HP 3600-24-SFP v2 EI Switch

The HP 3600 EI Switch Series delivers premium levels of intelligent and resilient performance, security, and reliability for robust switching at the enterprise network edge. The series consists of Layer 3 Fast Ethernet and PoE/PoE+ switches, with advanced features that can accommodate the most demanding applications. Secure, resilient connectivity and the latest traffic-prioritization technologies enhance converged networks. Designed for increased flexibility and scalability, HP 3600 EI series switches come with 24 or 48 10/100 ports, four active SFP-based Gigabit Ethernet ports for stacking and uplinks, and a 24-port 100BASE-FX switch with two or four Gigabit Ethernet SFP slots.

• Robust switching at the enterprise network edge
• Advanced Layer 3 and multicast routing
• IRF-automated stack and switching fabric setup
• Integrated and distributed security enforcement
• Enterprise-level nonblocking performance

Quality of Service (QoS)

• Broadcast Control – Allows limitation of broadcast traffic rate to cut down on unwanted network broadcast traffic
• Advanced Classifier-Based QoS – Classifies traffic using multiple match criteria based on Layer 2, 3, and 4 information; applies QoS policies such as setting priority level and rate limit to selected traffic on a per-port or per-VLAN basis
• Powerful QoS Feature – Supports the following congestion actions: strict priority (SP) queuing, weighted round robin (WRR), weighted fair queuing (WFQ), and WRED
• Traffic Policing – Supports Committed Access Rate (CAR) and line rate
• RRPP – Enables ultra high levels of network resiliency, with failover times of less than 50 ms

Management

• Friendly Port Names – Allows assignment of descriptive names to ports
• Remote Configuration and Management – Enables configuration and management through a secure Web browser or a CLI located on a remote device
• Manager and Operator Privilege Levels – Provides read-only (operator) and read/write (manager) access on CLI and Web browser management interfaces
• Command Authorization – Leverages HWTACACS to link a custom list of CLI commands to an individual network administrator's login; also provides an audit trail
• Secure Web GUI – Provides a secure, easy-to-use graphical interface for configuring the module via HTTPS
• Multiple Configuration Files – Stores easily to the flash image
• Complete Session Logging – Provides detailed information for problem identification and resolution
• SNMPv1, v2c, and v3 – Facilitate centralized discovery, monitoring, and secure management of networking devices
• Remote Monitoring (RMON) – Uses standard SNMP to monitor essential network functions; supports events, alarm, history, and statistics group plus a private alarm extension group
• Local and Remote Intelligent Mirroring – Mirrors traffic from a switch port or to a remote switch port anywhere on the network, or mirrors ACL-selected traffic to a local switch port
• Management VLAN – Segments traffic to and from management interfaces, including CLI/telnet, a Web browser interface, and SNMP
• IEEE 802.1AB Link Layer Discovery Protocol (LLDP) – Advertises and receives management information from adjacent devices on a network, facilitating easy mapping by network management applications
• Device Link Detection Protocol (DLDP) – Monitors a cable between two switches and shuts down the ports on both ends if the cable is broken, preventing network problems such as loops
• sFlow (RFC 3176) – Provides scalable ASIC-based wirespeed network monitoring and accounting with no impact on network performance; this allows network operators to gather a variety of sophisticated network statistics and information for capacity planning and real-time network monitoring purposes
• IPv6 Management – Future-proofs networking, as the switch is capable of being managed whether the attached network is running IPv4 or IPv6; supports pingv6, tracertv6, Telnetv6, TFTPv6, DNSv6, syslogv6, FTPv6, SNMPv6, DHCPv6, and RADIUS for IPv6
• Troubleshooting – Ingress and egress port monitoring enable network problem solving; virtual cable tests provide visibility into cable problems

Connectivity

• IPv6 –
  • Telnet – For allowing CLI access via IPv6
  • SNMP – For IPv6 switch management
  • DNS – For IPv6 host management
  • DHCP – For auto IPv6 address configuration of a switch
• Auto-MDIX – Provides automatic adjustments for straight-through or crossover cables on all 10/100 and 10/100/1000 ports
• Jumbo Packet Support – Supports up to 9216-byte frame size to improve the performance of large data transfers
• Gigabit Ethernet Uplinks – Are dual-personality ports for either 10/100/1000 or mini-GBIC SFP connectivity for increased connectivity flexibility
• High-Density Access – Provides up to 48 fixed 10/100BASE-T PoE or non-PoE ports or 24 SFP 100BASE-X ports in a Layer 2/Layer 3 switch
• Ethernet Operations, Administration and Maintenance (OAM) – Detects data link layer problems that occurred in the "last mile" using the IEEE 802.3ah OAM standard; monitors the status of the link between two devices
• IEEE 802.3af Power over Ethernet (PoE) – Provides up to 15.4 W per port to IEEE 802.3af-compliant PoE-powered devices such as IP phones, wireless access points, and security cameras
• IEEE 802.3at Power over Ethernet (PoE+) Support – Simplifies deployment and dramatically reduces installation costs by helping to eliminate the time and cost involved in supplying local power at each access point location

