Foreword General This manual introduces the web operations of the hardened managed switch (hereinafter referred to as "the Switch"). Read carefully before using the device, and keep the manual safe for future reference. Safety Instructions The following categorized signal words with defined meaning might appear in the manual. Signal Words Meaning Indicates a high potential hazard which, if not avoided, will result in...
Page 3
● There might be errors in the print or deviations in the description of the functions, operations and technical data. If there is any doubt or dispute, we reserve the right of final explanation. ● Upgrade the reader software or try other mainstream reader software if the manual (in PDF format) cannot be opened.
Important Safeguards and Warnings This section introduces content covering the proper handling of the device, hazard prevention, and prevention of property damage. Read carefully before using the device, and comply with the guidelines when using it. Transportation Requirements Transport the device under allowed humidity and temperature conditions. Storage Requirements Store the device under allowed humidity and temperature conditions.
Page 5
Operation Requirements ● Do not disassemble the device without professional instruction. ● Operate the device within the rated range of power input and output. ● Make sure that the power supply is correct before use. ● Make sure the device is powered off before disassembling wires to avoid personal injury. ●...
Table of Contents Foreword ........................................I Important Safeguards and Warnings ............................III 1 Login ........................................... 1 2 Quick Configuration .................................... 2 2.1 General ......................................2 2.2 Port Information ..................................2 2.3 Onvif ......................................... 3 2.4 IPC and NVR ....................................4 3 Maintenance ......................................5 3.1 Configuring System Time ..............................
Page 7
4.8 MAC Table ....................................19 4.8.1 Adding MAC Table ................................ 19 4.8.2 Filtering Port MAC ................................ 20 5 PoE Management ....................................22 5.1 Configuring PoE Settings ..............................22 5.2 Configuring Long Distance PoE ............................23 5.3 Viewing PoE Event Statistics .............................. 23 5.4 Configuring Green PoE .................................
1 Login Prerequisites Before login, make sure: ● You have already configured the IP address of the switch. The IP address of VLAN 1 is 192.168.1.110 by default. ● The computer is connected to the network and can ping the switch. Procedure Step 1 Enter the IP address (192.168.1.110 by default) of the switch in the address bar of the web...
2 Quick Configuration You can view the system information, and configure the switch parameters including ONVIF, IP address and more. The pages on the manual are for reference only, and might differ from the actual pages. 2.1 General Select Quick Config > General, you can view the device name, IP address, subnet mask and default gateway of the switch.
Figure 2-2 Port information Table 2-1 Port information Parameter Description Port Displays all ports of the switch. Includes three types: Access, Hybrid, and Trunk. Type Includes two status: Up and Down. Link status ● Up: The port is connected. ● Down: The port is not connected or the connection fails. ●...
Figure 2-3 Onvif information 2.4 IPC and NVR Select Quick Config > IPC&NVR, you can view the information on the IPC, NVR and other devices connected to the switch.
3 Maintenance 3.1 Configuring System Time You can view and configure the system date and time zone of the device. Step 1 Select Maintenance > System Time Step 2 Configure the system time. There are 2 methods: ● Manually configure the System Time and Time Zone, and then click OK. ●...
Figure 3-2 Change password 3.4 Configuring Firmware Select Maintenance > Firmware Config, you can restore the device, update system and restart device. Restore Factory Default Click Restore Now to restore all the device parameters to the factory defaults. Update Software Click Browse to import the update file, and then click Update Now.
3.5 Viewing Device Information Select Maintenance > Device Info, you can view the information on System, Software, Hardware and Time. Figure 3-4 Device information 3.6 Viewing Log Information You can view log information on the device operations. Step 1 Select Maintenance > Log. Step 2 Configure Start Time and End Time.
Figure 3-5 Log information Table 3-1 Parameter description Parameter Description Backup Tap to back up the searched logs. Clear Tap to clear all the searched logs. Encrypt Log Backup Click the checkbox to encrypt the back-up logs. 3.7 Status Monitoring Select Maintenance >...
Figure 3-7 Diagnosis 3.9 Mirroring Step 1 Select Maintenance > Mirror. Step 2 Click Add. Step 3 In Add Mirroring Grouppage, select Mirroring Group No., Destination Port and TX, RX, and Both according to the actual situation. Step 4 Click OK. Figure 3-8 Add mirroring group...
4 Network Settings 4.1 configuring Ports You can configure the port parameters, including speed/duplexing, flow control, and other parameters. The port parameters will directly affect the working mode of the port. Make configurations according to the practical requirements. Step 1 Select Network Settings >...
Parameter Description Set the speed and the duplex mode from Down, Auto, 10M Speed duplexing Half, 10M Full, 100M Half, 100M Full, and 1000M Full. ● : Enable the port flow control function. Flow control ● : Disable the port flow control function. RX usage Displays the receiving usage.
4.2.4 Adding VLAN You can add the port to the VLAN. The VLAN is VLAN1 by default. Select Network Settings > VLAN > Add VLAN. Step 1 Step 2 Click Add, enter the VLAN ID and Description in the Add VLAN window. Click OK.
Figure 4-3 Configure VLAN Table 4-2 Port VLAN configuration parameter Parameter Description Port Displays all ports of the switch. Mode Includes three modes: Access, Hybrid, and Trunk. Add the port to a VLAN, and all ports belong to VLAN 1 by default. The range is from 1 to 4094.
Step 3 Click next to IGMP Leave Group Messages to enable the function. Step 4 Click OK. 4.4 Configuring STP 4.4.1 STP Step 1 Select Network Settings > STP. next to STP to enable STP function. Step 2 Click Step 3 Select Working Mode.
