GS-5220-Series Sales Guide
36 / 54
u Security
ü Network Access Authentication Mechanism
• IEEE 802.1x port-based authentication for user identity control
• MAC-based authentication for easy deployment
• RADIUS/TACACS+/Local profile
ü Access Control List (ACL)
• IP-based filtering to permit or deny traffic
• MAC-based filtering to permit or deny traffic
ü Management Source MAC/IP address binding to prevent unauthorized intruder
ü DHCP Snooping to filter distrusted DHCP messages
ü Dynamic ARP Inspection discards ARP packets with invalid MAC address to IP
address binding
ü IP Source Guard prevents IP spoofing attacks
Security Features