Aruba 6300M 48-port 1GbE and 4-port SFP56 Switch

Opis

Gwarancja zewnętrzna

-1

Wymiary

442 x 385 x 44 mm

Waga

12.14

Pobór mocy

75

Typ obudowy

Rack

Wentylator

Tak

Zastosowanie

Średnie i duże firmy

Klasa przełącznika

Zarządzalny

Architektura sieci

GigabitEthernet

Liczba portów 10/100/1000 Mbps

48

Obsługiwane protokoły i standardy

2.5G/5GBASE-T (IEEE 802.3bz-2016)
2.5G/5G NBASE-T
10GBASE-T (IEEE 802.3an-2006)
25-Gigabit Ethernet (IEEE 802.3by-2016
40-Gigabit Ethernet (IEEE 802.3ba-2010)
50-Gigabit Ethernet (IEEE 802.3cd-2018)
100-Gigabit Ethernet (IEEE 802.3ba-2010
802.3bj-2014
802.3bm-2014)
802.3cc-2017)
ANSI/TIA-1057 LLDP Media Endpoint Discovery (LLDP-MED)
Bootstrap Router (BSR) Mechanism for PIM
CPU DoS Protection
Draft-ietf-savi-mix
IEEE 802.1AB-2005
IEEE 802.1AX-2008 Link Aggregation
IEEE 802.1D MAC Bridges
IEEE 802.1Q VLANs
IEEE 802.1ak-2007
IEEE 802.1p Priority
IEEE 802.1s Multiple Spanning Trees
IEEE 802.1t-2001
IEEE 802.1v VLAN classification by Protocol and Port
IEEE 802.1w Rapid Reconfiguration of Spanning Tree
IEEE 802.3ab 1000BASE-T
IEEE 802.3ad Link Aggregation Control Protocol (LACP)
IEEE 802.3ae 10-Gigabit Ethernet
IEEE 802.3af Power over Ethernet
IEEE 802.3at Power over Ethernet
IEEE 802.3az Energy Efficient Ethernet (EEE)
IEEE 802.3bt Power over Ethernet
IEEE 802.3x Flow Control
IEEE 802.3z 1000BASE-X
ITU-T Rec G.8032/Y.1344 Mar. 2010
PIM WG
RFC 783 TFTP Protocol (revision 2)
RFC 791 IP
RFC 792 ICMP
RFC 793 TCP
RFC 813 Window and Acknowledgement Strategy in TCP
RFC 815 IP datagram reassembly algorithms
RFC 826 ARP
RFC 879 TCP maximum segment size and related topics
RFC 896 Congestion control in IP/TCP internetworks
RFC 917 Internet subnets
RFC 919 Broadcasting Internet Datagrams
RFC 922 Broadcasting Internet Datagrams in the Presence of Subnets (IP_BROAD)
RFC 925 Multi-LAN Address Resolution
RFC 951 BOOTP
RFC 1027 Proxy ARP
RFC 1122 Requirements for Internet Hosts - Communications Layers
RFC 1215 Convention for defining traps for use with the SNMP
RFC 1256 ICMP Router Discovery Messages
RFC 1350 TFTP Protocol (revision 2)
RFC 1393 Traceroute Using an IP Option
RFC 1403 BGP OSPF Interaction
RFC 1519 CIDR
RFC 1542 BOOTP Extensions
RFC 1583 OSPF Version 2
RFC 1591 Domain Name System Structure and Delegation
RFC 1657 Definitions of Managed Objects for BGP-4 using SMIv2
RFC 1757 Remote Network Monitoring Management Information Base
RFC 1772 Application of the Border Gateway Protocol in the Internet
RFC 1812 Requirements for IP Version 4 Router
RFC 1918 Address Allocation for Private Internet
RFC 1997 BGP Communities Attribute
RFC 1998 An Application of the BGP Community Attribute in Multi-home Routing
RFC 2131 DHCP
RFC 2132 DHCP Options and BOOTP Vendor Extensions
RFC 2236 IGMP
RFC 2328 OSPF Version 2
RFC 2375 IPv6 Multicast Address Assignments
RFC 2385 Protection of BGP Sessions via the TCP MD5 Signature Option
RFC 2401 Security Architecture for the Internet Protocol
RFC 2402 IP Authentication Header
RFC 2439 BGP Route Flap Damping
RFC 2460 Internet Protocol
RFC 2464 Transmission of IPv6 over Ethernet Networks
RFC 2545 Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing
RFC 2576 (Coexistence between SNMP V1
