HP 7500 Quickspecs page 6

QuickSpecs
Overview
Virtual Private LAN Service (VPLS): establishes point-to-multipoint Layer 2 VPNs across a provider network
Service loopback: allows any module to take advantage of higher-featured modules, including OAA modules, by redirecting
traffic; reduces investment and enables higher bandwidth and load sharing; supports IPv6, IPv6 multicast, tunneling, and MPLS
Security
Access control list (ACL): supports powerful ACLs for both IPv4 and IPv6; ACLs are used for filtering traffic to prevent
unauthorized users from accessing the network, or for controlling network traffic to save resources; rules can either deny or
permit traffic to be forwarded; rules can be based on a Layer 2 header or a Layer 3 protocol header; rules can be set to operate
on specific dates or times
Remote Authentication Dial-In User Service (RADIUS)
eases switch security access administration by using a password authentication server
Terminal Access Controller Access-Control System (TACACS+)
is an authentication tool using TCP with encryption of the full authentication request that provides additional security
Switch management logon security: helps secure switch CLI logon by optionally requiring either RADIUS or TACACS+
authentication
Secure Shell (SSHv2): uses external servers to securely log in to a remote device; with authentication and encryption, it protects
against IP spoofing and plain-text password interception; increases the security of Secure FTP (SFTP) transfers
Dynamic Host Configuration Protocol (DHCP) snooping: ensures DHCP clients receive IP addresses from authorized DHCP
servers and maintains a list of DHCP entries for trusted ports; prevents users from receiving fake IP addresses and reduces ARP
attacks, improving security
IP source guard: filters packets on a per-port basis to prevent illegal packets from being forwarded
ARP attack protection: protects from attacks using a large number of ARP requests with a host-specific, user-selectable
threshold
Port security: allows access only to specified MAC addresses, which can be learned or specified by the administrator
IEEE 802.1X support
provides port-based user authentication with support for Extensible Authentication Protocol (EAP) MD5, TLS, TTLS, and PEAP
with choice of AES, TKIP, and static or dynamic WEP encryption for protecting wireless traffic between authenticated clients and
the access point
Media access control (MAC) authentication: provides simple authentication based on a user's MAC address; supports local or
RADIUS-based authentication
Multiple user authentication methods:
IEEE 802.1X: is an industry-standard method of user authentication using an IEEE 802.1X supplicant on the client in
conjunction with a RADIUS server
Web-based authentication: is similar to IEEE 802.1X and provides a browser-based environment to authenticate clients
that do not support the IEEE 802.1X supplicant
MAC-based authentication: authenticates the client with the RADIUS server based on the client's MAC address
DHCP protection: blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks
Endpoint Admission Defense (EAD): provides security policies to users accessing a network
Port isolation: secures and adds privacy, and prevents malicious attackers from obtaining user information
Convergence
LLDP-MED (Media Endpoint Discovery): is a standard extension of LLDP that stores values for parameters such as QoS and VLAN
to automatically configure network devices such as IP phones
Multicast Source Discovery Protocol (MSDP): is used for inter-domain multicast applications, allowing multiple PIM-SM
domains to interoperate
Internet Group Management Protocol (IGMP):is used by IP hosts to establish and maintain multicast groups; supports IGMPv1,
v2, and v3; utilizes Any-Source Multicast (ASM) or Source-Specific Multicast (SSM) to manage IPv4 multicast networks
Protocol Independent Multicast (PIM): is used for IPv4 and IPv6 multicast applications; supports PIM Dense Mode (PIM-DM),
DA - 13805 North America — Version 29 — December 9, 2013
HP 7500 Switch Series
Page 6