FS728TP User Manual
Page 8
FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual Chapter 5 Configuring QoS Configuring the Basic and Advanced QoS Settings 5-1 CoS ...5-1 Basic ...5-2 Advanced ...5-7 Chapter 6 Managing Security Setting Security Configuration Options 6-1 Management Security ...6-1 User Configuration 6-1 RADIUS ...6-2 TACACS+ ...6-4 Authentication List ...6-6 Port Authentication ...6-7 Basic ...6-8 Advanced ...6-9 Traffic Control ...6-13 Storm Control ...6-13 Port Security ...6-15 ACL ...6-17 MAC ACL ...6-18 MAC Rules ...6-19 MAC Binding Configuration 6-21 IP ACL ...6-22 IP Rules ...
FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual Chapter 5 Configuring QoS Configuring the Basic and Advanced QoS Settings 5-1 CoS ...5-1 Basic ...5-2 Advanced ...5-7 Chapter 6 Managing Security Setting Security Configuration Options 6-1 Management Security ...6-1 User Configuration 6-1 RADIUS ...6-2 TACACS+ ...6-4 Authentication List ...6-6 Port Authentication ...6-7 Basic ...6-8 Advanced ...6-9 Traffic Control ...6-13 Storm Control ...6-13 Port Security ...6-15 ACL ...6-17 MAC ACL ...6-18 MAC Rules ...6-19 MAC Binding Configuration 6-21 IP ACL ...6-22 IP Rules ...
FS728TP User Manual
Page 65
...first row. 7. Enter the user name. Authentication - Enter the UDP Port in the provided field in the first row. 3-29 v1.0, December 2007... in the provided fields in the first row. 4. Click System > SNMP > SNMPv3 > Trap Configuration. Informs - The possible field values are sent. • User Name - Authenticates SNMP messages and...Security Level from the list of times the device re-sends an inform request. Select either Traps or Informs in the Notification Type provided field in the first row. 9. To add a new trap: 1. Privacy - FS728TP Smart Switch FS728TP Smart Switch...
...first row. 7. Enter the user name. Authentication - Enter the UDP Port in the provided field in the first row. 3-29 v1.0, December 2007... in the provided fields in the first row. 4. Click System > SNMP > SNMPv3 > Trap Configuration. Informs - The possible field values are sent. • User Name - Authenticates SNMP messages and...Security Level from the list of times the device re-sends an inform request. Select either Traps or Informs in the Notification Type provided field in the first row. 9. To add a new trap: 1. Privacy - FS728TP Smart Switch FS728TP Smart Switch...
FS728TP User Manual
Page 66
...in the provided field in the first row. 8. Enter the UDP Port in the provided field in the first row. 9. The SNMPv3 Trap Configuration screen displays. 2. Enter the user-defined notification filter name. Select ...the trap entry. 3. Each OID is linked to filter notifications. Managing System Settings v1.0, December 2007 3-30 To define the SNMPv3 Trap Filter Name: 1. Click System > SNMP > SNMPv3 > Trap Filter Name. To remove a trap: 1. FS728TP Smart Switch FS728TP Smart Switch...
...in the provided field in the first row. 8. Enter the UDP Port in the provided field in the first row. 9. The SNMPv3 Trap Configuration screen displays. 2. Enter the user-defined notification filter name. Select ...the trap entry. 3. Each OID is linked to filter notifications. Managing System Settings v1.0, December 2007 3-30 To define the SNMPv3 Trap Filter Name: 1. Click System > SNMP > SNMPv3 > Trap Filter Name. To remove a trap: 1. FS728TP Smart Switch FS728TP Smart Switch...
FS728TP User Manual
Page 71
... 2007 Displays the port number. • Port Description - Select the reactivation status for a port disabled through the locked port security option. Enter a user-defined port description. • Status - Select the port's operational status. The port is operational. - The possible field values are : - FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual To configure port parameters: 1. Click Switching > Ports > Port Configuration. Up - Enable reactivation. - The Port Configuration screen displays: Figure 4-1 The Port Configuration screen contains...
... 2007 Displays the port number. • Port Description - Select the reactivation status for a port disabled through the locked port security option. Enter a user-defined port description. • Status - Select the port's operational status. The port is operational. - The possible field values are : - FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual To configure port parameters: 1. Click Switching > Ports > Port Configuration. Up - Enable reactivation. - The Port Configuration screen displays: Figure 4-1 The Port Configuration screen contains...