RFC 2579 (SMIv2 Text Conventions)
RFC 2580 (SMIv2 Conformance)
RFC 2710 Multicast Listener Discovery (MLD) for IPv6
RFC 2711 IPv6 Router Alert Option
RFC 2787 Definitions of Managed Objects for the Virtual Router Redundancy Protocol
RFC 2918 Route Refresh Capability for BGP-4
RFC 2925 Definitions of Managed Objects for Remote Ping
RFC 2934 Protocol Independent Multicast MIB for IPv4
RFC 3019 MLDv1 MIB
RFC 3046 DHCP Relay Agent Information Option
RFC 3056 Connection of IPv6 Domains via IPv4 Clouds
RFC 3065 Autonomous System Confederation for BGP
RFC 3068 An Anycast prefix for 6to4 Relay Route
RFC 3101 OSPF Not-so-stubby-area option
RFC 3137 OSPF Stub Router Advertisement sFlow
RFC 3376 IGMPv3
RFC 3416 (SNMP Protocol Operations v2)
RFC 3417 (SNMP Transport Mappings)
RFC 3418 Management Information Base (MIB) for the Simple Network Management Protocol (SNMP)
RFC 3484 Default Address Selection for IPv6
RFC 3509 Alternative Implementations of OSPF Area Border Routers
RFC 3575 IANA Considerations for RADIUS
RFC 3623 Graceful OSPF Restart
RFC 3768 VRRP
RFC 3810 Multicast Listener Discovery Version 2 (MLDv2) for IPv6
RFC 3973 PIM Dense Mode
RFC 4022 MIB for TCP
RFC 4113 MIB for UDP
RFC 4213 Basic Transition Mechanisms for IPv6 Hosts and Routers
RFC 4251 The Secure Shell (SSH) Protoco
RFC 4252 SSHv6 Authentication
RFC 4253 SSHv6 Transport Layer
RFC 4254 SSHv6 Connection
RFC 4271 A Border Gateway Protocol 4 (BGP-4)
RFC 4273 Definitions of Managed Objects for BGP-4
RFC 4291 IP Version 6 Addressing Architecture
RFC 4292 IP Forwarding Table MIB
RFC 4293 Management Information Base for the Internet Protocol (IP)
RFC 4360 BGP Extended Communities Attribute
RFC 4419 Key Exchange for SSH
RFC 4443 ICMPv6
RFC 4456 BGP Route Reflection: An Alternative to Full Mesh Internal BGP (IBGP)
RFC 4486 Subcodes for BGP Cease Notification Message
RFC 4541 IGMP & MLD Snooping Switch
RFC 4552 Authentication/Confidentiality for OSPFv3
RFC 4601 PIM Sparse Mode
RFC 4607 Source-Specific Multicast for IP
RFC 4675 RADIUS VLAN & Priority
RFC 4724 Graceful Restart Mechanism for BGP
RFC 4750 OSPFv2 MIB partial support no SetMIB
RFC 4760 Multiprotocol Extensions for BGP-4
RFC 4861 IPv6 Neighbor Discovery
RFC 4862 IPv6 Stateless Address Auto-configuration
RFC 4940 IANA Considerations for OSPF
RFC 5065 Autonomous System Confederation for BGP
RFC 5095 Deprecation of Type 0 Routing Headers in IPv6
RFC 5187 OSPFv3 Graceful Restart
RFC 5340 OSPFv3 for IPv6
RFC 5424 Syslog Protocol
RFC 5492 Capabilities Advertisement with BGP-4
RFC 5519 Multicast Group Membership Discovery MIB (MLDv2 only)
RFC 5701 IPv6 Address Specific BGP Extended Community Attribute
RFC 5722 Handling of Overlapping IPv6 Fragments
RFC 5798 VRRP (exclude Accept Mode and sub-sec timer)
RFC 5880 Bidirectional Forwarding Detection
RFC 5905 Network Time Protocol Version 4: Protocol and Algorithms Specification
RFC 6620 FCFS SAVI
RFC 6987 OSPF Stub Router Advertisement
RFC 7047 The Open vSwitch Database Management Protocol
RFC 7313 Enhanced Route Refresh Capability for BGP-4
RFC 8201 Path MTU Discovery for IP version 6
SNMPv1/v2c/v3
Traceroute
V2
V3)
Version 6 (IPv6) Specification
and Lookup Operations (Ping only)

