Overview 1. Service Features 1

Size: px
Start display at page:

Download "Overview 1. Service Features 1"

Transcription

1 Table of Contents Overview 1 Service Features 1 Introduction 1 Feature List 1 Feature Introduction 3 Firewall Web Manual 3 Security Volume 12 Access Volume 14 IP Services Volume 15 IP Routing Volume 16 System Volume 18 VPN Volume 21 IP Multicast Volume 21 i

2 Overview NOTE: This manual is applicable to the H3C SecPath F5000-A5 (F3207P11), F1000-E and firewall modules (F3169P07). The Comware-based security product software features of the SecPath series high-end firewalls are described in eight manual volumes, which are briefed as follows: Firewall Web Manual: Introduces the security features that can be configured on the firewalls through a Web browser, including virtual device management, security zone, RADIUS, HWTACACS, attack detection, session management, traffic management, NAT, address resource, service resource ACL, ASPF policy, TCP proxy, IPsec, IKE, PKI, log report, session log, and so on. Security Volume: Introduces the CLI-based of some security protocols supported by the firewalls, including Portal, SSH2.0, SSL, ALG and so on. Access Volume: Introduces the CLI-based of different interfaces and link layer protocols supported by the firewalls. IP Services Volume: Introduces the CLI-based of IP-related features supported by the firewalls, including adjacency table, ARP, IP performance optimization, DHCPv6, IPv6 basics, FTP and TFTP, tunneling, and NAT-PT. IP Routing Volume: Introduces the CLI-based of static routing and routing protocols supported by the firewalls, including RIP, RIPng, OSPF, OSPFv3, BGP, IPv6 BGP, IPv6 static routing, and IP routing basics, and policy-based routing. System Volume: Introduces the CLI-based of system-related protocols and features supported by the firewalls, including environment setup, basic system s, file management, system maintenance, NTP, SNMP, RMON, VRRP and so on. VPN Volume: Introduces the CLI-based of VPN-related protocols supported by the firewalls, including GRE, L2TP, and L3VPN. IP Multicast Volume: Introduces the CLI-based of IP Multicast protocols supported by the firewalls, including IGMP, MSDP, PIM, IPv6 PIM, IPv6 multicast routing and forwarding, and so on. 1

3 Service Features Introduction The H3C SecPath series firewalls are a new generation professional firewall product series developed by Hangzhou H3C Technologies Co., Ltd. (hereinafter referred to as H3C) for large enterprise users. In addition to traditional firewall functions, the SecPath F series also Supports virtual firewall, security zone management, attack prevention, P2P flow control, and URL filtering features to effectively protect network security. Supports a variety of virtual private network (VPN) services, such as IPSec VPN, to construct various forms of VPNs. Provides abundant routing capabilities by supporting various routing protocols including Routing Information Protocol (RIP), Open Shortest Path First (OSPF), and Border Gateway Protocol (BGP). Feature List Table 1 SecPath series firewalls feature list Module Features Firewall Web Manual Web overview Device information Basic wizard Firewall policy wizard IPsec VPN wizard Device basic System time Interface management Link Aggregation Zone Virtual Device Management Service Management Software Upgrade Device Reboot Address Resource Service Resource Time Range Resource MAC Address Table MSTP Inline Forwarding DHCP DNS Route display Static route RIP OSPF BGP Multicast routing Policy-Based routing IGMP PIM 1

4 Module Features Frame forwarding VLAN Local User Online User RADIUS HWTACACS NAT Application Level Gateway ACL ARP QoS Traffic Policing Session Management Interzone Policy Blacklist Packet Inspection Traffic Abnormality Detection URPF TCP Proxy Intrusion Detection Statistics IDS Collaboration P2P Traffic Control Content Filtering IKE IPsec GRE PKI L2TP VRRP Stateful Failover Collaboration Group Load Balancing Log Management Portal ALG Rsh SSH2.0 Security Volume SSL Web filtering Public key Connection limit Firewall IPsec Access Volume Ethernet interface Loopback interface and null interface Ethernet Link Aggregation PPP IP Services Volume ARP DHCPv6 IP performance optimization IPv6 basics Adjacency table FTP and TFTP DHCP Tunneling NAT-PT IP routing basics Static routing RIP OSPF IP Routing Volume BGP IPv6 static routing RIPng OSPFv3 IPv6 BGP Policy-based routing System Volume VRRP Device management NQA NTP RMON SNMP File system management System maintenance and debugging Basic system Information center User interface HTTP 2

5 Module Features Track Hotfix VPN Volume GRE L2TP L3VPN IP Multicast Volume Multicast overview PIM Multicast routing and forwarding IPv6 multicast routing and forwarding IGMP IPv6 PIM MSDP Feature Introduction NOTE: In the PDF version of this manual, you can access the Operation Manual, Command Manual, and Web Manual for the features by clicking the corresponding links in the Operation Manual, Command Manual, and Web Manual columns; to return to this Feature Description page, use the Alt- key combination. Firewall Web Manual Table 2 Firewall web-based features Web overview Device information Web Overview Device Information Introduces the Web-based network management (NM) of the firewall, including: Uploading the Web interface Logging in to the Web interface Saving the current Introduction to the Web interface Web user level Introduction to the Web-based NM functions Introduction to the buttons on the Web pages Managing Web-based NM through CLI Displays the system device state and summary information, such as the resource state and device interface information. 3

6 Basic wizard Firewall policy wizard IPsec VPN wizard Device basic System time Interface management Link aggregation Basic Wizard Firewall Policy Wizard IPsec VPN Wizard Device Basic System Time Interface Management Link Aggregation The basic wizard helps you complete the following s easily: Basic information: Modify the system name and the password of the current user. Service management: Specify whether to enable the services like FTP, telnet, HTTP, and HTTPS, and set port numbers for HTTP and HTTPS. Interface IP address: Configure IP addresses for Layer 3 Ethernet interfaces and VLAN interfaces. NAT: Configure dynamic NAT, internal server translation, and related parameters. Provides a way to configure firewall policies for virtual devices easily. It can also help you to configure object-oriented ACLs between zones. Provides a way to configure IPsec VPNs easily and guides you to configure IPsec VPN-related parameters. Perform the following tasks to configure IPsec VPN: Configuring a center node Configuring a branch node Configuring a peer node The device basic information module mainly involves: Device basic information Web management Displays and lets you set the device system time on the Web interface. Perform the following task to configure system time: Configuring system time The interface management feature is used by the Web-based interface to manage all physical interfaces and the following two types of logical interfaces of a device, loopback interfaces and null interfaces. Perform the following tasks to configure interface management: Creating an interface Modifying interface information Shutting down/bringing up an interface Displaying the statistics of an interface Removing an interface Link aggregation combines multiple physical Ethernet ports into one logical link, called an aggregate link. Link aggregation increases bandwidth beyond the limits of any single link and improves link reliability. Perform the following tasks to configure link aggregation: Configuring static link aggregation Configuring dynamic link aggregation 4

7 Zone Virtual device management Service management Software upgrade Device reboot Address resource Zone Virtual Device Management Service Management Software Upgrade Device Reboot Address Resource A zone is an abstract conception, and it can include physical interfaces and logical interfaces, and also Trunk interface + VLAN. Interfaces added to the same zone have consistent security needs in security policy control. With the zone concept, security administrators can classify interfaces (assign them to different zones) based on their security needs, thus implementing hierarchical policy management. Perform the following tasks to configure zone management: Creating a zone Adding an interface into a zone Allows you to divide a physical firewall into several logical firewalls. Creating virtual devices can provide firewall rental services. Perform the following tasks to configure virtual device: Creating a virtual device Adding an interface to a virtual device Adding VLANs to a virtual device Refers to the user management of the s of a device, including saving the current to a file on the device, uploading a file to a TFTP server for backup, and downloading a file from a TFTP server to the device for restoration. Perform the following tasks to configure maintenance: Saving file backup restoration Restoring the system to factory defaults The service management module provides six types of services: FTP, Telnet, SSH, SFTP, HTTP and HTTPS. You can enable or disable the services as needed. Downloads software from a TFTP server to a device for software upgrade on the device. Perform the following task to configure software upgrade: Configuring software upgrade Reboots a device through the Web interface. Perform the following task to configure device reboot: Configuring device reboot Address resources are classified into address resources and address group resources. Perform the following tasks to configure address resource: Configuring an address resource Configuring an address group resource 5

