User's Manual
Table Of Contents
- 1. INTRODUCTION
- 2. INSTALLATION
- 3. SWITCH MANAGEMENT
- 4. WEB CONFIGURATION
- 4.1 Main Web page
- 4.2 System
- 4.2.1 Management
- 4.2.1.1 System Information
- 4.2.1.2 IP Configuration
- 4.2.1.3 IP Status
- 4.2.1.4 Users Configuration
- 4.2.1.5 Privilege Levels
- 4.2.1.6 NTP Configuration
- 4.2.1.6.1 System Time Correction Manually
- 4.2.1.7 Time Configuration
- 4.2.1.8 UPnP
- 4.2.1.9 DHCP Relay
- 4.2.1.10 DHCP Relay Statistics
- 4.2.1.11 CPU Load
- 4.2.1.12 System Log
- 4.2.1.13 Detailed Log
- 4.2.1.14 Remote Syslog
- 4.2.1.15 SMTP Configuration
- 4.2.1.16 Fault Alarm
- 4.2.1.17 Digital Input/Output
- 4.2.2 Simple Network Management Protocol
- 4.2.3 RMON
- 4.2.4 DHCP server
- 4.2.5 Industrial Protocol
- 4.2.6 Remote Management
- 4.2.1 Management
- 4.3 Switching
- 4.3.1 Port Management
- 4.3.2 Link Aggregation
- 4.3.3 VLAN
- 4.3.3.1 VLAN Overview
- 4.3.3.2 IEEE 802.1Q VLAN
- 4.3.3.3 VLAN Port Configuration
- 4.3.3.4 VLAN Membership Status
- 4.3.3.5 VLAN Port Status
- 4.3.3.6 Private VLAN
- 4.3.3.7 Port Isolation
- 4.3.3.8 VLAN setting example:
- 4.3.3.9 MAC-based VLAN
- 4.3.3.10 IP Subnet-based VLAN Membership Configuration
- 4.3.3.11 Protocol-based VLAN
- 4.3.3.12 Protocol-based VLAN Membership
- 4.3.4 Spanning Tree Protocol
- 4.3.5 Multicast
- 4.3.6 MLD Snooping
- 4.3.7 MVR (Multicast VLAN Registration)
- 4.3.8 LLDP
- 4.3.9 MAC Address Table
- 4.3.10 Loop Protection
- 4.3.11 UDLD
- 4.3.12 GVRP
- 4.3.13 PTP
- 4.3.14 Link OAM
- 4.4 Quality of Service
- 4.5 Security
- 4.6 Power over Ethernet
- 4.7 Ring
- 4.8 ONVIF
- 4.9 Maintenance
- 5. SWITCH OPERATION
- 6. TROUBLESHOOTING
- APPENDIX A: Networking Connection
- APPENDIX B : GLOSSARY
User’s Manual of IGS-5225 series
23
Security
Authentication
− IEEE 802.1x Port-based/MAC-based network access authentication
− Built-in RADIUS client to cooperate with the RADIUS servers
− TACACS+ login users access authentication
− RADIUS/TACACS+ users access authentication
− Guest VLAN assigns clients to a restricted VLAN with limited services
Access Control List
− IP-based Access Control List (ACL)
− MAC-based Access Control List
Source MAC/IP address binding
DHCP snooping to filter distrusted DHCP messages
Dynamic ARP Inspection discards ARP packets with invalid MAC address to IP address binding
IP Source Guard prevents IP spoofing attacks
IP address access management to prevent unauthorized intruder
Management
IPv4 and IPv6 dual stack management
Switch Management Interfaces
- Console/Telnet Command Line Interface
- Web switch management
- SNMP v1 and v2c switch management
- SSHv2, TLSv1.2 and SNMP v3 secure access
SNMP Management
- Four RMON groups (history, statistics, alarms, and events)
- SNMP trap for interface Link Up and Link Down notification
IPv6 IP address/NTP/DNS management
Built-in Trivial File Transfer Protocol (TFTP) client
BOOTP and DHCP for IP address assignment
System Maintenance
− Firmware upload/download via HTTP/TFTP
− Reset button for system reboot or reset to factory default
− Dual Images
DHCP Relay and DHCP Option 82
DHCP Server
User Privilege levels control
Network Time Protocol (NTP)
Network Diagnositc
− ICMPv6/ICMPv4 Remote Ping
− Cable diagnostic technology provides the mechanism to detect and report potential cabling issues
− SFP-DDM (Digital Diagnostic Monitor)