Chapter 5

Configuration Using the Web-based Utility

Security > Storm Control

The Storm Control screen is used to configure broadcast and multicast storm control.

Security > Storm Control

Storm Control enables limiting the amount of Multicast and Broadcast frames accepted and forwarded by the Switch. A Broadcast Storm results when an excessive amount of broadcast messages is simultaneously transmitted across a network by a single port. Forwarded message responses are heaped onto the network, straining network resources or causing the network to time out.

To enable Storm Control on a port, you specify the packet type (broadcast/multicast) and maximum transmission rate. The system measures the incoming Broadcast and Multicast frame rates separately on each port and discards frames when the rate exceeds the specified maximum.

Interface  Select the unit number and port from which storm control is enabled.

Broadcast Control  Select the checkbox to apply Broadcast control on the selected interface. Broadcast control limits the amount of Broadcast packet types to be forwarded. The default is not selected (disabled).

Mode  Specifies the Broadcast mode currently enabled on the device. The possible values are:

Multicast & Broadcast  Counts Broadcast and Multicast traffic together.

Broadcast Only  Counts only Broadcast traffic.

Rate Threshold  The maximum rate (packets per second) at which unknown packets are forwarded. The ranges are 70 kbps to 100 Mbps for FE ports, and 3.5 to 100 Mbps for GE ports. The default value is 3500 kbps.

The Update button adds the Storm Control settings to the Storm Control table at the bottom of the screen.

Security > RADIUS

The RADIUS screen is used to configure a Remote Authorization Dial-In User Service (RADIUS) server for user authentication.

Security > RADIUS

RADIUS servers provide additional security for networks by providing a centralized authentication method for web access. Up to eight RADIUS servers can be configured. The Switch attempts authentication using the listed sequence of servers. The process ends when a server either approves or denies access to a user.

IP Address  Enter the IP address of the authentication server.

Priority  The server priority. The possible values are 0 to 65535, where 0 is the highest priority. This priority determines the order in which RADIUS servers are queried when more than one RADIUS server is configured. The default priority is 0.

Authentication Port  Enter the authentication port. The authentication port is used to verify the RADIUS server authentication. The default value is 1812.

Number of Retries  Defines the number of transmitted requests sent to RADIUS server before a failure occurs. The possible values are 1 to 10. The default is 3.

Timeout for Reply  Defines the amount of the time in seconds the device waits for an answer from the RADIUS server before retrying the query, or switching to the next server. The possible values are 1 to 30. The default is 3.

Dead Time  Defines the amount of time (minutes) that a RADIUS server is bypassed for service requests. The range is 0 to 2000. The default is 0 minutes.

Key String  Defines the default key string used to authenticate and encrypt all RADIUS communications between the device and the RADIUS server. This key must match the RADIUS encryption.

Source IP Address  Defines the source IP address that is used for communication with RADIUS servers.

24/48-Port 10/100 + 4-Port Gigabit Resilient Clustering Smart Switch with 2 Combo SFPs

31

Page 37
Image 37
Linksys SLM224G4S manual Security Storm Control, Security Radius, Broadcast Only Counts only Broadcast traffic

SLM224G4S specifications

The Linksys SLM224G4S is a sophisticated Layer 2 managed switch designed for businesses and institutions that demand high performance, reliability, and advanced networking features. This model stands out due to its blend of robustness and manageability, making it ideal for expanding networks.

One of the primary features of the SLM224G4S is its 24 Gigabit Ethernet ports, allowing for high-speed data transfers essential for bandwidth-intensive applications. Supporting auto-negotiation, these ports can detect the capabilities of connected devices and configure themselves accordingly, ensuring optimal performance without manual intervention. With four additional shared Gigabit SFP (Small Form-factor Pluggable) ports, this switch provides flexibility in network design and enhances scalability.

The SLM224G4S supports VLAN (Virtual Local Area Network) capabilities, which can segment network traffic to improve security and performance. This is particularly useful in environments where different departments or teams require distinct network segments for operational efficiency. By implementing VLANs, organizations can enhance their network management while isolating sensitive information from potential threats.

Quality of Service (QoS) is another critical technology integrated into the SLM224G4S. It prioritizes network traffic, ensuring that critical applications receive the bandwidth they need for optimal performance. This is particularly important for VoIP and video conferencing applications, where latency and jitter can significantly impact user experience.

The switch also features advanced Layer 2 management functionalities, including SNMP (Simple Network Management Protocol), allowing IT administrators to monitor network performance and quickly troubleshoot issues. The embedded web-based management interface makes configuration straightforward, enabling quick adjustments to settings without deep networking knowledge.

Security is a paramount consideration in today’s networking landscape. The SLM224G4S provides robust security features, including port security that limits the number of MAC addresses allowed on a port, reducing the risk of unauthorized access. Moreover, it supports802.1X port-based authentication, ensuring that only authenticated devices can connect to the network.

In summary, the Linksys SLM224G4S managed switch boasts features such as 24 Gigabit Ethernet ports, VLAN support, QoS, SNMP management, and advanced security protocols. These characteristics make it an excellent choice for businesses looking to enhance their network's performance, safety, and reliability, paving the way for seamless connectivity in today’s digital age.