Протоколи, які підтримуються ExtremeXOS 15.2

Комутація
  • IEEE 802.1D – 1998 Spanning Tree Protocol (STP)
  • IEEE 802.1D – 1998 Spanning Tree Protocol (STP)
  • IEEE 802.1D – 2004 Spanning Tree Protocol (STP and RSTP)
  • IEEE 802.1w – 2001 Rapid Reconfiguration for STP, RSTP
  • IEEE 802.1Q – 2003 (formerly IEEE 802.1s) Multiple Instances of STP, MSTP
  • EMISTP, Extreme Multiple Instances of Spanning Tree Protocol
  • PVST+, Per VLAN STP (802.1Q interoperable)
  • Draft-ietf-bridge-rstpmib-03.txt – Definitions of Managed Objects for Bridges with Rapid Spanning Tree Protocol
  • Extreme Standby Router Protocol™ (ESRP)
  • IEEE 802.1Q – 1998 Virtual Bridged Local Area Networks
  • IEEE 802.3ad Static load sharing configuration and LACP based dynamic configuration
  • Software Redundant Ports
  • Multi-switch Link Aggregation Groups (M-LAG)
  • IEEE 802.1AB – LLDP Link Layer Discovery Protocol
  • LLDP Media Endpoint Discovery (LLDP-MED), ANSI/TIA-1057, draft 08
  • Extreme Discovery Protocol (EDP)
  • Extreme Loop Recovery Protocol (ELRP)
  • Extreme Link State Monitoring (ELSM)
  • RFC 3619 Ethernet Automatic Protection Switching (EAPS) Version 1 and Version 2
  • RFC 3619 Ethernet Automatic Protection Switching (EAPS) Version 1 and Version 2

Керування та аналіз трафіку
  • RFC 2030 SNTP, Simple Network Time Protocol v4
  • RFC 59051 - Network Time Protocol Version 4: Protocol and Algorithms Specification RFC 854 Telnet client and server
  • RFC 783 TFTP Protocol (revision 2)
  • RFC 951, 1542 BootP
  • RFC 2131 BOOTP/DHCP relay agent and DHCP server
  • RFC 3315, Dynamic Host Configuration Protocol for IPv6 (DHCPv6), Relay Functions Only
  • RFC 1591 DNS (client operation)
  • RFC 6106, IPv6 Router Advertisement Options for DNS Configuration
  • RFC 1155 Structure of Management Information (SMIv1)
  • RFC 1157 SNMPv1
  • RFC 1212, RFC 1213, RFC 1215 MIB-II, Ethernet-Like MIB & TRAPs
  • RFC 1573 Evolution of Interface
  • RFC 1650 Ethernet-Like MIB (update of RFC 1213 for SNMPv2)
  • RFC 1901, 1905 – 1908 SNMP v2c, SMIv2 and Revised MIB-II
  • RFC 2576 Coexistence between SNMP Version 1, Version 2 and Version 3
  • RFC 2578 – 2580 SMIv2 (update to RFC 1902 – 1903)
  • RFC 3410 – 3415 SNMPv3, user based security, encryption and authentication
  • RFC 3416 – Protocol Operations for Version 2 of SNMP
  • RFC 2418 – Management Information Base for SNMP
  • RFC 3826 – The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model
  • IEEE 802.1AB LLDP Basic MIB, LLDP-EXT-DOT1-MIB, LLDP-EXT-DOT3-MIB
  • RFC 1757 RMON 4 groups: Stats, History, Alarms and Events
  • RFC 2021 RMON2 (probe configuration)
  • RFC 2613 SMON MIB
  • RFC 2925 Ping/Traceroute MIB
  • RFC 2665 – Definitions of Managed Objects for the Ethernet-like Interface types
  • RFC 2668 802.3 MAU MIB
  • draft-ietf-hubmib-mau-mib-v3-02.txt
  • RFC 1643 Ethernet MIB
  • RFC 1493 Bridge MIB
  • RFC 2096 IPv4 Forwarding Table MIB
  • RFC 2737 Entity MIB v2
  • RFC 2233 Interface MIB
  • RFC 3621 PoE-MIB (PoE switches only)
  • PIM MIB draft-ieft-pim-mib-v2-01.txt
  • IEEE-8021-PAE-MIB
  • IEEE-8021x-EXTENSIONS-MIB
  • EAPS MIB supports get functions
  • RFC 1657 Definitions of Managed Objects for BGPv4 using SNMPv2
  • IEEE 802.1ag MIB
  • Secure Shell (SSH-2) client and server
  • Secure Copy (SCP-2) client and server
  • Secure FTP (SFTP) server
  • sFlow version 5
  • Configuration logging
  • Multiple Images, Multiple Configs
  • RFC 3164 BSD Syslog Protocol with Multiple Syslog Servers ––999 Local Messages (criticals stored across reboots)
  • Extreme Networks vendor MIBs (includes FDB, PoE, CPU, Memory MIBs)
  • XML APIs over Telnet/SSH and HTTP/HTTPS
  • Web-based device management interface – ExtremeXOS ScreenPlay
  • IP Route Compression
  • IPv6 Router Advertisement Filtering
  • Stacking – SummitStack

