DGS-3700-12/DGS-3700-12G Series Layer 2 Gigabit Ethernet Switch User Manual

 

 

 

 

 

 

Parameter

Description

 

 

 

 

 

 

Rising Threshold

Used to configure the acceptable level of CPU utilization before the Safeguard Engine

 

 

 

mechanism is enabled. Once the CPU utilization reaches this percentage level, the Switch

 

 

 

will move into the Exhausted state.

 

 

 

 

 

 

Falling Threshold

Used to configure the acceptable level of CPU utilization as a percentage, where the Switch

 

 

 

leaves the Exhausted state and returns to normal mode.

 

 

 

 

 

 

Trap/log

Use the pull-down menu to enable or disable the sending of messages to the device’s SNMP

 

 

 

agent and switch log once the Safeguard Engine has been activated by a high CPU utilization

 

 

 

rate.

 

 

 

 

 

 

Mode

Toggle the State field to either Strict or Fuzzy for the Safeguard Engine of the Switch.

 

Click Apply to implement the settings made.

Trusted Host

Use the Security IP Management to permit remote stations to manage the Switch. If you choose to define one or more designated management stations, only the chosen stations, as defined by IP address, will be allowed management privilege through the web manager or Telnet session. To define a management station IP setting, type in the IP address with a proper subnet mask and click the Add button.

To view this window, click Security > Trusted Host as shown below:

Figure 5 - 3 Trusted Host window

To delete an entry click the corresponding Delete button.

IP-MAC-Port Binding

The IP network layer uses a four-byte address. The Ethernet link layer uses a six-byte MAC address. Binding these two address types together allows the transmission of data between the layers. The primary purpose of IP-MAC binding is to restrict the access to a switch to a number of authorized users. Only the authorized client can access the Switch’s port by checking the pair of IP-MAC addresses with the pre-configured database, or when DHCP snooping is enabled, the switch will automatically learn the IP/MAC pairs by snooping DHCP packets and saving them to the IMPB white list. If an unauthorized user tries to access an IP-MAC binding enabled port, the system will block the access by dropping its packet. For the DGS-3700 Series, active and inactive entries use the same database. The maximum entry number is 511. The creation of authorized users can be manually configured by CLI or Web. The function is port- based, meaning a user can enable or disable the function on the individual port.

The IP-MAC-Port Binding folder contains five windows: IMP Binding Global Settings, IMP Binding Port Settings, IMP Binding Entry Settings, DHCP Snooping Entries, and MAC Block List.

IMP Binding Global Settings

This window is used to enable or disable the ACL mode, Trap Log State and DHCP Snoop state on the switch. When the user enables the ACL Mode for IP-MAC Binding it will create two Access Profile Entries on the Switch. The Trap/Log field will enable and disable the sending of trap log messages for IP-MAC binding. When enabled, the

147

Page 157 Page 159
Page 158
Image 158
D-Link DGS-3700 user manual Trusted Host, IP-MAC-Port Binding, IMP Binding Global Settings
Page 157 Page 159
Top Page Image Contents