D-Link DGS-3312SR [189/290] Layer ssl
![D-Link DGS-3312SR [189/290] Layer ssl](/views2/1013280/page189/bgbd.png)
DGS-3312SR Stackable Gigabit Layer 3 Switch
Secure Socket
Secure Sockets Layer or SSL is a security feature that will provide a secure communication path between a host and client
f authentic h the
use of a ciphersuite, which tion
algorithms and key sizes to be used for an authentication session and consists of three levels:
nge: The itch
utilizes the Rivest Sham fied
as the DHE DSS Diffie-Hellm
nt and host as they te
encryptions on the foll
: The seco nt
ent and host thms:
Stream Ciphers – There are two types of stream ciphers on the Switch, RC4 with 40-bit keys and RC4 with
8-bit keys.
optimal use.
BC Block Ci
crypted blo
3DES EDE encry the Data Encryption Standard (DES) to create the encrypted text.
orithm: This
a Message Authenticat ge Authentication Code will be encrypted with a sent message to provide
integrity and prevent against replay attacks. The Switch supports two hash algorithms, MD5 (Message Digest 5) and
SHA (Secure Hash Algorithm).
meters are n code for
ication bet
ciphersuites available, yet d
The information included in t included with the Switch and requires downloading from a third source
a certificate. Th mentation
te file and c v3 and
TLSv1. Other versions of S on and
transfer of messages from cl
Download Certificate
This window is used to dow
file is a data record used icating devices on the network. It contains information on the owner, keys for
authentication and digital signatures. Both the server and the client must have consistent certificate files for optimal use of
n. The Swit certificate
already set in the Switch.
To view the following window, cl (SSL) > Download Certificate:
Layer (SSL)
through the use o ation, digital signatures and encryption. These security functions are implemented throug
is a security string that determines the exact cryptographic parameters, specific encryp
Key Excha first part of the ciphersuite string specifies the public key algorithm to be used. This sw
ir Adleman (RSA) public key algorithm and the Digital Signature Algorithm (DSA), speci
here
clie
an (DHE) public key algorithm. This is the first authentication process between
“exchange keys” in looking for a match and therefore authentication to be accepted to negotia
owing level.
Encryption
between cli
nd part of the ciphersuite that includes the encryption used for encrypting the messages se
. The Switch supports two types of cryptology algori
12 These keys are used to encrypt messages and need to be consistent between client and host for
C
en
phers – CBC refers to Cipher Block Chaining, which means that a portion of the previously
ck of encrypted text is used in the encryption of the current block. The Switch supports the
ption code defined by
Hash Alg part of the ciphersuite allows the user to choose a message digest function that will determine
ion Code. This Messa
These three para
secure commun
uniquely assembled in four choices on the Switch to create a three-layered encryptio
ween the server and the host. The user may implement any one or combination of the
ifferent ciphersuites will affect the security level and the performance of the secured connection.
the ciphersuites is no
in a file form called
of the certifica
is function of the Switch cannot be executed without the presence and imple
an be downloaded to the Switch by utilizing a TFTP server. The Switch supports SSL
SL may not be compatible with this switch and may cause problems upon authenticati
ient to host.