Power over Ethernet (PoE)
  • RFC 3621 Power over Ethernet MIB
  • IEEE 802.3af standard

Безпека, захист мережі і комутації
  • Secure Shell (SSH-2), Secure Copy (SCP-2) and SFTP client/server with encryption/ authentication (requires export controlled encryption module)
  • SNMPv3 user based security, with encryption/authentication (see above)
  • RFC 1492 TACACS+
  • RFC 2138 RADIUS Authentication
  • RFC 2139 RADIUS Accounting
  • RFC 3579 RADIUS EAP support for 802.1x
  • RADIUS Per-command Authentication
  • Access Profiles on All Routing Protocols
  • Access Policies for Telnet/SSH-2/SCP-2
  • Network Login – 802.1x, Web and MAC-based mechanisms
  • IEEE 802.1x – 2001 Port-Based Network Access Control for Network Login
  • Multiple supplicants with multiple VLANs for Network Login (all modes)
  • Fallback to local authentication database (MAC and Web-based methods)
  • Guest VLAN for 802.1x
  • RFC 1866 HTML – Used for Web-based Network Login and ExtremeXOS ScreenPlay
  • SSL/TLS transport – used for Web-based Network Login and ExtremeXOS ScreenPlay (requires export controlled encryption module)
  • MAC Security – Lockdown and Limit
  • IP Security – RFC 3046 DHCP Option 82 with port and VLAN ID
  • IP Security – Trusted DHCP Server
  • Layer 2/3/4 Access Control Lists (ACLs)
  • RFC 2267 Network Ingress Filtering
  • RPF (Unicast Reverse Path Forwarding) Control via ACLs
  • Wire-speed ACLs
  • Rate Limiting/Shaping by ACLs
  • IP Broadcast Forwarding Control
  • ICMP and IP-Option Response Control
  • SYN attack protection
  • CPU DoS Protection with traffic rate-limiting to management CPU
  • Robust against common network attacks:
    – CERT (http://www.cert.org)
    – CA-2003-04: “SQL Slammer”
    – CA-2002-36: “SSHredder”
    – CA-2002-03: SNMP vulnerabilities
    – CA-98-13: tcp-denial-of-service
    – CA-98.01: smurf
    – CA-97.28: Teardrop_Land -Teardrop and “LAND“ attack
    – CA-96.26: ping
    – CA-96.21: tcp_syn_flooding
    – CA-96.01: UDP_service_denial
    – CA-95.01: IP_Spoofing_Attacks_and_Hijacked_Terminal_Connections
    – IP Options Attack
  • Host Attack Protection
  • – Teardrop, boink, opentear, jolt2, newtear, nestea, syndrop, smurf, fraggle, papasmurf, synk4, raped, winfreeze, ping –f, ping of death, pepsi5, Latierra, Winnuke, Simping, Sping, Ascend, Stream, Land, Octopus

Безпека, захист маршрутизації
  • IP Security – DHCP enforcement via Disable ARP Learning
  • IP Security – Gratuitous ARP Protection
  • IP Security – DHCP Secured ARP/ARP Validation
  • Routing protocol MD5 authentication (see above)

Виявлення та захист
  • CLEAR-Flow, threshold-based alerts and actions (кроме конфигурации SummitStack)
  • Identity Manager

IPv4 послуги хоста
  • RFC 1122 Host Requirements
  • RFC 768 UDP
  • RFC 791 IP
  • RFC 792 ICMP
  • RFC 793 TCP
  • RFC 826 ARP
  • RFC 894 IP over Ethernet
  • RFC 1027 Proxy ARP
  • RFC 2068 HTTP server
  • IGMP v1/v2/v3 Snooping with Configurable Router Registration Forwarding
  • IGMP Filters
  • PIM Snooping
  • Static IGMP Membership
  • Multicast VLAN Registration (MVR)

