|
Протоколи, які підтримуються ExtremeXOS 15.2
Комутація
- IEEE 802.1D – 1998 Spanning Tree Protocol (STP)
- IEEE 802.1D – 1998 Spanning Tree Protocol (STP)
- IEEE 802.1D – 2004 Spanning Tree Protocol (STP and RSTP)
- IEEE 802.1w – 2001 Rapid Reconfiguration for STP, RSTP
- IEEE 802.1Q – 2003 (formerly IEEE 802.1s) Multiple Instances of STP, MSTP
- EMISTP, Extreme Multiple Instances of Spanning Tree Protocol
- PVST+, Per VLAN STP (802.1Q interoperable)
- Draft-ietf-bridge-rstpmib-03.txt – Definitions of Managed Objects for Bridges with Rapid Spanning Tree Protocol
- Extreme Standby Router Protocol™ (ESRP)
- IEEE 802.1Q – 1998 Virtual Bridged Local Area Networks
- IEEE 802.3ad Static load sharing configuration and LACP based dynamic configuration
- Software Redundant Ports
- Multi-switch Link Aggregation Groups (M-LAG)
- IEEE 802.1AB – LLDP Link Layer Discovery Protocol
- LLDP Media Endpoint Discovery (LLDP-MED), ANSI/TIA-1057, draft 08
- Extreme Discovery Protocol (EDP)
- Extreme Loop Recovery Protocol (ELRP)
- Extreme Link State Monitoring (ELSM)
- RFC 3619 Ethernet Automatic Protection Switching (EAPS) Version 1 and Version 2
- RFC 3619 Ethernet Automatic Protection Switching (EAPS) Version 1 and Version 2
Керування та аналіз трафіку
- RFC 2030 SNTP, Simple Network Time Protocol v4
- RFC 59051 - Network Time Protocol Version 4: Protocol and Algorithms Specification RFC 854 Telnet client and server
- RFC 783 TFTP Protocol (revision 2)
- RFC 951, 1542 BootP
- RFC 2131 BOOTP/DHCP relay agent and DHCP server
- RFC 3315, Dynamic Host Configuration Protocol for IPv6 (DHCPv6), Relay Functions Only
- RFC 1591 DNS (client operation)
- RFC 6106, IPv6 Router Advertisement Options for DNS Configuration
- RFC 1155 Structure of Management Information (SMIv1)
- RFC 1157 SNMPv1
- RFC 1212, RFC 1213, RFC 1215 MIB-II, Ethernet-Like MIB & TRAPs
- RFC 1573 Evolution of Interface
- RFC 1650 Ethernet-Like MIB (update of RFC 1213 for SNMPv2)
- RFC 1901, 1905 – 1908 SNMP v2c, SMIv2 and Revised MIB-II
- RFC 2576 Coexistence between SNMP Version 1, Version 2 and Version 3
- RFC 2578 – 2580 SMIv2 (update to RFC 1902 – 1903)
- RFC 3410 – 3415 SNMPv3, user based security, encryption and authentication
- RFC 3416 – Protocol Operations for Version 2 of SNMP
- RFC 2418 – Management Information Base for SNMP
- RFC 3826 – The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model
- IEEE 802.1AB LLDP Basic MIB, LLDP-EXT-DOT1-MIB, LLDP-EXT-DOT3-MIB
- RFC 1757 RMON 4 groups: Stats, History, Alarms and Events
- RFC 2021 RMON2 (probe configuration)
- RFC 2613 SMON MIB
- RFC 2925 Ping/Traceroute MIB
- RFC 2665 – Definitions of Managed Objects for the Ethernet-like Interface types
- RFC 2668 802.3 MAU MIB
- draft-ietf-hubmib-mau-mib-v3-02.txt
- RFC 1643 Ethernet MIB
- RFC 1493 Bridge MIB
- RFC 2096 IPv4 Forwarding Table MIB
- RFC 2737 Entity MIB v2
- RFC 2233 Interface MIB
- RFC 3621 PoE-MIB (PoE switches only)
- PIM MIB draft-ieft-pim-mib-v2-01.txt
- IEEE-8021-PAE-MIB
- IEEE-8021x-EXTENSIONS-MIB
- EAPS MIB supports get functions
- RFC 1657 Definitions of Managed Objects for BGPv4 using SNMPv2
- IEEE 802.1ag MIB
- Secure Shell (SSH-2) client and server
- Secure Copy (SCP-2) client and server
- Secure FTP (SFTP) server
- sFlow version 5
- Configuration logging
- Multiple Images, Multiple Configs
- RFC 3164 BSD Syslog Protocol with Multiple Syslog Servers ––999 Local Messages (criticals stored across reboots)
