User manual
Table Of Contents
- Table of Contents
- About This Guide
- 1 Product Introduction
- 2 Hardware Installation
- 3 Getting Started
- 4 Configuration
- Web-based Management
- Tool Bar > Save Menu
- Tool Bar > Tool Menu
- Tool Bar > Online Help
- Function Tree
- Device Information
- System > System Settings
- System > Serial Port Settings
- System > IPv6 System Settings
- System > IPv6 Route Settings
- System > IPv6 Neighbor Settings
- System > DHCP Auto Configuration
- System > Trap Settings
- System > Port Configuration > Port Settings
- System > Port Configuration > Port Description
- System > Port Configuration > Port Error Disabled
- System > SNMP Settings > SNMP Global State
- System > SNMP Settings > SNMP User Table
- System > SNMP Settings > SNMP Group Table
- System > SNMP Settings > SNMP View Table
- System > SNMP Settings > SNMP Community Table
- System > SNMP Settings > SNMP Host Table
- System > SNMP Settings > SNMP Engine ID
- System > SNMP Settings > SNMP Trap Settings
- System > User Accounts
- System > MAC Address Aging Time
- System > ARP Aging Time Settings
- System > PPPoE Circuit ID Insertion Settings
- System > Web Settings
- System > Telnet Settings
- System > Password Encryption
- System > Ping Test
- System > MAC Notification Settings
- System > System Log Configuration > System Log Settings
- System > System Log Configuration > System Log Server
- System > SMTP Service > SMTP Server Settings
- System > SMTP Service > SMTP Service
- Configuration > 802.1Q VLAN
- Configuration > 802.1Q Management VLAN
- Configuration > VLAN Status
- Configuration > GVRP Settings
- Configuration > GVRP Timer Settings
- Configuration > QinQ > QinQ Settings
- Configuration > QinQ > VLAN Translation CVID Entry Settings
- Configuration > 802.1v Protocol VLAN > 802.1v Protocol Group Settings
- Configuration > 802.1v Protocol VLAN > 802.1v Protocol VLAN Settings
- Configuration > VLAN Trunk Settings
- Configuration > Link Aggregation > Port Trunkings
- Configuration > Link Aggregation > LACP Port Settings
- Configuration > BPDU Protection Settings
- Configuration > IGMP Snooping > IGMP Snooping
- Configuration > IGMP Snooping > IGMP Access Control Settings
- Configuration > IGMP Snooping > ISM VLAN Settings
- Configuration > IGMP Snooping > Host Table
- Configuration > IGMP Snooping > IP Multicast Profile Settings
- Configuration > IGMP Snooping > Limited Multicast Range Settings
- Configuration > IGMP Snooping > Max Multicast Group Settings
- Configuration > MLD Snooping > MLD Snooping Settings
- Configuration > MLD Snooping > MLD Host Table
- Configuration > Port Mirroring
- Configuration > Loopback Detection
- Configuration > SNTP Settings > Time Settings
- Configuration > SNTP Settings > TimeZone Settings
- Configuration > DHCP/BOOTP Relay > DHCP/BOOTP Relay Global Settings
- Configuration > DHCP/BOOTP Relay > DHCP/BOOTP Relay Interface Settings
- Configuration > DHCP Local Relay Settings
- Configuration > DHCPv6 Relay Settings
- Configuration > Firmware Information
- Configuration > Spanning Tree > STP Bridge Global Settings
- Configuration > Spanning Tree > STP Port Settings
- Configuration > Spanning Tree > MST Configuration Identification
- Configuration > Spanning Tree > STP Instance Settings
- Configuration > Spanning Tree > MSTP Port Information
- Configuration > Ethernet OAM > Ethernet OAM Port Settings
- Configuration > Ethernet OAM > Ethernet OAM Event Configuration
- Configuration > DULD > DULD Port Settings
- Configuration > Multicast Forwarding & Filtering > Multicast Forwarding
- Configuration > Multicast Forwarding & Filtering > Multicast Filtering
- QoS > Traffic Control
- QoS > Bandwidth Control
- QoS > CoS Scheduling Mechanism
- QoS > CoS Output Scheduling
- QoS > 802.1p Default Priority
- QoS > 802.1p User Priority
- QoS > DSCP Priority Settings
- QoS > Priority Settings
- QoS > MAC Priority Settings
- QoS > IP Priority Settings
- QoS > IPv6 Priority Settings
- QoS > IPv6 Traffic Class Priority Settings
- QoS > TCP/UDP Port Priority Settings
- QoS > VLAN ID Priority Settings
- QoS > Protocol Priority Settings
- RMON > RMON Basic Settings
- RMON > RMON Ethernet Statistics Configuration
- RMON > RMON History Control Configuration
- RMON > RMON Alarm Configuration
- RMON > RMON Event Configuration
- Security > Trusted Host
- Security > Safeguard Engine
- Security > ARP Spoofing Prevention
- Security > Gratuitous ARP
- Security > Port Security
- Security > SSL Settings
- Security > Smart Binding > Smart Binding Settings
- Security > Smart Binding > Smart Binding
- Security > Smart Binding > White List
