Home » TP-Link Manuals » Hubs & Switches » TP-Link TL-SL5428E » Manual Viewer

TP-Link TL-SL5428E User Guide - Page 175

TP-Link TL-SL5428E Manual

UPC - 845973020873

Add to My Manuals
Save this manual to your list of manuals

Page 175 highlights

Figure 13-18 DoS Detect The following entries are displayed on this screen: ¾ Detect Config Detect Time: Specify the detect time for each DoS attack type except the flooding attack type. Detect: Click the Detect button to start the detection. The switch will detect each type of the DoS attack in turn. ¾ Detect Result Port: Display the port number. Attack Type: Displays the Attack Type name. Attack Count: Displays the count of the attack. Tips: You are suggested to take the following further steps to ensure the network security. 3. It's recommended to inspect and repair the system vulnerability regularly. It is also necessary to install the system bulletins and backup the important information in time. 4. The network administrator is suggested to inspect the physic environment of the network and block the unnecessary network services. 5. Enhance the network security via the protection devices, such as the hardware firewall. 13.5 802.1X The 802.1X protocol was developed by IEEE802 LAN/WAN committee to deal with the security issues of wireless LANs. It was then used in Ethernet as a common access control mechanism for LAN ports to solve mainly authentication and security problems. 802.1X is a port-based network access control protocol. It authenticates and controls devices requesting for access in terms of the ports of LAN access control devices. With the 802.1X protocol enabled, a supplicant can access the LAN only when it passes the authentication, whereas those failing to pass the authentication are denied when accessing the LAN. ¾ Architecture of 802.1X Authentication 802.1X adopts a client/server architecture with three entities: a supplicant system, an authenticator system, and an authentication server system, as shown in the following figure. 167