8 Service resource Time range resource MAC address table MSTP Inline forwarding DHCP Service Resource Time Range Resource MAC Address Table MSTP Inline Forwarding DHCP A service resource defines a service by specifying the protocol to be carried by IP and the protocol-specific items. Service resources include default service resources, customized service resources and service group resource. Perform the following tasks to configure service resource: Configuring a customized service resource Configuring a service group resource A time range resource defines a time range, which can be referenced by an ACL or an inter-zone policy to control when a rule is effective. Perform the following tasks to configure time range resource: Configuring a time range resource A device maintains a MAC address table for frame forwarding. Each entry in this table indicates the MAC address of a connected device, to which interface this device is connected and to which VLAN the interface belongs. Perform the following tasks to configure MAC address table management: Adding a MAC address entry Querying a MAC address entry The Multiple Spanning Tree Protocol (MSTP) overcomes the shortcomings of STP and RSTP. In addition to the support for rapid network convergence, it also allows data flows of different VLANs to be forwarded along separate paths, thus providing a better load sharing mechanism for redundant links. Perform the following tasks to configure MSTP: Configuring an MSTP region Configuring MSTP globally Configuring MSTP on a port High-end firewalls support inline Layer 2 forwarding, that is, you can specify that packets received on one interface are forwarded through a specified interface. Perform the following tasks to configure inline forwarding: Configuring inline Layer 2 forwarding DHCP is built on a client-server model, in which a client sends a request and then the server returns a reply to send parameters such as an IP address to the client. Perform the following tasks to configure DHCP: Enabling DHCP Configuring the DHCP service type on an interface Configuring a static address pool for the DHCP server Configuring a dynamic address pool for the DHCP server Configuring a DHCP server group 6

9 DNS Route display Static route RIP OSPF BGP Multicast routing Policy-Based Routing IGMP PIM Frame forwarding statistics DNS Route Display Static Route RIP OSPF BGP Multicast Routing Policy-Based Routing IGMP PIM Frame Forwarding Statistics Domain Name System (DNS) is a distributed database used by TCP/IP applications to translate domain names into corresponding IP addresses. Perform the following tasks to configure DNS: Configuring static domain name resolution Configuring dynamic domain name resolution Displays route information. This module mainly involves: Static route overview Configuring a static route This module mainly involves: RIP overview Configuring RIP This module mainly involves: OSPF overview Configuring a OSPF This module mainly involves: BGP overview Configuring BGP This module mainly involves: Multicast routing overview Configuring multicast routing A mechanism in which packets are transmitted and forwarded through a specified policy. Perform the following tasks to configure policy routing: Creating a policy Enabling local policy routing Enabling interface policy routing The Internet Group Management Protocol (IGMP) is used by IP hosts to establish and maintain their multicast group memberships to immediately neighboring multicast routers. Perform the following tasks to configure IGMP: Configuring IGMP This module mainly involves: PIM overview Configuring PIM The frame forwarding statistics module allows you to display the frame forwarding statistics of all the Layer 2 interfaces on the device. 7

10 VLAN Local user Online user RADIUS HWTACACS NAT Application level gateway VLAN Local User Online User RADIUS HWTACACS NAT Application Level Gateway VLAN technology can break a LAN down into separate VLANs that are isolated from each other at Layer 2. A VLAN is a broadcast domain, and all broadcast traffic is contained within it. Perform the following tasks to configure VLAN: Creating a VLAN Modifying a port/vlan Local users are a set of users configured on the Network Access Server (NAS). A local user is uniquely identified by username. Perform the following tasks to configure local user: Configuring a local user Online users here refer to the users getting online after passing AAA authentication. Perform the following task to configure online user: Displaying online users Remote Authentication Dial-In User Service (RADIUS) is a distributed information interaction protocol built on the client/server model which can protect networks against unauthorized access. Perform the following tasks to configure RADIUS: Configuring RADIUS server Configuring RADIUS parameters Huawei Terminal Access Controller Access Control System (HWTACACS) is an enhanced security protocol based on TACACS (RFC 1492). It is used to implement Authentication, Authorization, and Accounting (AAA). Perform the following tasks to configure HWTACACS: Creating an HWTACACS scheme Configuring HWTACACS server Configuring HWTACACS parameters Network Address Translation (NAT) provides a way of translating an IP address to another IP address for a packet. Perform the following tasks to configure NAT: Configuring NAT Configuring one-to-one NAT Enabling one-to-one NAT Configuring an internal server The application level gateway (ALG) feature is used to process application layer packets. 8

11 ACL ARP QoS Traffic policing Session management Interzone policy Blacklist ACL ARP QoS Traffic Policing Session Management Interzone Policy Blacklist Access control lists (ACLs) are used to implement packet filtering based on the configured matching criteria and action of ACL rules. Perform the following tasks to configure ACL: Creating an ACL Configuring a basic ACL rule Configuring an advanced ACL rule Configuring an Ethernet frame header ACL rule Perform the following tasks to configure ARP: ARP ARP attack protection A Quality of Service (QoS) policy involves three components: class, traffic behavior, and policy. You can associate a class with a traffic behavior using a QoS policy. This module mainly involves: QoS overview Configuring QoS Traffic policing polices particular flows entering a device according to configured specifications and is usually applied in the inbound direction of a port. This module mainly involves: Traffic policing overview Creating a CAR list Applying a CAR list to an interface Manages sessions of applications such as NAT, application specific packet filter (ASPF), and intrusion protection. Perform the following tasks to configure session management: Configuring basic session management settings Displaying session table information Displaying session relation table information Configuring virtual fragment reassembly Configuring ASPF Interzone policies, based on ACLs, are used for identification of traffic between zones. Perform the following tasks to configure interzone policy: Configuring an interzone policy rule Exporting and importing Modifying the priority of a rule Displaying packet statistics of an interzone policy Blacklist is an attack prevention mechanism that filters packets based on source IP address. This module mainly involves: Configuring the blacklist 9

12 Packet Inspection Traffic abnormality detection URPF TCP proxy Intrusion detection statistics IDS collaboration P2P traffic control Content filtering Packet Inspection Traffic Abnormality Detection URPF TCP Proxy Intrusion Detection Statistics IDS Collaboration P2P Traffic Control Content Filtering With packet inspection configured, the firewall analyzes the characteristics of each received packet. Once detecting an attack, the firewall logs the event and blocks the packet. This module mainly involves: Configuring packet inspection Perform the following tasks to configure traffic abnormality detection: Configuring ICMP flood detection Configuring UDP flood detection Configuring SYN flood detection Configuring connection limit Configuring scanning detection Unicast Reverse Path Forwarding (URPF) protects a network against source address spoofing attacks. This module mainly involves: Configuring URPF TCP proxy is used to prevent a server against SYN Flood attacks. Perform the following tasks to configure TCP proxy: Configuring TCP proxy global parameters Enabling TCP proxy Creating IP entry to be protected The intrusion detection statistics function enables a firewall to collect intrusion detection statistics, helping you analyze the intrusion types and quantities to generate better firewall policies. IDS collaboration is introduced for firewalls to work with an Intrusion detection system (IDS) device. P2P identification and QoS traffic control work in conjunction to implement the P2P traffic control function. Perform the following tasks to configure TCP proxy: Loading signature files Enabling protocol identification Configuring protocol groups Viewing traffic statistics The content filtering function can prevent internal users from accessing unauthorized websites and block Java applets and ActiveX objects from web pages. The Web filtering function covers: URL parameter filtering Java blocking ActiveX blocking 10

13 IKE IPsec GRE PKI L2TP VRRP Stateful failover Collaboration group IKE IPsec GRE PKI L2TP VRRP Stateful Failover Collaboration Group Internet Key Exchange (IKE) provides automatic key negotiation and SA establishment services for IP Security (IPsec), simplifying the application and management of IPsec dramatically. Perform the following tasks to configure IKE: Configuring global IKE parameters Configuring an IKE proposal Configuring IKE DPD Configuring an IKE peer IPsec refers to a series of protocols defined by the Internet Engineering Task Force (IETF) to provide high quality, interoperable, and cryptology-based security for IP packets. Perform the following tasks to configure IPsec: Configuring an IPsec proposal Configuring an IPsec policy template Configuring an IPsec policy Applying an IPsec policy group The GRE module mainly involves: GRE overview Configuring GRE The Public Key Infrastructure (PKI) is a hierarchical framework designed for providing information security through public key technologies and digital certificates and verifying the identities of the digital certificate owners. Perform the following tasks to configure PKI: Requesting a certificate manually Requesting a certificate automatically The Layer 2 Tunneling Protocol (L2TP) is one of the most commonly used Virtual Private Dial-up Network (VPDN) tunneling protocols. This module mainly involves: L2TP overview Enabling L2TP Adding an L2TP group Displaying L2TP tunnel information VRRP is an error-tolerant protocol, which improves the network reliability and simplifies s on hosts. Perform the following tasks to configure VRRP: Creating a VRRP group Configuring a VRRP group Two security gateways are deployed to back up sessions for each other, thus to prevent service interruption caused by single point of failure and ensure continuous data transmission. Perform the following tasks to configure collaboration group: Configuring a collaboration group Displaying the status of a collaboration group and its member ports 11

