ProductsFeatures
Key Features and Benefits
Ø Comprehensive security control policies
• The S3100-52P offers powerful hardware ACL capability and can identify packets precisely, facilitating subsequent handling of the packets. The match rules may be based on the CoS field of the layer 2 header. They can also be classified based on the information about the data link layer, the network layer and the transport layer such as the MAC address, VLAN tag, IP protocol type, source (host/network) address, and destination (host/network) address or even based on the information about the application port number, etc.
• MAC-IP-port binding allows a device to filter packets and thus enhance security. With MAC-IP-port binding configured, a port checks whether the source MAC and IP addresses of an inbound packet is identical to the configured MAC-to-IP binding on the port. If so, it forwards the packet; otherwise, it discards the packet.
• The S3100-52P supports Centralized MAC address authentication and user authentication at the local or with RADIUS servers that are based on 802.1x or its extension. 802.1x-based user authentications can be extended to dynamically assign a VLAN based on a specific user, regardless of where they connect on the network. With 802.1x with Guest VLAN, guests are allowed access the customer’s internal network but cannot access to the Internet via the Guest VLAN.
• The S3100-52P also supports remote switched port analyzer (RSPAN), which enhancing the monitoring of the network. SSH v2 is supported and secures the sessions using standard cryptographic mechanisms, thus providing high security. Port isolation prevents visiting between the ports, effectively controls unnecessary broadcasting and increases the network security.
Ø High reliability
• The S3100-52P supports STP/RSTP/MSTP (Spanning Tree Protocol/Rapid Spanning Tree Protocol/Multiple Spanning Tree Protocol). The STP/RSTP features also support BPDU guard、Root guard、Loop guard、Edge-port and STP ignored per VLAN ,Thus the redundancy back-up and error tolerance capability of the link can be greatly improved to guarantee the network stability.
• The S3100-52P supports link-aggregation, it is a simple and cheap way to expand the bandwidth of a switch port and balance the traffic among all the ports in a link aggregation. Moreover, it enhances the connection reliability.
Ø QoS
• The S3100-52P supports bidirectional port rate-limiting with the granularity of 64 Kbps, supporting finer bandwidth allocation. Port Mirroring is supported, when this function is applied, data packets on a mirroring port are copied to its monitor port for network test and troubleshooting.
• The S3100-52P supports the queue scheduling algorithms of Weighted Round Robin (WRR) and High-priority Queuing + WRR (HQ+WRR).On a switch of the S3100-52P, each port supports 8 output queues. The port flow control is used by the S3100-52P to reduce congestion on the network.
• The S3100-52P supports 3 priority criteria: IP-precedence priority, differentiated services codepoint priority (DSCP), and 802.1p priority. Customers can add packets to the output queue according to a priority criterion as needed.
Ø Diversified management modes and maintenance
• The S3100-52P can support SNMP v1/v2/v3 and can be managed by H3C iMC NMS. They also support CLI, Web network management, Telnet to facilitate the equipment management.
• VCT (Virtual Cable Test) is supported, which is convenient for troubleshooting. Customers can start the VCT function to make the system test the cable connected to the current electrical Ethernet port. The test items include: whether short or open circuit exists in the Rx/Tx direction of the cable, and what is the length of the cable in normal status or the length from the port to the fault point of the cable.
• After enabling HGMP V2, the network administrator can manage several member switches through one command switch and only the command switch need a public network IP address, it can save public IP address greatly and manage the network more efficiently.
