2024G SG2024G Telnet/SSH access is allowed through VIPM - Powerful security feature by restricting direct access VIPM can allow access to the device through VIPM and restrict direct access to device. VIPM supports powerful management by assigning banned words, and tracking command history. VIPM Redundancy feature - Periodically report VIPM supports a special report for network status and malicious traffic monitoring. Scheduling report and finding features are also supported. Product Configuration: VRRP Dedicated Appliance Only for VIPM - Real-time monitoring of whole network status - Real-time monitoring of switch status - Reliable IP resource management VIPM monitors network status in real-time such as network topology, IP address usage status, and malicious traffic detect/block status. VIPM monitors current status of switch including IP usage, traffic usage and malicious traffic detect/block status per each port. VIPM supports redundancy feature for entire hardware, and power supply to ensure IP resource management. - Max 50,000 users - Raid 1 support (option) - Dual power supply (option) SG2000 Series S i SG2100 Series SG3000 Series SG3100 Series
  8. 8. L2/L3 Security Switch Product Specification Visual Node Manager www.handream.net Visual IP Manager Product Specification L2 Security Switch SG2000 Series Non PoE Switch Physical Features Non PoE Switch Physical Features SG2024 Switching Capacity (Gbps) Performance Throughput (Mpps) MAC Capacity (k) SG2024G SG2048G SG2024GF SG2008G 28.8 48.0 192.0 48.0 20.0 13.1 DRAM (MB) Basic Flash-Max Flash (MB) 71.4 71.4 142.9 29.8 8 32 32 32 16 1 1+1 1+1 1+1 256 256 256 256 256 SG2124 Switching Capacity (Gbps) Performance Throughput (Mpps) MAC Capacity (k) 1 Power Supply Hardware L2 Security Switch SG2100 Series Power Supply Hardware DRAM (MB) Basic Flash-Max Flash (MB) SG2148 SG2124G 28.8 57.6 96.0 SG2124GX SG2124GXF SG2148GX 144.0 144.0 288.0 19.0 26.2 71.4 131.0 131.0 202.4 16 16 32 32 32 32 1+1 1+1 1+1 1+1 1+1 1+1 512 512 512 512 512 512 64 (256) 64 (256) 64 (256) 64 (256) 64 (256) 64 (256) N/A 64 (256) 64 (256) 64 (256) 64 (256) 24 N/A N/A N/A N/A 10/100 Base-T 24 48 N/A N/A N/A 10/100/1000 Base-T 2 24 48 12 (Combo) 10 10/100/1000 Base-T 2 2 24 24 12 (Combo) 48 2 (Combo) 4 (Combo) 4 (Combo) 24 2 (Combo) 1000 Base-X 2 2 4 (Combo) 4 (Combo) 24 2 (Combo) Power usage (W) 34.7 64.8 98.8 67.7 25.3 10G N/A N/A N/A 2 2 2 Width (mm) 440 440 440 440 265 Power usage (W) 30.3 41.2 59.6 70.2 66.5 88.7 Height (mm) 44 44 44 44 38 Width (mm) 440 440 440 440 440 440 Depth (mm) Interface 16 (32) 10/100 Base-T 220 350 350 350 190 Height (mm) 44 44 44 44 44 44 Depth (mm) 350 350 350 350 350 360 4.3 (4.6) 4.4 (4.7) 4.7 (5.2) 4.7 (5.3) 4.8 (5.4) 5.1 (5.6) 1000 Base-X Materials Weight (kg) (Single/Dual) 4.7 (5.2) 3.0 4.8 (5.4) 4.8 (5.5) Interface Materials 1.8 Weight (kg) (Single/Dual) PoE Switch Physical Features PoE Switch Physical Features SG2124PoE SG2024P SG2024GPoE SG2048GPoE SG2008GPoE 28.8 48.0 192.0 20.0 13.1 71.4 142.9 29.8 8 32 32 16 MAC Capacity (k) Power Supply 1+1 1+1 1+1 1 Power Supply DRAM (MB) 256 256 256 256 DRAM (MB) Switching Capacity (Gbps) Performance Throughput (Mpps) MAC Capacity (k) Hardware Basic Flash-Max Flash (MB) Switching Capacity (Gbps) Performance Throughput (Mpps) Hardware SG2148PoE 28.8 57.6 SG2124GPoE SG2124GXPoE SG2148GXPoE 96.0 144.0 288.0 19.0 26.2 71.4 131.0 202.4 16 16 32 32 32 1+1 2 1+1 1+1 2 512 512 512 512 512 64 (256) 64 (256) 64 (256) 