- Security > Smart Binding > Black List
- Security > Smart Binding > DHCP Snooping List
- Security > 802.1X > 802.1X Settings
- Security > 802.1X > 802.1X User
- Security > 802.1X > 802.1X Authentication RADIUS
- Security > 802.1X > 802.1X Guest VLAN
- Security > MAC Address Table > Static MAC
- Security > MAC Address Table > Dynamic Forwarding Table
- Security > Access Authentication Control > Authentication Policy Settings
- Security > Access Authentication Control > Application Authentication Settings
- Security > Access Authentication Control > Authentication Server Group
- Security > Access Authentication Control > Authentication Server
- Security > Access Authentication Control > Login Method Lists
- Security > Access Authentication Control > Enable Method Lists
- Security > Access Authentication Control > Local Enable Password Settings
- Security > Traffic Segmentation
- Security > DoS Prevention Settings
- Security > DHCP Server Screening > DHCP Server Screening Port Settings
- Security > DHCP Server Screening > Filter DHCP Server
- Security > SSH Settings > SSH Settings
- Security > SSH Settings > SSH Authmode and Algorithm Settings
- Security > SSH Settings > SSH User Authentication Lists
- Monitoring > Statistics
- Monitoring > Session Table
- Monitoring > CPU Utilization
- Monitoring > Memory Utilization
- Monitoring > Port Utilization
- Monitoring > Packet Size
- Monitoring > Packets > Transmitted (TX)
- Monitoring > Packets > Received (RX)
- Monitoring > Packets > UMB Cast (RX)
- Monitoring > Errors > Received (RX)
- Monitoring > Errors > Transmitted (TX)
- Monitoring > Cable Diagnostics
- Monitoring > System Log
- Monitoring > Browse ARP Table
- Monitoring > Ethernet OAM > Browse Ethernet OAM Event Log
- Monitoring > Ethernet OAM > Browse Ethernet OAM Statistics
- Monitoring > Port Access Control > RADIUS Authentication
- Monitoring > Port Access Control > RADIUS Account Client
- ACL > ACL Configuration Wizard
- ACL > Access Profile List
- ACL > ACL Finder
- ACL > CPU Filter Configuration Wizard
- ACL > CPU Filter Access Profile List
- ACL > CPU Filter Finder
- LLDP > LLDP Global Settings
- LLDP > Basic LLDP Port Settings
- LLDP > 802.1 Extension LLDP Port Settings
- LLDP > 802.3 Extension LLDP Port Settings
- LLDP > LLDP Management Address Settings
- LLDP > LLDP Statistics Table
- LLDP > LLDP Management Address Table
- LLDP > LLDP Local Port Table
- LLDP > LLDP Remote Port Table
- Appendix A - Ethernet Technology
- Appendix B - Ethernet Technology
- Appendix C – Rack mount Instructions
- Appendix D – Cables and Connectors
- Appendix E– Module Specs and Cable Lengths
4 Configuration DES-1210 Metro Ethernet Managed Switch User Manual
67
172.17.5.215
255.0.0.0
172.0.0.1~172.255.255.255
To delete the IP address, simply click the Delete button. Check the unwanted address, and then click Apply.
Security > Safeguard Engine
D-Link’s Safeguard Engine is a robust and innovative technology that automatically throttles the impact of
packet flooding into the switch's CPU. This function helps protect the Switch from being interrupted by
malicious viruses or worm attacks. This option is enabled by default.
Figure 4.113 – Security > Safeguard Engine
Security > ARP Spoofing Prevention
ARP spoofing, also known as ARP poisoning, is a method to attack an Ethernet network by allowing an
attacker to sniff data frames on a LAN, modifying the traffic, or stopping the traffic (known as a Denial of
Service – DoS attack). The main idea of ARP spoofing is to send fake or spoofed ARP messages to an
Ethernet network. It associates the attacker's or random MAC address with the IP address of another node
such as the default gateway. Any traffic meant for that IP address would be mistakenly re-directed to the
node specified by the attacker.
A common DoS attack today can be done by associating a nonexistent or specified MAC address to the IP
address of the network’s default gateway. The malicious attacker only needs to broadcast one gratuitous
ARP to the network claiming to be the gateway, so that the whole network operation is turned down as all
packets to the Internet will be directed to the wrong node.
The ARP Spoofing Prevention function can discard the ARP Spoofing Attack in the network by checking the
gratuitous ARP packets and filtering those with illegal IP or MAC addresses.
Figure 4.114 – Security > ARP Spoofing Prevention Setting
Enter the IP Address, MAC Address, Ports and then click Add to create a checking/filtering rule. Click
Delete to remove an existing rule and Delete All to clear all the entries.