FS728TP User Manual
Page 122
... describes configuring and managing security settings in the FS728TP Smart Switch. Management Security The Management Security menu contains the following options: • "User Configuration" • "RADIUS" • "TACACS+" • "Authentication List" User Configuration The User Configuration menu contains the following main menu options: • "Management Security" • "Port Authentication" • "Traffic Control" • "ACL" The description that enables you to manage your FS728TP Smart Switch...
... describes configuring and managing security settings in the FS728TP Smart Switch. Management Security The Management Security menu contains the following options: • "User Configuration" • "RADIUS" • "TACACS+" • "Authentication List" User Configuration The User Configuration menu contains the following main menu options: • "Management Security" • "Port Authentication" • "Traffic Control" • "ACL" The description that enables you to manage your FS728TP Smart Switch...
FS728TP User Manual
Page 124
...Security > Management Security > RADIUS. Possible field values are 1-10. Enter the amount of Retries - Enter the default key string used for authenticating and encrypting all RADIUS-communications between the device and the RADIUS server. The default value is 1812. • Number of time (in minutes) that a RADIUS server is 3. • Dead Time - FS728TP Smart Switch FS728TP Smart Switch... Software Administration Manual To configure RADIUS servers: 1. Enter the authentication port. The authenticated port default is Login. The RADIUS...
...Security > Management Security > RADIUS. Possible field values are 1-10. Enter the amount of Retries - Enter the default key string used for authenticating and encrypting all RADIUS-communications between the device and the RADIUS server. The default value is 1812. • Number of time (in minutes) that a RADIUS server is 3. • Dead Time - FS728TP Smart Switch FS728TP Smart Switch... Software Administration Manual To configure RADIUS servers: 1. Enter the authentication port. The authenticated port default is Login. The RADIUS...
FS728TP User Manual
Page 126
Enter the TACACS+ Server IP address. • Key String - Enter the port number via which the TACACS+ session occurs. The possible field values are 1-30. Managing Security 6-5 v1.0, December 2007 Click Security > Management Security > TACACS+. Enter the amount of time (in seconds) the device waits for ...displays: Figure 6-3 The TACACS+ screen contains the following fields: • Host IP Address - FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual If default values are not defined, the system defaults are : - To configure TACACS+ Settings: 1. Enable -
Enter the TACACS+ Server IP address. • Key String - Enter the port number via which the TACACS+ session occurs. The possible field values are 1-30. Managing Security 6-5 v1.0, December 2007 Click Security > Management Security > TACACS+. Enter the amount of time (in seconds) the device waits for ...displays: Figure 6-3 The TACACS+ screen contains the following fields: • Host IP Address - FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual If default values are not defined, the system defaults are : - To configure TACACS+ Settings: 1. Enable -
FS728TP User Manual
Page 127
... the device. The TACACS+ screen displays. 2. Enter the Host IP Address, Key String, Authentication Port and Timeout for Reply in the provided fields in the first row. 5. Enter the Host IP Address, Key String, Authentication...+ server. 6-6 Managing Security v1.0, December 2007 Backup - To remove a TACACS+ server entry: 1. The TACACS+ screen displays. 2. In order to remove the entry. Click Delete to configure RADIUS/TACACS+ authentication, the user name should be configured as it is permitted. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual -
... the device. The TACACS+ screen displays. 2. Enter the Host IP Address, Key String, Authentication Port and Timeout for Reply in the provided fields in the first row. 5. Enter the Host IP Address, Key String, Authentication...+ server. 6-6 Managing Security v1.0, December 2007 Backup - To remove a TACACS+ server entry: 1. The TACACS+ screen displays. 2. In order to remove the entry. Click Delete to configure RADIUS/TACACS+ authentication, the user name should be configured as it is permitted. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual -
FS728TP User Manual
Page 128
...Port Authentication The Port Authentication menu contains the following fields: • 1,2,3 - The Authentication List screen displays: Figure 6-4 The Authentication List screen contains the following options: • "Basic" • "Advanced" Managing Security 6-7 v1.0, December 2007 TACACS+ - For more information, see "RADIUS". - FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual To configure ...lists in the provided fields in which authentication is applied. The possible field values are: - Click Security > Management Security > Authentication List.
...Port Authentication The Port Authentication menu contains the following fields: • 1,2,3 - The Authentication List screen displays: Figure 6-4 The Authentication List screen contains the following options: • "Basic" • "Advanced" Managing Security 6-7 v1.0, December 2007 TACACS+ - For more information, see "RADIUS". - FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual To configure ...lists in the provided fields in which authentication is applied. The possible field values are: - Click Security > Management Security > Authentication List.
