Secure Networks Policy Support

Switch Configuration Using CLI Commands

The CLI commands enable you to perform more complete switch configuration management tasks.

For CLI command set information and how to configure the module, refer to the Enterasys Matrix DFE‐Gold Series Configuration Guide.

Secure Networks Policy Support

Policy Enabled Networking manages the allocation of networking infrastructure resources in a secure and effective manner. Using Secure Networks Policy, an IT Administrator can predictably assign appropriate resources to the Users, Applications, and Services that use the network; while blocking or containing access for inappropriate or potentially dangerous network traffic. Using this technology it is possible, for the first time, to align IT services with the needs of specific users and applications, and to leverage the network as a key component of the organization’s security strategy.

The Secure Networks Policy Architecture consists of 3 components: Classification Rules, Network Services, and Behavioral Profiles. These are defined as follows:

Classification Rules determine how specific traffic flows (identified by Layer 2, Layer 3, and Layer 4 information in the data packet) are treated by each Switch or Router. In general, Classification Rules are applied to the networking infrastructure at the network edge/ingress point.

Network Services are logical groups of Classification Rules that identify specific networked applications or services. Users may be permitted or denied access to these services based on their role within the organization. Priority and bandwidth rate limiting may also be controlled using Network Services.

Behavioral Profiles (or roles) are used to assign Network Services to groups of users who share common needs–for example Executive Managers, Human Resources Personnel, or Guest Users. Access, resources, and security restrictions are applied as appropriate to each Behavioral Profile. A variety of authentication methods including 802.1X, EAP‐TLS, EAP‐TTLS, and PEAP may be used to classify and authorize each individual user; and the IT Administrator may also define a Behavioral Profile to apply in the absence of an authentication framework.

Standards Compatibility

The DFE modules are fully compliant with the IEEE 802.3‐2002, 802.3ae‐2002, 802.1D‐ 1998, 802.3af‐2003, and 802.1Q‐1998 standards. The DFE modules provides IEEE

802.1D‐1998 Spanning Tree Algorithm (STA) support to enhance the overall reliability of the network and protect against “loop” conditions.

1-8 Introduction

Page 27 Page 29
Page 28
Image 28
Enterasys Networks 4G4205-72, 4G4285-49 manual Secure Networks Policy Support, Standards Compatibility
Page 27 Page 29

4G4205-72, 4G4285-49 specifications

Enterasys Networks is a distinguished name in the realm of networking solutions, offering a variety of high-performance switches and routers designed for enterprise environments. Among their impressive lineup, the 4G4285-49 and 4G4205-72 models stand out for their advanced capabilities and robust features that cater to the demanding needs of modern IT infrastructure.

The Enterasys 4G4285-49 is a high-density Layer 3 switch that provides exceptional performance and reliability. It is equipped to handle the increasing data traffic common in enterprise networks, facilitating enhanced throughput and reduced latency. This model features 48 Gigabit Ethernet ports, ideal for connecting a vast array of devices within a network, along with one or two 10 Gigabit SFP+ uplink ports, ensuring fast data transmission to other network segments.

On the other hand, the 4G4205-72 is specifically designed as a versatile access switch with 24 Gigabit Ethernet ports and an additional 4 SFP+ uplink ports. This configuration makes it perfect for connecting endpoints like computers, printers, and other network devices while also providing scalability for future expansion.

Both models leverage advanced technologies such as Virtual LAN (VLAN) support, which helps in segmenting network traffic for better performance and security. Quality of Service (QoS) features are integrated, allowing administrators to prioritize critical applications and ensure optimal performance during high traffic periods. Additionally, security protocols like Access Control Lists (ACLs) and port security measures safeguard the network against unauthorized access.

The Enterasys 4G4285-49 and 4G4205-72 also support advanced management capabilities. With intuitive web-based interfaces and support for SNMP (Simple Network Management Protocol), IT teams can efficiently monitor network performance and troubleshoot issues as they arise.

In terms of build quality, both models are designed for reliability, featuring robust chassis and components that withstand the rigors of a data center environment. Their energy-efficient designs also contribute to reduced operational costs, aligning with the growing demand for sustainable networking solutions.

In summary, Enterasys Networks' 4G4285-49 and 4G4205-72 models combine high performance, advanced networking technologies, and robust security features, making them ideal choices for enterprises looking to enhance their network infrastructure and manage increasing data demands effectively.
Top Page Image Contents