Performance

• Nonblocking Performance – Up to 17.6 Gbps nonblocking switching fabric provides wire-speed switching with up to 13.1 million pps throughput
• Gigabit Ethernet Interface – Provides a connection to the network that eliminates the network as a bottleneck
• Hardware-Based Wirespeed Access Control Lists – Feature-rich ACL implementation helps ensure high levels of security and ease of administration without impacting network performance

Resiliency and High Availability

• Separate Data and Control Paths – Separates control from services and keeps service processing isolated; increases security and performance
• External Redundant Power Supply – Provides high reliability
• Smart Link – Allows 50ms failover between links
• Spanning Tree/MSTP, RSTP – Provides redundant links while preventing network loops
• Intelligent Resilient Framework (IRF) – Creates virtual resilient switching fabrics, where two or more switches perform as a single L2 switch and L3 router; switches do not have to be co-located and can be part of a disaster-recovery system; servers or switches can be attached using standard LACP for automatic load balancing and high availability; can eliminate the need for complex protocols like Spanning Tree Protocol, Equal-Cost Multipath (ECMP), or VRRP, thereby simplifying network operation
• IEEE 802.3ad Link Aggregation Control Protocol (LACP) – Supports up to 24 trunks, each with 8 links per trunk; supports static or dynamic groups
• Virtual Router Redundancy Protocol (VRRP) – Allows groups of two routers to dynamically back each other up to create highly available routed environments in IPv4 and IPv6 networks
• IRF Capability – Provides single IP address management for a resilient virtual switching fabric of up to nine switches

Manageability

• RMON (Remote Monitoring) – Provides advanced monitoring and reporting capabilities for statistics, history, alarms, and events

Layer 2 Switching

• 16/32K MAC Address Table – Provides access to many Layer 2 devices
• VLAN Support and Tagging – Supports IEEE 802.1Q with 4,094 simultaneous VLAN IDs
• GARP VLAN Registration Protocol – Allows automatic learning and dynamic assignment of VLANs
• IEEE 802.1ad QinQ and selective QinQ – Increase the scalability of an Ethernet network by providing a hierarchical structure; connect multiple LANs on a high-speed campus or metro network
• Gigabit Ethernet Port Aggregation – Allows grouping of ports to increase overall data throughput to a remote device
• Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Protocol Snooping – Controls and manages the flooding of multicast packets in a Layer 2 network

Layer 3 Services

• Address Resolution Protocol (ARP) – Determines the MAC address of another IP host in the same subnet
• Dynamic Host Configuration Protocol (DHCP) – Simplifies the management of large IP networks and supports client and server; DHCP Relay enables DHCP operation across subnets
• Loopback Interface Address – Defines an address in Routing Information Protocol (RIP) and Open Standard Path First (OSPF), improving diagnostic capability
• User Datagram Protocol (UDP) Helper Function – Allows UDP broadcasts to be directed across router interfaces to specific IP unicast or subnet broadcast addresses and prevents server spoofing for UDP services such as DHCP
• Route Maps – Provide more control during route redistribution; allow filtering and altering of route metrics

Layer 3 Routing

• IPv4 Routing Protocols – Support static routes, RIP, OSPF, ISIS, and BGP
• IPv6 Routing Protocols – Provide routing of IPv6 at wire speed; support static routes, RIPng, OSPFv3, ISIS for IPv6, and BGP4+ for IPv6
• IPv6 Tunneling – Allows a smooth transition from IPv4 to IPv6 by encapsulating IPv6 traffic over an existing IPv4 infrastructure
• Equal-Cost Multipath (ECMP) – Enables multiple equal-cost links in a routing environment to increase link redundancy and scale bandwidth
• Bidirectional Forwarding Detection (BFD) – Enables link connectivity monitoring and reduces network convergence time for RIP, OSPF, BGP, IS-IS, VRRP, and IRF
• PIM-SSM, PIM-DM, and PIM-SM (for IPv4 and IPv6) – Support IP Multicast address management and inhibition of DoS attacks
• Multicast Source Discovery Protocol (MSDP) – Is used for inter-domain multicast applications, allowing multiple PIM-SM domains to interoperate
• IGMPv1, v2, and v3 – Allow individual hosts to be registered on a particular VLAN

