Product Data Sheet / Brochure

ManualsBrandsHP ManualsComputers & LaptopsE2620-24 Layer 3 Switch - Hewlett Packard - J9623A#ABA

provides RIPv1 and RIPv2 routing

Security

Access control lists (ACLs)

provide IP Layer 3 filtering based on source/destination IP address/subnet and source/destination TCP/UDP port number

Source-port filtering

allows only specified ports to communicate with each other

RADIUS/TACACS+

eases switch management security administration by using a password authentication server

Secure shell

encrypts all transmitted data for secure remote CLI access over IP networks

Secure Sockets Layer (SSL)

encrypts all HTTP traffic, allowing secure access to the browser-based management GUI in the switch

Port security

allows access only to specified MAC addresses, which can be learned or specified by the administrator

MAC address lockout

prevents particular configured MAC addresses from connecting to the network

Secure FTP

allows secure file transfer to and from the switch; protects against unwanted file downloads or unauthorized copying of a switch

configuration file

Custom banner

displays security policy when users log in to the switch

Identity-driven ACL

enables implementation of a highly granular and flexible access security policy and VLAN assignment specific to each

authenticated network user

STP BPDU port protection

blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged BPDU attacks

STP root guard

protects the root bridge from malicious attacks or configuration mistakes

DHCP protection

blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks

Dynamic ARP protection

blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or theft of network data

Multiple user authentication methods

IEEE 802.1X

uses an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server to authenticate in accordance with

industry standards

Web-based authentication

provides a browser-based environment, similar to IEEE 802.1X, to authenticate clients that do not support the IEEE

802.1X supplicant

MAC-based authentication

authenticates the client with the RADIUS server based on the client's MAC address

Authentication flexibility

Multiple IEEE 802.1X users per port

provides authentication of multiple IEEE 802.1X users per port; prevents a user from "piggybacking" on another user's

IEEE 802.1X authentication

Concurrent IEEE 802.1X, Web, and MAC authentication schemes per port

switch port will accept up to 32 sessions of IEEE 802.1X, Web, and MAC authentications

Port mirroring for network threats

QuickSpecs

HP 2620 Switch Series

Overview

DA - 14120 Worldwide — Version 11 — December 9, 2013

Page 4