Manualshelf

M4250 Datasheet

ManualsBrandsNETGEAR ManualsComputers & Accessories12x2.5G and 2xSFP+ Managed Switch
21222324252627282930
DoS Attacks Protection SIPDIP
SMACDMAC
FIRSTFRAG
TCPFRAG
TCPFLAG
TCPPORT
UDPPORT
TCPFLAGSEQ
TCPOFFSET
TCPSYN
TCPSYNFIN
TCPFINURGPSH
L4PORT
ICMP
ICMPV4
ICMPV6
ICMPFRAG
PINGFLOOD
SYNACK
CPURateLimiting
Yes Applied to IPv4 and IPv6 multicast packets with unknown L3 addresses when IP routing/
multicast enabled
ICMPthrottling YesRestrictICMP,PINGtrafcforICMP-basedDoSattacks
Management
ManagementACL(MACAL)
Max Rules
YesProtectsmanagementCPUaccessthroughtheLAN
64
Out of band Management Yes In-band management can be shut down entirely when out-of-band management network
Radius accounting YesRFC2565andRFC2866
TACACS+ Yes
MaliciousCodeDetection YesSoftwareimagelesandCongurationleswithdigitalsignatures
Network Trafc
AccessControlLists(ACLs) L2/L3/L4MAC,IPv4,IPv6,TCP,UDP
Time-basedACLs Yes
Protocol-basedACLs Yes
ACLoverVLANs Yes
DynamicACLs Yes
IEEE 802.1x Radius Port Access Authentication YesUpto48clients(802.1x)perportaresupported,includingtheauthenticationoftheusersdomain
802.1xMACAddressAuthenticationBypass(MAB) YesSupplementalauthenticationmechanismfornon-802.1xdevices,basedontheirMACaddressonly
Network Authentication Successive Tiering YesDot1x->MAP->CaptivePortalsuccessiveauthenticationmethodsbasedonconguredtime-outs
Port Security Yes
IP Source Guard Yes IPv4 / IPv6
DHCPSnooping Yes IPv4 / IPv6
Dynamic ARP Inspection Yes IPv4 / IPv6
IPv6 RA Guard Stateless Mode Yes
MACFiltering Yes
PortMACLocking Yes
Private Edge VLAN
YesAprotectedportdoesn’tforwardanytrafc(unicast,multicast,orbroadcast)toanyother
protected port - same switch
Private VLANs
Yes Scales Private Edge VLANs by providing Layer 2 isolation between ports across switches in same
Layer 2 network
Quality of Service (QoS) - Summary
Access Lists
L2MAC,L3IPandL4PortACLs
Ingress
Egress
Time-based
802.3ad(LAG)forACLassignment
BindingACLstoVLANs
ACLLogging
Support for IPv6 fields
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
PAGE 28 of 44
AV Line Managed Switches
Datasheet | M4250 series
AV Line Managed Switches