14 Load balancing Log management Return to Feature List Load Balancing Log Management Load balancing (LB) is a cluster technology to distribute some specific services such as network services and network traffic among multiple network devices (for example servers and firewalls) or multiple links, thus enhancing service processing capability and ensuring high reliability of services. Perform the following tasks to configure load balancing: Configuring a real service group Configuring a real service Configuring a virtual service Configuring health monitoring Enabling last hop information saving The log management module mainly involves: Configuring syslog Configuring user logging Session logging Log report Security Volume Table 3 CLI-based features in the Security Volume Portal ALG Rsh Portal Portal Commands ALG ALG Commands RSH RSH Commands Portal authentication is also called web authentication and a website implementing portal authentication is called a portal website. Perform the following tasks to configure portal: Configuring portal Displaying and maintaining portal The application level gateway (ALG) feature is used to process application layer packets. ALG can work with NAT and ASPF to implement address translation, data connection detection and application layer status check. ALG mainly involves the following task: Configuring ALG Remote shell (Rsh) allows you to execute the internal and external commands provided by the operating system (OS) on a remote host that runs the Rsh daemon. Rsh mainly involves the following task: Configuring Rsh 12

15 SSH2.0 SSL Web filtering Public key Connection Limit Firewall SSH2.0 SSH2.0 Commands SSL SSL Commands Web Filtering Web Filtering Commands Public Key Public Key Commands Connection Limit Connection Limit Commands Firewall Firewall Commands Secure Shell (SSH) offers an approach to securely logging in to a remote device, and provides security and strong authentication. SSH2.0 involves mainly the following tasks: Configuring SSH server Configuring SSH client Configuring SSH client software Secure Sockets Layer (SSL) is a security protocol providing secure connection service for TCP-based application layer protocols. SSL involves mainly the following tasks: Configuring an SSL server policy Configuring an SSL client policy The Web filtering function can prevent internal users from accessing unauthorized websites and block Java applets and ActiveX objects from web pages. Web filtering involves mainly the following tasks: Configuring URL parameter filtering Configuring Java blocking Configuring ActiveX blocking. The public key mainly includes the following tasks: Asymmetric key algorithm overview Configuring the local asymmetric key pair Configuring the public key for a peer The firewalls support configuring connection limit policies to limit the number of user connections, connection establishment rate, and connection bandwidth. The primary s include: Creating a connection limit policy Configuring the connection limit policy Applying the connection limit policy Firewall can prevent unauthorized or unauthenticated users on the Internet from accessing a protected network while allowing the users on the internal network to access web sites on the Internet and transceive s. Configuring a packet filter firewall 13

16 IPsec IPsec IPsec Commands Layer 3 tunnel encryption protocol defined by IETF, which provides security for IP data packets transmitted on the Internet. Configuring an IPSec proposal Configuring an IPSec policy Configuring an IPSec policy template Applying an IPSec policy Configuring an IKE proposal Configuring an IKE peer Configuring IKE keepalive timer Return to Feature List Access Volume Table 4 CLI-based features in the Access Volume Ethernet Interface Ethernet interface Introduction to Combo and Ethernet interfaces Loopback Interface and Null Interface Ethernet link aggregation PPP Ethernet Interface Commands Loopback Interface and Null Interface Loopback Interface and Null Interface Commands Ethernet Link Aggregation Ethernet Link Aggregation Commands PPP PPP Commands Configuring a loopback interface Configuring a null interface Configuring a subinterface Configuring an aggregation group Configuring an aggregate interface Configuring load sharing criteria for link aggregation groups PPP is a link layer protocol that carries network layer packets over point-to-point links. It gains popularity because it provides user authentication, supports synchronous/asynchronous communication, and allows for easy extension. PAP authentication CHAP authentication PPP negotiation Enable PPP traffic statistics collection PPP user binding rule 14

17 Return to Feature List IP Services Volume Table 5 CLI-based features in the IP Services Volume ARP IP performance optimization Adjacency table DHCP DHCPv6 ARP ARP Commands IP Performance Optimization IP Performance Optimization Commands Adjacency Table Adjacency Table Commands DHCP DHCP Commands DHCPv6 DHCPv6 Commands Address Resolution Protocol (ARP) is used to resolve an IP address into a data link layer address. ARP involves mainly the following tasks: Configuring ARP Configuring gratuitous ARP Configuring proxy ARP In some network environments, you need to adjust the IP parameters to achieve best network performance. IP performance involves mainly the following tasks: Enabling the device to receive and forward directed broadcasts Configuring TCP attributes, such as TCP timers, buffer size, packet size, and ICMP error packet sending Configuring the maximum segment size (MSS) of the interface Configuring the device to/not to send ICMP error messages An adjacency table manages the information on the neighbors that are both connected and active, such as network layer address (next hop), route outgoing interface, link layer service type, and link layer address. Dynamic host protocol, implements dynamic for information such as IP address.. DHCP server DHCP relay DHCP client DHCPv6 was designed based on IPv6 addressing scheme and is used for assigning IPv6 prefixes, IPv6 addresses and other parameters to hosts. DHCPv6 involves mainly the following tasks: Configuring a DHCPv6 server Configuring a DHCPv6 relay agent Configuring a DHCPv6 client 15

18 IPv6 Basics FTP and TFTP Tunneling NAT-PT Return to Feature List IPv6 Basics IPv6 Basics Commands FTP and TFTP FTP and TFTP Commands Tunneling Tunneling Commands NAT-PT NAT-PT Commands Internet Protocol Version 6 (IPv6), also called IP next generation (IPng), was designed by the Internet Engineering Task Force (IETF) as the successor to Internet Protocol version 4 (IPv4). The FTP and TFTP are application layer protocols for sharing files between server and client over a TCP/IP network. The primary tasks include: Configuring FTP Configuring TFTP Tunneling is an encapsulation technology, which utilizes one network protocol to encapsulate packets of another network protocol and transfer them over the network. Because of the coexistence of IPv4 networks and IPv6 networks, Network Address Translation Protocol Translation (NAT-PT) was introduced to realize translation between IPv4 and IPv6 addresses. IP Routing Volume Table 6 CLI-based features in the IP Routing Volume IP routing basics Static routing RIP IP Routing Basics IP Routing Basics Commands Static Routing Static Routing Commands RIP RIP Commands An overview of IP routing. Routing protocols overview IP routing and routing table Routing based on a routing table Static routes are manually configured by the administrator. The proper and usage of static routes can improve network performance and ensure bandwidth for important network applications. Static routing involves mainly the following tasks: Configuring a static route Configuring next-hop reachability detection of static routing The Routing Information Protocol (RIP) is a simple interior gateway protocol (IGP) mainly used in small-sized networks. RIP involves mainly the following tasks: Configuring RIP basic functions Configuring RIP routing features 16

