Operation Manual
Configuration Guide 542
Configuring Network Security Network Security
DoS Defend
The DoS (Denial of Service) defend feature provides protection against DoS attacks. DoS
attacks occupy the network bandwidth maliciously by sending numerous service requests
to the hosts. It results in an abnormal service or breakdown of the network.
With DoS Defend feature, the switch can analyze the specific fields of the IP packets,
distinguish the malicious DoS attack packets and discard them directly. Also, DoS Defend
feature can limit the transmission rate of the legal packets if the over legal packets may
incur a breakdown of the network.
802.1X
802.1X protocol is a protocol for port-based Network Access Control. It is used to
authenticate and control access from devices connected to the ports. If the device
connected to the port is authenticated by the authentication server successfully, its
request to access the LAN will be accepted; if not, its request will be denied.
802.1X authentication uses the typical client-server model which contains three device
roles: client/supplicant, authenticator and authentication server. This is described in the
figure below:
Figure 1-2 802.1X Authentication Model
Authentication Server
Clients
Authenticator
Client
A client is a host, usually a computer, connected to a switch via a physical port. We
recommend that you install TP-Link 802.1X authentication client software on the client
hosts, enabling them to request 802.1X authentication to access the LAN.
Authenticator
An authenticator is usually a network device that supports 802.1X protocol. The switch is
an authenticator.
The authenticator acts as an intermediate proxy between the client and the authentication
server. The authenticator requests user information from the client and sends it to the
authentication server; also, the authenticator obtains responses from the authentication