beautypg.com

IBM REDBOOKS B24X User Manual

Page 8

background image

IBM Ethernet Switch B24X

8

Security

z

802.1x authentication, accounting, port security, and dynamic assignment for ACLs, MAC

z

filtering, and VLANs

Up to 1,534 inbound, rule-based (hardware-based) access control list (ACL) entries

z

Standard ACLs based on source IP address

z

Extended ACLs based on source and destination IP addresses or IP protocol information

z

Authorization, Authentication, and Accounting (AAA) support on RADIUS, TACACS, and

z

TACACS+

Multi-device authentication, which validates and applies security policies based on MAC

z

address information from a RADIUS server

AES encryption for SSHv2

z

Denial of Service protection against Smurf (ICMP) and TCP SYN attacks in hardware

z

Management

z

Industry-standard CLI via Telnet and SSHv2

z

Fault management integration with IBM Systems Director v6.2

z

Network-wide management of all IBM b-type system networking switches using Brocade

z

Ironview Network Manager (INM)

Simple Network Management Protocol (SNMP) v1/v2/v3

z

sFlow v5 for hardware-based packet sampling

z

Ties into industry tools such as Brocade INM and InMon products for trend analysis

z

and automated policy application

Remote Monitoring (RMON) protocol

z

Link Layer Discovery Protocol (LLDP), Cisco Discovery Protocol (CDP), and Foundry

z

Discovery Protocol (FDP)

Simple Network Time Protocol (SNTP)

z

Firmware image update via TFTP and SCP

z

Monitoring

z

Syslog support of up to six Syslog servers for centralized log collection and analysis.

z

Port mirroring of inbound and outbound traffic.

z

Digital optical monitoring monitors power levels and temperatures of optical transceivers and

z

sends an alert if operating out of specification.

Temperature monitoring sends alerts if the temperature exceeds a certain threshold and

z

shuts down the device after an extended period of time.

Port flap dampening increases network resiliency by limiting the number of port state

z

transitions on an interface.

Link Fault Signaling (LFS) detects and reports fault conditions on 10 GbE ports.

z

Uni-Directional Link Detection (UDLD) monitors the link between two devices and brings the

z

port down if the link goes down on either end.