7.11 8260 Ethernet Security Daughter Card

The 8260 Ethernet Security Card (E-SEC) is a daughter card that allows you to provide security on any Ethernet network to which this card is attached. You can install this card on any Ethernet media module or the 8260 DMM with Ethernet Carrier (EC-DMM).

Note

Security features provided by this card are only applicable to the Ethernet ports on the 8260 modules. Therefore, this card cannot be used to provide security for the Ethernet ports on the 8250 modules installed on your 8260, even if they are assigned to the Ethernet network protected by the Ethernet security card.

Once assigned to an Ethernet network, the E-SEC card can be used to provide the following security features for that network:

Intrusion protection

This feature allows only the authorized users for each port to transmit data on that port. If an unauthorized user is detected on a port, the E-SEC card may be configured to perform one or more of the following:

Report the time and port on which the intrusion took place along with the MAC address of the intruder.

Jam the intruders port so that the intruder is not able to exchange data with the other stations on the network.

Disable the port to which the intruder is connected.

Authorized users on each port are known to the E-SEC card via the network security address table. The contents of this table can be created and/or modified using manual and/or auto-learningprocedures as described in 7.11.2, ªConfiguring the Security Moduleº on page 124.

Each entry in the network security address table contains the 8260 slot and port number as well as the MAC address of the station authorized to transmit data on that port. You may define as many authorized users as you wish for each port. However, the total number of users defined for each network, that is the total number of entries allowed in the network security address table is limited to 1,000 entries.

Note: When performing intruder protection, you may configure the E-SEC card to either check only the MAC address of the sending adapter, or both the MAC address and the port to which the sending station is attached.

Eavesdropping protection

This feature prevents unauthorized users from examining the contents of packets destined for another port by preventing all the nodes except the intended recipient from receiving the packets transmitted on the network. This enables you to ensure that unauthorized network tracing tools will not be able to listen and trace the network traffic.

Note that the eavesdropping and intrusion protection functions can be enabled or disabled separately for each port. Also, various ports on a single network may have different security settings. For example, in a single network, some ports may have both eavesdropping and intrusion protection enabled, while other

Chapter 7. 8260 Ethernet Modules 121

Page 143
Image 143
IBM manual 11 8260 Ethernet Security Daughter Card

8260 specifications

The IBM 8260 is a significant entry in the realm of enterprise servers, recognized for its performance, scalability, and robust features designed to cater to demanding business environments. It primarily serves as a high-capacity server for large organizations, capable of handling extensive workloads and complex applications without compromising speed or efficiency.

One of the standout features of the IBM 8260 is its powerful processing capabilities. It typically comes equipped with multiple processor units based on the IBM POWER architecture, which is renowned for its high-performance computing. This architecture allows the server to execute numerous simultaneous tasks, making it ideal for environments that require multitasking and high throughput.

Memory capacity is another key characteristic of the IBM 8260. Depending on the specific configuration, it can support substantial amounts of RAM, ensuring that applications can run effectively without the bottlenecks often associated with data-intensive tasks. This is crucial for enterprises that rely on real-time data analytics, large database management, and resource-heavy applications.

In terms of storage, the IBM 8260 offers flexible options. It supports a variety of storage solutions, including solid-state drives (SSDs) and traditional hard drives, catering to different performance and capacity needs. This scalability in storage helps organizations manage their data effectively while ensuring quick access and retrieval times.

Connectivity is also a prominent feature of the IBM 8260. The server includes advanced networking capabilities, supporting various protocols and technologies that facilitate fast data transfer and communication between devices. This enhances overall network performance, essential for businesses that depend on cloud computing and distributed computing environments.

Additionally, the IBM 8260 is designed with a focus on reliability and availability. It incorporates redundant components, such as power supplies and cooling systems, minimizing the risk of downtime. This is critically important for enterprises that require continuous availability of services.

The server’s management features are also noteworthy. IBM provides a suite of management tools that allow IT administrators to monitor performance, configure hardware settings, and troubleshoot issues seamlessly. This ease of management is bolstered by automation capabilities, enabling organizations to enhance operational efficiency.

In conclusion, the IBM 8260 stands out in the competitive server landscape due to its high processing power, extensive memory and storage options, advanced connectivity, reliability features, and robust management tools. Such attributes make it a viable choice for organizations seeking to enhance their IT infrastructure and streamline their operations effectively.