Home » D-Link Manuals » Hubs & Switches » D-Link DXS-1100-10TS » Manual Viewer

D-Link DXS-1100-10TS User Manual - Page 102

Security > Safeguard Engine Settings, Security > Traffic Segmentation Settings

View all D-Link DXS-1100-10TS manuals

Add to My Manuals
Save this manual to your list of manuals

Page 102 highlights

4 Configuration D-Link 10 Gigabit Ethernet Switch User Manual The fields that can be configured are described below: From Port / To Port: Select the appropriate port range used for the configuration here. Gateway IP: Enter the gateway's IP address used here. Gateway MAC: Enter the gateway's MAC address used here. Click Apply to accept the changes made. Click Delete to remove the specified entry. Security > Safeguard Engine Settings This window is used to view and configure the safeguard engine settings. Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP Storm) or other methods. These attacks may increase the switch's CPU load beyond its capability. To alleviate this problem, the Safeguard Engine function was added to the Switch's software. The Safeguard Engine can help the overall operability of the Switch by minimizing the workload of the Switch while the attack is ongoing, thus making it capable to forward essential packets over its network in a limited bandwidth. If the CPU load rises above the rising threshold value, the Safeguard Engine function will be activated and the Switch will enter the exhausted mode. In the exhausted mode, the Switch will limit the bandwidth available for ARP and broadcast IP packets. If the CPU load falls below the falling threshold value, the Safeguard Engine will be deactivated and the Switch will exit the exhausted mode and enter the normal mode. Figure 4.136 - Security > Safeguard Engine Settings The fields that can be configured are described below: Safeguard Engine State: Enable or disable the safeguard engine feature here. Trap State: Select to enable or disable the safeguard engine trap state here. Rising Threshold: Enter the rising threshold value here. This value must be between 20% and 100%. This value is used to configure the acceptable level of CPU utilization before the Safeguard Engine mechanism is enabled. Once the CPU utilization reaches this percentage level, the Switch will move into Exhausted mode, based on the parameters provided in this window. Falling Threshold: Enter the falling threshold value here. This value must be between 20% and 100%. This value is used to configure the acceptable level of CPU utilization as a percentage, where the Switch leaves the Safeguard Engine state and returns to normal mode. Click Apply to accept the changes made. Security > Traffic Segmentation Settings This window is used to view and configure the traffic segmentation settings. When the traffic segmentation forwarding domain is specified, packets received by the port will be restricted in Layer 2 packet forwarding to interfaces within the domain. When the forwarding domain of a port is empty, Layer 2 forwarding for packets received by the port is not restricted. 95

