| Features and Benefits |
| Performance |
| Architecture |
up to 76.8 Gbps crossbar switching fabric provides wire-speed intra- and inter-module switching with up to 48 million pps throughput built on ProCurve custom-designed ASIC technology |
| Resiliency and high availability |
| Router redundancy (XRRP) |
allows groups of two routers to dynamically back each other up to create highly available routed environments |
| IEEE 802.1s Multiple Spanning Tree |
provides high link availability in multiple VLAN environments by allowing multiple spanning trees |
| IEEE 802.1w Rapid Convergence Spanning Tree Protocol |
increases network uptime through faster recovery from failed links |
| IEEE 802.3ad Link Aggregation Control Protocol (LACP) and ProCurve trunking |
supports up to 36 trunks, each with up to 8 links (ports) per trunk; trunking across modules is supported |
| Hot-swappable modules |
permit modules, mini-GBICs, and one of the power supplies in a redundant power supply configuration to be added or swapped without interrupting the network |
| Optional redundant power supply |
provides uninterrupted power; allows hot-swapping of one of the two supplies when installed |
| Layer 2 switching |
| ProCurve switch meshing |
dynamically load-balances across multiple active redundant links to increase available aggregate bandwidth |
| VLAN support and tagging |
support complete IEEE 802.1Q (4,096 VLAN IDs) and 256 VLANs simultaneously |
| IEEE 802.1v protocol VLANs |
isolate select non-IPv4 protocols automatically into their own VLANs |
| GARP VLAN Registration Protocol |
allows automatic learning and dynamic assignment of VLANs |
| Layer 3 routing |
| Layer 3 IP routing |
provides routing of IP at media speed; supports static routes, RIP, RIPv2, and OSPF |
| OSPF-ECMP |
enables multiple equal-cost links in OSPF environment to increase link redundancy and scale bandwidth |
| Layer 3 services |
| UDP helper function |
UDP broadcasts can be directed across router interfaces to specific IP unicast or subnet broadcast addresses and prevent server spoofing for UDP services such as DHCP |
| Security |
| Virus throttling |
detects worm forms of network virus activity and either throttles or entirely prevents the ability of the virus to spread across the routed VLANs of the ProCurve 5300xl series, without requiring external appliances |
| ICMP throttling |
defeats ICMP denial-of-service attacks by enabling any switch port to automatically throttle ICMP traffic |
| Multiple user authentication methods |
IEEE 802.1X: industry-standard way of user authentication using an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server |
|
Web-based authentication: similar to IEEE 802.1X, provides a browser-based environment to authenticate clients that do not support the IEEE 802.1X supplicant |
|
MAC-based authentication: client is authenticated with the RADIUS server based on the MAC address of the client |
| Authentication flexibility |
Multiple IEEE 802.1X users per port: provides authentication of multiple IEEE 802.1X users per port; prevents user "piggybacking" on another user's IEEE 802.1X authentication |
|
Concurrent IEEE 802.1X and Web or MAC authentication schemes per port: switch port will accept any of IEEE 802.1X and either Web or MAC authentications |
| Access control lists (ACLs) |
provide IP Layer 3 filtering based on source/destination IP address/subnet and source/destination TCP/UDP port number |
| Identity-driven per-port ACL |
enables implementation of a highly granular and flexible access security policy specific to each authenticated network user |
| Port security |
allows access only to specified MAC addresses, which can be learned or specified by the administrator |
| MAC address lockout |
prevents configured particular MAC addresses from connecting to the network |
| Source-port filtering |
allows only specified ports to communicate with each other |
| TACACS+ |
eases switch management security administration by using a password authentication server |
| Secure Shell (SSHv2) |
encrypts all transmitted data for secure, remote command-line interface (CLI) access over IP networks |
| Secure Sockets Layer (SSL) |
encrypts all HTTP traffic, allowing secure access to the browser-based management GUI in the switch |
| Secure FTP |
allows secure file transfer to/from the switch; protects against unwanted file downloads or unauthorized copying of switch configuration file |
| Secure access to manage the ProCurve 5300xl series |
all access methods-CLI, GUI, or MIB-are securely encrypted through SSHv2, SSL, and/or SNMPv3 |
| Switch management logon security |
can require either RADIUS or TACACS+ authentication for switch CLI logon |
| Convergence |
| Layer 4 prioritization |
enables prioritization based on TCP/UDP ports |
| Traffic prioritization (IEEE 802.1p) |
allows real-time traffic classification into 8 priority levels mapped to 4 queues |
| Class of Service (CoS) |
sets IEEE 802.1p priority tag based on IP address, IP Type of Service (ToS), L3 protocol, TCP/UDP port number, source port, and DiffServ |
| Bandwidth shaping |
Rate limiting: per-port ingress-based enforced bandwidth maximums |
|
Guaranteed minimums: per-port, per-queue, egress-based guaranteed bandwidth minimums |
| Manageability |
| User-driven port configuration support |
switch port configuration responds to RADIUS stored user attributes for QoS and rate limiting when that user authenticates; these attributes are then determined by the user, not the switch port |
| RMON, XRMON, and sFlow |
provide advanced monitoring and reporting capabilities for statistics, history, alarms, and events |
| Link Layer Discovery Protocol (IEEE 802.1AB) |
automated device discovery protocol for easy mapping by network management applications |
| Friendly port names |
allows assignment of descriptive names to ports |
| ProCurve/IEEE Auto-MDIX |
automatically adjusts for straight-through or crossover cables on all 10/100/1000 ports |
| Dual flash images |
provide independent primary and secondary OS and configuration files for backup while upgrading or fine-tuning the switch configuration |
| Multiple configuration files |
allows a config file to be stored for each flash image |
| Troubleshooting |
ingress/egress port monitoring enables network problem-solving |
| Custom banner |
displays security policy when users log in to the switch |
| Industry-leading warranty |
| Lifetime warranty |
for as long as you own the product, with next-business-day advance replacement (available in most countries) |