Security

• Access Control Lists (ACLs) – Provides IP Layer 2 to Layer 4 traffic filtering; supports VLAN ACL and port ACL
• Multiple User Authentication Methods –
  • IEEE 802.1X – Uses an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server to authenticate in accordance with industry standards
  • Web-Based Authentication – Provides a browser-based environment, similar to IEEE 802.1X, to authenticate clients that do not support the IEEE 802.1X supplicant
  • MAC-Based Authentication – Authenticates the client with the RADIUS server based on the client's MAC address
• Identity-Driven Security and Access Control –
  • Per-User ACLs – Permits or denies user access to specific network resources based on user identity and time of day, allowing multiple types of users on the same network to access specific network services without risking network security or allowing unauthorized access to sensitive data
  • Automatic VLAN Assignment – Automatically assigns users to the appropriate VLAN based on their identities
• Secure Management Access – Delivers secure encryption of all access methods (CLI, GUI, or MIB) through SSHv2, SSL, and/or SNMPv3
• Secure FTP – Allows secure file transfer to and from the switch; protects against unwanted file downloads or unauthorized copying of a switch configuration file
• Guest VLAN – Provides a browser-based environment to authenticated clients that is similar to IEEE 802.1X
• Endpoint Admission Defense (EAD) – Provides security policies to users accessing a network
• Port Security – Allows access only to specified MAC addresses, which can be learned or specified by the administrator
• Port Isolation – Secures and adds privacy, and prevents malicious attackers from obtaining user information
• STP BPDU Port Protection – Blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged BPDU attacks
• STP Root Guard – Protects the root bridge from malicious attacks or configuration mistakes
• DHCP Protection – Blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks
• Dynamic ARP Protection – Blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or theft of network data
• IP Source Guard – Filters packets on a per-port basis, which prevents illegal packets from being forwarded
• RADIUS/HWTACACS – Eases switch management security administration by using a password authentication server
• Multiple Customer Edge (MCE) – Facilitates MPLS VPN network integration with support for up to 63 VPNs
• ICMP Throttling – Defeats ICMP denial-of-service attacks by enabling any switch port to automatically throttle ICMP traffic

Convergence

• IEEE 802.1AB Link Layer Discovery Protocol (LLDP) – Facilitates easy mapping using network management applications with LLDP automated device discovery protocol
• LLDP-MED – Is a standard extension that automatically configures network devices, including LLDP-capable IP phones
• LLDP-CDP Compatibility – Receives and recognizes CDP packets from Cisco's IP phones for seamless interoperation
• PoE Allocations – Supports multiple methods (automatic, IEEE 802.3af class, LLDP-MED, or user-specified) to allocate PoE power for more efficient energy savings
• Voice VLAN – Automatically assigns VLAN and priority for IP phones, simplifying network configuration and maintenance
• IP Multicast Snooping and Data-Driven IGMP – Automatically prevent flooding of IP multicast traffic
• Multicast VLAN – Allows multiple VLANs to receive the same multicast traffic, reducing network bandwidth demand by eliminating multiple streams to each VLAN
• Protocol Independent Multicast (PIM) – Is used for multicast applications; supports PIM Dense Mode (PIM-DM) and Sparse Mode (PIM-SM)
• Multicast Source Discovery Protocol (MSDP) – Allows multiple PIM-SM domains to interoperate; is used for inter-domain multicast applications

Device Support

• Cisco Prestandard PoE Support – Detects and provides power to Cisco's prestandard PoE devices such as wireless LAN access points and IP phones

Additional Information

• Green Initiative Support – Provides support for RoHS and WEEE regulations
• Green IT and Power – Uses the latest advances in silicon development and shuts off unused ports to improve power efficiency

Additional Information

• Green Initiative Support – Provides support for RoHS and WEEE regulations
• Green IT and Power – Uses the latest advances in silicon development and shuts off unused ports to improve power efficiency

Warranty and Support

• New Lifetime Warranty 2.0 – Advance hardware replacement for as long as you own the product with next-business-day delivery (available in most countries)
• New Electronic and Telephone Support (For Lifetime Warranty 2.0) – Limited 24/7 telephone support is available from HP for the first three years; limited electronic and business hours telephone support is available from HP for the entire warranty period.