Features, Ruggedswitch, Rs900 – RuggedCom RS900 User Manual
Page 3
www.RuggedCom.com
3
RuggedSwitch
®
RS900
RuggedSwitch
®
RS900
9-Port Managed Ethernet Switch with Fiber Optical Uplinks
ROS
®
Features
Cyber Security
Cyber security is an urgent issue in many industries where
advanced automation and communications networks play a
crucial role in mission critical applications and where high
reliability is of paramount importance. Key ROS
®
features
that address security issues at the local area network level
include:
Passwords - Multi-level user passwords secures switch
against unauthorized configuration
SSH / SSL - Extends capability of password protection
to add encryption of passwords and data as they cross
the network
Enable / Disable Ports - Capability to disable ports so
that traffic can not pass
802.1Q VLAN - Provides the ability to logically segregate
traffic between predefined ports on switches
MAC Based Port Security - The ability to secure ports on
a switch so only specific Devices / MAC addresses can
communicate via that port
802.1x Port Based Network Access Control - The ability
to lock down ports on a switch so that only authorized
clients can communicate via this port
RADIUS - Provides centralized password management
SNMPv3 - encrypted authentication and access security
The ROS
®
cyber security features are included to help
address the various industry specific security standards
such as NERC CIP, ISA S99, AGA 12, IEC 62443, ISO
17799:2005 and PCSRF SPP-ICS.
Enhanced Rapid Spanning Tree Protocol (eRSTP™)
RuggedCom eRSTP™ allows the creation of fault-
tolerant ring and mesh Ethernet networks that incorporate
redundant links that are ‘pruned’ to prevent loops. eRSTP™
yields worst-case fault recovery1 of 5ms times the ‘bridge
diameter’ and allows rings of up to 160 switches. For
example, a ring of ten switches will have fault recovery
times under 50ms. eRSTP™ implements both STP and
RSTP to ensure interoperability with commercial switches
unlike other proprietary ‘ring’ solutions.
Quality of Service (IEEE 802.1p)
Some networking applications such as real-time control
or VoIP (voice over IP) require predictable arrival times for
Ethernet frames. Switches can introduce latency in times of
heavy network traffic due to the internal queues that buffer
frames and then transmit on a first come first serve basis.
ROS
®
supports ‘Class of Service’ in accordance with IEEE
802.1p that allows time critical traffic to jump ahead to the
front of the queue thus minimizing latency and reducing
jitter to allow such demanding applications to operate
correctly. ROS
®
allows priority classification by port, tags,
MAC address, and IP type of service (ToS). A configurable
“weighted fair queuing” algorithm
controls how frames are emptied from the queues.
VLAN (IEEE 802.1Q)
Virtual local area networks (VLAN) allow the segregation
of a physical network into separate logical networks with
independent broadcast domains. A measure of security is
provided since hosts can only access other hosts on the
same VLAN and traffic storms are isolated. ROS
®
supports
802.1Q tagged Ethernet frames and VLAN trunks. Port
based classification allows legacy devices to be assigned
to the correct VLAN. GVRP support is also provided to
simplify the configuration of the switches on the VLAN.
Link Aggregation (802.3ad)
The link aggregation feature provides the ability to aggregate
several Ethernet ports into one logical link (port trunk) with
higher bandwidth. This provides an inexpensive way to set up
a high speed backbone to improve network bandwidth. This
feature is also known as “port trunking”, “port bundling”, “port
teaming”, and “Ethernet trunk”.
IGMP Snooping
ROS
®
uses IGMP snooping (Internet Group Management
Protocol v1&v2) to intelligently forward or filter multicast
traffic streams (e.g. MPEG video) to or from hosts on the
network. This reduces the load on network trunks and
prevents packets from being received on hosts that are
not involved. ROS
®
has a very powerful implementation of
IGMP snooping that:
Can be enabled on a per VLAN basis.
Detects and filters all multicast streams regardless of
whether subscribers exist.
Supports “router-less” operation by supporting an “active”
mode.
Restores traffic streams immediately after an RSTP
topology change.
SNMP (Simple Network Management Protocol)
SNMP provides a standardized method for network management
stations the ability to interrogate devices from different vendors.
SNMP versions supported by ROS
®
are v1, v2c, and v3. SNMPv3
in particular provides security features (such as authentication,
privacy, and access control) not present in earlier SNMP versions.
ROS
®
also supports numerous standard MIBs (Management
Information Base) allowing for easy integration with any network
management system (NMS).
1
eRSTP fault recovery times may be approximated as follows:
For 100 Mbps, fault recovery performance is <5ms/hop
For 1,000 Mbps, fault recovery performance is <5ms/hop + 20ms