HP ProCurve Switch 4204 vl
Description
Management
* Uni-Directional Link Detection (UDLD): monitors a link between two switches and blocks the ports on both ends of the link if the link goes down at any point between the two devices
Connectivity
* ProCurve/IEEE Auto-MDIX: automatically adjusts for straight-through or crossover cables on all 10/100/1000 ports
Performance
* Architecture: up to 76.8 Gbps crossbar switching fabric provides wire-speed intra- and inter-module switching with up to 48 million pps throughput built on ProCurve custom-designed ASIC technology
Resiliency and high availability
* IEEE 802.3ad Link Aggregation Control Protocol (LACP) and ProCurve trunking: support up to 36 trunks, each with up to 8 links (ports) per trunk; trunking across modules is supported
* IEEE 802.1s Multiple Spanning Tree Protocol: provides high link availability in multiple VLAN environments by allowing multiple spanning trees; encompasses IEEE 802.1D Spanning Tree Protocol and IEEE 802.1w Rapid Spanning Tree Protocol
* Hot-swappable modules: permit modules and mini-GBICs to be added or swapped without interrupting the network
* Optional redundant power supply: provides uninterrupted power; allows hot-swapping of one of the two supplies when installed
Layer 2 switching
* VLAN support and tagging: supports the IEEE 802.1Q (4,096 VLAN IDs) and 256 VLANs simultaneously
* GARP VLAN Registration Protocol: allows automatic learning and dynamic assignment of VLANs
Layer 3 routing
* Basic IP routing: enables automatic routing to the connected VLANs and up to 16 static routes--including one default route--in IP networks
Security
* Port security: allows access only to specified MAC addresses, which can be learned or specified by the administrator
* MAC address lockout: prevents configured particular MAC addresses from connecting to the network
* Multiple user authentication methods:
o IEEE 802.1X industry-standard way of user authentication using an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server
o Web-based authentication similar to IEEE 802.1X, provides a browser-based environment to authenticate clients that do not support the IEEE 802.1X supplicant
o MAC-based authentication client is authenticated with the RADIUS server based on client's MAC address
* Authentication flexibility:
o Multiple IEEE 802.1X users per port provides authentication of up to 8 IEEE 802.1X users per port; prevents user "piggybacking" on another user's IEEE 802.1X authentication
* Secure FTP: allows secure file transfer to/from the switch; protects against unwanted file downloads or unauthorized copying of switch configuration file
* TACACS+: eases switch management security administration by using a password authentication server
* Source-port filtering: allows only specified ports to communicate with each other
* Secure Shell (SSHv2): encrypts all transmitted data for secure, remote command-line interface (CLI) access over IP networks
* Secure Sockets Layer (SSL): encrypts all HTTP traffic, allowing secure access to the browser-based management GUI in the switch
* Switch management logon security: can require either RADIUS or TACACS+ authentication for secure switch CLI logon
* Custom banner: displays security policy when users log in to the switch
* BPDU port protection: blocks Bridge Protocol Data Units (BPDU) on ports that do not require BPDUs, preventing forged BPDU attacks
* Dynamic ARP protection: blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or data theft of network data
Convergence
* IP multicast (data-driven IGMPv3): automatically prevents flooding of IP multicast traffic
* IEEE 802.1AB Link Layer Discovery Protocol (LLDP): automated device discovery protocol for easy mapping by network management applications
* LLDP-MED (Media Endpoint Discovery): a standard extension of LLDP that stores values for parameters such as QoS and VLAN to automatically configure network devices such as IP phones
Quality of Service (QoS)
* Traffic prioritization (IEEE 802.1p): allows real-time traffic classification into 8 priority levels mapped to 4 queues
* Class of Service (CoS): sets the IEEE 802.1p priority tag based on IP address, IP Type of Service (ToS), L3 protocol, TCP/UDP port number, source port, and DiffServ
* Layer 4 prioritization: enables prioritization based on TCP/UDP port numbers
Manageability
* sFlow (RFC 3176): wire-speed traffic accounting and monitoring
* RMON and XRMON: provide advanced monitoring and reporting capabilities for statistics, history, alarms, and events
* Friendly port names: allow assignment of descriptive names to ports
* Dual flash images: provides independent primary and secondary OS files for backup while upgrading
* Multiple configuration files: allows a config file to be stored to flash image
* Stacking capability: single IP address management for a virtual stack of up to 16 switches, including the ProCurve 2500 series, 2510 series, 2600 series, 2800 series, 2810 series, 2900 series, 3400cl series, 3500yl series, 4200vl series, 6108, 6200yl-24G-mGBIC, and 6400cl series
* Troubleshooting: ingress/egress port monitoring enables network problem-solving
* Find-Fix-and-Inform: finds and fixes common network problems automatically, then informs administrator
* Software updates: free downloads from the Web
* Uni-Directional Link Detection (UDLD): monitors a link between two switches and blocks the ports on both ends of the link if the link goes down at any point between the two devices
Connectivity