nload a certificate file for the SSL function on the Switch from a TFTP server. The certificate
for authent
the SSL functio ch only supports certificate files with .der file extensions and comes with one RSA
ick Security > Secure Socket Layer
Figure 6- 2. Download Certificate window
176
Содержание
- D link dgs 3312sr 1
- Manual 1
- Port gigabit layer 3 stackable switch 1
- Release iii 1
- Table of contents 3
- About this manual 9
- Bold font 9
- Intended readers 9
- Typographical conventions 9
- Notes notices and cautions 10
- Safety cautions 10
- Safety instructions 10
- General p 11
- General precautions for rack mountable products 11
- Recautions for rack mountable products 11
- Protecting against electrostatic discharge 13
- Features 14
- Front panel components 14
- Introduction 14
- Section 1 14
- Switch description 14
- Front panel components 16
- Led indicators 16
- Stacking led indicators 17
- Rear panel description 18
- Rps connector 18
- Dem 340mg sfp mini gbic module 19
- Dem 340t 1000base t module 19
- Plug in modules 19
- Dem 540 ieee 1394 stacking module 20
- I ch stacking 20
- Restrictions and cautions for stacking 20
- Command line console interface through the serial port or telnet 22
- Ement interface 22
- Management options 22
- Snmp based management 22
- Web based manag 22
- Before you connect to the network 23
- Package contents 23
- Section 2 23
- St llation 23
- Installing the switch in a rack 24
- Installing the switch without the rack 24
- Mounting the switch in a standard 19 rack 25
- Cting stacked switch groups 26
- G connections with ieee 1394 ethernet 26
- Stackin cabling and fiber optic transceiver cabling 26
- Configuring a switch group for stacking 27
- It i display for switches in a switch stack 28
- Externa 29
- L redundant power system 29
- Connecting the console port 30
- Password protection 30
- Snmp settings 32
- Ip address assignment 33
- Connecting devices to the switch 34
- Basic switch management 35
- Before you start 35
- Gene al de 35
- R ployment strategy 35
- Section 3 35
- Efining static routes 36
- Vlan setup 36
- Areas of the user interface 37
- Web based user interface 37
- Login to web manager 38
- Web pages and fo 38
- Basic setup 39
- Switch ip settings 39
- Witch information 39
- Ddre nso 41
- Setting the switch s ip a ss using the co le interface 41
- Security ip management stations configuration 42
- User account management 42
- Admin and user privileges 43
- Factory reset 44
- Save changes 44
- Restart system 45
- Advanced settings 46
- Configure stacking 48
- Switch stack management 48
- Basic configuration 51
- Section 4 51
- Ip address 52
- Itch information 52
- Setting the switch s ip address using the console interface 54
- Advanced settings 55
- Port configuration 57
- Port description 59
- Port mirroring 60
- Traffic control 61
- Link aggregation 62
- Understanding port trunk groups 62
- Lacp port settings 64
- Authentication server 66
- Port access entity 802 x 66
- X port based and mac based access control 66
- Authenticator 67
- Authentication process 68
- Client 68
- Port based network access control 69
- Understanding 802 x port based and mac based network access control 69
- Ethernet switch 70
- Mac based network access control 70
- Network access controlled port 70
- Network access uncontrolled port 70
- Radius server 70
- X authenticator settings 71
- Pae system control 73
- X capability settings 73
- Initializing ports for port based 802 x 74
- Initializing ports for mac based 802 x 75
- Ort s for port based 802 x 76
- Reauthenticate p 76
- Mac based 802 x 77
- Reauthenticate port s for 77
- Radius serv 78
- Radius server 78
- Igmp snooping 79
- Igmp snooping configuration 79
- Static router ports 81
- Ing tree 83
- Port transition states 83
- S mstp 83
- Spanning tree 83
- W rapid spann 83
- D 802 w 802 s compa 84
- Edge port 84
- P2p port 84
- Tibility 84
- Stp bridge global settings 85
- Mst configuration table 88
- Msti settings 91
- Stp instance settings 92
- Stp port settings 94
- Forwarding 96
- Forwarding filtering 96
- Unicast 96
- Multicast forwarding 97
