Planet Technology SGSD-1022P Switch User Manual

Open as PDF

of 688

User’s Manual of SGSD-1022 / SGSD-1022P

SGSW-2840 / SGSW-2840P

292

4.11.9 Client Security

This Managed Switch supports many methods of segregating traffic for clients attached to each of the data ports, and for

ensuring that only authorized clients gain access to the network. Private VLANs and port-based authentication using IEEE

802.1X are commonly used for these purposes. In addition to these methods, several other options of providing client security

are supported by this switch. These include port-based authentication, which can be configured for network client access by

specifying a fixed set of MAC addresses. The addresses assigned to DHCP clients can also be carefully controlled using static

or dynamic bindings with the IP Source Guard and DHCP Snooping commands.

This Managed Switch provides client security using the following options:

• Private VLANs – Provide port-based security and isolation between ports within the assigned VLAN. (See “Private VLANs”)

• Port Security – Configure secure addresses for individual ports.

• 802.1X – Use IEEE 802.1X port authentication to control access to specific ports. (See “Configuring 802.1X Port

Authentication”.)

• Web Authentication - Allows stations to authenticate and access the network in situations where 802.1X or Network Access

authentication methods are infeasible or impractical.

• Network Access - Configures MAC authentication and dynamic VLAN assignment.

• ACL -Access Control Lists provide packet filtering for IP frames (based on address, protocol, Layer 4 protocol port number or

TCP control code) or any frames (based on MAC address or Ethernet type).

• DHCP Snooping – Filters IP traffic on unsecure ports for which the source address cannot be identified via DHCP snooping

nor static source bindings. (See “DHCP Snooping”.)

• IP Source Guard – Filters untrusted DHCP messages on unsecure ports by building and maintaining a DHCP snooping

binding table. (See “IP Source Guard”.)

The priority of execution for the filtering commands is Port Security, Port Authentication,

Network Access, Web Authentication, Access Control Lists, IP Source Guard, and then

DHCP Snooping.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Planet Technology SGSD-1022P Switch User Manual