19 OSPF BGP IPv6 static routing RIPng OSPFv3 IPv6 BGP OSPF OSPF Commands BGP BGP Commands IPv6 Static Routing IPv6 Static Routing Commands RIPng Configuraiton RIPng Commands OSPFv3 OSPFv3 Commands IPv6 BGP IPv6 BGP Commands Open Shortest Path First (OSPF) is a link state interior gateway protocol. OSPF involves mainly the following tasks: Configuring OSPF basic functions. Configuring OSPF area parameters Configuring the OSPF network type Configuring OSPF route control The Border Gateway Protocol (BGP) is a dynamic inter-as protocol. BGP involves mainly the following tasks: Configuring BGP basic functions Configuring BGP route attributes Configuring a large-scale BGP network Similar to IPv4 static routes, IPv6 static routes work well in simple IPv6 network environments. The primary tasks include: Introduction to IPv6 static routing Configuring an IPv6 static route RIP next generation (RIPng) is an extension of RIP-2 for IPv4. The primary tasks include: Configuring RIPng Basic Functions Configuring RIPng Route Control Tuning and Optimizing the RIPng Network Open Shortest Path First version 3 (OSPFv3) supports IPv6. The primary tasks include: Enabling OSPFv3 Configuring OSPFv3 area parameters Configuring OSPFv3 network types Configuring OSPFv3 routing information control Tuning and Optimizing OSPFv3 networks Configuring OSPFv3 GR Applying IPsec policies for OSPFv3 To support multiple network layer protocols, IETF extended BGP-4 by introducing Multiprotocol BGP (MP-BGP), which is referred to as IPv6 BGP for short. The primary tasks include: Configuring IPv6 BGP basic functions Configuring IPv6 BGP route attributes Tuning and optimizing IPv6 BGP networks Configuring a large scale IPv6 BGP network 17

20 Policy-based routing Return to Feature List Policy-Based Routing Policy-Based Routing Commands Policy based routing is for routing unicast packets based on user-defined policies. The primary tasks include: Policy-based routing overview Configuring policy-based routing System Volume Table 7 CLI-based features in the System Volume VRRP Device management NQA NTP VRRP VRRP Commands Device Management Device Management Commands NQA NQA Commands NTP NTP Commands VRRP is an error-tolerant protocol, which improves the network reliability and simplifies s on hosts. The primary tasks include: Configuring VRRP for IPv4 Configuring VRRP for IPv6 Through the device management function, you can view the current working state of a device, configure running parameters, and perform daily device maintenance and management. Boot ROM validity check is not supported. Device management involves mainly the following task: Configuring device management Network Quality Analyzer (NQA) analyzes network performance, services and service quality by sending test packets, and provides network performance and service quality parameters such as jitter, TCP connection delay, FTP connection delay and file transfer rate. It is an enhancement and extension of the Ping tool. NQA involves mainly the following tasks: Configuring NQA tests Configuring optional NQA parameters The Network Time Protocol (NTP) synchronizes timekeeping among distributed time servers and clients. NTP involves mainly the following tasks: Configuring NTP operation mode Configuring the local clock as a reference source Configuring optional parameters of NTP Configuring access control rights Configuring NTP authentication 18

21 RMON SNMP File system management System maintaining and debugging Basic system Information center RMON RMON Commands SNMP SNMP Commands File System Management File System Management Commands System Maintaining and Debugging System Maintaining and Debugging Commands Basic System Basic System Commands Information Center Information Center Commands Remote Monitoring (RMON) allows SNMP to monitor remote network devices in a more proactive and effective way. It reduces traffic between network management station (NMS) and agent, facilitating large network management. RMON involves mainly the following task: Configuring RMON The Simple Network Management Protocol (SNMP) offers a framework to monitor network devices through TCP/IP protocol suite. It provides a set of basic operations in monitoring and maintaining the Internet. SNMP involves mainly the following tasks: Configuring basic functions of SNMP Configuring traps The files used for device operation are stored in the storage device. A major function of the file system is to manage storage devices. File system management involves mainly the following tasks: Configuring file management Configuring FTP/TFTP Configuring TFTP For the majority of protocols and features supported, the system provides corresponding debugging information to help users diagnose errors. System maintaining and debugging involves mainly the following tasks: Configuring system maintaining and debugging Configuring the ping and tracert commands Performing basic system s As the system information hub, the information center classifies and manages system information. Information center involves mainly the following task: Configuring the information center 19

22 User interface HTTP Track Hotfix Return to Feature List User Interface User Interface Commands HTTP HTTP Commands Track Track Commands Hotfix Hotfix Commands User interface view is a feature that allows you to manage asynchronous serial interfaces that work in flow mode. By operating under user interface view, you can centralize the management of various s. User interface involves mainly the following tasks: Configuring asynchronous serial interface attributes Configuring terminal attributes Configuring modem attributes Configuring a command to be auto-executed Configuring a user privilege level Configuring access restriction/supported protocols on VTY user interface(s) Configuring redirection function on asynchronous serial interface(s) Configuring the authentication mode at login The Hypertext Transfer Protocol (HTTP) is used for transferring web page information across the Internet. The HTTP Security (HTTPS) refers to the HTTP protocol that supports the Security Socket Layer (SSL) protocol. HTTP involves mainly the following tasks: Configuring HTTP Configuring HTTPS The Track module is used to implement collaboration between different modules. The detection modules probe the link status and inform the Track module of the probe result so that the Track module changes the status of the Track object accordingly; when the status of the Track object changes, the Track module tells the application modules to deal with the change accordingly. Track overview Configuring collaboration between the track module and NQA Configuring collaboration between the track module and the application modules Hotfix can repair the software defect of the current version without rebooting the device. 20

23 VPN Volume Table 8 CLI-based features in the VPN Volume GRE L2TP L3VPN Return to Feature List GRE GRE Commands L2TP L2TP Commands L3VPN L3VPN Commands Generic Routing Encapsulation (GRE) is a protocol designed for performing encapsulation of one network layer protocol over another network layer protocol. GRE involves mainly the following task: Configuring GRE over IPv4 tunneling The Layer 2 Tunneling Protocol (L2TP) is intended to tunnel PPP packets. L2TP involves mainly the following tasks: Configuring LAC Configuring LNS L3VPN provides flexible networking modes, excellent scalability, and convenient support for MPLS QoS and MPLS TE. L3VPN involves mainly the following tasks: Configuring VPN instances Configuring basic L3VPN IP Multicast Volume Multicast overview Multicast routing and forwarding IGMP Mulitcast Overview Multicast Routing and Forwarding Multicast Routing and Forwarding Commands IGMP IGMP Commands Multicast allows high-efficiency point-to-multipoint data transmission over a network. Layer 2 multicast is not supported. Multicast involves these topics: Multicast model classification Multicast architecture Multicast packet forwarding mechanism Multicast policies are used for filtering the routing information used in the RPF check. Multicast policy overview Configuring a multicast policy The Internet Group Management Protocol (IGMP) is the protocol responsible for IP multicast group member management in the TCP/IP protocol stack. Perform the following tasks to configure IGMP: Configuring basic functions of IGMP Adjusting IGMP performance 21

24 MSDP PIM IPv6 multicast routing and forwarding IPv6 PIM Return to Feature List MSDP MSDP Commands PIM PIM Commands IPv6 Multicast Routing and Forwarding IPv6 Multicast Routing and Forwarding Commands IPv6 PIM IPv6 PIM Commands The Multicast source discovery protocol (MSDP) is an inter-domain multicast solution developed to address the interconnection of protocol independent multicast sparse mode (PIM-SM) domains. Perform the following tasks to configure MSDP: Configuring basic functions of MSDP Configuring MSDP peer parameters Configure SA messages related parameters Protocol Independent Multicast (PIM) provides IP multicast routing by leveraging static routes or unicast routing tables generated by any unicast routing protocol. Perform the following tasks to configure PIM: Configuring PIM-DM Configuring PIM-SM Configuring PIM-SSM Configuring PIM common features IPv6 Multicast routing and forwarding overview Enabling IPv6 multicast routing Configuring IPv6 multicast routing and forwarding Protocol Independent Multicast for IPv6 (IPv6 PIM) provides IPv6 multicast forwarding by leveraging static routes or IPv6 unicast routing tables generated by any IPv6 unicast routing protocol, such as RIPng, OSPFv3, IS-ISv6, or BGP4+. The primary tasks include: Configuring IPv6 PIM-DM Configuring IPv6 PIM-SM Configuring IPv6 PIM-SSM Configuring IPv6 PIM common features 22

Table of Contents. 1 Introduction 1-1 Related Manuals 1-1 Volume Introduction 1-1

Table of Contents. 1 Introduction 1-1 Related Manuals 1-1 Volume Introduction 1-1 Table of Contents 1 Introduction 1-1 Related Manuals 1-1 Volume Introduction 1-1 2 Description 2-1 Overview 2-1 Index 2-1 Description 2-2 Access Volume 2-3 IP Services Volume 2-4 IP Routing Volume 2-6

More information

About the H3C S5130-HI configuration guides

About the H3C S5130-HI configuration guides About the H3C S5130-HI configuration guides The H3C S5130-HI configuration guides describe the software features for the H3C S5130-HI Switch Series, and guide you through the software configuration procedures.