- Assigning ip network addresses and subnet masks to vlans 98
- Layer 3 based vlans 98
- Planning vlan layout 98
- Understanding 802 q vlans 98
- Vlans in layer 2 98
- Ieee 802 q vlans 99
- Q vlan packet forwarding 99
- Q vlan tags 99
- Port vlan id 100
- Ingress filtering 101
- Tagging and untagging 101
- Q static vlans 102
- Gvrp settings 105
- The advantages of qos 107
- Understanding qos 108
- P default priority 109
- P user priority 109
- Eduling configuration 110
- Qos output sch 110
- Traffic segmentation 111
- Port bandwidth 112
- Ion global settings 113
- Mac notificat 113
- Mac notification 113
- Mac notification port settings 114
- Onfiguration 115
- Port sec 115
- Port security c 115
- Port lock entry delete 116
- Port security clear 116
- System log server 117
- Sntp settings 119
- Time setting 119
- Time zone and dst settings 120
- Access profile table 122
- L3 global advanced settings 133
- Layer 3 ip networking 133
- Section 5 133
- Ip interface settings 134
- Md5 key settings 136
- Route redistribution settings 137
- Static default route settings 139
- Static arp settings 140
- Rip global 143
- Rip interface settings 143
- Setting 143
- Introduction to ospf 145
- Link state algorithm 145
- Ospf cost 145
- Shortest path algorithm 145
- Router a 146
- Router b 146
- Router c 146
- Router d 146
- Shortest path tree 146
- 13 1 222 11 0 147
- Areas and border routers 147
- Link state packets 147
- Router a 147
- Router b 147
- Router c 147
- Areas not physically connected to area 0 148
- Backbone and area 0 148
- Message digest authentication md 5 148
- Ospf authentication 148
- Partitioning the backbo 148
- Simple password authentication 148
- Virtual links 148
- Adjacencies 149
- Building adjacency 149
- Designated router election 149
- Neighbors 149
- Adjacencies on point to point 150
- Interfaces 150
- Ospf packet formats 150
- Ospf packet header 150
- Hello packet 151
- Database description packet 152
- Link state request packet 153
- State request packet 153
- Link state acknowledgment p 154
- Link state update packet 154
- Link isement for 155
- Link state acknowledgment packet 155
- Link state advertisement header 155
- State advert mats 155
- Dgs 3312sr stackable gigabit layer 3 switch 156
- State advertisement header 156
- Router links advertisements 157
- Etwork li tisements 159
- N nks adver 159
- Summary link advertisements 159
- Autonomous s 160
- S external link advertisements 160
- Ospf area id settings 162
- Ospf general setting 162
- Ospf interface settings 164
- Ospf virtual interface settings 166
- Ospf area aggregation settings 168
- Ospf host route settings 169
- Dhcp bootp relay 170
- Information 170
- Dhcp bootp re 171
- Lay settings 171
- Dns relay 172
- Dns relay ation 172
- Inform 172
- Dns relay static settings 173
- Vrrp configuration 174
- Vrrp interface settings 175
- Vrrp interface settings 176
- Vrrp interface entry display 178
- Igmp versions 1 and 2 180
- Ip multicast 180
- Igmp interface configuration 182
- Igmp interface settings 182
- Dvmrp global setting 184
- Dvmrp interface settings 184
- Lobal setting 186
- Pim dm g 186
- Pim dm interface settings 186
- Section 6 188
- Security 188
- Trusted host 188
- Download certificate 189
- Layer ssl 189
- Secure socket 189
- Configuration 190
- H onfiguration 192
- Secure shell ssh 192
- Ssh algorithm 194
- Ssh user authentication 196
- Access authentication control 198
- Policy paramet 199
- Application authentication settings 200
- Authentication s 201
- Erver group 201
- Authentication server host 203
- Login method lists 205
- Enable method lists 207
- Local enable password 209
- Enable admin 210
- Management 211
- Section 7 211
- User accounts 211
- Admin and user privileges 212
- Snmp settings 212
- Snmp user table 213
- Snmp user table display 214
- Snmp view table 216
- Mp group table 217
- Snmp community table 219
- Snmp host table 220
- Snmp engine id 221
- Monitoring 222
- Section 8 222
- Stack information 223
- Ort util 226
- P ization 226
- Cpu utilization 227
- Packets 228
- R ived packet 228
- Received unicas 230
- T multicast broadcast packets 230
- Transmitted packe 232
- Errors 234
