Home » Dell Manuals » Hubs & Switches » Dell PowerConnect 3524 » Manual Viewer

Dell PowerConnect 3524 User's Guide - Page 25

Security Features

View all Dell PowerConnect 3524 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 25 highlights

802.1ab (LLDP-MED) The Link Layer Discovery Protocol (LLDP) allows network managers to troubleshoot and enhance network management by discovering and maintaining network topologies over multi-vendor environments. LLDP discovers network neighbors by standardizing methods for network devices to advertise themselves to other systems, and to store discovered information. The multiple advertisement sets are sent in the packet Type Length Value (TLV) field. LLDP devices must support chassis and port ID advertisement, as well as system name, system ID, system description, and system capability advertisements. LLDP Media Endpoint Discovery (LLDP-MED) increases network flexibility by allowing different IP systems to co-exist on a single network LLDP. It provides detailed network topology information, emergency call service via IP Phone location information, and troubleshooting information. Security Features SSL Secure Socket Layer (SSL) is an application-level protocol that enables secure transactions of data through privacy, authentication, and data integrity. It relies upon certificates and public and private keys. Port Based Authentication (802.1x) Port based authentication enables authenticating system users on a per-port basis via an external server. Only authenticated and approved system users can transmit and receive data. Ports are authenticated via the Remote Authentication Dial In User Service (RADIUS) server using the Extensible Authentication Protocol (EAP). Dynamic VLAN Assignment (DVA) allows network administrators to automatically assign users to VLANs during the RADIUS server authentication. For more information, see "Port Based Authentication." Locked Port Support Locked Port increases network security by limiting access on a specific port only to users with specific MAC addresses. These addresses are either manually defined or learned on that port. When a frame is seen on a locked port, and the frame source MAC address is not tied to that port, the protection mechanism is invoked. For more information, see "Configuring Port Security." RADIUS Client RADIUS is a client/server-based protocol. A RADIUS server maintains a user database, which contains per-user authentication information, such as user name, password and accounting information. For more information, see "Configuring RADIUS Settings." Introduction 25

