DGS-3120-24TCEOL EOS
תאור
The DGS-3120 xStack Series are enhanced L2 access stackable switches designed to connect end-users in a secure SMB or enterprise network. These switches support physical stacking, multicast and enhanced security, making it an ideal access layer solution. The DGS-3120 Series provides 8/24/48 10/100/1000Mbps Gigabit ports, 4/8 combo SFP and embedded with two CX4 interfaces for high speed switch stacking. Each 10/100/1000 Mbps port of DGS-3120-24PC/48PC supports 802.3af and 802.3at Power over Ethernet standard to connect with PoE devices such as high speed 802.11n Access Points, IP phones and cameras. The DGS-3120-24SC provides 16 dedicated SFP ports with 8 combo Gigabit Ethernet copper/ SFP ports and 2 CX4 ports for high-speed switch stacking. This device has high port density of SFP interfaces, which is ideal for WAN aggregation. The dedicated CX4 stacking ports provide up to 40G bidirectional bandwidth which makes the DGS-3120 Series suitable as a backbone solution for SMBs. The integrated and comprehensive D-Link End-to-End Security solution (E2ES) on DGS-3120 Series extends the network security coverage from core to the edge. D-Link Safeguard Engine protects DGS-3120 Series from the threat of worms/virus increasing the overall reliability, serviceability and availability. Furthermore, D-Link Green Technology decreases energy costs by reducing power consumption, without compromising on performance. The DGS-3120 Series supports Smart Fan feature which has heat sensors and a fan that maintains the temperature of the device for optimum performance. To minimize noise reduction, the default fan speed is set to low. These switches are ideal for deployment in offices or environments that require silence.
End-to-End Security (E2ES)
D-Link extends intelligence by combining Endpoint, Joint and Gateway Security to provide a complete End-to-End Security Solution. This integrated security solution combines switches, firewalls and Wireless LAN with unified threat management for easy security management for the edge, to the core enterprise network. The DGS-3120 Switch Series provides a rich list of Endpoint Security features to add confidence and assurance to your network. It offers comprehensive protection, including user authentication, VLAN authorization, traffic control and segmentation, node address control, and attack mitigation. The switches also support 802.1X Port-based/Hostbased Access Control, Guest VLAN, and RADIUS and TACAS+ for strict access control over the network along with Web-based Access Control (WAC) and MAC-based Access Control (MAC) for easy deployment. User-defined Access Control List (ACL) secures your internal IT network against viruses and enhances switch performance. The IP-MAC-Port Binding feature allows administrators to bind a source IP address with an associated MAC and also lets the administrator define the port number to enhance user access control. The switches also support DHCP Server Screening, a feature that denies access to rogue DHCP servers. Enable this function to filter out all the DHCP Server packets from a specific port. Other security features like port security and traffic segmentation provide granular control to businesses and enhance network security. D-Link’s Joint Security solution provides admission control and real-time defense through Microsoft’s NAP (Network Access Protection) and D-Link’s ZoneDefense respectively. The ZoneDefense technology allows customers to integrate their switches with D-Link’s NetDefend firewall, for full coverage and proactive security architecture. NAP is a policy enforcement technology built into Windows 7®, Vista and XP SP3 that allows customers to protect network assets from unhealthy computers by enforcing compliance with network health policies.
IPv6 Technology
The DGS-3120 Series supports both IPv4 and IPv6 protocols to meet the ever-increasing demand of larger address space. IPv6 simplifies, streamlines network configuration and also reduces costs of deployment. These switches have been certified with IPv6 Ready Logo Phase 2 from the IPv6 forum, a worldwide IPv6 advocacy consortium. The IPv6 Ready Logo Program provides conformance and interoperability of IPv6 products. MLD snooping enhances efficiency in selective distribution by forwarding multicast data to ports that receive data, rather than flooding all ports in a VLAN. Features such as QoS, ACL (based on IPv6 flow label and traffic class), provide a faster and more efficient service. For IPv6 Management, the switches support Web, telnet and SNMP over IPv6.
D-Link Green Technology
D-Link is striving to take the lead in developing innovative and power-saving technology that does not sacrifice operational performance or functionality.The DGS-3120 Series implements the D-Link Green Technology, which includes a power saving mode, smart fan, reduced heat dissipation, and cable length detection. The power saving feature automatically powers down ports that have no link or link partner. The Smart Fan feature allows for the built-in fans to automatically turn on at a certain temperature, providing continuous, reliable and ecofriendly operation of the switch.