* ProCurve/IEEE Auto-MDIX: automatically adjusts for straight-through or crossover cables on all 10/100/1000 ports
Performance
* Architecture: up to 76.8 Gbps crossbar switching fabric provides wire-speed intra- and inter-module switching with up to 48 million pps throughput built on ProCurve custom-designed ASIC technology
Resiliency and high availability
* IEEE 802.3ad Link Aggregation Control Protocol (LACP) and ProCurve trunking: support up to 36 trunks, each with up to 8 links (ports) per trunk; trunking across modules is supported
* IEEE 802.1s Multiple Spanning Tree Protocol: provides high link availability in multiple VLAN environments by allowing multiple spanning trees; encompasses IEEE 802.1D Spanning Tree Protocol and IEEE 802.1w Rapid Spanning Tree Protocol
* Hot-swappable modules: permit modules and mini-GBICs to be added or swapped without interrupting the network
* Optional redundant power supply: provides uninterrupted power; allows hot-swapping of one of the two supplies when installed
Layer 2 switching
* VLAN support and tagging: supports the IEEE 802.1Q (4,096 VLAN IDs) and 256 VLANs simultaneously
* GARP VLAN Registration Protocol: allows automatic learning and dynamic assignment of VLANs
Layer 3 routing
* Basic IP routing: enables automatic routing to the connected VLANs and up to 16 static routes--including one default route--in IP networks
Security
* Port security: allows access only to specified MAC addresses, which can be learned or specified by the administrator
* MAC address lockout: prevents configured particular MAC addresses from connecting to the network
* Multiple user authentication methods:
o IEEE 802.1X industry-standard way of user authentication using an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server
o Web-based authentication similar to IEEE 802.1X, provides a browser-based environment to authenticate clients that do not support the IEEE 802.1X supplicant
o MAC-based authentication client is authenticated with the RADIUS server based on client's MAC address
* Authentication flexibility:
o Multiple IEEE 802.1X users per port provides authentication of up to 8 IEEE 802.1X users per port; prevents user "piggybacking" on another user's IEEE 802.1X authentication
* Secure FTP: allows secure file transfer to/from the switch; protects against unwanted file downloads or unauthorized copying of switch configuration file
* TACACS+: eases switch management security administration by using a password authentication server
* Source-port filtering: allows only specified ports to communicate with each other
* Secure Shell (SSHv2): encrypts all transmitted data for secure, remote command-line interface (CLI) access over IP networks
* Secure Sockets Layer (SSL): encrypts all HTTP traffic, allowing secure access to the browser-based management GUI in the switch
* Switch management logon security: can require either RADIUS or TACACS+ authentication for secure switch CLI logon
* Custom banner: displays security policy when users log in to the switch
* BPDU port protection: blocks Bridge Protocol Data Units (BPDU) on ports that do not require BPDUs, preventing forged BPDU attacks
* Dynamic ARP protection: blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or data theft of network data
Convergence
* IP multicast (data-driven IGMPv3): automatically prevents flooding of IP multicast traffic
* IEEE 802.1AB Link Layer Discovery Protocol (LLDP): automated device discovery protocol for easy mapping by network management applications
* LLDP-MED (Media Endpoint Discovery): a standard extension of LLDP that stores values for parameters such as QoS and VLAN to automatically configure network devices such as IP phones
Quality of Service (QoS)
* Traffic prioritization (IEEE 802.1p): allows real-time traffic classification into 8 priority levels mapped to 4 queues
* Class of Service (CoS): sets the IEEE 802.1p priority tag based on IP address, IP Type of Service (ToS), L3 protocol, TCP/UDP port number, source port, and DiffServ
* Layer 4 prioritization: enables prioritization based on TCP/UDP port numbers
Manageability
* sFlow (RFC 3176): wire-speed traffic accounting and monitoring
* RMON and XRMON: provide advanced monitoring and reporting capabilities for statistics, history, alarms, and events
* Friendly port names: allow assignment of descriptive names to ports
* Dual flash images: provides independent primary and secondary OS files for backup while upgrading
* Multiple configuration files: allows a config file to be stored to flash image
* Stacking capability: single IP address management for a virtual stack of up to 16 switches, including the ProCurve 2500 series, 2510 series, 2600 series, 2800 series, 2810 series, 2900 series, 3400cl series, 3500yl series, 4200vl series, 6108, 6200yl-24G-mGBIC, and 6400cl series
* Troubleshooting: ingress/egress port monitoring enables network problem-solving
* Find-Fix-and-Inform: finds and fixes common network problems automatically, then informs administrator
* Software updates: free downloads from the Web
Installed components
Supported components
HP ProCurve Network Solutions
HP Procurve Networking_Quality Video
Module 1: Configuring and Managing ProCurve Switches
HP Procurve Networking_Quality Video
Module 1: Configuring and Managing ProCurve Switches
Related products
3Com
APC
Barracuda
Cisco
Citrix
DELL
Fujitsu
Hitachi
HP
IBM
Intel
Juniper Networks
Kingston
LSI
Microsoft
NetApp
Oracle
Red Hat
Seagate
Stickfish
Sun
Suse Linux
VMware
WYSE