Rozmiar tablicy adresów MAC

32768

Obsługa ramek Jumbo

Tak

Warstwa przełączania

L3

Zasilacz

Wewnętrzny

Przepustowość

496

Maksymalna ilość urządzeń w stosie

10

Możliwość łączenia w stos

Tak

Port konsoli

Tak

Zarządzanie, monitorowanie, konfiguracja

Aruba AirWave on-premises and Aruba Central cloud- based management
Built-in programmable and easy to use REST API interface
Industry-standard CLI with a hierarchical structure for reduced training time and expense. Delivers increased productivity in multivendor environments
Management interface control enables or disables each of the following depending on security preferences
Management security restricts access to critical configuration commands
Scalable ASIC-based wire speed network monitoring and accounting with no impact on network performance, network operators can gather a variety of network statistics and information for capacity planning and real- time network monitoring purposes
Zero-Touch Provisioning (ZTP) simplifies installation of switching infrastructure using DHCP-based or Aruba Activatebased process with Aruba AirWave and Aruba Central
console port
or reset button
provides multiple privilege levels with password protection and local and remote syslog capabilities allow logging of all access

Bezpieczeństwo

ACLs also provide filtering based on the IP field
Auto VLAN Creation automates VLAN creation on access switches for authenticated clients.
Concurrent IEEE 802.1X
Control Plane Policing sets rate limit on control protocols to protect CPU overload from DOS attacks
Critical Authentication Role ensures that important infrastructure devices such as IP phones are allowed network access even in the absence of a RADIUS server
DHCP-OFFER message
DHCP protection blocks DHCP packets from unauthorized DHCP servers
DHCP smart relay allows the DHCP relay agent to use secondary IP addresses when the DHCP server does not reply the
Dynamic ARP protection blocks ARP broadcasts from unauthorized hosts
Dynamic IP lockdown works with DHCP protection to block traffic from unauthorized hosts
Enrollment over Secure Transport (EST) enables secure certificate enrollment
GUI
ICMP throttling defeats ICMP denial-of-service attacks by enabling any switch port to automatically throttle ICMP traffic
IEEE 802.1AE MACsec provides switch-to-switch and switch-to-host security on a link between two ports using standard encryption and authentication
Identity-driven ACL enables implementation of a highly granular and flexible access security policy and VLAN assignment specific to each authenticated network user
MAC Pinning allows non-chatty legacy devices to stay authenticated by pinning client MAC addresses to the port until the clients logoff or get disconnected
MAC address lockout prevents particular configured MAC addresses from connecting to the network
Management access security for both on- and off- box authentication for administrative access. RADIUS or TACACS+ can be used to provide encrypted user authentication. Additionally
Port security allows access only to specified MAC addresses
Private VLAN (PVLAN) provides traffic isolation between users on the same VLAN, typically a switch port can only communicate with other ports in the same community and/or an uplink port
RADIUS server to authenticate in accordance with industry standards
RadSec enables RADIUS authentication and accounting data to be passed safely and reliably across insecure networks
Remote Authentication Dial-In User Service (RADIUS)
SSL
STP BPDU port protection blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs
STP root guard protects the root bridge from malicious attacks or configuration mistakes
Secure FTP allows secure file transfer to and from the switch, protects against unwanted file downloads or unauthorized copying of a switch configuration file
Secure Sockets Layer (SSL) encrypts all HTTP traffic
Secure management access delivers secure encryption of all access methods (CLI
Secure shell encrypts all transmitted data for secure remote CLI access over IP networks
Security banner displays a customized security policy when users log in to the switch
Source-port filtering allows only specified ports to communicate with each other
Supports MAC-based client authentication
Supports multiple user authentication methods. Uses an IEEE 802.1X supplicant on the client in conjunction with a
Switch CPU protection provides automatic protection against malicious network traffic trying to shut down the switch
TACACS+ can also provide admin authorization services
Terminal Access Controller Access-Control System (TACACS+) delivers an authentication tool using TCP with encryption of the full authentication request
Web
allowing for easier enterprise management of PKI
allowing secure access to the browser-based management GUI in the switch
and/or SNMPv3
and MAC authentications
and MAC authentication schemes per switch port accepts up to 32 sessions of IEEE 802.1X
and source/ destination TCP/UDP
available on uplink and downlink ports
or MIB) through SSHv2
port number on a per-VLAN or per-port basis
preventing IP source address spoofing
preventing denial-of-service attacks
preventing eavesdropping or theft of network data
preventing forged BPDU attacks
providing additional security
regardless of VLAN ID or destination MAC address. This extends network security by restricting peer-peer communication to prevent variety of malicious attacks.
source/ destination IP address/subnet
which can be learned or specified by the administrator

