Amer Networks SS2GD8IP User Manual

Publication date: Dec., 2010

Revision B1

5

policy can be applied to any port. This makes it very easy to determine what
type of ACL policy you will be working with.

IP-MAC-Port Binding:

The IP network layer uses a four-byte address. The Ethernet link layer uses
a six-byte MAC address. Binding these two address types together allows
the transmission of data between the layers. The primary purpose of IP-
MAC binding is to restrict the access to a switch to a number of authorized
users. Only the authorized client can access the Switch’s port by checking
the pair of IP-MAC Addresses and port number with the pre-configured
database. If an unauthorized user tries to access an IP-MAC binding
enabled port, the system will block the access by dropping its packet.

SSL and SSH for secure Management: (Optional by Project Requirement, Refer
to device’s FW v5.0x upper)

Secure Sockets Layer (SSL) supports the encryption for all HTTP traffic,
allowing secure access to the browser-based management GUI in the
switch. And Secure Shell (SSH) which supports the encryption for all
transmitted data for secure, remote command-line interface (CLI) access
over IP networks

Note: The SSL only provide the CLI for switch management and SSH

default enable without UI for management.

TACACS+: (Optional by Project Requirement, Refer to device’s FW v5.0x
upper)

The switch supports to ease switch management security administration by
using a password with Cisco TACACS+ authentication server

Syslog:

The Syslog is a standard for logging program messages . It allows
separation of the software that generates messages from the system that
stores them and the software that reports and analyzes them. It is
supported by a wide variety of devices and receivers across multiple
platforms.