6 System Firmware Version 3.2.0.6
¾ RADIUS Enhancements
• The maximum number of RADIUS servers supported has increased from three to 32.
• RADIUS servers with the same name can be used as Backups (RADIUS Authentication and
Accounting servers)
• Simultaneous Transactions to Multiple RADIUS Servers
• RADIUS Accounting – Allows a client the ability to deliver accounting information about a user to an
Accounting server.
¾ IPv6 support for QoS (ACL/DiffServ)
Extends the existing QoS ACL and DiffServ functionality by providing support for IPv6 packet
classification. Ethernet IPv6 packets are distinguished from IPv4 packets by a unique Ethertype value (all
IPv6 classifiers include the Ethertype field).
¾ Auto VoIP
This provides ease of use in configuring VoIP for IP phones on the switch. This is accomplished by
enabling a VoIP profile that a user can select on a per port basis.
¾ Dynamic ACL Management
The number of rules allowed per ACL has been increased to the maximum allowed by the silicon (127
rules). This will allow all available rules to be assigned to a single ACL. However, the user is no longer
guaranteed to be able to apply an ACL if the number of rules is over-subscribed. Refer to the
Configuration
Guide for details.
¾ SCPv2, SFTP
Adds the ability for the user to securely transfer files to/or from the switch. It makes use of the Secure Copy
Protocol (SCP) and SSH File Transfer Protocol (SFTP). SSH client login is used to establish a secure
connection to the remote server before the file transfer begins.
¾ Captive Portal
This allows administrators to block clients from accessing the network until user verification has been
established or authenticated. Verification can be configured to allow access for both guest and
authenticated users. Authenticated users must be validated against a database of authorized Captive Portal
users before access is granted.
¾ 802.1x MAC Authentication Bypass (MAB)
Provides 802.1x unaware clients controlled access to the network using the device MAC address as an
identifier. This requires that the known and allowable MAC address and corresponding access rights be
pre-populated in the authentication server. MAB only works when the port control mode of the port is
MAC-based.