Resilience/Performance Enhancement
The DGS-3120 Series offers superior performance and enhanced network resilience, through the latest 802.1D-2004 RSTP and 802.1Q-2005 MSTP Spanning Tree Protocols. STP allows you to configure the switch with a redundant backup bridge path, so transmission and reception of packets can be guaranteed in event of any fail-over switch on the network. 802.3ad Link Aggregation provides aggregated bandwidth between switches or servers to increase redundancy for higher availability. The switches support 802.1p for Quality of Service (QoS). This standard is a mechanism that classifies realtime traffic into 8 priority levels mapped to 8 queues. Packet classification is based on TOS, DSCP, MAC, IPv4, VLAN ID, TCP/UDP port number, protocol type and user defined packet content, which enables flexible configuration especially for real-time streaming multimedia applications such as Voice over IP (VoIP). The switches also provide a Safeguard Engine for network protection to increase reliability, serviceability and availability. The switches support 802.1p for Quality of Service (QoS).
Traffic Control
Network administrators can define throughput levels for each port to allocate its essential bandwidth. Broadcast storm control and flow-based bandwidth control can reduce the level of damage from virus attacks or P2P applications to the network.
Manageability
D-Link’s Single IP Management (SIM) simplifies and speeds up management tasks, allowing multiple switches to be configured, monitored and maintained from any workstation running a web browser through one unique IP address. This virtual stack is managed as a single object, having all units maintained by one IP address. The DGS-3120 Series also supports standard-based management protocols such as SNMP, RMON, Telnet, Console, Web-based GUI and SSH/SSL security authentication.
The switches are also equipped with an SD Card reader, allowing the user to boot images and upload configuration files directly from an SD Card. Furthermore, syslog files can also be conveniently saved to a card.
מאפיינים כללים
• Interface
- 20 10/100/1000BASE-T
- 4 Combo ports 10/100/1000BASE-T/SFP
• Redundant Power Supply: DPS-200
• Management console port: RJ-45
• 2 ports for stacking
• 1 slot for SD-cards
Performance
• Switching matrix 88 Gb / s
• 64-byte packets rate: 65,48 Mpps
• Buffer packets: 2 MB
• Flash-Memory: 32 MB
Stacking
• Physical Stacking
- Stacking Bandwidth up to 40 Gb / s
- Up to 6 units, combined in a stack
• Virtual stacking:
- D-Link Single IP Management (SIM)
- Up to 32 devices in the virtual stack
Layer 2 features
• MAC-address table: 16K
• Flow Control
- 802.3x Flow Control
- HOL Blocking Prevention
• Jumbo-frame up to 13 Kbytes
• Spanning Tree
- 802.1D STP
- 802.1w RSTP
- 802.1s MSTP
- BDPU Filtering
- Root Restriction
• Loopback Detection
• 802.3ad Link Aggregation
- Max. 32 groups per device / 8 ports per group
• Port Mirroring
- One-to-One
- Many-to-One
- Based on the flow
- RSPAN
Multicast Layer 2
• IGMP Snooping
- IGMP v1/v2/v3 Snooping
- Support 1024 IGMP-group
- Fast Leave on the port / flow
- Report Suppression
• Restricting multicast to IP-addresses
- Up to 24 profiles filtering IGMP, 32 address range on the profile
• MLD Snooping
- MLD v1/v2 Snooping
- Supports up to 1024 groups
- Fast Leave on the port / flow
VLAN
• Group VLAN
- Max. 4K VLAN groups
• GVRP
- Support for dynamic VLAN-255 groups
• 802.1Q Tagged VLAN
• VLAN-based port
• 802.1v Protocol VLAN
• Voice VLAN
• VLAN based on MAC-address
• ISM VLAN
• Assymetric VLAN
• Private VLAN
• VLAN Trunking
Quality of Service (QoS)
• 802.1p
• 8 queues per port
• Queue management
- Strict Priority
- Weighted Round Robin (WRR)
- Strict - WRR
• CoS-based
- Switch port
- VLAN ID
- 802.1p priority queues
- MAC-address
- IPv4-address
- DSCP
- Type of protocol
- TCP / UDP-ports
- Content of the package, a user-defined
- IPv6-address
- IPv6-class traffic
- IPv6 flow label
• Support for the following streams