Section	Page
Table of Contents	4
Intended Readers	8
Terms/Usage	8
Safety Instructions	8
General Precautions for Rack-Mountable Products	9
Protecting Against Electrostatic Discharge	10
1 Product Introduction	11
DXS-1100-10TS	12
Front Panel	12
Rear Panel	12
Side Panels	12
DXS-1100-16TC	13
Front Panel	13
Rear Panel	13
Side Panels	13
2 Hardware Installation	15
Step 1: Unpacking	15
Step 2: Switch Installation	15
Desktop or Shelf Installation	15
Rack Installation	15
Step 3: Plugging in the AC Power Cord with Power Cord Retainer	17
Power Failure	19
3 Getting Started	20
Management Options	20
Using Web-based Management	20
Supported Web Browsers	20
Connecting to the Switch	20
Login Web-based Management	20
Smart Wizard	21
Web-based Management	21
D-Link Network Assistant (DNA)	21
4 Configuration	23
Smart Wizard Configuration	23
System IP Information	23
User Accounts Settings	24
SNMP	25
Web-based Management	26
Tool Bar > Save Menu	27
Save Configuration	27
Tool Bar > Tools Menu	27
Firmware Upgrade and Backup	27
Firmware Upgrade from HTTP	27
Firmware Upgrade from TFTP	28
Firmware Backup to HTTP	28
Firmware Backup to TFTP	29
Configuration Restore and Backup	29
Configuration Restore from HTTP	29
Configuration Restore from TFTP	30
Configuration Backup to HTTP	30
Configuration Backup to TFTP	30
Log Backup	31
Log Backup to HTTP	31
Log Backup to TFTP	31
Ping	32
Reset	33
Reboot System	33
Tool Bar > Wizard	33
Tool Bar > Online Help	34
Function Tree	35
Device Information	35
System > System Information Settings	36
System > Peripheral Settings	36
System > Port Configuration > Port Settings	37
System > Port Configuration > Port Status	38
System > Port Configuration > Error Disable Settings	38
System > Port Configuration > Jumbo Frame	39
System > System Log > System Log Settings	40
System > System Log > System Log Discriminator Settings	41
System > System Log > System Log Server Settings	41
System > System Log > System Log	42
System > System Log > System Attack Log	42
System > Time and SNTP > Clock Settings	42
System > Time and SNTP > Time Zone Settings	43
System > Time and SNTP > SNTP Settings	44
System > Time Range	45
Management > User Accounts Settings	45
Management > Password Encryption	46
Management > SNMP > SNMP Global Settings	46
Management > SNMP > SNMP Linkchange Trap Settings	47
Management > SNMP > SNMP View Table Settings	48
Management > SNMP > SNMP Community Table Settings	49
Management > SNMP > SNMP Group Table Settings	49
Management > SNMP > SNMP Engine ID Local Settings	50
Management > SNMP > SNMP User Table Settings	51
Management > SNMP > SNMP Host Table Settings	51
Management > RMON > RMON Global Settings	52
Management > RMON > RMON Statistics Settings	53
Management > RMON > RMON History Settings	53
Management > RMON > RMON Alarm Settings	54
Management > RMON > RMON Event Settings	55
Management > Web	55
Management > Session Timeout	56
Management > File System	56
Management > D-Link Discovery Protocol	57
L2 Features > FDB > Static FDB > Unicast Static FDB	58
L2 Features > FDB > Static FDB > Multicast Static FDB	59
L2 Features > FDB > MAC Address Table Settings	59
L2 Features > FDB > MAC Address Table	60
L2 Features > FDB > MAC Notification	61
L2 Features > VLAN > 802.1Q VLAN	61
L2 Features > VLAN > Asymmetric VLAN	62
L2 Features > VLAN > VLAN Interface	62
L2 Features > VLAN > Auto Surveillance VLAN > Auto Surveillance Properties	63
L2 Features > VLAN > Auto Surveillance VLAN > MAC Settings and Surveillance Device	64
L2 Features > VLAN > Voice VLAN > Voice VLAN Global	65
L2 Features > VLAN > Voice VLAN > Voice VLAN Port	66
L2 Features > VLAN > Voice VLAN > Voice VLAN OUI	66
L2 Features > VLAN > Voice VLAN > Voice VLAN Device	67
L2 Features > VLAN > Voice VLAN > Voice VLAN LLDP-MED Device	67
L2 Features > STP > STP Global Settings	67
L2 Features > STP > STP Port Settings	68
L2 Features > STP > STP Global Information	70
L2 Features > STP > STP Port Information	70
L2 Features > Loopback Detection	70
L2 Features > Link Aggregation	71
L2 Features > L2 Multicast Control> IGMP Snooping > IGMP Snooping Settings	73
L2 Features > L2 Multicast Control> IGMP Snooping > IGMP Snooping Groups Settings	75
L2 Features > L2 Multicast Control> IGMP Snooping > IGMP Snooping Mrouter Settings	76
L2 Features > L2 Multicast Control> IGMP Snooping > IGMP Snooping Statistics Settings	77
L2 Features > L2 Multicast Control> MLD Snooping > MLD Snooping Settings	77
L2 Features > L2 Multicast Control> MLD Snooping > MLD Snooping Groups Settings	80
L2 Features > L2 Multicast Control> MLD Snooping > MLD Snooping Mrouter Settings	81
L2 Features > L2 Multicast Control> MLD Snooping > MLD Snooping Statistics Settings	81
L2 Features > L2 Multicast Control> Multicast Filtering	82
L2 Features > LLDP > LLDP Global Settings	83
L2 Features > LLDP > LLDP Port Settings	83
L2 Features > LLDP > LLDP Management Address List	84
L2 Features > LLDP > LLDP Basic TLVs Settings	85
L2 Features > LLDP > LLDP Dot1 TLVs Settings	85
L2 Features > LLDP > LLDP Dot3 TLVs Settings	86
L2 Features > LLDP > LLDP-MED Port Settings	87
L2 Features > LLDP > LLDP Statistics Information	88
L2 Features > LLDP > LLDP Local Port Information	89
L2 Features > LLDP > LLDP Neighbor Port Information	91
L3 Features > IPv4 Interface	91
L3 Features > IPv6 Interface	92
L3 Features > IPv6 Neighbor	93
L3 Features > IPv6 Route Table	94
QoS > Basic Settings > Port Default CoS	94
QoS > Basic Settings > Port Scheduler Method	94
QoS > Basic Settings > Queue Settings	95
QoS > Basic Settings > CoS to Queue Mapping	96
QoS > Basic Settings > Port Rate Limiting	97
QoS > Advanced Settings > Port Trust State	97
QoS > Advanced Settings > DSCP CoS Mapping	98
Security > Port Security > Port Security Global Settings	99
Security > Port Security > Port Security Port Settings	100
Security > Port Security > Port Security Address Entries	101
Security > ARP Spoofing Prevention	101
Security > Safeguard Engine Settings	102
Security > Traffic Segmentation Settings	102
Security > Storm Control	103
Security > DoS Attack Prevention Settings	104
Security > SSL > SSL Global Settings	105
Security > SSL > Crypto PKI Trustpoint	107
Security > SSL > SSL Service Policy	107
OAM > Cable Diagnostics	108
Monitoring > Utilization > Port Utilization	109
Monitoring > Statistics > Port	109
Monitoring > Statistics > Port Counters	111
Monitoring > Statistics > Counters	113
Monitoring > Mirror Settings	114
Monitoring > Device Environment	115
Green > Power Saving	115
Green > EEE	117
Appendix A - Technical Specifications	119
Hardware Specifications	119
Key Components / Performance	119
Port Functions	119
Physical & Environment	119
Emission (EMI) Certifications	119
Safety Certifications	119
Features	119
L2 Features	119
L3 Features	120
VLAN	120
QoS (Quality of Service)	120
Security	120
OAM	120
Management	120