More information

About the HP A7500 Configuration Guides

About the HP A7500 Configuration Guides About the HP A7500 s The HP A7500 configuration guides are part of the HP A7500 documentation set. They describe the software features for the HP A7500 Release 6620 & 6630 Series, and guide you through

More information

Quidway NetEngine 20E/20 Series Router Product Specification

Quidway NetEngine 20E/20 Series Router Product Specification Quidway NetEngine 20E/20 Series Router Product Specification Hardware Specifications NE20E-8 NE20-8 NE20-4 NE20-2 Dimensions(mm) 436.2 480 W x D x H 261 219.5 130.5 130.5 Weight 32.5kg 27.5Kg 17.5Kg 15Kg

More information

About the H3C S5130-EI configuration guides

About the H3C S5130-EI configuration guides About the H3C S5130-EI configuration guides The H3C S5130-EI configuration guides describe the software features for the H3C S5130-EI Switch Series, and guide you through the software configuration procedures.

More information

HPE FlexFabric 5950 Switch Series

HPE FlexFabric 5950 Switch Series HPE FlexFabric 5950 Switch Series About the HPE FlexFabric 5950 Configuration Guides Part number: 5200-0808 Software version: Release 6106 and later Document version: 6W100-20160513 Copyright 2016 Hewlett

More information

HP 6125 Blade Switch Series

HP 6125 Blade Switch Series HP 6125 Blade Switch Series About the HP 6125 Blade s Part number: 5998-3152 Software version: Release 2103 Document version: 6W100-20120907 Legal and notice information Copyright 2012 Hewlett-Packard

More information

About the HP MSR Router Series

About the HP MSR Router Series About the HP MSR Router Series Command (V7) Part number: 5998-7731b Software version: CMW710-R0304 Document version: 6PW104-20150914 Legal and notice information Copyright 2015 Hewlett-Packard Development

More information

HP 6125 Blade Switch Series

HP 6125 Blade Switch Series HP 6125 Blade Switch Series About the HP 6125 Blade Command s Part number: 5998-3163 Software version: Release 2103 Document version: 6W100-20120907 Legal and notice information Copyright 2012 Hewlett-Packard

More information

HPE FlexNetwork MSR Router Series

HPE FlexNetwork MSR Router Series HPE FlexNetwork MSR Router Series About the HPE MSR Router Series Configuration Part number: 5998-8821 Software version: CMW710-R0305 Document version: 6PW106-20160308 Copyright 2016 Hewlett Packard Enterprise

More information

HPE FlexNetwork MSR Router Series

HPE FlexNetwork MSR Router Series HPE FlexNetwork MSR Router Series About the HPE MSR Router Series Command s Part number: 5998-8799 Software version: CMW710-R0305 Document version: 6PW106-20160308 Copyright 2016 Hewlett Packard Enterprise

More information

Cisco 5921 Embedded Services Router

Cisco 5921 Embedded Services Router Data Sheet Cisco 5921 Embedded Services Router The Cisco 5921 Embedded Services Router (ESR) is a Cisco IOS software router application. It is designed to operate on small, low-power, Linux-based platforms

More information

Cisco 5921 Embedded Services Router

Cisco 5921 Embedded Services Router Data Sheet Cisco 5921 Embedded Services Router The Cisco 5921 Embedded Services Router (ESR) is a Cisco IOS software router. It is designed to operate on small, low-power, Linux-based platforms to extend

More information

CCIE Route & Switch Written (CCIERSW) 1.0

CCIE Route & Switch Written (CCIERSW) 1.0 CCIE Route & Switch Written (CCIERSW) 1.0 COURSE OVERVIEW: CCIE Route and Switch Written (CCIERSW) preparation course is a five-day course that prepares the student for the written exam portion of the

More information

DPX8000 Series Deep Service Switching Gateway User Configuration Guide Firewall Service Board Module v1.0

DPX8000 Series Deep Service Switching Gateway User Configuration Guide Firewall Service Board Module v1.0 DPX8000 Series Deep Service Switching Gateway User Configuration Guide Firewall Service Board Module v1.0 i Hangzhou DPtech Technologies Co., Ltd. provides full- range technical support. If you need any

More information

Router 6000 R17 Training Programs. Catalog of Course Descriptions

Router 6000 R17 Training Programs. Catalog of Course Descriptions Router 6000 R7 Training Programs Catalog of Course Descriptions Catalog of Course Descriptions INTRODUCTION... 3 IP NETWORKING... 4 IP OVERVIEW & FUNDAMENTALS... 8 IP ROUTING OVERVIEW & FUNDAMENTALS...0

More information

CCNP (Routing & Switching and T.SHOOT)

CCNP (Routing & Switching and T.SHOOT) CCNP (Routing & Switching and T.SHOOT) Course Content Module -300-101 ROUTE 1.0 Network Principles 1.1 Identify Cisco Express Forwarding concepts 1.1.a FIB 1.1.b Adjacency table 1.2 Explain general network

More information

3G/4G Multiservice Routers

3G/4G Multiservice Routers SYSTROME SR-M2-08 Series 3G/4G Multiservice Routers SYSTROME SR-M2-08 Series Product Overview SYSTROME SR-M2 Series is the next-generation multiservice switching router platform developed by SYSTROME.

More information

Switch shall have 4 SFP 1000 Mb/s ports (2 Port dual-personality ports; 10/100/1000BASE-T or SFP and 2 Fixed 1G SFP port)

Switch shall have 4 SFP 1000 Mb/s ports (2 Port dual-personality ports; 10/100/1000BASE-T or SFP and 2 Fixed 1G SFP port) DELHI METRO RAIL CORPORATION LTD. (A joint venture of Govt. of India & Govt of Delhi) Metro Bhawan, 13, Fire Brigade Lane, Barakhamba Road, NEW DELHI-110001 Tel: 91-011-23417910-12 Extn: 34680 Fax: 91-011-23418413

More information

3Com Switch 4800G Series, Version Release Notes. Customer Support. Documentation

3Com Switch 4800G Series, Version Release Notes. Customer Support. Documentation 3Com Series, Version 5.20-2101 Release Notes This document contains information about the 3Com series, software version 5.20, Release 2101. This information is not available in the release documentation.

More information

DrayTek Vigor Technical Specifications. PPPoE, PPTP, DHCP client, static IP, L2TP*, Ipv6. Redundancy. By WAN interfaces traffic volume

DrayTek Vigor Technical Specifications. PPPoE, PPTP, DHCP client, static IP, L2TP*, Ipv6. Redundancy. By WAN interfaces traffic volume DrayTek Vigor 3900 Technical Specifications WAN Protocol Ethernet PPPoE, PPTP, DHCP client, static IP, L2TP*, Ipv6 Multi WAN Outbound policy based load balance Allow your local network to access Internet

More information

LSW GP8GC: 24 SFP Gigabit ports, 8 10/100/1000 BASE-T Ethernet ports (Combo) and two

LSW GP8GC: 24 SFP Gigabit ports, 8 10/100/1000 BASE-T Ethernet ports (Combo) and two Data Sheet DPtech LSW5600 Series DPtech LSW5600 Series Switches Product Interview The DPtech LSW5602 Series Switches which are designed for access and aggregation deployment. It is a new-generation line

More information

HC-711 Q&As. HCNA-CBSN (Constructing Basic Security Network) - CHS. Pass Huawei HC-711 Exam with 100% Guarantee

HC-711 Q&As. HCNA-CBSN (Constructing Basic Security Network) - CHS. Pass Huawei HC-711 Exam with 100% Guarantee HC-711 Q&As HCNA-CBSN (Constructing Basic Security Network) - CHS Pass Huawei HC-711 Exam with 100% Guarantee Free Download Real Questions & Answers PDF and VCE file from: 100% Passing Guarantee 100% Money

More information

Cisco Certified Network Associate ( )

Cisco Certified Network Associate ( ) Cisco Certified Network Associate (200-125) Exam Description: The Cisco Certified Network Associate (CCNA) Routing and Switching composite exam (200-125) is a 90-minute, 50 60 question assessment that

More information

H3C SR8800-F Core Routers

H3C SR8800-F Core Routers H3C SR8800-F Core Routers DATA SHEET Product overview H3C SR8800-F Core Routers (hereinafter referred to as the SR8800-F routers), developed by Hangzhou H3C Technologies Co., Ltd., provide the following

