Access control lists, Port configuration, Port mirroring – Microsens MS453490M Management Guide User Manual

C

HAPTER

1

| Introduction

Description of Software Features

– 51 –

A

CCESS

C

ONTROL

L

ISTS

ACLs provide packet filtering for IP frames (based on address, protocol,

TCP/UDP port number or TCP control code) or any frames (based on MAC

address or Ethernet type). ACLs can by used to improve performance by

blocking unnecessary network traffic or to implement security controls by

restricting access to specific network resources or protocols.

P

ORT

C

ONFIGURATION

You can manually configure the speed and duplex mode, and flow control

used on specific ports, or use auto-negotiation to detect the connection

settings used by the attached device. Use the full-duplex mode on ports

whenever possible to double the throughput of switch connections. Flow

control should also be enabled to control network traffic during periods of

congestion and prevent the loss of packets when port buffer thresholds are

exceeded. The switch supports flow control based on the IEEE 802.3x

standard (now incorporated in IEEE 802.3-2002).

P

ORT

M

IRRORING

The switch can unobtrusively mirror traffic from any port to a monitor port.

You can then attach a protocol analyzer or RMON probe to this port to

perform traffic analysis and verify connection integrity.

P

ORT

T

RUNKING

Ports can be combined into an aggregate connection. Trunks can be

manually set up or dynamically configured using Link Aggregation Control

Protocol (LACP – IEEE 802.3-2005). The additional ports dramatically

increase the throughput across any connection, and provide redundancy by

taking over the load if a port in the trunk should fail. The switch supports

up to 12 trunks.

R

ATE

L

IMITING

This feature controls the maximum rate for traffic transmitted or received

on an interface. Rate limiting is configured on interfaces at the edge of a

network to limit traffic into or out of the network. Traffic that falls within

the rate limit is transmitted, while packets that exceed the acceptable

amount of traffic are dropped.

S

TORM

C

ONTROL

Broadcast, multicast and unknown unicast storm suppression prevents

traffic from overwhelming the network.When enabled on a port, the level of

broadcast traffic passing through the port is restricted. If broadcast traffic

rises above a pre-defined threshold, it will be throttled until the level falls

back beneath the threshold.

S

TATIC

A

DDRESSES

A static address can be assigned to a specific interface on this switch.

Static addresses are bound to the assigned interface and will not be

moved. When a static address is seen on another interface, the address will

be ignored and will not be written to the address table. Static addresses

can be used to provide network security by restricting access for a known

host to a specific port.