Послуги маршрутизації IPv4
  • Static Unicast Routes
  • Static Multicast Routes
  • RFC 1112 IGMP v1
  • RFC 2236 IGMP v2
  • RFC 3376 IGMP v3
  • RFC 2933 IGMP MIB
  • RFC 1812 Requirements for IP Version 4 Routers
  • RFC 1519 CIDR
  • RFC 1256 IPv4 ICMP Router Discovery (IRDP)
  • RFC 1058 RIP v1
  • RFC 2453 RIP v2
  • RFC 2096 IPv4 Forwarding Table MIB
  • RFC 1724 RIPv2 MIB
  • RFC 2338 Virtual Router Redundancy Protocol *
  • RFC 3768 VRRPv2 *
  • RFC 2787 VRRP MIB*
  • RFC 2328 OSPF v2 (Edge-mode)*
  • OSPF MD5 Authentication*
  • RFC 1587 OSPF NSSA Option*
  • RFC 1765 OSPF Database Overflow*
  • RFC 2370 OSPF Opaque LSA Option*
  • RFC 3623 OSPF Graceful Restart*
  • RFC 1850 OSPFv2 MIB*
  • RFC 2362 PIM-SM (Edge-mode)*
  • RFC 2934 PIM MIB*
  • RFC 3569, draft-ietf-ssm-arch-06.txt PIM-SSM PIM Source Specific Multicast*
  • draft-ietf-pim-mib-v2-o1.txt*
  • Mtrace, a “traceroute” facility for IP Multicast: draft-ietf-idmr-traceroute-ipm-07*
  • Mrinfo, the multicast router information tool based on Appendix-B of draft-ietf-idmr-dvmrpv3-11*

IPv6 послуги хоста
  • RFC 3587, Global Unicast Address Format
  • Ping over IPv6 transport
  • Traceroute over IPv6 transport
  • RFC 5095, Internet Protocol, Version 6 (IPv6) Specification
  • RFC 4861, Neighbor Discovery for IP Version 6, (IPv6)
  • RFC 2463, Internet Control Message Protocol (ICMPv6) for the IPv6 Specification
  • RFC 2464, Transmission of IPv6 Packets over Ethernet Networks
  • RFC 2465, IPv6 MIB, General Group and Textual Conventions
  • RFC 2466, MIB for ICMPv6
  • RFC 2462, IPv6 Stateless Address Auto Configuration – Host Requirements
  • RFC 1981, Path MTU Discovery for IPv6, August 1996 – Host Requirements
  • RFC 3513, Internet Protocol Version 6 (IPv6) Addressing Architecture
  • Telnet server over IPv6 transport
  • SSH-2 server over IPv6 transport

Послуги маршрутизації IPv6
  • RFC 2462, IPv6 Stateless Address Auto Configuration – Router Requirements
  • RFC 1981, Path MTU Discovery for IPv6, August 1996 – Router Requirements
  • RFC 2710, IPv6 Multicast Listener Discovery v1 (MLDv1) Protocol
  • RFC 3810, IPv6 Multicast Listener Discovery v2 (MLDv2) Protocol
  • RFC 4541, Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches
  • Static Unicast routes for IPv6
  • RFC 2080, RIPng
  • RFC 2740 OSPF v3 (Edge-mode) *
  • Static ECMP
  • RFC 5798 Virtual Router Redundancy Protocol (VRRP) Version 3 for IPv4 and IPv6*
  • draft-ietf-vrrp-unified-mib-08. txt2 - Definitions of Managed Objects for VRRPv3*

QoS (якість сервісу/пріоритезація) і VLAN

Quality of Service and Policies
  • IEEE 802.1D – 1998 (802.1p) Packet Priority
  • RFC 2474 DiffServ Precedence, including 8 queues/port
  • RFC 2598 DiffServ Expedited Forwarding (EF)
  • RFC 2597 DiffServ Assured Forwarding (AF)
  • RFC 2475 DiffServ Core and Edge Router Functions

Traffic Engineering
  • RFC 3784 IS-IS Externs for Traffic Engineering (wide metrics only)

VLAN Services: VLANs, vMANs
  • IEEE 802.1Q VLAN Tagging
  • IEEE 802.1v: VLAN classification by Protocol and Port
  • IEEE 802.3ad Static Load sharing configuration & LACP based dynamic configuration
  • Port-based VLANs
  • Protocol-based VLANs
  • MAC-based VLANs
  • Multiple STP domains per VLAN
  • Upstream Forwarding Only/Disable Flooding
  • RFC 5517 Private VLANs
  • VLAN Translation
  • IEEE 802.1ad Provider Bridge Network, virtual MANs (vMANs)
  • vMAN Ethertype Translation/Secondary vMAN Ethertype
  • Multicast Support for PVLAN
  • Multicast Support for VLAN Aggregation
  • VLAN Aggregation*

Протокол часу
  • Network Time Protocol

Дата-центр
  • Data Center Bridging eXchange (DCBX) (IEEE P802.1Qaz/D2.3)
* - Потрібна ліцензія Advanced Edge
 
© 2013 Diawest.net.ua