HP (Hewlett-Packard) 2500 Switch User Manual


 
21
Enhancements in Release F.05.05 through F.05.70
Enhancements in Release F.05.05 through F.05.60
The Isolated Port Groups feature originally included in release F.04.08 has been enhanced in release
F. 05 .xx with the inclusion of two new port isolation groups (group1 and group2).
Isolated port groups provide an alternative to VLANs for isolating end nodes on your network, while
simplifying network administration. This feature enables you to isolate traffic to and from specific
end-node devices, which enhances security and also helps in such areas as selectively preventing
internet use. There are, however, some limitations, as outlined in the "Rules of Operation", described
later in this section.
Caution
The Isolated Port Groups feature is intended for rare situations where using VLANs is not possible.
This feature can interfere with other switch features, and improper configuration will result in
unexpected connectivity problems. Refer to “Operating Rules for Port Isolation” on page 23.
The Isolated Port Groups feature operates within the context of the individual switch. It does not
restrict free communication on the designated uplink port(s) to other devices on the network. A node
connected to any type of port (group1, group2, private, etc.) on one Series 2500 switch can
communicate with a node connected to any type of port (group1, group2, private, etc.) on another
Series 2500 switch if the two switches are connected through their uplink ports.
Options for Isolated Port Groups
Using Isolated Port Groups, you can control traffic between ports on the switch by assigning an
appropriate port type to each port. The options include:
When you configure isolated port groups on a switch, traffic is allowed to move between the switch
ports as described in table 2 and shown in figure 7, both below.
Uplink (the default)
Public
Group1
Group2
Private
Local