HP E4800G Switch
The HP E4800G Switch Series is a Gigabit switch family that delivers outstanding security, reliability, and multi-service support capabilities for robust switching at the edge or aggregation layer of large enterprise and campus networks, or in the core layer of medium- and small-sized enterprise networks. The family consists of Layer 2/3/4 Gigabit Ethernet switches that can accommodate the most demanding applications, providing resilient and secure connectivity and the latest traffic-prioritization technologies to optimize applications on converged networks. Designed for maximum flexibility, these switches are available with 24 or 48 Gigabit ports. Power over Ethernet (PoE) and non-PoE models are offered with optional 10 Gigabit expansion capability and small form-factor pluggable (SFP) mini-GBIC Gigabit combo ports for fiber flexibility. The all-SFP model with dual power supplies, for highest availability applications, allows for very flexible fiber with copper Gigabit connectivity.
- High expandability for investment protection;
- Premium security;
- Multi-layer reliability;
- Convergence-ready support;
- Powerful, integrated management capabilities.
Quality of Service (QoS)
Layer 4 prioritization: enables prioritization based on TCP/UDP port numbers.
Traffic prioritization (IEEE 802.1p): allows real-time traffic classification into eight priority levels mapped to eight queues.
Class of Service (CoS): sets the IEEE 802.1p priority tag based on IP address, IP Type of Service (ToS), Layer 3 protocol, TCP/UDP port number, source port, and DiffServ.
Rate limiting: sets per-port ingress enforced maximums and per-port, per-queue guaranteed minimums.
- Rate limiting: provides per-port, ingress-based enforced bandwidth maximums;
- Guaranteed minimums: provides per-port, per-queue egress-based guaranteed bandwidth minimums.
Broadcast control: allows limitation of broadcast traffic rate to cut down on unwanted broadcast traffic on the network.
- IEEE 802.1AB Link Layer Discovery Protocol (LLDP): automated device discovery protocol provides easy mapping by network management applications;
- Remote configuration and management: is available through a secure Web browser or a command-line interface (CLI);
- Manager and operator privilege levels: enable read-only (operator) and read-write (manager) access on CLI and Web browser management interfaces;
- Management VLAN: segments traffic to and from management interfaces, including CLI/telnet, a Web browser interface, and SNMP;
- Uni-Directional Link Detection (UDLD): monitors cable between two switches and shuts down the ports on both ends if the cable is broken turning the bi-directional link into uni-directional; this prevents network problems such as loops (may not apply to all models; see specifications for more details);
- Multiple configuration files: can be stored to the flash image;
- Dual flash images: provide independent primary and secondary operating system files for backup while upgrading;
- Secure Web GUI: provides a secure, easy-to-use graphical interface for configuring the module via HTTPS;
- Command-line interface (CLI): provides a secure, easy-to-use command-line interface for configuring the module via SSH or a switch console; provides direct real-time session visibility;
- SNMPv1, v2c, and v3: facilitate centralized discovery, monitoring, and secure management of networking devices;
- Port mirroring: enables traffic on a port to be simultaneously sent to a network analyzer for monitoring;
- sFlow (RFC 3176): provides scalable, ASIC-based wire-speed network monitoring and accounting with no impact on network performance; this allows network operators to gather a variety of sophisticated network statistics and information for capacity planning and real-time network monitoring purposes;
- Enterprise network management: is supported by the Web-based, enterprise-class HP Intelligent Management Center (IMC) network management platform and Wireless Service Management (WSM), which effectively integrate traditionally disparate management tools into one easy-to-use interface;
- RADIUS accounting: logs all session details that can be used to generate usage reports or interface to a billing system;
- DHCP options: DHCP client and snooping.
Auto-MDIX: automatically adjusts for straight-through or crossover cables on all 10/100 and 10/100/1000 ports.
Dual-personality functionality: includes four 10/100/1000 ports or SFP slots for optional fiber connectivity such as Gigabit-SX, -LX, -LH, or 100-FX.