Section	Page
User’s Guide	1
Contents	3
Introduction	11
System Description	11
PowerConnect 3524	11
PowerConnect 3524P	11
PowerConnect 3548	12
PowerConnect 3548P	12
Stacking Overview	12
Understanding the Stack Topology	13
Stacking Failover Topology	13
Stacking Members and Unit ID	13
Removing and Replacing Stacking Members	14
Exchanging Stacking Members	15
Switching from the Stack Master to the Backup Stack Master	17
Features Overview	17
IP Version 6 (IPv6) Support	17
Power over Ethernet	17
Head of Line Blocking Prevention	18
Flow Control Support (IEEE 802.3X)	18
Back Pressure Support	18
Virtual Cable Testing (VCT)	18
MDI/MDIX Support	18
Auto Negotiation	18
MAC Address Supported Features	19
Layer 2 Features	20
VLAN Supported Features	21
Spanning Tree Protocol Features	21
Link Aggregation	22
Quality of Service Features	23
Device Management Features	23
Security Features	25
Additional CLI Documentation	26
Hardware Description	27
Port Description	27
PowerConnect 3524 Port Description	27
The back panel contains an RPS connector, console port, and power connector.	28
PowerConnect 3548 Port Description	28
SFP Ports	29
RS-232 Console Port	29
Physical Dimensions	30
LED Definitions	30
Gigabit Port LEDs	32
System LEDs	33
Power Supplies	35
Stack ID Button	36
Reset Button	37
Ventilation System	37
Installing the PowerConnect 3524/P and PowerConnect 3548/P	39
Site Preparation	39
Unpacking	39
Package Contents	39
Unpacking the Device	40
Mounting the Device	40
Installing in a Rack	40
Installing on a Flat Surface	41
Installing the Device on a Wall	42
Connecting to a Terminal	43
Connecting a Device to a Power Supply	44
Installing a Stack	44
Overview	44
Stacking PowerConnect 35xx Series Systems Switches	45
Unit ID Selection Process	46
Starting and Configuring the Device	47
Connecting to the Device	47
Configuring PowerConnect 3524/P and 3548/P	49
Configuration Procedures	49
Booting the Switch	50
Initial Configuration	50
Advanced Configuration	54
Retrieving an IP Address From a DHCP Server	54
Receiving an IP Address From a BOOTP Server	56
Security Management and Password Configuration	56
Configuring Login Banners	59
Startup Procedures	59
Startup Menu Procedures	59
Software Download Through TFTP Server	63
Port Default Settings	66
Auto-Negotiation	66
MDI/MDIX	66
Flow Control	66
Back Pressure	66
Switching Port Default Settings	67
Using Dell OpenManage Switch Administrator	69
Starting the Application	69
Understanding the Interface	69
Device Representation	71
Using the Switch Administrator Buttons	72
Information Buttons	72
Device Management Buttons	72
Field Definitions	73
Accessing the Device Through the CLI	73
Terminal Connection	73
Telnet Connection	74
Using the CLI	74
Command Mode Overview	74
User EXEC Mode	75
Privileged EXEC Mode	75
Global Configuration Mode	76
Configuring System Information	77
Defining General Switch Information	78
Viewing Switch Asset Information	78
Asset	78
Defining System Time Settings	84
Viewing System Health Information	90
Managing Power over Ethernet	92
Viewing Version Information	98
Managing Stack Members	99
Resetting the Device	100
Configuring SNTP Settings	101
Defining SNTP Global Settings	103
Defining SNTP Authentication Methods	105
Defining SNTP Servers	107
Defining SNTP Interfaces	111
Managing Logs	113
Defining Global Log Parameters	114
Viewing the RAM Log Table	118
Viewing the Log File Table	120
Viewing the Device Login History	121
Modifying Remote Log Server Definitions	123
Defining IP Addressing	128
Configuring the Internet Protocol Version 6 (IPv6)	129
Defining IPv4 Default Gateways	129
Defining IPv4 Interfaces	131
Defining DHCP IPv4 Interface Parameters	134
Defining IPv6 Interfaces	137
Defining IPv6 Default Gateway	142
Defining IPv6 ISATAP Tunnels	145
Defining IPv6 Neighbors	148
Viewing the IPv6 Routes Table	152
Configuring Domain Name Systems	154
Defining Default Domains	157
Mapping Domain Host	159
Defining ARP Settings	162
Running Cable Diagnostics	165
Viewing Copper Cable Diagnostics	165
Viewing Optical Transceiver Diagnostics	167
Managing Management Security	170
Defining Access Profiles	170
Defining Authentication Profiles	177
Selecting Authentication Profiles	181
Managing Passwords	184
Displaying Active Users	187
Defining the Local User Databases	189
Defining Line Passwords	192
Defining Enable Passwords	194
Defining TACACS+ Settings	196
Configuring RADIUS Settings	200
Configuring LLDP and MED	205
Defining LLDP Properties	207
Configuring LLDP Using CLI Commands	208
Defining LLDP Port Settings	208
Defining LLDP MED Network Policy	211
Defining LLDP MED Port Settings	213
Viewing the LLDP Neighbors Information	217
Defining SNMP Parameters	219
Defining SNMP Global Parameters	220
Defining SNMP View Settings	223
Defining SNMP Access Control	227
Assigning SNMP User Security	230
Defining SNMP Communities	234
Defining SNMP Notification Filters	238
Defining SNMP Notification Recipients	240
Managing Files	246
Downloading Files	247
Uploading Files	250
Activating Image Files	253
Copying Files	255
Managing Device Files	257
Configuring Advanced Settings	259
Configuring General Settings	259
Configuring Switch Information	261
Configuring Network Security	261
Port Based Authentication	262
Configuring Advanced Port Based Authentication	268
Authenticating Users	271
Configuring Port Security	273
ACL Overview	276
Defining IP based ACLs	277
Defining MAC Based Access Control Lists	283
Defining ACL Binding	286
Configuring DHCP Snooping	288
Defining DHCP Snooping Global Parameters	289
Defining DHCP Snooping on VLANs	291
Defining Trusted Interfaces	292
Adding Interfaces to the DHCP Snooping Database	294
Configuring Ports	297
Defining Port Configuration	297
Defining LAG Parameters	304
Enabling Storm Control	308
Defining Port Mirroring Sessions	312
Configuring Address Tables	315
Defining Static Addresses	315
Viewing Dynamic Addresses	318
Configuring GARP	321
Defining GARP Timers	322
Configuring the Spanning Tree Protocol	325
Defining STP Global Settings	325
Defining STP Port Settings	331
Defining STP LAG Settings	336
Defining Rapid Spanning Tree	339
Configuring Multiple Spanning Tree	343
Defining MSTP Interface Settings	347
Configuring VLANs	351
Defining VLAN Membership	352
Defining VLAN Ports Settings	357
Defining VLAN LAGs Settings	359
Binding MAC Address to VLANs	362
Defining VLAN Protocol Groups	364
Adding Interfaces to Protocol Groups	367
Configuring GVRP Parameters	369
Configuring Voice VLAN	374
Defining Voice VLAN Global Parameters	374
Defining Voice VLAN Port Settings	377
Defining OUIs	379
Aggregating Ports	382
Defining LACP Parameters	383
Defining LAG Membership	385
Multicast Forwarding Support	387
Defining Multicast Global Parameters	387
Adding Bridge Multicast Address Members	389
Assigning Multicast Forward All Parameters	394
IGMP Snooping	396
Unregistered Multicast	401
Viewing Statistics	405
Viewing Tables	405
Viewing Utilization Summary	405
Viewing Counter Summary	407
Viewing Interface Statistics	408
Viewing Etherlike Statistics	411
Viewing GVRP Statistics	414
Viewing EAP Statistics	418
Viewing EAP Statistics Using the CLI Commands	419
Viewing RMON Statistics	420
Viewing RMON Statistics Group	420
Viewing RMON History Control Statistics	423
Viewing the RMON History Table	425
Defining Device RMON Events	428
Viewing the RMON Events Log	430
Defining RMON Device Alarms	431
Viewing Charts	435
Viewing Port Statistics	436
Viewing LAG Statistics	437
Viewing the CPU Utilization	439
Viewing CPU Utilization Using CLI Commands	440
Configuring Quality of Service	441
Quality of Service (QoS) Overview	441
CoS Services	442
Configuring QoS Global Settings	443
Defining QoS Interface Settings	445
Defining Bandwidth Settings	446
Mapping CoS Values to Queues	448
Mapping DSCP Values to Queues	450
Glossary	453
Device Feature Interaction Information	467

