Product Data Sheet / Brochure
technology; traffic can be rerouted around the ring in less than 50 ms, reducing the impact on traffic and applications
Intelligent Resilient Framework
(IRF): creates virtual resilient switching fabrics, where two or more switches perform as a
single L2 switch and L3 router; switches do not have to be co-located and can be part of a disaster recovery system; servers or
switches can be attached using standard LACP for automatic load balancing and high availability; can eliminate the need for
complex protocols like Spanning Tree Protocol, Equal-Cost Multipath (ECMP), or VRRP, thereby simplifying network operation
Layer 2 switching
16K MAC address table
: provides access to many Layer 2 devices
VLAN support and tagging
: support IEEE 802.1Q, with 4,094 simultaneous VLAN IDs
GARP VLAN Registration Protocol
: allows automatic learning and dynamic assignment of VLANs
IEEE 802.1ad QinQ and Selective QinQ
: increase the scalability of an Ethernet network by providing a hierarchical structure;
connect multiple LANs on a high-speed campus or metro network
10GbE port aggregation
allows grouping of ports to increase overall data throughput to a remote device
Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) protocol snooping
: effectively control
and manage the flooding of multicast packets in a Layer 2 network
Layer 3 services
Address Resolution Protocol
(ARP): determines the MAC address of another IP host in the same subnet
Dynamic Host Configuration Protocol
(DHCP): simplifies the management of large IP networks; supports client; DHCP Relay
enables DHCP operation across subnets
Loopback interface address
: defines an address in RIP that can always be reachable, improving diagnostic capability
User Datagram Protocol (UDP) helper function
: allows User Datagram Protocol (UDP) broadcasts to be directed across router
interfaces to specific IP unicast or subnet broadcast addresses and prevents server spoofing for UDP services such as DHCP
Route maps
: provide more control during route redistribution; allow filtering and altering of route metrics
Layer 3 routing
IPv4 routing protocols
: support static routes and RIP
IPv6 routing protocols
: provide routing of IPv6 at wire speed; support static routes and RIPng
Security
Access control lists
(ACLs): provide IP Layer 2 to Layer 4 traffic filtering; support global ACL, VLAN ACL, port ACL, and IPv6 ACL
IEEE 802.1X
: industry-standard method of user authentication using an IEEE 802.1X supplicant on the client in conjunction with
a RADIUS server
MAC-based authentication
: authenticates the client with the RADIUS server based on the client's MAC address
Identity-driven security and access control
:
Per-user ACLs
: permit or deny user access to specific network resources based on user identity and time of day, allowing
multiple types of users on the same network to access specific network services without risking network security or
providing unauthorized access to sensitive data
Automatic VLAN assignment
: automatically assigns users to the appropriate VLAN based on their identities
Secure management access
: securely encrypts all access methods (CLI, GUI, or MIB) through SSHv2, SSL, and/or SNMPv3
Secure FTP
: allows secure file transfer to and from the switch; protects against unwanted file downloads or unauthorized
copying of a switch configuration file
Guest VLAN
: provides a browser-based environment to authenticated clients that is similar to IEEE 802.1X
Endpoint Admission Defense
(EAD): provides security policies to users accessing a network
Port security
: allows access only to specified MAC addresses, which can be learned or specified by the administrator
QuickSpecs
HP 5500 SI Switch Series
Overview
DA - 13794 Worldwide — Version 14 — November 11, 2013
Page 3