HP 4800G Series Configuration Manual page 17

Features
Portal
Port Security
IP Source Guard
SSH2.0
PKI
SSL
Public Key
Configuration
ACL
ARP Attack Protection
Portal authentication, as its name implies, helps control access to the
Internet. This document describes:
Portal overview
Portal configuration
Port security is a MAC address-based security mechanism for network
access controlling. It is an extension to the existing 802.1X authentication
and MAC authentication. This document describes:
Enabling Port Security
Setting the Maximum Number of Secure MAC Addresses
Setting the Port Security Mode
Configuring Port Security Features
Configuring Secure MAC Addresses
Ignoring Authorization Information from the Server
By filtering packets on a per-port basis, IP source guard prevents illegal
packets from traveling through, thus improving the network security. This
document describes:
Configuring a Static Binding Entry
Configuring Dynamic Binding Function
SSH ensures secure login to a remote device in a non-secure network
environment. By encryption and strong authentication, it protects the
device against attacks. This document describes:
Configuring Asymmetric Keys
Configuring the Device as an SSH Server
Configuring the Device as an SSH Client
Configuring an SFTP Server
Configuring an SFTP Client
The Public Key Infrastructure (PKI) is a hierarchical framework designed
for providing information security through public key technologies and
digital certificates and verifying the identities of the digital certificate
owners. This document describes PKI related configuration.
Secure Sockets Layer (SSL) is a security protocol providing secure
connection service for TCP-based application layer protocols, this
document describes SSL related configuration.
This document describes Public Key Configuration.
An ACL is used for identifying traffic based on a series of preset matching
criteria. This document describes:
ACL overview and ACL types
ACL configuration
Currently, ARP attacks and viruses are threatening LAN security. The
device can provide multiple features to detect and prevent such attacks.
This document describes:
Configuring ARP Defense Against IP Packet Attacks
Configuring ARP Packet Rate Limit
Configuring Source MAC Address Based ARP Attack Detection
Configuring ARP Packet Source MAC Address Consistency Check
Configuring ARP Active Acknowledgement
Configuring ARP Detection
2-9
Description