More information

TestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE. Modified

TestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE. Modified TestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE Modified 2017-07-10 TestOut Routing and Switching Pro Outline- English 6.0.x Videos: 133 (15:42:34) Demonstrations: 78 (7:22:19) Simulations:

More information

DPtech FW1000 Series Firewall Products User Configuration Guide v1.0

DPtech FW1000 Series Firewall Products User Configuration Guide v1.0 DPtech FW1000 Series Firewall Products User Configuration Guide v1.0 i Hangzhou DPtech Technologies Co., Ltd. provides full- range technical support. If you need any help, please contact Hangzhou DPtech

More information

CCIE Routing & Switching

CCIE Routing & Switching CCIE Routing & Switching Cisco Certified Internetwork Expert Routing and Switching (CCIE Routing and Switching) certifies the skills required of expert-level network engineers to plan, operate and troubleshoot

More information

QUOTATION CALL NOTICE

QUOTATION CALL NOTICE THE ODISHA STATE POLICE HOUSING & WELFARE CORPORATION LTD. (A Government of Odisha Undertaking) Letter No. 5764/OPHWC Date : 06 / 05 /2013 QUOTATION CALL NOTICE Quotations are invited from OEM for supply

More information

Fundamentals of Network Security v1.1 Scope and Sequence

Fundamentals of Network Security v1.1 Scope and Sequence Fundamentals of Network Security v1.1 Scope and Sequence Last Updated: September 9, 2003 This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document

More information

Interconnecting Cisco Networking Devices: Accelerated

Interconnecting Cisco Networking Devices: Accelerated Interconnecting Cisco Networking Devices: Accelerated CCNAX v3.0; 5 days, Instructor-led Course Description The Cisco CCNA curriculum includes a third course, Interconnecting Cisco Networking Devices:

More information

DPX8000 Series Deep Service Switching Gateway User Configuration Guide Probe Service Board Module v1.0

DPX8000 Series Deep Service Switching Gateway User Configuration Guide Probe Service Board Module v1.0 DPX8000 Series Deep Service Switching Gateway User Configuration Guide Probe Service Board Module v1.0 i Hangzhou DPtech Technologies Co., Ltd. provides full- range technical support. If you need any help,

More information

Gigabit SSL VPN Security Router

Gigabit SSL VPN Security Router As Internet becomes essential for business, the crucial solution to prevent your Internet connection from failure is to have more than one connection. PLANET is the ideal to help the SMBs increase the

More information

Implementing Cisco IP Routing

Implementing Cisco IP Routing 300-101 Implementing Cisco IP Routing NWExam.com SUCCESS GUIDE TO CISCO CERTIFICATION Exam Summary Syllabus Questions Table of Contents Introduction to 300-101 Exam on Implementing Cisco IP Routing...

More information

Huawei Enterprise S6700 Series 10G Switches

Huawei Enterprise S6700 Series 10G Switches Huawei Enterprise 2 Product Overview The S6700 series switches (S6700 for short) are next-generation 10G case-shaped switches. It can function as an access switch in an Internet data center (IDC) or a

More information

CCNA Routing and Switching (NI )

CCNA Routing and Switching (NI ) CCNA Routing and Switching (NI400+401) 150 Hours ` Outline The Cisco Certified Network Associate (CCNA) Routing and Switching composite exam (200-125) is a 90-minute, 50 60 question assessment that is

More information

CR1010 Multiservice Router Series

CR1010 Multiservice Router Series Overview Cara Systems CR1010 Series is the next-generation Multiservice Router platform developed by Cara Systems. The router platform has high performance by integrating a 64Bit multi-core processor,

More information

Interconnecting Cisco Networking Devices Part 1 (ICND1) Course Overview

Interconnecting Cisco Networking Devices Part 1 (ICND1) Course Overview Interconnecting Cisco Networking Devices Part 1 (ICND1) Course Overview This course will teach students about building a simple network, establishing internet connectivity, managing network device security,

More information

HUAWEI USG6000 Series Next-Generation Firewall Technical White Paper VPN HUAWEI TECHNOLOGIES CO., LTD. Issue 1.1. Date

HUAWEI USG6000 Series Next-Generation Firewall Technical White Paper VPN HUAWEI TECHNOLOGIES CO., LTD. Issue 1.1. Date HUAWEI USG6000 Series Next-Generation Firewall Technical White Paper VPN Issue 1.1 Date 2014-03-14 HUAWEI TECHNOLOGIES CO., LTD. 2014. All rights reserved. No part of this document may be reproduced or

More information

HP MSR Router Series. About the HP MSR series Configuration Guides(V5)

HP MSR Router Series. About the HP MSR series Configuration Guides(V5) HP MSR Router Series About the HP MSR series Configuration Guides(V5) Part number: 5998-8176 Software version: CMW520-R2513 Document version: 6PW106-20150808 Legal and notice information Copyright 2015

More information

Chapter 3 Command List

Chapter 3 Command List Chapter 3 Command List This chapter lists all the commands in the CLI. The commands are listed in two ways: All commands are listed together in a single alphabetic list. See Complete Command List on page

More information

Quidway AR49 Series Routers Product Specification

Quidway AR49 Series Routers Product Specification Quidway AR49 Series Routers Product Specification Hardware Specification Item AR49-45 Number of Fixed Ethernet ports SIC/DSIC slot 2 GE Combo 4 SIC slots/ 2DSIC slots/ 2SIC+1DSIC slots FIC slot 4 ESM slot

More information

CCNA. Murlisona App. Hiralal Lane, Ravivar Karanja, Near Pethe High-School, ,

CCNA. Murlisona App. Hiralal Lane, Ravivar Karanja, Near Pethe High-School, , CCNA Cisco Certified Network Associate (200-125) Exam DescrIPtion: The Cisco Certified Network Associate (CCNA) Routing and Switching composite exam (200-125) is a 90-minute, 50 60 question assessment

More information

Systrome Next Gen Firewalls

Systrome Next Gen Firewalls N E T K S Systrome Next Gen Firewalls Systrome s Next Generation Firewalls provides comprehensive security protection from layer 2 to layer 7 for the mobile Internet era. The new next generation security

More information

Junos Security. Chapter 3: Zones Juniper Networks, Inc. All rights reserved. Worldwide Education Services

Junos Security. Chapter 3: Zones Juniper Networks, Inc. All rights reserved.   Worldwide Education Services Junos Security Chapter 3: Zones 2012 Juniper Networks, Inc. All rights reserved. www.juniper.net Worldwide Education Services Chapter Objectives After successfully completing this chapter, you will be

More information

Operation Manual Security. Table of Contents

Operation Manual Security. Table of Contents Table of Contents Table of Contents Chapter 1 Network Security Overview... 1-1 1.1 Introduction to the Network Security Features Provided by CMW... 1-1 1.2 Hierarchical Line Protection... 1-2 1.3 RADIUS-Based

More information

CCNA Exploration Network Fundamentals

CCNA Exploration Network Fundamentals CCNA Exploration 4.0 1. Network Fundamentals The goal of this course is to introduce you to fundamental networking concepts and technologies. These online course materials will assist you in developing

More information

Hands-On TCP/IP Networking

Hands-On TCP/IP Networking Hands-On Course Description In this Hands-On TCP/IP course, the student will work on a live TCP/IP network, reinforcing the discussed subject material. TCP/IP is the communications protocol suite on which

More information

CCNA. Course Catalog

CCNA. Course Catalog CCNA Course Catalog 2012-2013 This course is intended for the following audience: Network Administrator Network Engineer Systems Engineer CCNA Exam Candidates Cisco Certified Network Associate (CCNA 640-802)

More information

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch LGB1110A LGB1126A-R2 Product Data Sheet Gigabit Managed Ethernet Switch Features Overview LGB1110A The Gigabit Managed Ethernet Switches offer L2 features plus advanced L3 features such as Static Route

More information

Appendix A Command Index A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Appendix A Command Index A B C D E F G H I J K L M N O P Q R S T U V W X Y Z The command index includes all the commands in the Comware Command Manual, which are arranged alphabetically. A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A access-limit accounting accounting optional

More information

HP Unified Wired-WLAN Products

HP Unified Wired-WLAN Products HP Unified Wired-WLAN Products Security Configuration Guide HP 830 Unified Wired-WLAN PoE+ Switch Series HP 850 Unified Wired-WLAN Appliance HP 870 Unified Wired-WLAN Appliance HP 11900/10500/7500 20G