- Tagging 802.1p priority
- Add a tag priority TOS / DSCP
- Bandwidth Management
• Bandwidth Management
- Port-based (incoming / outgoing, min. Step up to 64 kbit / s)
- Based on the flow (incoming / outgoing, min. Step up to 64 kbit / s)
Access Control Lists (ACL)
• Supports up to 1,5 K Access Rules
• ACL based on:
- 802.1p Priority
- VLAN ID
- MAC-address
- Ether Type
- IPv4-address
- DSCP
- Type of protocol
- Number of TCP / UDP-ports
- Content of the package, a user-defined
- IPv6-address
- IPv6 flow label
- IPv6-class traffic
• ACL-based time
• Filter interface CPU
Security
• SSH v2
• SSL v1/v2/v3
• Port Security
- Up to 64 MAC-address on a port / VLAN
• Control of Broadcast / много-адресных/одноадресных storms
• Segmentation of Traffic
• D-Link Safeguard Engine
• Filtering NetBIOS / NetBEUI
• DHCP Server Screening
• Prevent attacks ARP Spooofing
• Protection against attacks BDPU
AAA
• 802.1X
- Access control based on port
- Control access based on host
- Identity-Driven Policy (VLAN, ACL or QoS)
- Authentication Database Failover
• Access control based on the Web (WAC):
- Access control based on port
- Based Access Control host
- Identity-Driven Policy (VLAN, ACL or QoS)
- Authentication Database Failover
• Access control based on MAC-address (MAC):
- Access control based on port
- Control access based on host
- Identity-Driven Policy (VLAN, ACL or QoS)
- Authentication Database Failover
• Japanese Web-based management (JWAC) 4
• Guest VLAN
• Microsoft ® NAP
- Support for 802.1X NAP
- Support for DHCP NAP
• Maintaining RADIUS accounting
• RADIUS and TACACS authentication for access control
• Accounts with 4 levels of privilege
D-Link Green
• Compliance with the RoHS Directive
• Power on the status of the connection
• Power cable length
• PoE on vremeni5
Performing Operations, Administration and Management (OAM)
• Diagnosis of cable
Management
• Management of Web-based interface (Supports IPv4)
• Command Line Interface CLI
• Server Telnet (support IPv4)
• Client Telnet (support IPv4)
• Client TFTP (Supports IPv4)
• ZModem
• SNMP v1/v2c/v3
• SNMP Traps
• System Log
• RMON v1:
- Support groups 1,2,3,9
• RMON v2:
- Support Group ProbeConfig
• LLDP
• BootP / DHCP-client
• Automatic configuration DHCP
• DHCP Relay
• DHCP Relay Option 12
• DHCP Relay Option 82
• Flash File System
• Support for multiple versions of software
• Support for multiple versions of configurations
• CPU Monitoring
• Debug Command
• SNTP
• Password Recovery
• Password Encryption
• A trusted host
• Microsoft ® NLB (Network Load Balancing)
MIB
• RFC 1213 MIB II
• RFC 4188 Bridge MIB
• RFC 1157, 2571-2576 SNMP MIB
• RFC 1907 SNMPv2 MIB
• RFC 1757 RMON MIB 2819
• RFC 2021 RMONv2 MIB
• RFC 1398, 1643, 1650, 2358, 2665 Ether-like MIB
• RFC 2674 802.1p MIB
• RFC 2233, 2863 IF MIB
• RFC 2618 RADIUS Authentication Client MIB
• RFC 2620 RADIUS Accounting Client MIB
• RFC 2925 Ping & Traceroute MIB
• RFC 2674, 4363 802.1p MIB
• RFC 1215 MIB Traps Convention
Compliance with standards RFC
• RFC 768 UDP
• RFC 791 IP
• RFC 792, 2463, 4443 ICMP
• RFC 793 TCP
• RFC 826 ARP
• RFC 3513, 4291, IPv6 Addressing Architecture
• RFC 2893, 4213 IPv4/IPv6 dual stack function
• RFC 2463, 4443 ICMPv6
• RFC 2462, 4862 IPv6 Stateless Address Auto
Confguration
• RFC 2464 IPv6 Ethernet and definition
• RFC 1981 Path MTU Discovery for IPv6
• RFC 2460 IPv6
• RFC 2461, 4861 Neighbor Discovery for IPv6
• RFC 783 TFTP
• RFC 854 Telnet
• RFC 951 BootP 1542
• RFC 2068 HTTP
• RFC 1492 TACACS
• RFC 2866 RADIUS Accounting
• RFC 2474, 3260 DiffServ
• RFC 1321, 2284, 2865, 3580, 3748 Extensible
Authentication Protocol (EAP)
• RFC 2571, 2572, 2573, 2574, SNMP
• IPv6 Ready Logo Phase 2
Functions of the expanded version of Layer 2
• Ethernet Ring Protection Switching (ERSP)
Management
• SNMP v1/v2c/v3
- SNMP over IPv6
• sFlow
• ICMPv6
• Web-interface (Support for IPv6)
• Server Telnet (support IPv6) 6
• Client Telnet (support IPv6) 6
• TFTP-Client (Support for IPv6) 6