Parameter Description After setting topological change, the bridge maintains the time of Forwarding delay time snooping and study state. The time ranges from 4 seconds to 30 seconds. Bridge priority The value ranges from 0 to 61440. 4.4.2 Port Instance Step 1 Select Network Settings >...
● Only the ports with the same speed rate, duplex, long distance and VLAN configuration can be in the one aggregation group. Step 1 Select Network Settings > Link Aggregation. Step 2 Click Add. Step 3 Select the Aggregation Group No.. Step 4 Select the Aggregation Group Mode from Static, LACP Active, LACP Passive, and Close.
Internet, and it is widely applied for accessing and managing the managed devices. SNMP has the following features: ● It supports intelligent management for network device. By using the network management platform based on SNMP, the network administrator can query the running status and the parameters of the network device, and can configure the parameter, find the error, perform fault diagnosis, and then plan the capacity and create the report.
Parameter Description Set authentication mode when the security level is Authentication no encryption or Authentication and Authentication type encryption. The authentication mode includes MD5 and SHA. Authentication password Set authentication password. Set encryption mode when the authentication mode is Encryption type Authentication and encryption.
Figure 4-9 Add MAC table Related Operations ● Delete static MAC address: Select a MAC and click Delete. ● Refresh the MAC address list: Click Refresh or enable Auto Refresh. ● Clear dynamic MAC address: Click Clear Dynamic MAC. ● Search for MAC address and port: Enter the MAC address or port number on the upper-right corner, and then click Search.
5 PoE Management 5.1 Configuring PoE Settings Select PoE Management > PoE Settings, you can configure power settings, power status, port status and control. Step 1 In Power Settings, you can set the total power of the 4 ports, and configure reserved power and alert power.
Parameter Description Unusable PoE power. Reserved power = total power – Reserved power overload power. Displays the power supply level of the terminal devices. Level The power supply level ranges from 0 through 8, and the Hi-PoE power supply standard level is displayed as 5+. Displays the current PoE power consumed by the Consumed power corresponding single port.
Parameter Description Single port boots up when the temperature of powering chip has Overheat protection exceeded the threshold. 5.4 Configuring Green PoE Set PoE off and on time. Step 1 Select PoE Management > Green PoE. Set PoE On Time and PoE Off Time. Step 2 Step 3 Click...
Figure 5-3 Legacy support 5.6 Configuring PD Alive With PD Alive enabled, you can monitor PD and keep it online, and check the status of PD devices every 60 s. If there is no data transmission, the PoE port will be automatically powered off and restarted.
6 Security 6.1 Configuring HTTPS HTTPS (Hyper Text Transfer Protocol over Secure Socket Layer) is a service entry based on Transport Layer Security (TLS). HTTPS provides web service, ONVIF access service and RTSP access service. Procedure Step 1 Select Security > HTTPS. Step 2 Click to enable HTTPS.
Step 5 (Optional) Click Enter Edit Mode to edit the Custom Name, and then click Save Config. Figure 6-2 Edit certificate Related Operations ● Download the certificate: Click ● Delete the certificate: Click 6.2.2 Installing Trusted CA Certificates Only support installing subordinate CA certificate. Procedure Step 1 Select Security >...
Step 2 Click All, and all source hosts IP/MAC are allowed to access all the device ports. Click Allowlist, and only source hosts whose IP/MAC are in the following list are allowed to access corresponding ports of the device, and then click Add to add hosts to allowlist. Figure 6-5 Add to allowlist Click Not in Allowlist, and the listed corresponding source host of IP addresses/MAC is prohibited from visiting the corresponding ports of the device by network connection, and...
Figure 6-7 Anti-DoS attack 6.4 Configuring Port Isolation Port isolation is to achieve layer 2 isolation between messages. You only need to add the port to the isolation group to isolate the layer 2 data between the ports in the isolation group. The port isolation function provides users a safer and more flexible networking solution.
7 Control Policy 7.1 Configuring Port Priority Select Control Policy > Port Priority. Step 1 Select from the Priority and Trust Mode. Step 2 Trust mode includes four types of Untrust, 802.1P, DSCP, and DSCP & 802.1P. Step 3 Click OK. Figure 7-1 Configure port priority 7.2 Configuring Priority Mapping Table Step 1...
In WRR mode, the weight ratio of the priority queue is Queue0:Queue1:Queue2:Queue3=1:2:4:8. Step 3 Click OK. 7.4 Configure Port Speed Limit Step 1 Select Control Policy > Port Speed Limit. Step 2 Click Add. Figure 7-2 Add port speed limit Step 3 Enter the Interface, Direction, and CIR.
8 Authentication 8.1 Configuring 802.1x IEEE 802.1x is the authentication standard designated by IEEE about user accessing network, and is a type of network access control protocol based on port. Therefore, the exact 802.1x authentication function must be configured on the device port, and for the user device which is accessed through the port can have control on the access on network source through authentication.
8.2 Configuring Radius RADIUS (Remote Authentication Dial-In User Service) is a common protocol to realize AAA (Authentication, Authorization and Accounting).RADIUS is an information interaction protocol of distributed and C/S construction. It can protect the network from unauthorized visits. It is used in the network that allows remote visits but requests the higher security.
Appendix 1 Cybersecurity Recommendations Cybersecurity is more than just a buzzword: it’s something that pertains to every device that is connected to the internet. IP video surveillance is not immune to cyber risks, but taking basic steps toward protecting and strengthening networks and networked appliances will make them less susceptible to attacks.
Page 43
6. Enable HTTPS We suggest you to enable HTTPS, so that you visit Web service through a secure communication channel. 7. MAC Address Binding We recommend you to bind the IP and MAC address of the gateway to the equipment, thus reducing the risk of ARP spoofing.