FS728TP User Manual
Page 129
....1X configuration: 1. Disable - Click Security > Port Authentication > Basic > 802.1X Configuration. Enable port-based authentication on the device. Port authentication is first attempted through the RADIUS server. 6-8 Managing Security v1.0, December 2007 If the RADIUS server is inaccessible or not defined, then no authentication method (None) is through the RADIUS server. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual Basic The Port Authentication...
....1X configuration: 1. Disable - Click Security > Port Authentication > Basic > 802.1X Configuration. Enable port-based authentication on the device. Port authentication is first attempted through the RADIUS server. 6-8 Managing Security v1.0, December 2007 If the RADIUS server is inaccessible or not defined, then no authentication method (None) is through the RADIUS server. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual Basic The Port Authentication...
FS728TP User Manual
Page 130
Enable - Click Apply to configure network authentication parameters. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual - None - The possible field values are enabled from the list in the provided field. 3. Disable - This is used to authenticate the port. • Guest VLAN - Enable using a Guest ...Security 6-9 v1.0, December 2007 No authentication method is the default value. - Select Disable or Enable for the Guest VLAN status in the VLAN List field. • Guest VLAN ID - Select whether the Guest VLAN is enabled, the unauthorized port...
Enable - Click Apply to configure network authentication parameters. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual - None - The possible field values are enabled from the list in the provided field. 3. Disable - This is used to authenticate the port. • Guest VLAN - Enable using a Guest ...Security 6-9 v1.0, December 2007 No authentication method is the default value. - Select Disable or Enable for the Guest VLAN status in the VLAN List field. • Guest VLAN ID - Select whether the Guest VLAN is enabled, the unauthorized port...
FS728TP User Manual
Page 131
FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual To define the 802.1X configuration: 1. The possible field values are : - Enable - Port authentication is first attempted through the RADIUS server. - Enter whether the Guest VLAN is used for unauthorized ports. This is enabled, the unauthorized port automatically joins the VLAN selected in the VLAN List field. 6-10 v1.0, December 2007 Managing Security Enable...
FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual To define the 802.1X configuration: 1. The possible field values are : - Enable - Port authentication is first attempted through the RADIUS server. - Enter whether the Guest VLAN is used for unauthorized ports. This is enabled, the unauthorized port automatically joins the VLAN selected in the VLAN List field. 6-10 v1.0, December 2007 Managing Security Enable...
FS728TP User Manual
Page 132
.... To configure port-based authentication global properties: 1. Managing Security v1.0, December 2007 6-11 Displays the interfaces. • User Name - If you selected Enable for the Port Based Authentication State, then select the Authentication Method from the list of the currently defined VLANs. 2. Displays the supplicant (client) user name, once the user is authenticated. FS728TP Smart Switch FS728TP Smart Switch Software...
.... To configure port-based authentication global properties: 1. Managing Security v1.0, December 2007 6-11 Displays the interfaces. • User Name - If you selected Enable for the Port Based Authentication State, then select the Authentication Method from the list of the currently defined VLANs. 2. Displays the supplicant (client) user name, once the user is authenticated. FS728TP Smart Switch FS728TP Smart Switch Software...
FS728TP User Manual
Page 134
..." • "Port Security" Storm Control Storm Control limits the amount of 200 kbps. A Broadcast Storm is enabled on all ports for configuring broadcast storm control. Storm control can be enabled per port by the device. Displays the reason port authentication was terminated..... • Termination Cause - Click Apply to time out. Forwarded message responses are flooded to the authentication server. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual • Server Timeout - The Storm Control screen provides fields for Broadcast packets with a threshold of...
..." • "Port Security" Storm Control Storm Control limits the amount of 200 kbps. A Broadcast Storm is enabled on all ports for configuring broadcast storm control. Storm control can be enabled per port by the device. Displays the reason port authentication was terminated..... • Termination Cause - Click Apply to time out. Forwarded message responses are flooded to the authentication server. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual • Server Timeout - The Storm Control screen provides fields for Broadcast packets with a threshold of...
FS728TP User Manual
Page 135
... & Broadcast - Count Broadcast traffic only. 6-14 v1.0, December 2007 Managing Security Enable - Broadcast Only - Disable - The possible field values are : - Select whether storm control is enabled or disabled on the interface. The possible field values are : - FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual To configure storm control: 1. The Storm Control screen displays: Figure 6-8 The Storm Control...