- Received errors 234
- Transmitted errors 236
- Packet size 238
- Mac address 240
- Switch history log 242
- Igmp snooping table 243
- Igmp snooping forwarding 244
- Vlan status 245
- Router port 246
- Session table 247
- Layer 3 feature 248
- Traceroute 248
- Browse ip address table 249
- Browse arp table 250
- Browse routing table 250
- Browse igmp group table 251
- Browse ip multicast forwarding table 251
- Browse ospf lsdb table 252
- Ospf monitor 252
- Browse ospf neighbor table 253
- Brows sp 254
- E o f virtual neighbor table 254
- Browse dvmrp neighbor address table 255
- Browse dvmrp routing 255
- Dvmrp monitor 255
- Browse dvmrp routing next hop table 256
- Browse pim neighbor address table 257
- Pim monitor 257
- Download firmware 258
- Maintenance 258
- Section 9 258
- Tftp services 258
- Download configuration file 259
- Upload configuration 259
- Upload log 259
- Ping test 260
- Save changes 260
- Factory reset 261
- Restart system 262
- Section 10 263
- Single ip management 263
- Sim settings 265
- Opology 266
- Tool tips 269
- Group icon 270
- Right click 270
- Commander switch icon 271
- Tch icon member swi 272
- Candidate switch icon 273
- Menu bar 274
- Configuration file backup restore 275
- Firmware upgrade 275
- Appendix a 276
- Technical specifications 276
- And connectors 278
- Appendix b 278
- Cables 278
- Appendix c 279
- Cable lengths 279
- Glossary 280
- International offices 283
- After an rma number is issued the defective product must be packaged securely in the original or other suitable shipping package to ensure that it will not be damaged in transit and the rma number must be prominently marked on the outside of the package the package must be mailed or otherwise shipped to d link with all costs of mailing shipping insurance prepaid d link shall never be responsible for any software firmware information or memory data of purchaser contained in stored on or integrated with any product returned to d link pursuant to this warranty 284
- Hardware 284
- Limitation of liability 284
- Limited warranty 284
- Warranties exclusive 284
- D link offices for registration and warranty service 285
- Software 285
- Register online your d link product at http support dlink com register 288
- Answers to the following questions help us to support your product 289
- Computer e g compaq 486 289
- Computer serial no 289
- How many employees work at installation site 289
- Print type or use block letters 289
- Product installed in 289
- Product model product serial no product installed in type of 289
- Product was purchased from 289
- Registration card 289
- What applications are used on your network 289
- What category best describes your company 289
- What network management program does your organization use 289
- What network medium media does your organization use 289
- What network operating system s does your organization use 289
- What network protocol s does your organization use 289
- Where and how will the product primarily be used 289
- Would you recommend your d link product to a friend 289
- Your comments on this product _______________________________________________________________________________________ 289
Похожие устройства
- LG LH-T3635X Инструкция по эксплуатации
- Akai TN-3306P Инструкция по эксплуатации
- Viking GE 345 Инструкция по эксплуатации
- Electrolux EMS 20405 X Инструкция по эксплуатации
- D-Link DNS-1100-04 Инструкция по эксплуатации
- LG LH-T3630X Инструкция по эксплуатации
- Akai TN-3245P Инструкция по эксплуатации
- Yamaha EMX-212S Инструкция по эксплуатации
- Craftsman 29802 Инструкция по эксплуатации
- Elenberg MGC-9025D Инструкция по эксплуатации
- LG LH-T3605X Инструкция по эксплуатации
- Yamaha EMX-312SC Инструкция по эксплуатации
- Akai TN-3174P Инструкция по эксплуатации
- D-Link DNS-1200-05 Инструкция по эксплуатации
- Patriot -Garden T 6,5/800 FB PG California Инструкция по эксплуатации
- Mystery MCO-1503 Инструкция по эксплуатации
- Akai TN-3061P Инструкция по эксплуатации
- D-Link DNS-325 Инструкция по эксплуатации
- Elitech КБ 52 Инструкция по эксплуатации
- Yamaha EMX-5014C Инструкция по эксплуатации