- Extreme Networks vendor MIBs (includes FDB, PoE, CPU, Memory MIBs)
- XML APIs over Telnet/SSH and HTTP/HTTPS
- Web-based device management interface – ExtremeXOS ScreenPlay
- IP Route Compression
- IPv6 Router Advertisement Filtering
- Stacking – SummitStack
Power over Ethernet (PoE)
- RFC 3621 Power over Ethernet MIB
- IEEE 802.3af standard
Безпека, захист мережі і комутації
- Secure Shell (SSH-2), Secure Copy (SCP-2) and SFTP client/server with encryption/ authentication (requires export controlled encryption module)
- SNMPv3 user based security, with encryption/authentication (see above)
- RFC 1492 TACACS+
- RFC 2138 RADIUS Authentication
- RFC 2139 RADIUS Accounting
- RFC 3579 RADIUS EAP support for 802.1x
- RADIUS Per-command Authentication
- Access Profiles on All Routing Protocols
- Access Policies for Telnet/SSH-2/SCP-2
- Network Login – 802.1x, Web and MAC-based mechanisms
- IEEE 802.1x – 2001 Port-Based Network Access Control for Network Login
- Multiple supplicants with multiple VLANs for Network Login (all modes)
- Fallback to local authentication database (MAC and Web-based methods)
- Guest VLAN for 802.1x
- RFC 1866 HTML – Used for Web-based Network Login and ExtremeXOS ScreenPlay
- SSL/TLS transport – used for Web-based Network Login and ExtremeXOS ScreenPlay (requires export controlled encryption module)
- MAC Security – Lockdown and Limit
- IP Security – RFC 3046 DHCP Option 82 with port and VLAN ID
- IP Security – Trusted DHCP Server
- Layer 2/3/4 Access Control Lists (ACLs)
- RFC 2267 Network Ingress Filtering
- RPF (Unicast Reverse Path Forwarding) Control via ACLs
- Wire-speed ACLs
- Rate Limiting/Shaping by ACLs
- IP Broadcast Forwarding Control
- ICMP and IP-Option Response Control
- SYN attack protection
- CPU DoS Protection with traffic rate-limiting to management CPU
- Robust against common network attacks:
– CERT (http://www.cert.org)
– CA-2003-04: “SQL Slammer”
– CA-2002-36: “SSHredder”
– CA-2002-03: SNMP vulnerabilities
– CA-98-13: tcp-denial-of-service
– CA-98.01: smurf
– CA-97.28: Teardrop_Land -Teardrop and “LAND“ attack
– CA-96.26: ping
– CA-96.21: tcp_syn_flooding
– CA-96.01: UDP_service_denial
– CA-95.01: IP_Spoofing_Attacks_and_Hijacked_Terminal_Connections
– IP Options Attack
- Host Attack Protection
– Teardrop, boink, opentear, jolt2, newtear, nestea, syndrop, smurf, fraggle, papasmurf, synk4, raped, winfreeze, ping –f, ping of death, pepsi5, Latierra, Winnuke, Simping, Sping, Ascend, Stream, Land, Octopus
Безпека, захист маршрутизації
- IP Security – DHCP enforcement via Disable ARP Learning
- IP Security – Gratuitous ARP Protection
- IP Security – DHCP Secured ARP/ARP Validation
- Routing protocol MD5 authentication (see above)
Виявлення та захист
- CLEAR-Flow, threshold-based alerts and actions (кроме конфигурации SummitStack)
- Identity Manager
IPv4 послуги хоста
- RFC 1122 Host Requirements
- RFC 768 UDP
- RFC 791 IP
- RFC 792 ICMP
- RFC 793 TCP
- RFC 826 ARP
- RFC 894 IP over Ethernet
- RFC 1027 Proxy ARP
- RFC 2068 HTTP server
- IGMP v1/v2/v3 Snooping with Configurable Router Registration Forwarding
- IGMP Filters
- PIM Snooping
- Static IGMP Membership
- Multicast VLAN Registration (MVR)
Послуги маршрутизації IPv4
- Static Unicast Routes
- Static Multicast Routes
- RFC 1112 IGMP v1
- RFC 2236 IGMP v2
- RFC 3376 IGMP v3
- RFC 2933 IGMP MIB
