Enhancements in Release F.05.05 through F.05.70

Enhancements in Release F.05.05 through F.05.60

The Isolated Port Groups feature originally included in release F.04.08 has been enhanced in release F.05.xx with the inclusion of two new port isolation groups (group1 and group2).

Isolated port groups provide an alternative to VLANs for isolating end nodes on your network, while simplifying network administration. This feature enables you to isolate traffic to and from specific end-node devices, which enhances security and also helps in such areas as selectively preventing internet use. There are, however, some limitations, as outlined in the "Rules of Operation", described later in this section.

Caution

The Isolated Port Groups feature is intended for rare situations where using VLANs is not possible. This feature can interfere with other switch features, and improper configuration will result in unexpected connectivity problems. Refer to “Operating Rules for Port Isolation” on page 23.

The Isolated Port Groups feature operates within the context of the individual switch. It does not restrict free communication on the designated uplink port(s) to other devices on the network. A node connected to any type of port (group1, group2, private, etc.) on one Series 2500 switch can communicate with a node connected to any type of port (group1, group2, private, etc.) on another Series 2500 switch if the two switches are connected through their uplink ports.

Options for Isolated Port Groups

Using Isolated Port Groups, you can control traffic between ports on the switch by assigning an appropriate port type to each port. The options include:

Uplink (the default)

Group2

Public

Private

Group1

Local

When you configure isolated port groups on a switch, traffic is allowed to move between the switch ports as described in table 2 and shown in figure 7, both below.

21