IEEE 802.3af Power over Ethernet (PoE): provides up to 15.4 W per port to IEEE 802.3af-compliant PoE-powered devices such as IP phones, wireless access points, and security cameras.
Optional 10 Gigabit Ethernet ports: allow the addition of 10 Gigabit Ethernet connections for uplinks or high-bandwidth server connections; flexibly supports XFP, SFP+, or CX4 local connections.
High-bandwidth CX4 local stacking: when locally stacked using CX4 local stacking, achieves 12 Gbps per connection, allowing for up to 96 Gbps total stacking bandwidth (full duplex) in a resilient stacking configuration.
IPv6 native support:
- IPv6 host: enables switches to be managed and deployed at the IPv6 network's edge;
- Dual stack (IPv4 and IPv6): transitions from IPv4 to IPv6, supporting connectivity for both protocols;
- Multicast Listener Discovery (MLD) snooping: forwards IPv6 multicast traffic to the appropriate interface;
- IPv6 ACL/QoS: supports ACL and QoS for IPv6 network traffic, preventing traffic flooding;
- IPv6 routing: supports IPv6 static routes and IPv6 versions of RIP and OSPF routing protocols.
High-density port connectivity: provides up to 48 fixed 10/100/1000Base-T or 24 SFP 1000Base-X ports in a Layer 2/Layer 3/Layer 4 stackable switch supporting unique IRF stacking.
Resiliency and high availability
- IEEE 802.1D Spanning Tree Protocol (STP): provides redundant links while preventing network loops;
- IEEE 802.1s Multiple Spanning Tree: provides high link availability in multiple VLAN environments by allowing multiple spanning trees;
- Virtual Router Redundancy Protocol (VRRP): allows groups of two routers to dynamically back each other up to create highly available routed environments;
- Device Link Detection Protocol (DLDP): monitors link connectivity and shuts down ports at both ends if unidirectional traffic is detected, preventing loops in STP-based networks;
- Intelligent Resilient Framework (IRF): creates virtual resilient switching fabrics, where two or more switches perform as a single Layer 2 switch, Layer 3 router; switches do not have to be co-located and can be part of a disaster recovery system; servers or switches can be attached using standard LACP for automatic load-balancing and high availability; simplifies network operation by eliminating the complexity of Spanning Tree, Equal-Cost Multipath (ECMP), or VRRP;
- Rapid Ring Protection Protocol (RRPP): connects multiple switches in a high-performance ring using standard Ethernet technology; traffic can be rerouted around the ring in less than 50 ms, reducing the impact on traffic and applications.
• Advanced IRF technology stacking:
- Locally connect up to nine E4800G switches using 10 Gigabit or CX4 local connections;
- Improve resiliency by spreading aggregated links across multiple stacked units;
- See faster performance through a distributed routing architecture where locally bound traffic is handled at each unit;
- Simplify management with single IP management and a unified control interface per stack.
RMON (remote monitoring): provides advanced monitoring and reporting capabilities for statistics, history, alarms, and events.
Dual flash images: provides independent primary and secondary operating system files for backup while upgrading.
Full-featured console: provides complete control of the switch with a familiar command-line interface (CLI).
Web interface: allows configuration of the switch from any Web browser on the network.
Multiple configuration files: allow multiple configuration files to be stored to flash image.
Software updates: free downloads from the Web.
sFlow (RFC 3176): wire-speed traffic accounting and monitoring.
IEEE 802.1AB Link Layer Discovery Protocol (LLDP): automated device discovery protocol provides easy mapping using network management applications.
Virtual stacking capability: single IP address management for a virtual stack of up to 255 Comware-based 3Com legacy devices, including HP E4XXX and E55XX series switches.
- Ingress and egress port monitoring enable network problem solving;
- Tracert and Ping enable testing of network connectivity;
- Virtual Cable Tests provide visibility to cable problems.