- RFC 1812 Requirements for IP Version 4 Routers
- RFC 1519 CIDR
- RFC 1256 IPv4 ICMP Router Discovery (IRDP)
- RFC 1058 RIP v1
- RFC 2453 RIP v2
- RFC 2096 IPv4 Forwarding Table MIB
- RFC 1724 RIPv2 MIB
- RFC 2338 Virtual Router Redundancy Protocol *
- RFC 3768 VRRPv2 *
- RFC 2787 VRRP MIB*
- RFC 2328 OSPF v2 (Edge-mode)*
- OSPF MD5 Authentication*
- RFC 1587 OSPF NSSA Option*
- RFC 1765 OSPF Database Overflow*
- RFC 2370 OSPF Opaque LSA Option*
- RFC 3623 OSPF Graceful Restart*
- RFC 1850 OSPFv2 MIB*
- RFC 2362 PIM-SM (Edge-mode)*
- RFC 2934 PIM MIB*
- RFC 3569, draft-ietf-ssm-arch-06.txt PIM-SSM PIM Source Specific Multicast*
- draft-ietf-pim-mib-v2-o1.txt*
- Mtrace, a “traceroute” facility for IP Multicast: draft-ietf-idmr-traceroute-ipm-07*
- Mrinfo, the multicast router information tool based on Appendix-B of draft-ietf-idmr-dvmrpv3-11*
IPv6 послуги хоста
- RFC 3587, Global Unicast Address Format
- Ping over IPv6 transport
- Traceroute over IPv6 transport
- RFC 5095, Internet Protocol, Version 6 (IPv6) Specification
- RFC 4861, Neighbor Discovery for IP Version 6, (IPv6)
- RFC 2463, Internet Control Message Protocol (ICMPv6) for the IPv6 Specification
- RFC 2464, Transmission of IPv6 Packets over Ethernet Networks
- RFC 2465, IPv6 MIB, General Group and Textual Conventions
- RFC 2466, MIB for ICMPv6
- RFC 2462, IPv6 Stateless Address Auto Configuration – Host Requirements
- RFC 1981, Path MTU Discovery for IPv6, August 1996 – Host Requirements
- RFC 3513, Internet Protocol Version 6 (IPv6) Addressing Architecture
- Telnet server over IPv6 transport
- SSH-2 server over IPv6 transport
Послуги маршрутизації IPv6
- RFC 2462, IPv6 Stateless Address Auto Configuration – Router Requirements
- RFC 1981, Path MTU Discovery for IPv6, August 1996 – Router Requirements
- RFC 2710, IPv6 Multicast Listener Discovery v1 (MLDv1) Protocol
- RFC 3810, IPv6 Multicast Listener Discovery v2 (MLDv2) Protocol
- RFC 4541, Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches
- Static Unicast routes for IPv6
- RFC 2080, RIPng
- RFC 2740 OSPF v3 (Edge-mode) *
- Static ECMP
- RFC 5798 Virtual Router Redundancy Protocol (VRRP) Version 3 for IPv4 and IPv6*
- draft-ietf-vrrp-unified-mib-08. txt2 - Definitions of Managed Objects for VRRPv3*
QoS (якість сервісу/пріоритезація) і VLAN
Quality of Service and Policies
- IEEE 802.1D – 1998 (802.1p) Packet Priority
- RFC 2474 DiffServ Precedence, including 8 queues/port
- RFC 2598 DiffServ Expedited Forwarding (EF)
- RFC 2597 DiffServ Assured Forwarding (AF)
- RFC 2475 DiffServ Core and Edge Router Functions
Traffic Engineering
- RFC 3784 IS-IS Externs for Traffic Engineering (wide metrics only)
VLAN Services: VLANs, vMANs
- IEEE 802.1Q VLAN Tagging
- IEEE 802.1v: VLAN classification by Protocol and Port
- IEEE 802.3ad Static Load sharing configuration & LACP based dynamic configuration
- Port-based VLANs
- Protocol-based VLANs
- MAC-based VLANs
- Multiple STP domains per VLAN
- Upstream Forwarding Only/Disable Flooding
- RFC 5517 Private VLANs
- VLAN Translation
- IEEE 802.1ad Provider Bridge Network, virtual MANs (vMANs)
- vMAN Ethertype Translation/Secondary vMAN Ethertype
- Multicast Support for PVLAN
- Multicast Support for VLAN Aggregation
- VLAN Aggregation*
Протокол часу
Дата-центр
- Data Center Bridging eXchange (DCBX) (IEEE P802.1Qaz/D2.3)
* - Потрібна ліцензія Advanced Edge
| |
|
|
|