More information

PSGS-2610F L2+ Managed GbE PoE Switch

PSGS-2610F L2+ Managed GbE PoE Switch PSGS-2610F L2+ Managed GbE PoE Switch Overview PSGS-2610F L2+ Managed PoE+ Switch is a next-generation Ethernet Switch offering full suite of L2 features, better PoE functionality and usability, including

More information

Syllabus. Cisco Certified Design Professional. Implementing Cisco IP Routing

Syllabus. Cisco Certified Design Professional. Implementing Cisco IP Routing Syllabus Cisco Certified Design Professional Implementing Cisco IP Routing 1.0 Network Principles 1.1 Identify Cisco Express Forwarding concepts 1.1.a FIB 1.1.b Adjacency table 1.2 Explain general network

More information

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12 TCP/IP Networking Training Details Training Time : 9 Hours Capacity : 12 Prerequisites : There are no prerequisites for this course. About Training About Training TCP/IP is the globally accepted group

More information

GS-2610G L2+ Managed GbE Switch

GS-2610G L2+ Managed GbE Switch GS-2610G L2+ Managed GbE Switch Overview GS-2610G L2+ Managed Switch is a next-generation Ethernet Switch offering full suite of L2 features, including advanced L3 features such as Static Route that delivers

More information

Huawei AR1000V Brochure

Huawei AR1000V Brochure Huawei AR1000V Brochure AR1000V Brochure AR1000V Brochure Huawei AR1000V is a virtual router based on Network Functions Virtualization (NFV). As a software product, the AR1000V uses the x86 server hardware

More information

Ruijie RG-RSR20-X Multi-Service Router Series Datasheet

Ruijie RG-RSR20-X Multi-Service Router Series Datasheet Ruijie RG-RSR20-X Multi-Service Router Series Datasheet Ruijie Networks Co., Ltd. All Rights Reserved Contents 1 Product Pictures... 2 2 Product Overview... 3 3 Product Features... 4 3.1 Multi-Service

More information

TEXTBOOK MAPPING CISCO COMPANION GUIDES

TEXTBOOK MAPPING CISCO COMPANION GUIDES TestOut Routing and Switching Pro - English 6.0.x TEXTBOOK MAPPING CISCO COMPANION GUIDES Modified 2018-08-20 Objective Mapping: Cisco 100-105 ICND1 Objective to LabSim Section # Exam Objective TestOut

More information

24-Port: 20 x (100/1000M) SFP + 4 x Combo (10/100/1000T or 100/1000M SFP)

24-Port: 20 x (100/1000M) SFP + 4 x Combo (10/100/1000T or 100/1000M SFP) BGS-20DSFP4C Managed Fiber Switch 24-Port: 20 x (100/1000M) SFP + 4 x Combo (10/100/1000T or 100/1000M SFP) Key Features L2+ features provide better manageability, security, QOS, and performance IEEE 802.3az

More information

H Q&As. HCNA-HNTD (Huawei Network Technology and Device) Pass Huawei H Exam with 100% Guarantee

H Q&As. HCNA-HNTD (Huawei Network Technology and Device) Pass Huawei H Exam with 100% Guarantee H12-211 Q&As HCNA-HNTD (Huawei Network Technology and Device) Pass Huawei H12-211 Exam with 100% Guarantee Free Download Real Questions & Answers PDF and VCE file from: 100% Passing Guarantee 100% Money

More information

CCNA Routing & Switching

CCNA Routing & Switching CCNA Routing & Switching 1.0 LAN Switching Technologies 1. VLANs,Trunk, DTP 2. VLANs, Trunks and DTP Configuration 3. Voice Vlan Configuration 4. VTP 5. VTP - Configuration 6. Spanning-tree 7. STP - PVST+

More information

Cisco Cookbook. Kevin Dooley and IanJ. Brown. O'REILLY 4 Beijing Cambridge Farnham Koln Paris Sebastopol Taipei Tokyo

Cisco Cookbook. Kevin Dooley and IanJ. Brown. O'REILLY 4 Beijing Cambridge Farnham Koln Paris Sebastopol Taipei Tokyo Cisco Cookbook Kevin Dooley and IanJ. Brown O'REILLY 4 Beijing Cambridge Farnham Koln Paris Sebastopol Taipei Tokyo Table of Contents Preface xv 1. Router Configuration and File Management 1 1.1 Configuring

More information

Cisco CCNA (ICND1, ICND2) Bootcamp

Cisco CCNA (ICND1, ICND2) Bootcamp Cisco CCNA (ICND1, ICND2) Bootcamp Course Duration: 5 Days Course Overview This five-day course covers the essential topics of ICND1 and ICND2 in an intensive Bootcamp format. It teaches students the skills

More information

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch LGB1110A LGB1152A Product Data Sheet Gigabit Managed Ethernet Switch LGB1110A OVERVIEW The Gigabit Managed Ethernet Switches offer L2 features plus advanced L3 features such as Static Route for Enterprise

More information

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch LGB1110A LGB1126A-R2 LGB1152A Product Data Sheet Gigabit Managed Ethernet Switch FEATURES L2+ features make the switch easy to manage, provide robust security, and QoS. Offers a built-in device management

More information

Configuring VRF-lite CHAPTER

Configuring VRF-lite CHAPTER CHAPTER 36 Virtual Private Networks (VPNs) provide a secure way for customers to share bandwidth over an ISP backbone network. A VPN is a collection of sites sharing a common routing table. A customer

More information

Product features. Applications

Product features. Applications Applications Layer 2+ VLAN static routing application The managed switch features a built-in, robust IPv4/IPv6 Layer 3 traffic static routing protocol to ensure reliable routing between VLANs and network

More information

HP Load Balancing Module

HP Load Balancing Module HP Load Balancing Module Security Configuration Guide Part number: 5998-2686 Document version: 6PW101-20120217 Legal and notice information Copyright 2012 Hewlett-Packard Development Company, L.P. No part

More information

Exam Topics Cross Reference

Exam Topics Cross Reference Appendix R Exam Topics Cross Reference This appendix lists the exam topics associated with the ICND1 100-105 exam and the CCNA 200-125 exam. Cisco lists the exam topics on its website. Even though changes

More information

IP Routing Volume Organization

IP Routing Volume Organization IP Routing Volume Organization Manual Version 20091105-C-1.03 Product Version Release 6300 series Organization The IP Routing Volume is organized as follows: Features IP Routing Overview Static Routing

More information

FGS-2616X L2+ Managed GbE Fiber Switches

FGS-2616X L2+ Managed GbE Fiber Switches FGS-2616X L2+ Managed GbE Fiber Switches FGS-2616XD FGS-2616XA FGS-2616X Overview FGS-2616X series L2+ Managed Switch are next-generation Fiber Switch offering full suite of L2 features and additional

More information

Quidway AR 18 Series Router Datasheet

Quidway AR 18 Series Router Datasheet Quidway AR 18 Series Router Datasheet Table of Contents 1 Preface... 1-2 2 Quidway AR 18-1x Series Router... 2-2 2.1 Introduction... 2-2 2.2 Key Benefits... 2-4 2.2.1 Diverse and Flexible s... 2-4 2.2.2

More information

Cisco Router Configuration Handbook

Cisco Router Configuration Handbook Cisco Router Configuration Handbook Second Edition Dave Hucaby, CCIE No. 4594 Steve McQuerry, CCIE No. 6108 Andrew Whitaker Cisco Press 800 East 96th Street Indianapolis, IN 46240 IX Contents Introduction

More information

H3C S9500 Series Routing Switches

H3C S9500 Series Routing Switches Command Manual Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Manual Version: T2-08194S-20081225-C-1.24 Product Version: S9500-CMW310-R1648 Copyright 2007-2008, Hangzhou H3C Technologies Co., Ltd.