Layer 2 switching
- VLAN support and tagging: support IEEE 802.1Q, with 4094 simultaneous VLAN IDs;
- GARP VLAN Registration Protocol (GVRP): allows automatic learning and dynamic assignment of VLANs;
- IP multicast snooping and data-driven IGMP: automatically prevents flooding of IP multicast traffic;
- Jumbo packet support: supports up to 9220-byte frame size to improve performance of large data transfers;
- IEEE 802.1ad QinQ: increases the scalability of an Ethernet network by providing a hierarchical structure; connects multiple LANs on a high-speed campus or metro network.
Layer 3 services
- Address Resolution Protocol (ARP): determines the MAC address of another IP host in the same subnet; supports static ARPs; gratuitous ARP allows detection of duplicate IP addresses; proxy ARP allows normal ARP operation between subnets or when subnets are separated by a Layer 2 network;
- User Datagram Protocol (UDP) helper: redirects UDP broadcasts to specific IP subnets to prevent server spoofing;
- Dynamic Host Configuration Protocol (DHCP): simplifies the management of large IP networks and supports client and server; DHCP Relay enables DHCP operation across subnets.
Layer 3 routing
- Layer 3 IP routing: provides routing of IP at media speed; supports static routes, RIP, RIPv2, and OSPF;
- OSPF-ECMP (Equal-Cost Multipath): enables multiple equal-cost links in OSPF environment to increase link redundancy and scale bandwidth;
- OSPF: provides OSPFv2 for IPv4 and OSPFv3 for IPv6 routing;
- Multicast Routing PIM Dense and Sparse modes: provides robust support of multicast protocols;
- Border Gateway Protocol 4 (BGP-4): Exterior Gateway Protocol (EGP) with path vector protocol uses TCP for enhanced reliability for the route discovery process, reduces bandwidth consumption by advertising only incremental updates, and supports extensive policies for increased flexibility, as well as scales to very large networks.
- Access control lists (ACLs): provide IP Layer 3 filtering based on source/destination IP address/subnet and source/destination TCP/UDP port number;
- RADIUS/TACACS+: eases switch management security administration by using a password authentication server;
- Secure Shell (SSHv2): encrypts all transmitted data for secure, remote command-line interface (CLI) access over IP networks;
- IEEE 802.1X and RADIUS network logins: control port-based access for authentication and accountability;
- Port security: allows access only to specified MAC addresses, which can be learned or specified by the administrator;
- MAC address lockout: prevents particular configured MAC addresses from connecting to the network;
- Secure File Transfer Protocol (FTP): allows secure file transfer to and from the switch; protects against unwanted file downloads or unauthorized copying of switch configuration file;
- Switch management logon security: can require either RADIUS or TACACS+ authentication for secure switch CLI logon;
- Secure management access: securely encrypts all access methods (CLI, GUI, or MIB) through SSHv2, SSL, and/or SNMPv3;
- Custom banner: displays security policy when users log in to the switch;
- Automatic VLAN assignment: automatically assigns users to the appropriate VLAN based on their identity and location and the time of day;
- Management password: provides security so that only authorized access to the Web browser interface is allowed;
- IP lockdown: restricts incoming traffic on a port to a specific IP address/subnet, and denies all other traffic on that port;
- STP BPDU port protection: blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged BPDU attacks;
- Dynamic IP lockdown: works with DHCP protection to block traffic from unauthorized hosts, preventing IP source address spoofing;
- DHCP protection: blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks;
- Dynamic ARP protection: blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or theft of network data;
- STP Root Guard: protects root bridge from malicious attack or configuration mistakes.
- LLDP-MED (Media Endpoint Discovery): is a standard extension of LLDP that stores values for parameters such as QoS and VLAN to automatically configure network devices such as IP phones;
- IP multicast routing (PIM Dense): routes IP multicast traffic using the PIM Dense routing protocol;
- Automated voice VLAN assignment: recognizes IP phones and automatically assigns voice traffic to a dedicated VLAN for IP phones.
Monitor and diagnostics
- Port mirroring: enables traffic on a port to be simultaneously sent to a network analyzer for monitoring;
- Software updates: free downloads from the Web.