Section	Page
Package Contents	9
Chapter 1 About this Guide	10
1.1 Intended Readers	10
1.2 Conventions	10
1.3 Overview of This Guide	10
Chapter 2 Introduction	14
2.3.1 Front Panel	15
2.3.2 Rear Panel	16
Chapter 3 Installation	17
3.1 Precautions	17
3.2 Installation	17
3.2.1 Desktop Installation	18
3.2.2 Rack Installation	18
3.3 Connect to Ground	19
Chapter 4 Connection	22
4.1 Ethernet Ports	22
4.2 SFP Ports	22
4.3 Console Port	23
4.4 Power On	24
Chapter 5 Login to the Switch	25
5.1 Login	25
5.2 Configuration	25
Chapter 6 System	27
6.1 System Info	27
6.1.1 System Summary	27
6.1.2 Device Description	29
6.1.3 System Time	30
6.1.4 System IP	31
6.2 User Manage	32
6.2.1 User Table	32
6.2.2 User Config	32
6.3 System Tools	34
6.3.1 Config Restore	34
6.3.2 Config Backup	34
6.3.3 Firmware Upgrade	35
6.3.4 System Reboot	36
6.3.5 System Reset	36
6.4 Access Security	36
6.4.1 Access Control	36
6.4.2 SSL Config	38
6.4.3 SSH Config	39
Chapter 7 Switching	45
7.1 Port	45
7.1.1 Port Config	45
7.1.2 Port Mirror	46
7.1.3 Port Security	48
7.2 LAG	49
7.2.1 LAG Table	50
7.2.2 Static LAG	51
7.2.3 LACP Config	52
7.3 Traffic Monitor	54
7.3.1 Traffic Summary	54
7.3.2 Traffic Statistics	55
7.4 MAC Address	56
7.4.1 Address Table	57
7.4.2 Static Address	59
7.4.3 Dynamic Address	60
7.4.4 Filtering Address	62
Chapter 8 VLAN	64
8.1 802.1Q VLAN	65
8.1.1 VLAN Config	67
8.1.2 Port Config	69
8.2 MAC VLAN	71
8.2.1 MAC VLAN	71
8.2.2 Port Enable	72
8.3 Protocol VLAN	73
8.3.1 Protocol VLAN	74
8.3.2 Protocol Template	74
8.3.3 Port Enable	75
8.4 VLAN VPN	76
8.4.1 VPN Config	77
8.4.2 VLAN Mapping	78
8.4.3 Port Enable	79
8.5 GVRP	80
Chapter 9 Spanning Tree	84
9.1 STP Config	89
9.1.1 STP Config	89
9.1.2 STP Summary	91
9.2 Port Config	92
9.3 MSTP Instance	94
9.3.1 Region Config	94
9.3.2 Instance Config	95
9.3.3 Instance Port Config	96
9.4 STP Security	98
9.4.1 Port Protect	98
9.4.2 TC Protect	101
9.5 Application Example for STP Function	102
Chapter 10 Multicast	106
10.1 IGMP Snooping	108
10.1.1 Snooping Config	109
10.1.2 Port Config	110
10.1.3 VLAN Config	111
10.1.4 Multicast VLAN	113
10.2 Multicast IP	116
10.2.1 Multicast IP Table	117
10.2.2 Static Multicast IP	117
10.3 Multicast Filter	118
10.3.1 IP-Range	119
10.3.2 Port Filter	120
10.4 Packet Statistics	121
Chapter 11 QoS	123
11.1 DiffServ	126
11.1.1 Port Priority	126
11.1.2 Schedule Mode	127
11.1.3 802.1P Priority	128
11.1.4 DSCP Priority	129
11.2 Bandwidth Control	131
11.2.1 Rate Limit	131
11.2.2 Storm Control	132
11.3 Voice VLAN	133
11.3.1 Global Config	135
11.3.2 Port Config	136
11.3.3 OUI Config	137
Chapter 12 ACL	139
12.1 Time-Range	139
12.1.1 Time-Range Summary	139
12.1.2 Time-Range Create	140
12.1.3 Holiday Config	141
12.2 ACL Config	141
12.2.1 ACL Summary	142
12.2.2 ACL Create	142
12.2.3 MAC ACL	143
12.2.4 Standard-IP ACL	144
12.2.5 Extend-IP ACL	145
12.3 Policy Config	146
12.3.1 Policy Summary	146
12.3.2 Policy Create	147
12.3.3 Action Create	147
12.4 Policy Binding	149
12.4.1 Binding Table	149
12.4.2 Port Binding	149
12.4.3 VLAN Binding	150
Chapter 13 Network Security	154
13.1 IP-MAC Binding	154
13.1.1 Binding Table	154
13.1.2 Manual Binding	155
13.1.3 ARP Scanning	157
13.1.4 DHCP Snooping	158
13.2 ARP Inspection	164
13.2.1 ARP Detect	168
13.2.2 ARP Defend	169
13.2.3 ARP Statistics	170
13.5 802.1X	175
13.5.1 Global Config	179
13.5.2 Port Config	181
13.5.3 Radius Server	182
Chapter 14 SNMP	184
14.1 SNMP Config	186
14.1.1 Global Config	186
14.1.2 SNMP View	187
14.1.3 SNMP Group	188
14.1.4 SNMP User	189
14.1.5 SNMP Community	191
14.2 Notification	193
14.3 RMON	195
14.3.1 History Control	196
14.3.2 Event Config	196
14.3.3 Alarm Config	197
Chapter 15 Cluster	200
15.1 NDP	201
15.1.1 Neighbor Info	201
15.1.2 NDP Summary	202
15.1.3 NDP Config	204
15.2 NTDP	205
15.2.1 Device Table	205
15.2.2 NTDP Summary	206
15.2.3 NTDP Config	208
15.3 Cluster	209
15.3.1 Cluster Summary	209
15.3.2 Cluster Config	212
15.3.3 Member Config	214
15.3.4 Cluster Topology	215
15.4 Application Example for Cluster Function	217
Chapter 16 Maintenance	220
16.1 System Monitor	220
16.1.1 CPU Monitor	220
16.1.2 Memory Monitor	221
16.2 Log	222
16.2.1 Log Table	223
16.2.2 Local Log	223
16.2.3 Remote Log	224
16.2.4 Backup Log	225
16.3 Device Diagnose	226
16.3.1 Cable Test	226
16.3.2 Loopback	227
16.4 Network Diagnose	227
16.4.1 Ping	227
16.4.2 Tracert	228
Chapter 17 System Maintenance via FTP	230
Appendix A: Specifications	235
Appendix B: Configuring the PCs	236
Appendix C: 802.1X Client Software	239

Match case Limit results 1 per page

167

Figure 13-18 DoS Detect

The following entries are displayed on this screen:

Detect Config

Detect Time:

Specify the detect time for each DoS attack type except the

flooding attack type.

Detect:

Click the Detect button to start the detection. The switch will

detect each type of the DoS attack in turn.

Detect Result

Port:

Display the port number.

Attack Type:

Displays the Attack Type name.

Attack Count:

Displays the count of the attack.

Tips:

You are suggested to take the following further steps to ensure the network security.

It’s recommended to inspect and repair the system vulnerability regularly. It is also necessary

to install the system bulletins and backup the important information in time.

The network administrator is suggested to inspect the physic environment of the network and

block the unnecessary network services.

Enhance the network security via the protection devices, such as the hardware firewall.

13.5 802.1X

The 802.1X protocol was developed by IEEE802 LAN/WAN committee to deal with the security

issues of wireless LANs. It was then used in Ethernet as a common access control mechanism for

LAN ports to solve mainly authentication and security problems.

802.1X is a port-based network access control protocol. It authenticates and controls devices

requesting for access in terms of the ports of LAN access control devices. With the 802.1X

protocol enabled, a supplicant can access the LAN only when it passes the authentication,

whereas those failing to pass the authentication are denied when accessing the LAN.

Architecture of 802.1X Authentication

802.1X adopts a client/server architecture with three entities: a supplicant system, an

authenticator system, and an authentication server system, as shown in the following figure.