Enterasys Networks 2000 manual Layer-4 Switching, Security

Page 22

Features

IPX SAP – the Service Advertisement Protocol, which allows hosts attached to an IPX network to reach printers, file servers, and other services

By default, IPX routing is enabled on the XP-2000 when an IPX interface is created.

Layer-4 Switching

In addition to Layer-2 bridging and Layer-3 routing, the XP-2000 performs Layer-4 switching. Layer-4 switching is based on applications and flows.

Layer-4 applications – The XP-2000 understands the application for which an IP or IPX packet contains data and therefore enables you to manage and control traffic on an application basis. For IP traffic, the XP-2000 looks at the packet’s TCP or UDP port number to determine the application. For IPX packets, the XP-2000 looks at the destination socket to determine the application.

Layer-4 flows – The XP-2000 can store Layer-4 flows in each expansion module. A Layer-4 flow consists of the source and destination addresses in the IP or IPX packet combined with the TCP or UDP source and destination port number (for IP) or the source and destination socket (for IPX). You can therefore manage and control individual flows between hosts on an individual application basis.

A single host can have many individual Layer-4 entries in the XP-2000. For example, an IP host might have separate Layer-4 application entries for email, FTP, HTTP, and so on, or separate Layer- 4 flow entries for specific email destinations and for specific FTP and Web connections.

Security

The bridging, routing, and application (Layer-2, Layer-3, and Layer-4) support described in previous sections enables you to implement security filters that meet the specific needs of your organization. You can implement the following types of filters to secure traffic on the XP-2000:

Layer-2 source filters (block bridge traffic based on source MAC address)

Layer-2 destination filters (block bridge traffic based on destination MAC address)

Layer-2 flow filters (block bridge traffic based on specific source-destination pairs)

Layer-3 source filters (block IP or IPX traffic based on source IP or IPX address)

Layer-3 destination filters (block IP or IPX traffic based on destination IP or IPX address)

Layer-3 flow filters (block IP or IPX traffic based on specific source-destination pairs)

Layer-4 application filters (block traffic based on UDP or TCP source and destination ports for IP or source and destination sockets for IPX)