64 (256) 64 (256) N/A 64 (256) 64 (256) 64 (256) 24 N/A N/A N/A 10/100 Base-T 24 48 N/A N/A 10/100/1000 Base-T 2 24 48 10 10/100/1000 Base-T 2 2 24 24 48 2 (Combo) 4 (Combo) 4 (Combo) 2 (Combo) 1000 Base-X 2 2 4 (Combo) 4 (Combo) 2 (Combo) Total PoE power budget (W) 740 740 740 124 N/A N/A N/A 2 2 PoE/PoE+ PoE PoE PoE PoE Power usage (W) 65.2 74.7 143.1 36.0 Width (mm) Interface 16 (32) 10/100 Base-T 440 440 440 265 Height (mm) 44 44 44 44 Depth (mm) 410 428 428 265 6.5 (7.9) 6.8 (8.6) 7.3 (9.2) 2.8 1000 Base-X PoE Materials Weight (kg) (Single/Dual) Basic Flash-Max Flash (MB) Interface 10G Total PoE power budget (W) 740 740 740 740 PoE/PoE+ PoE/PoE+ PoE/PoE+ PoE/PoE+ 65.2 102.9 74.0 81.5 138.6 Width (mm) Materials 740 PoE/PoE+ Power usage (W) PoE 440 440 440 440 440 PoE/PoE+ Height (mm) 44 44 44 44 44 Depth (mm) 428 428 438 438 438 6.8 (8.6) 8.8 7.1 (8.9) 7.2 (8.9) 9.2 Weight (kg) (Single/Dual)
  9. 9. L2/L3 Security Switch Product Specification Visual Node Manager www.handream.net Visual IP Manager Product Specification L3 Security Switch SG3000 Series Non PoE Switch Physical Features Non PoE Switch Physical Features SG3024 SG3024G SG3048G 28.8 48.0 192.0 13.1 71.4 142.9 71.4 8 32 32 32 1 1+1 1+1 1+1 256 256 256 256 Performance Throughput (Mpps) MAC Capacity (k) Power Supply Hardware DRAM (MB) SG3024GF 16 (32) 64 (256) 64 (256) 24 N/A N/A 2 24 48 12 (Combo) 2 (Combo) 4 (Combo) 4 (Combo) Power usage (W) 34.7 64.8 98.8 440 440 440 Height (mm) 44 44 44 350 350 350 Weight (kg) (Single/Dual) 4.8 (5.5) 4.7 (5.2) 3.0 SG3024GPoE 48.0 71.4 131.0 131.0 16 32 32 32 32 1+1 1+1 1+1 1+1 1+1 1+1 DRAM (MB) 512 512 512 512 512 512 64 (256) 64 (256) 64 (256) 64 (256) 64 (256) 64 (256) 24 48 N/A N/A N/A N/A 10/100/1000 Base-T 2 2 24 24 12 (Combo) 48 2 2 4 (Combo) 4 (Combo) 24 2 (Combo) 10G N/A N/A N/A 2 2 2 Power usage (W) 30.3 41.2 59.6 70.2 66.5 88.7 Width (mm) Materials 440 440 440 440 440 440 Height (mm) 44 44 44 44 44 44 350 350 350 350 350 360 4.3 (4.6) 4.4 (4.7) 4.7 (5.2) 4.7 (5.3) 4.8 (5.4) 5.1 (5.6) Depth (mm) 13.1 71.4 142.9 8 32 32 1+1 1+1 DRAM (MB) 256 256 256 16 (32) 64 (256) 24 N/A 24 4 (Combo) 4 (Combo) 740 740 PoE PoE PoE Power usage (W) 65.2 74.7 143.1 Width (mm) Materials PoE/PoE+ 440 440 44 44 Hardware Interface Weight (kg) (Single/Dual) 410 428 428 6.5 (7.9) 6.8 (8.6) 7.3 (9.2) 288.0 131.0 202.4 32 16 16 32 32 2 1+1 1+1 2 DRAM (MB) 512 512 512 512 512 64 (256) 64 (256) 64 (256) 64 (256) 64 (256) 24 48 N/A N/A N/A 2 2 24 24 48 1000 Base-X 2 2 4 (Combo) 4 (Combo) 2 (Combo) N/A N/A N/A 2 2 10G Total PoE power budget (W) Materials 740 740 740 740 740 PoE/PoE+ PoE/PoE+ PoE/PoE+ PoE/PoE+ 65.2 102.9 74.0 81.5 138.6 Width (mm) PoE PoE/PoE+ Power usage (W) 44 Depth (mm) 144.0 71.4 1+1 Basic Flash-Max Flash (MB) 440 Height (mm) 96.0 26.2 10/100/1000 Base-T 740 Total PoE power budget (W) 57.6 19.0 10/100 Base-T 48 2 (Combo) SG3148PoE SG3124GPoE SG3124GXPoE SG3148GXPoE 28.8 Power Supply N/A 2 Performance Throughput (Mpps) MAC Capacity (k) 64 (256) 10/100/1000 Base-T Switching Capacity (Gbps) 1+1 1000 Base-X PoE SG3124PoE 192.0 10/100 Base-T Interface 202.4 26.2 SG3048GPoE 28.8 Power Supply Basic Flash-Max Flash (MB) 288.0 PoE Switch Physical Features SG3024P Hardware 144.0 1000 Base-X Interface 4.8 (5.4) PoE Switch Physical Features Performance Throughput (Mpps) MAC Capacity (k) 144.0 16 Weight (kg) (Single/Dual) Switching Capacity (Gbps) SG3124GX SG3124GXF SG3148GX 19.0 Basic Flash-Max Flash (MB) 44 220 96.0 10/100 Base-T 440 Depth (mm) Materials Hardware 67.7 Width (mm) SG3124G 57.6 Power Supply 24 1000 Base-X SG3148 28.8 MAC Capacity (k) Performance Throughput (Mpps) N/A 10/100/1000 Base-T Switching Capacity (Gbps) 64 (256) 10/100 Base-T Basic Flash-Max Flash (MB) Interface SG3124 48.0 Switching Capacity (Gbps) L3 Security Switch SG3100 Series 440 440 440 440 440 PoE/PoE+ Height (mm) 44 44 44 44 44 Depth (mm) 428 428 438 438 438 6.8 (8.6) 8.8 7.1 (8.9) 7.2 (8.9) 9.2 Weight (kg) (Single/Dual)