Match case Limit results 1 per page

Introduction

802.1ab (LLDP-MED)

The Link Layer Discovery Protocol (LLDP) allows network managers to troubleshoot and enhance

network management by discovering and maintaining network topologies over multi-vendor

environments. LLDP discovers network neighbors by standardizing methods for network devices to

advertise themselves to other systems, and to store discovered information. The multiple advertisement

sets are sent in the packet

Type Length Value

(TLV) field. LLDP devices must support chassis and port

ID advertisement, as well as system name, system ID, system description, and system capability

advertisements.

LLDP Media Endpoint Discovery

(LLDP-MED) increases network flexibility by allowing different

IPsystems to co-exist on a single network LLDP. It provides detailed network topology information,

emergency call service via IP Phone location information, and troubleshooting information.

Security Features

SSL

Secure Socket Layer (SSL) is an application-level protocol that enables secure transactions of data

through privacy, authentication, and data integrity. It relies upon certificates and public and private keys.

Port Based Authentication (802.1x)

Port based authentication enables authenticating system users on a per-port basis via an external server.

Only authenticated and approved system users can transmit and receive data. Ports are authenticated via

the Remote Authentication Dial In User Service (RADIUS) server using the Extensible Authentication

Protocol (EAP). Dynamic VLAN Assignment (DVA) allows network administrators to automatically

assign users to VLANs during the RADIUS server authentication.

For more information, see "Port Based Authentication."

Locked Port Support

Locked Port increases network security by limiting access on a specific port only to users with specific

MAC addresses. These addresses are either manually defined or learned on that port. When a frame is

seen on a locked port, and the frame source MAC address is not tied to that port, the protection

mechanism is invoked.

For more information, see "Configuring Port Security."

RADIUS Client

RADIUS is a client/server-based protocol. A RADIUS server maintains a user database, which contains

per-user authentication information, such as user name, password and accounting information.

For more information, see "Configuring RADIUS Settings."