Match case Limit results 1 per page

4 Configuration

D-Link 10 Gigabit Ethernet Switch User Manual

The fields that can be configured are described below:

From Port / To Port:

Select the appropriate port range used for the configuration here.

Gateway IP:

Enter the gateway’s IP address used here.

Gateway MAC:

Enter the gateway’s MAC address used here.

Click

Apply

to accept the changes made.

Click

Delete

to remove the specified entry.

Security > Safeguard Engine Settings

This window is used to view and configure the safeguard engine settings. Periodically, malicious hosts on

the network will attack the Switch by utilizing packet flooding (ARP Storm) or other methods. These attacks

may increase the switch’s CPU load beyond its capability. To alleviate this problem, the Safeguard Engine

function was added to the Switch’s software.

The Safeguard Engine can help the overall operability of the Switch by minimizing the workload of the Switch

while the attack is ongoing, thus making it capable to forward essential packets over its network in a limited

bandwidth.

If the CPU load rises above the rising threshold value, the Safeguard Engine function will be activated and

the Switch will enter the exhausted mode. In the exhausted mode, the Switch will limit the bandwidth

available for ARP and broadcast IP packets. If the CPU load falls below the falling threshold value, the

Safeguard Engine will be deactivated and the Switch will exit the exhausted mode and enter the normal

mode.

Figure 4.136 – Security > Safeguard Engine Settings

The fields that can be configured are described below:

Safeguard Engine State:

Enable or disable the safeguard engine feature here.

Trap State:

Select to enable or disable the safeguard engine trap state here.

Rising Threshold:

Enter the rising threshold value here. This value must be between 20% and 100%. This

value is used to configure the acceptable level of CPU utilization before the Safeguard Engine mechanism is

enabled. Once the CPU utilization reaches this percentage level, the Switch will move into Exhausted mode,

based on the parameters provided in this window.

Falling Threshold:

Enter the falling threshold value here. This value must be between 20% and 100%. This

value is used to configure the acceptable level of CPU utilization as a percentage, where the Switch leaves

the Safeguard Engine state and returns to normal mode.

Click

Apply

to accept the changes made.

Security > Traffic Segmentation Settings

This window is used to view and configure the traffic segmentation settings. When the traffic segmentation

forwarding domain is specified, packets received by the port will be restricted in Layer 2 packet forwarding to

interfaces within the domain. When the forwarding domain of a port is empty, Layer 2 forwarding for packets

received by the port is not restricted.