  10. 10. L2/L3 Security Switch Product Specification Features VLAN Resiliency Link Aggregation Monitoring L2 Multicast QoS PoE Management Visual Node Manager www.handream.net Visual IP Manager SG Security Switch Features Description 4K VLAN ID 802.1Q Port based VLAN Protocol/IP Subnet/MAC based VLAN Shared VLAN Hybrid VLAN Voice VLAN 802.1ad VLAN stacking (QinQ) STP/RSTP/MSTP PVSTP ERP (Ethernet Ring Protection) Self Loop Protection SPR (Smart Port Redundancy) SSR (Smart Switch Redundancy) UDLD IEEE 802.3ad Trunk groups (12, 24) Memebers per group - 8 ports Port Mirroring 1:1, N:1, 1:N, N:N TFM (Traffic Flow Monitoring) IPv4 IGMP Snooping (v1/v2/v3) IPv6 MLD Snooping (v1/v2) 8 queue per port Rate Limit (Ingress/Egress) Diffserv Auto QoS SP, WRR, DRR IPv6 QoS Max 740W PoE Power Budget 802.3af / 802.3at Power off per PoE Port LLDP, LLDP-MED RMON (Group 1,2,3,9) Local/Remote Syslog USB Interface Support Multi OS VNM(Visual Node Manager) IPv4/IPv6 Telnet / SSH Software Download: FTP, SFTP, TFTP, USB DHCP Server/Relay IPv4/IPv6 SNMPv1/v2/v3 IPv4/IPv6 sFlow IPv4/IPv6 NTP/SNTP Power Saving 802.3az EEE Features L3 Feature Security Description IPv4 Static Routing RIPv1/v2, OSPF, BGP ECMP VRRP PIM-SM/SSM IPv6 Static Routing RIPng, OSPFv3, BGP4+ IPv4/IPv6 Dual Stack 6 to 4 Tunneling and ISATAP Security Engine DHCP Snooping Port Security IP Source Guard IPv4/IPv6 ACL - L2/L3/L4 ACL - Time Base ACL - VLAN ACL - Ingress/Egress ACL - CPU-ACL IPv4/IPv6 DHCP/NetBIOS Filtering Storm Control Embedded RADIUS Feature IP, MAC, IP+MAC Based Authentication AAA Authentication - Local, RADIUS, TACACS+ Authentication 802.1x - Multiuser, MAC Bypass, Web-Auth, Guest-VLAN IPv4/IPv6 Blocking Selective Malicious Traffic - Attack block: DoS/DDoS Attack, DHCP Attack, ICMP Attack, ARP Attack - Flooding block: TCP Syn Flooding, UDP Flooding, MAC Flooding - Spoofing block: ARP Spoofing, IP Spoofing - Scanning block Host Scanning, Port Scanning - IPv6 DAD Attack block Automatically detect/block/QoS/Rate limit and release User notification for malicious traffic Some features can be limited per switch series SG Security Switch Solution Guide L2 Security Switch SG2000 Series Fast Ethernet Giga Ethernet SG2100 Series Fast Ethernet Giga Ethernet SG2008G/SG2008GPoE SG2124/SG2124PoE SG2124G/SG2124GPoE SG2024G/SG2024GPoE SG2024/SG2024P SG2148/SG2148PoE SG2124GX/SG2124GXPoE SG2048G/SG2084GPoE SG2024GF Improved hardware performance 10G(SFP+) uplink support 802.3at(PoE+) support USB interface support 802.3az(EEE) support SG2148GX/SG2148GXPoE SG2124GXF L3 Security Switch (Support IPv4/IPv6 Routing) SG3000 Series Fast Ethernet SG3024/SG3024P Giga Ethernet SG3100 Series Fast Ethernet Giga Ethernet SG3024G/SG3024GPoE SG3124/SG3124PoE SG3124G/SG3124GPoE SG3048G/SG3084GPoE SG3148/SG3148PoE SG3124GX/SG3124GXPoE SG3024GF Improved hardware performance 10G(SFP+) uplink support 802.3at(PoE+) support USB interface support 802.3az(EEE) support SG3148GX/SG3148GXPoE SG3124GXF

×