ports may have one of these two features enabled and finally the last group of ports which may have no security at all.

Details of configuring security features are described in 7.11.2, ªConfiguring the Security Moduleº on page 124.

7.11.1 Operation of Security Card

When transmitting a packet, the 8260 Ethernet modules will use either method 2 or method 3 as described in 2.2, ªEthernet Segments on the Backplaneº on page 15 for communication across the backplane. In both these methods:

1.The data packet will be transmitted over the Data In NRZ pin and

2.The slot ID and port ID are transmitted in serial over the Serial ID pin

The E-SEC card will listen to the transmitted packets over Data In NRZ pin. Since each Ethernet packet carries the source and the destination address of the communicating stations, by monitoring the contents of the transmitted packets over the Data In NRZ pin, the E-SEC card learns who the packet is coming from and who the intended recipient is. The E-SEC card also monitors the Serial ID pin, which allows it to learn which port is sending the transmitted packet. The monitoring of these two pins, allows the E-SEC card to learn the following:

Source address of the packet

Destination address of the packet

The port transmitting the packet

This information, in conjunction with the contents of the network security address table allows the E-SEC card to perform both intrusion and eavesdropping protection.

The following sections describe the theory of operation for each security feature.

7.11.1.1 Intrusion Protection

When performing intrusion protection on a port, the E-SEC card will check the source address of the packet and its port ID against the network security address table entries. If a match is found, the transmitting station is an authorized user. If no match is found, the transmitting station is not authorized to transmit on the network. Once the E-SEC card has determined the authorization of the transmitting station, it immediately sends a security message to all the media modules attached to that network segment protected by the E-SEC card. This security message will instruct the media modules to either pass or jam the transmitted packet on their ports.

Note: The security message is sent on a per packet basis to all the 8260 ports in the hub which are attached to the segment to which the E-SEC card is assigned. The security message will be sent on the Serial ID pin.

When doing intrusion protection only, the same security signal (pass or jam) will be sent to all the ports. If the transmitting station is authorized, the security message will instruct all the media ports to pass the transmitted packet to the stations attached to them. If the transmitting station is not authorized, the security message will instruct all the other ports to jam the transmitted packet.

When the jamming signal is received by an 8620 module for a port, the module will transmit a packet consisting of 0s and 1s (instead of the actual packet) to the

122 8260 Multiprotocol Intelligent Switching Hub

Page 144
Image 144
IBM 8260 manual Operation of Security Card, Intrusion Protection

8260 specifications

The IBM 8260 is a significant entry in the realm of enterprise servers, recognized for its performance, scalability, and robust features designed to cater to demanding business environments. It primarily serves as a high-capacity server for large organizations, capable of handling extensive workloads and complex applications without compromising speed or efficiency.

One of the standout features of the IBM 8260 is its powerful processing capabilities. It typically comes equipped with multiple processor units based on the IBM POWER architecture, which is renowned for its high-performance computing. This architecture allows the server to execute numerous simultaneous tasks, making it ideal for environments that require multitasking and high throughput.

Memory capacity is another key characteristic of the IBM 8260. Depending on the specific configuration, it can support substantial amounts of RAM, ensuring that applications can run effectively without the bottlenecks often associated with data-intensive tasks. This is crucial for enterprises that rely on real-time data analytics, large database management, and resource-heavy applications.

In terms of storage, the IBM 8260 offers flexible options. It supports a variety of storage solutions, including solid-state drives (SSDs) and traditional hard drives, catering to different performance and capacity needs. This scalability in storage helps organizations manage their data effectively while ensuring quick access and retrieval times.

Connectivity is also a prominent feature of the IBM 8260. The server includes advanced networking capabilities, supporting various protocols and technologies that facilitate fast data transfer and communication between devices. This enhances overall network performance, essential for businesses that depend on cloud computing and distributed computing environments.

Additionally, the IBM 8260 is designed with a focus on reliability and availability. It incorporates redundant components, such as power supplies and cooling systems, minimizing the risk of downtime. This is critically important for enterprises that require continuous availability of services.

The server’s management features are also noteworthy. IBM provides a suite of management tools that allow IT administrators to monitor performance, configure hardware settings, and troubleshoot issues seamlessly. This ease of management is bolstered by automation capabilities, enabling organizations to enhance operational efficiency.

In conclusion, the IBM 8260 stands out in the competitive server landscape due to its high processing power, extensive memory and storage options, advanced connectivity, reliability features, and robust management tools. Such attributes make it a viable choice for organizations seeking to enhance their IT infrastructure and streamline their operations effectively.