6

Enterasys X-Pedition 2000 Getting Started Guide

Page 21 Page 23
Image 22
Page 21 Page 23
Contents 2000 Page FCC Notice Enterasys X-Pedition 2000 Getting Started Guide Enterasys NETWORKS, INC Program License Agreement Enterasys X-Pedition 2000 Getting Started Guide Enterasys X-Pedition 2000 Getting Started Guide Vii Declaration of Conformity Contents Hardware Installation Appendix a Troubleshooting IndexContents Xii Enterasys X-Pedition 2000 Getting Started Guide Who should Read this Guide? How to Use this GuideWhat’s New If You Want To SeeGetting Help Related DocumentationFor Information About See Preface Preface Xvi Enterasys X-Pedition 2000 Getting Started Guide Chapter Features Overview SpecificationsRmon IPX RIP, SAPSnmp TCP/UDP services TCP Port UDP Port Description FeaturesTCP/UDP Services LLCPort and Protocol VLANs BridgingRouting IP Multicast Routing IP RoutingIPX Routing Layer-4 Switching SecurityManagement Platforms Quality of ServiceStatistics VlanHardware Overview ChassisExternal Controls Motherboard FeaturesBoot Flash Status LEDs LED Label DescriptionFans Power SuppliesRAM Memory Expansion Modules 10/100BASE-TX Expansion ModuleLEDs Cabling and Connector Specifications100BASE-TX expansion module LEDs 100BASE-FX Expansion Module Front panel of 100BASE-FX expansion moduleBASE-FX expansion module LEDs 1000BASE-SX Expansion ModuleBASE-SX expansion module LEDs 1000BASE-LX Expansion Module Front panel of 1000BASE-LX expansion moduleBASE-LX expansion module LEDs Dual Serial and Quad Serial C/CE Expansion Modules Front panel of Dual Serial WAN expansion moduleDual Serial and Quad Serial C/CE WAN expansion module LEDs Dual Hssi Line Card Port Type SpecificationHssi LED Page Safety Considerations Preventing InjuryXP-2000 physical and environmental specifications Hardware SpecificationsInstalling the Hardware Preventing Equipment DamageVerifying Your Shipment Table-Top Installation Installing the ChassisRack Mount Installation Installing the XP-2000 chassis in an equipment rack Connecting Power to the Chassis Installing an Expansion ModuleInstalling the new face plate view from inside chassis Front of XP-2000 Attaching the Console Management Cables Nteras ys Net worksConnecting to the Serial Port Plugging into the XP-2000’s serial DB-9 DCE portConnecting to the 10/100Base-TX Port Plugging into the XP-2000’s 10/100Base-TX portAttaching Port Cables RXD receive data TXD transmit dataPlugging an ethernet cable into a 10/100BASE-TX port 100BASE-TX RJ-45 connector 1000BASE-SX and 1000BASE-LX Expansion Modules LFH-60 high density connector pin assignments Pin Signal P2GND P1TXCA P2CTSB P1RXCA P1GND P1TXDBP2SCTEB P1LLA P2RXCA P1GND P2SCTEA P1SHIELD Pin Signal Pin Hssi connector Page Chapter Firmware Installation Setup Powering On and Booting the FirmwareStarting the Command Line Interface Access ModesBasic Line Editing Commands Some commonly used CLI commands Key sequence CommandSetting Basic System Information Here is an exampleEnter yes or y to activate the changes Setting Up Snmp Community Strings Enter the copy active to startup commandSetting Up Snmp Community Strings READ-WRITE Setting Up Passwords Xp-1#system show active-configSetting the DNS Domain Name and Address Xp-1#pingSetting Syslog Parameters System set dns server IP-address IP-address IP-addressSetting Syslog Parameters Ping IP-addr Loading System Image Firmware System image add IPaddr-of-TFTP-host image-file-name Enter the system image list command to verify the change Loading Boot Prom Firmware Xp-1#system promimage upgrade 10.50.11.12 prom2Upgrading the VFS Activating the Configuration Commands in the Scratchpad Viewing the Current ConfigurationCommand like stp enable et.*.* would be displayed as follows Appendix a Troubleshooting If you experience this difficulty Try this remedyUse the procedure in Activating the Configuration Appendix B Technical Support Getting Help Numerics DvmrpIPX SAP IgmpNvram Layer-4 flow 6 services User mode VLANs UDPIndex Enterasys X-Pedition 2000 Getting Started Guide
Related manuals
Manual 188 pages 39.25 Kb

2000 specifications

Enterasys Networks, a key player in the networking space in 2000, was renowned for its innovative solutions that combined high-performance networking with robust security features. Founded with the vision of providing enterprise-level networking infrastructure, Enterasys positioned itself to cater to the growing demands of business networks during the dot-com boom.

One of the main features of Enterasys Networks was its focus on delivering secure, scalable networking solutions that could seamlessly integrate with existing enterprise systems. The company developed a range of products including switches, routers, and wireless solutions that were designed to optimize performance while ensuring security at every layer. Their core offerings provided businesses with the reliability required to handle increasing volumes of data traffic.

A standout technology of Enterasys was its identity and access management solutions. These technologies allowed organizations to control who could access network resources and under what conditions. This was particularly crucial in a time when cyber threats were on the rise, and businesses were becoming more aware of the need for strict network security protocols. The features included role-based access control and authentication measures, which were fundamental in safeguarding sensitive information.

Enterasys also introduced intelligent networking features, which enabled dynamic traffic management and prioritization. This technology helped organizations optimize their network performance by automatically adjusting to changing workload demands. Such capabilities were essential for businesses relying on bandwidth-intensive applications and services.

The company also embraced the rising trend of wireless networking, providing solutions that combined wired and wireless technologies for a unified experience. Enterasys Wireless LAN solutions were groundbreaking at the time, offering seamless connectivity and security to mobile devices, thereby enhancing productivity and flexibility within enterprise environments.

In addition to hardware, Enterasys developed network management software that simplified the administration of complex networks. This software enabled IT professionals to monitor performance, troubleshoot issues, and implement security policies efficiently.

Overall, Enterasys Networks in 2000 was characterized by its commitment to delivering secure, intelligent networking solutions that catered to the needs of modern enterprises. With its innovative technologies and features, Enterasys played a significant role in shaping the networking landscape, laying the groundwork for future advancements in network security and management.
Top Page Image Contents