... & Broadcast - Count Broadcast traffic only. 6-14 v1.0, December 2007 Managing Security Enable - Broadcast Only - Disable - The possible field values are : - Select whether storm control is enabled or disabled on the interface. The possible field values are : - FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual To configure storm control: 1. The Storm Control screen displays: Figure 6-8 The Storm Control...
FS728TP User Manual
Page 136
... Broadcast Rate Threshold in the provided field in the first row. 5. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual • Broadcast Rate Threshold - The default value is 70-285000 kbps. Select Enable or Disable Broadcast Control in the provided field in the configuration file. Locked port security monitors both received and learned packets that are either it was...
... Broadcast Rate Threshold in the provided field in the first row. 5. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual • Broadcast Rate Threshold - The default value is 70-285000 kbps. Select Enable or Disable Broadcast Control in the provided field in the configuration file. Locked port security monitors both received and learned packets that are either it was...
FS728TP User Manual
Page 138
... is 10 seconds. 2. Discard - Discards packets from an unknown source without learning the MAC address. - Enable - Enable traps. - Select the port security Status, Learning Mode, Action and Trap status from an unknown source is received on a locked port. Enter...- Packets entering an ingress port, with an active ACL, are sent. The ACL menu contains the following options: • "MAC ACL" • "MAC Rules" • "MAC Binding Configuration" • "IP ACL" Managing Security v1.0, December 2007 6-17 FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual •...
... is 10 seconds. 2. Discard - Discards packets from an unknown source without learning the MAC address. - Enable - Enable traps. - Select the port security Status, Learning Mode, Action and Trap status from an unknown source is received on a locked port. Enter...- Packets entering an ingress port, with an active ACL, are sent. The ACL menu contains the following options: • "MAC ACL" • "MAC Rules" • "MAC Binding Configuration" • "IP ACL" Managing Security v1.0, December 2007 6-17 FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual •...
FS728TP User Manual
Page 142
... port's or LAG's gold bar to display the associated interfaces, and then select the interfaces to select all the associated interfaces. 5. a. Click Security > ACL > MAC Binding Configuration. or b. Click Apply to an ACL: 1. Managing Security v1.0, December 2007 6-21 Select the interfaces for viewing and modifying ACL bound interfaces. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual MAC Binding Configuration...
... port's or LAG's gold bar to display the associated interfaces, and then select the interfaces to select all the associated interfaces. 5. a. Click Security > ACL > MAC Binding Configuration. or b. Click Apply to an ACL: 1. Managing Security v1.0, December 2007 6-21 Select the interfaces for viewing and modifying ACL bound interfaces. FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual MAC Binding Configuration...
FS728TP User Manual
Page 146
FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual IP Binding Configuration To bind interfaces to update the device. The IP Binding Configuration screen displays: Figure 6-15 The IP Binding Configuration screen contains the following methods. or b. Port Selection Table • Select the interfaces for viewing and modifying ACL bound interfaces. Click on the port... or LAG gold bar to display the associated interfaces, and then select the interfaces to select all the associated interfaces. 4. Click Security > ACL > IP Binding Configuration. Click on...
FS728TP Smart Switch FS728TP Smart Switch Software Administration Manual IP Binding Configuration To bind interfaces to update the device. The IP Binding Configuration screen displays: Figure 6-15 The IP Binding Configuration screen contains the following methods. or b. Port Selection Table • Select the interfaces for viewing and modifying ACL bound interfaces. Click on the port... or LAG gold bar to display the associated interfaces, and then select the interfaces to select all the associated interfaces. 4. Click Security > ACL > IP Binding Configuration. Click on...
FS728TP Hardware manual
Page 15
... Switch through a Web Browser or the PC Utility for your NETGEAR Smart Switch. v1.0, November 2007 2-29 Table 2-1. The rack-mount kit supplied with the switch is grounded and physically secure. Site Requirements Characteristics Requirements Mounting Access • Desktop installations - Locate the switch ... installations - Chapter 2 Installation This chapter describes the installation procedures for Initial Configuration Step 1: Preparing the Site Before installing the switch, ensure the operating environment meets the requirements in a position that is also required.
... Switch through a Web Browser or the PC Utility for your NETGEAR Smart Switch. v1.0, November 2007 2-29 Table 2-1. The rack-mount kit supplied with the switch is grounded and physically secure. Site Requirements Characteristics Requirements Mounting Access • Desktop installations - Locate the switch ... installations - Chapter 2 Installation This chapter describes the installation procedures for Initial Configuration Step 1: Preparing the Site Before installing the switch, ensure the operating environment meets the requirements in a position that is also required.