Table of Contents
Advertisement
CX320 Switch Module
User Guide
Function
Security and
management
2.2 Appearance
This section describes the appearances and panels of the CX320, MX517, and MX527, as
well as the installation positions of the CX320 in the chassis.
Issue 09 (2019-08-02)
Description
System
l Command line-based hierarchical protection to
Security
l Secure Shell (SSH)
l RADIUS (IPv4) and RADIUS (IPv6) user login
l HWTACACS (IPv4) and HWTACACS (IPv6) user
l Access control list (ACL) filtering
l Dynamic ARP inspection (DAI)
l DHCP packet filtering (with the Option 82 field)
l Prevention of control packet attacks
l Attack defense
l Logs about attacking MAC addresses
l URPF
l 802.1x authentication
Network
l ICMP-based Ping and Tracert
management
l Simple Network Management Protocol Version
l Standard Management Information Base (MIB)
l Remote Network Monitoring (RMON)
l NETCONF interfaces
l Network Quality Analysis (NQA)
Copyright © Huawei Technologies Co., Ltd.
prevent unauthorized access to switching modules
authentication
login authentication
– Defense against flood attacks without IP
payloads, attacks from IGMP null payload
packets, LAND attacks, Smurf attacks, and
attacks from packets with invalid TCP flag bits
– Defense against attacks from many fragments,
attacks from many packets with offsets, attacks
from repeated packet fragments, Tear Drop
attacks, Syndrop attacks, NewTear attacks, Bonk
attacks, Nesta attacks, Rose attacks, Fawx
attacks, Ping of Death attacks, and Jolt attacks
– Defense against TCP SYN flood attacks, UDP
flood attacks (including Fraggle attacks and UDP
diagnosis port attacks), and ICMP flood attacks
1/2c/3 (SNMPv1/v2c/v3)
2 Product Overview
13
Hide quick links:
Advertisement
Table of Contents