Prędkość przekazywania

369

Bufor pakietów

8

Rozmiar ramki Jumbo

9.198

QoS

Class of Service (CoS) sets the IEEE 802.1p priority tag based on IP address
IP Type of Service (ToS)
Large buffers for graceful congestion management
Layer 3 protocol
Layer 4 prioritization based on TCP/UDP port numbers
Rate limiting sets per-port ingress enforced maximums and per-port
Strict priority (SP) queuing and Deficit Weighted Round Robin (DWRR)
TCP/UDP port number
Traffic prioritization (IEEE 802.1p) for real-time classification into 8 priority levels that are mapped to 8 queues
Transmission rates of egressing frames can be limited on a per-queue basis using Egress Queue Shaping (EQS)
and DiffServ
per-queue minimums
source port

Funkcje L3

Bidirectional Forwarding Detection (BFD) enables link connectivity monitoring and reduces network convergence time for static route
DHCP server centralizes and reduces the cost of IPv4 address management
Domain Name System (DNS) provides a distributed database that translates domain names and IP addresses
Dynamic Host Configuration Protocol (DHCP) simplifies the management of large IP networks and supports client, DHCP
Generic Routing Encapsulation (GRE) enables tunneling traffic from site-to-site over a Layer 3 path
IP sub-interface is a virtual interface created by dividing physical interface into multiple logical interfaces tagged using different VLAN-IDs. A physical interface can be a regular physical
Loopback interface address defines an address in Open Shortest Path First (OSPF)
OSPFv2 and VRRP
Relay enables DHCP operation across subnets
Route maps provide more control during route redistribution, allow filtering and altering of route metrics
Split port or LAG L3 interface. A sub-interface is used for many uses-cases such as VRF-lite interconnection and inter-vlan routing (router on-a-stick)
Supports internal loopback testing for maintenance purposes and increased availability, loopback detection protects against incorrect cabling or network configurations and can be enabled on a per-port or per-VLAN basis for added flexibility
User Datagram Protocol (UDP) helper function allows UDP broadcasts to be directed across router interfaces to specific IP unicast or subnet broadcast addresses and prevents server spoofing for UDP services such as DHCP
improving diagnostic capability
mDNS (Multicast Domain Name System) Gateway enables discovery of mDNS groups across L3 boundaries
which simplifies network design, supports client and server