EasyManua.ls Logo

Hirschmann MACH 4000 User Manual

Hirschmann MACH 4000
240 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #85 background imageLoading...
Page #85 background image
Protection from unauthorized access
Basic - L3P
Release
4.0
11/07
6.4
Port access control
11
6.4 Port access control
6.4.1 Port access control
The Switch protects every port from unauthorized access. Depending on
your selection, the Switch checks the MAC address or the IP address of the
connected device. The following functions are available for monitoring every
individual port:
X Who has access to this port?
The Switch recognizes 2 classes of access control:
X All:
– no access restriction.
– MAC address 00:00:00:00:00:00 or
– IP address 0.0.0.0.
X User:
– only one assigned user has access.
– you define the user via his/her MAC or IP address.
X What should happen after an unauthorized access attempt?
The Switch can respond in three selectable ways to an unauthorized ac-
cess attempt:
X non: no response
X trapOnly: message by sending a trap
X portDisable:message by sending a trap and disabling the port
Note: Since the Switch is a layer 2 device, it translates the IP addresses en-
tered into MAC addresses. For this, exactly one IP address must be assigned
to a MAC address.
Please keep in mind that when using a router, for example, several IP ad-
dresses can be assigned to one MAC address, namely that of the router. This
means that all packets of the router will pass the port unchecked if the per-
mitted IP address is that of the router.
If a connected device sends packets with other MAC addresses and a per-
mitted IP address, the switch will disable the port.

Table of Contents

Other manuals for Hirschmann MACH 4000

Preview: Reference Manual
Reference Manual286 pages
Question and Answer IconNeed help?

Do you have a question about the Hirschmann MACH 4000 and is the answer not in the manual?

Hirschmann MACH 4000 Specifications

General IconGeneral
ModelMACH4000
Operating Temperature-40°C to +70°C
ManagedYes
Switching TechnologyStore-and-forward
ManagementWeb-based, CLI, SNMP
PortsUp to 24
Port Type and Speed10/100/1000 Mbps Ethernet, Gigabit Ethernet
Speed10/100/1000 Mbps
VLAN SupportYes
RedundancyHSR, PRP

Summary

Access to the User Interfaces

1.1 System Monitor

1.2 Command Line Interface

Use the CLI for detailed configuration and advanced switch management.

1.3 Web-based Interface

Configure the switch graphically via a web browser interface.

Entering the IP Parameters

2.2 Entering IP parameters via CLI

Configure IP settings using the Command Line Interface.

2.3 Entering the IP Parameters via HiDiscovery

2.4 Loading the system configuration from the ACA

2.5 System configuration via BOOTP

2.6 System configuration via DHCP

Automate IP parameter assignment using DHCP.

2.7 System configuration via DHCP Option 82

2.8 System configuration via the Web-based interface

Set IP parameters through the graphical web interface.

2.9 Faulty device replacement

Solutions for replacing a faulty switch with a new one.

Loading/saving settings

3.1 Loading settings

Methods for loading configuration data into the switch.

3.2 Saving settings

Methods for saving current configuration data.

Loading software updates

4.1 Loading the software from the ACA

4.2 Loading the software from the tftp server

Configuring the ports

Switching the port on and off

Configuring Power over ETHERNET

Protection from unauthorized access

6.1 Password for SNMP access

6.2 Telnet/Web/SSH access

Manage and secure remote access protocols like Telnet, Web, and SSH.

6.4 Port access control

Implement MAC or IP-based security policies on switch ports.

6.5 Port authentication according to 802.1X

Secure network access using IEEE 802.1X port authentication.

6.6 Access Control Lists (ACL).

Filter traffic based on IP or MAC addresses using Access Control Lists.

Network load control

8.1 Direct packet distribution

8.2 Multicast application

8.3 Rate Limiter

Control traffic rates on ports to prevent congestion.

8.4 QoS/Priority

Prioritize traffic types to ensure quality for critical applications.

8.5 Flow control

8.6 VLANs

Segment the network into virtual LANs for better organization.

Operation diagnosis

9.1 Sending traps

9.2 Monitoring the device status

Check the overall operational status and health of the switch.

9.5 Event counter at port level

9.6 Displaying the SFP status

9.7 TP cable diagnosis

9.8 Topology discovery

9.9 Detecting IP address conflicts

Detect and resolve IP address conflicts on the network.

9.11 Monitoring port traffic (port mirroring)

Setting up configuration environment

A.1 Setting up DHCP/BOOTP server

A.2 Setting up DHCP Server Option 82

A.3 tftp server for software updates

A.4 Preparing access via SSH

Set up SSH access using key pairs for secure remote management.

Related product manuals