More information

Request for Proposal (RFP) for Supply and Implementation of Firewall for Internet Access (RFP Ref )

Request for Proposal (RFP) for Supply and Implementation of Firewall for Internet Access (RFP Ref ) Appendix 1 1st Tier Firewall The Solution shall be rack-mountable into standard 19-inch (482.6-mm) EIA rack. The firewall shall minimally support the following technologies and features: (a) Stateful inspection;

More information

Quidway S5300 Series Gigabit Switches

Quidway S5300 Series Gigabit Switches Quidway S5300 Series Gigabit Switches 1 Quidway S5300 Series Gigabit Switches Quidway S5300 Series Gigabit Switches Product Overview Quidway S5300 series gigabit switches (hereinafter referred to as the

More information

DPX8000 Series Deep Service Switching Gateway User Configuration Guide BRAS Service Board Module v1.0

DPX8000 Series Deep Service Switching Gateway User Configuration Guide BRAS Service Board Module v1.0 DPX8000 Series Deep Service Switching Gateway User Configuration Guide BRAS Service Board Module v1.0 i Hangzhou DPtech Technologies Co., Ltd. provides full- range technical support. If you need any help,

More information

Data Sheet. DPtech FW1000 Series Firewall. Overview

Data Sheet. DPtech FW1000 Series Firewall. Overview Data Sheet DPtech FW1000 Series DPtech FW1000 Series Firewall Overview Firewall 1000 series provides security prevention solutions for 100Mbps, 1Gbps, and 10Gbps network environments. It adopts professional

More information

Huawei S6700 Series Switches Product Brochure

Huawei S6700 Series Switches Product Brochure Huawei S6700 Series Switches Product Brochure Huawei S6700 Series Switches Product Brochure Product Overview The S6700 series switches (S6700s) are next-generation 10G box switches. The S6700 can function

More information

HP VPN Firewall Appliances

HP VPN Firewall Appliances HP VPN Firewall Appliances High Availability Configuration Guide Part number: 5998-4169 Software version: F1000-A-EI/F1000-S-EI (Feature 3726) F1000-E (Release 3177) F5000 (Feature 3211) F5000-S/F5000-C

More information

Implementing Cisco IP Routing (ROUTE)

Implementing Cisco IP Routing (ROUTE) Implementing Cisco IP Routing (ROUTE) Foundation Learning Guide Foundation learning for the ROUTE 642-902 Exam Diane Teare Cisco Press 800 East 96th Street Indianapolis, IN 46240 Implementing Cisco IP

More information

LSW6600 are the industry's highest performance 1U stackable data center switch, featuring with 1.28Tbps

LSW6600 are the industry's highest performance 1U stackable data center switch, featuring with 1.28Tbps Data Sheet DPtech LSW6600 Series DPtech LSW6600 Series Switch Overview DPtech LSW6600 series are next generation high-density Gigabit Ethernet switch products released by DPtech for data centers. LSW6600

More information

HP Unified Wired-WLAN Products

HP Unified Wired-WLAN Products HP Unified Wired-WLAN Products Security Command Reference HP 830 Unified Wired-WLAN PoE+ Switch Series HP 850 Unified Wired-WLAN Appliance HP 870 Unified Wired-WLAN Appliance HP 11900/10500/7500 20G Unified

More information

1 Training Description H3C Certification Training Building Networks for Small- and Medium-Sized Businesses (v6.0)...

1 Training Description H3C Certification Training Building Networks for Small- and Medium-Sized Businesses (v6.0)... Training Description 1 Training Description... 2 1.1 H3C Certification Training... 2 1.1.1 Building Networks for Small- and Medium-Sized Businesses (v6.0)... 2 2... 4 HL-101 Computer Network Fundamentals...

More information

H3C SecPath Series Security Products

H3C SecPath Series Security Products Web-Based Configuration Manual Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Manual Version: T2-08018U-20070625-C-2.01 Copyright 2007, Hangzhou H3C Technologies Co., Ltd. and its licensors All

More information

ScreenOS Cookbook. Stefan Brunner, Vik Davar, David Delcourt, Ken Draper, Joe Kelly, and Sunil Wadhwa

ScreenOS Cookbook. Stefan Brunner, Vik Davar, David Delcourt, Ken Draper, Joe Kelly, and Sunil Wadhwa ScreenOS Cookbook Stefan Brunner, Vik Davar, David Delcourt, Ken Draper, Joe Kelly, and Sunil Wadhwa O'REILLY 8 Beijing Cambridge Farnham Kbln Paris Sebastopol Taipei Tokyo Credits Preface xiii xv 1. ScreenOS

More information

Appendix A Command Index

Appendix A Command Index Appendix A Command Index The command index includes all the commands in the Command Manual, which are arranged alphabetically. A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A aaa nas-id profile 21-AAA

More information

Supported Standards. Class of Service Tagging for Ethernet frames. Multiple Spanning Tree Protocol. Rapid Spanning Tree Protocol

Supported Standards. Class of Service Tagging for Ethernet frames. Multiple Spanning Tree Protocol. Rapid Spanning Tree Protocol , page 1 This table lists the IEEE compliance standards. Table 1: IEEE Compliance s 802.1D MAC Bridges 802.1p Class of Service Tagging for Ethernet frames 802.1Q VLAN Tagging 802.1s Multiple Spanning Tree

More information

Appendix C Software Specifications

Appendix C Software Specifications Appendix C Software Specifications This appendix lists the following information: IEEE compliance RFC support ISO/IEC specification support Internet draft support NOTE: For a list of features supported

More information

GS-1626G Web Smart+ GbE Switch

GS-1626G Web Smart+ GbE Switch GS-1626G Web Smart+ GbE Switch Overview GS-1626G Web Smart+ Managed Switch is a next-generation Ethernet Switch offering powerful L2 features and Layer 3 Static Route that delivers the cost-effectively

More information

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin, Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin, ydlin@cs.nctu.edu.tw Chapter 1: Introduction 1. How does Internet scale to billions of hosts? (Describe what structure

More information

Advanced Network Administration. 1. Course Description Enabling Communication across Networks Secured Communication using Network Devices

Advanced Network Administration. 1. Course Description Enabling Communication across Networks Secured Communication using Network Devices Advanced Network Administration 1. Course Description Enabling Communication across Networks Secured Communication using Network Devices 2. Duration 5 Days 3. Purpose This five day course for L-2 Network

More information

"Charting the Course... Interconnecting Cisco Networking Devices Accelerated 3.0 (CCNAX) Course Summary

Charting the Course... Interconnecting Cisco Networking Devices Accelerated 3.0 (CCNAX) Course Summary Description Course Summary The Cisco CCNA curriculum includes a third course, Interconnecting Cisco Networking Devices: Accelerated (CCNAX), consisting of Interconnecting Cisco Networking Devices, Part

More information

Lab 1-2Connecting to a Cisco Router or Switch via Console. Lab 1-6Basic Graphic Network Simulator v3 Configuration

Lab 1-2Connecting to a Cisco Router or Switch via Console. Lab 1-6Basic Graphic Network Simulator v3 Configuration MODULE1 GETTING STARTED WITH YOUR CISCO LAB Lab 1-1Identifying Router Components and Accessories Lab 1-2Connecting to a Cisco Router or Switch via Console Lab 1-3Identifying Router & Switch IOS Software

More information

Guide to Vyatta Documentation

Guide to Vyatta Documentation VYATTA, INC. System Guide to Documentation Suite 200 1301 Shoreway Road Belmont, CA 94002 vyatta.com 650 413 7200 1 888 VYATTA 1 (US and Canada) COPYRIGHT Copyright 2005 2011, Inc. All rights reserved.

More information

CCIE(Routing & Switching) Course Catalog

CCIE(Routing & Switching) Course Catalog CCIE(Routing & Switching) Course Catalog 2012-2013 Cisco Certified Internetworking Expert (CCIE) R&S Written CCIE R&S Written Boot Camp offered by CSLiT Training is an intensive and accelerated program

More information

COPYRIGHTED MATERIAL. Table of Contents. Assessment Test

COPYRIGHTED MATERIAL. Table of Contents. Assessment Test 10089.book Page xi Monday, July 23, 2007 3:17 PM Introduction Assessment Test xxiii xxxiii Chapter 1 Internetworking 1 Internetworking Basics 4 Internetworking Models 11 The Layered Approach 12 Advantages

More information

High School Graduation Years 2016, 2017 and 2018

High School Graduation Years 2016, 2017 and 2018 Secondary Task List 100 PERSONAL AND ENVIRONMENTAL SAFETY 101 List common causes of accidents and injuries in a computer facility. 102 Wear personal protective equipment. 103 List and identify safety hazard

More information

Appendix A Command Index A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Appendix A Command Index A B C D E F G H I J K L M N O P Q R S T U V W X Y Z The command index includes all the commands in the VRP Command Manual, which are arranged alphabetically. A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A access-limit 1-1 accounting QoS 2-1 accounting

More information