User's Manual
Table Of Contents
- 1. INTRODUCTION
- 2. INSTALLATION
- 3. SWITCH MANAGEMENT
- 4. WEB CONFIGURATION
- 4.1 System Information
- 4.2 Switch Management
- 4.2.1 Jumbo Frame
- 4.2.2 Interface
- 4.2.3 Statistics
- 4.2.4 VLAN
- 4.2.5 MAC Address
- 4.2.6 Port Mirror
- 4.2.7 Static Link Aggregation
- 4.2.8 LACP
- 4.2.9 Trunk Group Load Balance
- 4.2.10 Spanning Tree Protocol
- 4.2.11 IGMP Snooping
- 4.2.12 IGMP Filtering and Throttling
- 4.2.13 MLD Snooping
- 4.2.14 MVR For IPv4
- 4.2.14.1 Configure Global
- 4.2.14.2 Configure Domain
- 4.2.14.3 Show Configure Profile
- 4.2.14.4 Add Configure Profile
- 4.2.14.5 Show Associate Profile
- 4.2.14.6 Add Associate Profile
- 4.2.14.7 Configure Interface
- 4.2.14.8 Show Static Group Member
- 4.2.14.9 Add Static Group Member
- 4.2.14.10 Show Member
- 4.2.14.11 Show Query Statistics
- 4.2.14.12 Show VLAN Statistics
- 4.2.14.13 Show Port Statistics
- 4.2.14.14 Show Group Statistics
- 4.2.15 MVR For IPv6
- 4.2.15.1 Configure Global
- 4.2.15.2 Configure Domain
- 4.2.15.3 Show Configure Profile
- 4.2.15.4 Add Configure Profile
- 4.2.15.5 Show Associate Profile
- 4.2.15.6 Add Associate Profile
- 4.2.15.7 Configure Interface
- 4.2.15.8 Show Static Group Member
- 4.2.15.9 Add Static Group Member
- 4.2.15.10 Show Member
- 4.2.15.11 Show Query Statistics
- 4.2.15.12 Show VLAN Statistics
- 4.2.15.13 Show Port Statistics
- 4.2.15.14 Show Group Statistics
- 4.2.16 LLDP
- 4.2.17 ERPS
- 4.2.18 Loopback Detection
- 4.2.19 UDLD
- 4.2.20 Rate Limit
- 4.2.21 Storm Control
- 4.2.22 Stacking
- 4.2.23 Pepo
- 4.3 Route Management
- 4.4 ACL
- 4.5 CoS
- 4.6 Qu’s
- 4.7 Security
- 4.7.1 AAA
- 4.7.2 Web Authentication
- 4.7.3 802.1X
- 4.7.4 MAC Authentication
- 4.7.5 HTTPS
- 4.7.6 SSH
- 4.7.7 Port Security
- 4.7.8 DAI – Dynamic ARP Inspection
- 4.7.9 Login IP Management
- 4.7.10 DoS Protection
- 4.7.11 IPv4 DHCP Snooping
- 4.7.12 IPv6 DHCP Snooping
- 4.7.13 IPv4 Source Guard
- 4.7.14 IPv6 Source Guard
- 4.7.15 Application Filter
- 4.7.16 CPU Guard
- 4.8 Device Management
- 4.8.1 SNMP
- 4.8.2 RMON
- 4.8.3 Cluster
- 4.8.4 DNS
- 4.8.5 DHCP
- 4.8.6 OAM
- 4.8.7 CFM
- 4.8.7.1 Global Configuration
- 4.8.7.2 Interface Configuration
- 4.8.7.3 MD Management
- 4.8.7.4 MD Details
- 4.8.7.5 MA Management
- 4.8.7.6 MA Details
- 4.8.7.7 MEP Management
- 4.8.7.8 Remote MEP Management
- 4.8.7.9 Transmit Link Trace
- 4.8.7.10 Transmit Loopback
- 4.8.7.11 Transmit Delay Measure
- 4.8.7.12 Show Local MEP
- 4.8.7.13 Show Local MEP Details
- 4.8.7.14 Show Local MIP
- 4.8.7.15 Show Remote MEP
- 4.8.7.16 Show Remote MEP Details
- 4.8.7.17 Show Link Trace Cache
- 4.8.7.18 Show Fault Notification Generator
- 4.8.7.19 Show Continuity Check Error
- 4.8.8 Time Setting
- 4.8.9 Event Log
- 4.8.10 File Management
- 4.8.11 Ping
- 4.8.12 Trace Route
- 4.8.13 System Reboot
- 5. SWITCH OPERATION
- 6. TROUBLESHOOTING
- APPENDIX A: Networking Connection
- APPENDIX B : GLOSSARY
User’s Manual of SGS-5240 Series Managed Switch
292
APPENDIX B : GLOSSARY
A
ACE
ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID.
There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The
ACE also contains many detailed, different parameter options that are available for individual application.
ACL
ACL is an acronym for Access Control List. It is the list table of ACEs, containing access control entries that specify
individual users or groups permitted or denied to specific traffic objects, such as a process or a program.
Each accessible traffic object contains an identifier to its ACL. The privileges determine whether there are specific
traffic object access rights.
ACL implementations can be quite complex, for example, when the ACEs are prioritized for the various situation.
In networking, the ACL refers to a list of service ports or network services that are available on a host or server,
each with a list of hosts or servers permitted or denied to use the service. ACL can generally be configured to
control inbound traffic, and in this context, they are similar to firewalls.
There are 3 web pages associated with the manual ACL configuration:
ACL|Access Control List: The web page shows the ACEs in a prioritized way, highest (top) to lowest (bottom).
Default the table is empty. An ingress frame will only get a hit on one ACE even though there are more matching
ACEs. The first matching ACE will take action (permit/deny) on that frame and a counter associated with that ACE
is incremented. An ACE can be associated with a policy, 1 ingress port, or any ingress port (the whole switch). If
an ACE Policy is created then that policy can be associated with a group of ports under the "Ports" web page.
There are number of parameters that can be configured with an ACE. Read the web page help text to get further
information for each of them. The maximum number of ACEs is 64.
ACL|Ports: The ACL Port configuration is used to assign a Policy ID to an ingress port. This is useful to group
ports to obey the same traffic rules. Traffic Policy is created under the "Access Control List". You can you also set
up specific traffic properties (Action / Rate Limiter / Port copy, etc) for each ingress port. They will though only
apply if the frame gets past the ACE matching without getting matched. In that case a counter associated with that
port is incremented. See the web page help text for each specific port property.
ACL|Rate Limiters: On this page, you can configure the rate limiters. There can be 15 different rate limiters, each
ranging from 1 to 1024K packets per second. Under "Ports" and "Access Control List", you can assign a Rate
Limiter ID to the ACE(s) or ingress port(s).
AES
AES is an acronym for Advanced Encryption Standard. The encryption key protocol is applied in 802.1x standard
to improve WLAN security. It is an encryption standard by the U.S. government, which will replace DES and 3DES.
AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits.
AMS
AMS is an acronym for Auto Media Select. AMS is used for dual media ports (ports supporting both copper (cu)
and fiber (SFP) cables. AMS automatically determines if an SFP or a CU cable is inserted and switches to the
corresponding media. If both SFP and cu cables are inserted, the port will select the preferred media.
APS
APS is an acronym for Automatic Protection Switching. This protocol is used to secure switching that is done
bidirectional in both ends of a protection group, as defined in G.8031.