Advertisement
•
The S5700-LI provides a series of mechanisms to defend against DoS attacks and user-targeted attacks.
DoS attacks are targeted at switches and include SYN flood, Land, Smurf, and ICMP flood attacks. User-
targeted attacks include bogus DHCP server attacks, IP/MAC address spoofing, DHCP request flood, and
changing of the DHCP CHADDR value.
•
The S5700-LI collects and maintains information about access users, such as IP addresses, MAC
addresses, IP address leases, VLAN IDs, and interface numbers in a DHCP snooping binding table. In this
way, IP addresses and access interfaces of DHCP users can be tracked. You can specify DHCP snooping
trusted and untrusted ports to ensure that users connect only to the authorized DHCP server.
•
The S5700-LI supports strict ARP learning. This feature prevents ARP spoofing attackers from exhausting
ARP entries so that users can connect to the Internet normally.
Easy operation and maintenance
•
The S5700-LI supports Huawei EasyOperation, a solution that provides zero-touch deployment,
replacement of faulty devices without additional configuration, USB-based deployment, batch
configuration, and batch remote upgrade. The EasyOperation solution facilitates device deployment,
upgrade, service provisioning, and other management and maintenance operations, and also greatly
reduces costs of operation and maintenance. The S5700-LI can be managed and maintained using
Simple Network Management Protocol (SNMP) V1, V2, and V3, command line interface (CLI), web-
based network management system, or Secure Shell (SSH) V2.0. Additionally, it supports remote network
monitoring (RMON), multiple log hosts, port traffic statistics collection, and network quality analysis that
helps with network consolidation and reconstruction.
•
The S5700-LI can use the General VLAN Registration Protocol (GVRP) to implement dynamic distribution,
registration, and propagation of VLAN attributes. GVRP reduces manual configuration workload and
ensures correct configuration. Additionally, the S5700-LI supports MUX VLAN, which involves a principal
VLAN and multiple subordinate VLANs. Subordinate VLANs are classified into group VLANs and separate
VLANs. Ports in the principal VLAN can communicate with ports in subordinate VLANs. Ports in a
subordinate group VLAN can communicate with each other, whereas ports in a subordinate separate
VLAN can communicate only with ports in the principal VLAN.
iStack
•
The S5700-LI supports intelligent stack (iStack). This technology combines multiple switches into a logical
switch. Member switches in a stack implement redundancy backup to improve device reliability and use
inter-device link aggregation to improve link reliability. iStack provides high network scalability. You can
increase ports, bandwidth, and processing capacity of a stack by simply adding member switches to
the stack. iStack also simplifies device configuration and management. After a stack is set up, multiple
physical switches are virtualized into one logical device. You can log in to any member switch in the stack
to manage all the member switches in the stack.
Excellent network traffic analysis
•
The S5700-LI supports the sFlow function. It uses a method defined in the sFlow standard to sample
traffic passing through it and sends sampled traffic to the collector in real time. The collected traffic
statistics are used to generate statistical reports, helping enterprises maintain their networks.
Innovative built-in battery
•
The S5700-LI-BAT is the industry's first switch model that supports internal lithium batteries as a backup
power supply. It ensures uninterrupted services in situations where power failures frequently occur at the
access layer. The S5700-LI-BAT has the following advantages:
–
In the event of a mains power failure the battery can power the switch, so services will not be
interrupted.
5
Advertisement
