Description
Details
With support for both static and RIP routing protocols, the JL385A Aruba IOT Ready 2540 48-Port Gigabit Ethernet 4SFP+ Switch from HP is a versatile and reliable networking solution. This switch comes equipped with 48 autosensing Gigabit Ethernet ports along with a single dual-personality serial console port that can be configured as either a RJ-45 port or micro-B USB port. Inside the Aruba JL354A you will find a 1016 MHz dual core ARM Cortex A9 CPU along with 1GB of DDR3 SDRAM and a 12.38 MB packet buffer to ensure smooth operation when the switch is operating at maximum capacity. The JL355A is capable of handling a heavy workload as it features a 176 Gbps switching capacity, a throughput of up to 112.0 Mpps, and a MAC address table capable of supporting up to 16,384 entries.
Once installed, users benefit from a variety of network features covering everything from wired and wireless connectivity to Quality of Service, connectivity, network management and more. This HP Aruba switch features the ClearPass Policy Manager support designed for use with both wired and wireless policies making it easy to manage connections to a variety of devices. Intuitive QoS functionality includes support for the 802.1p network standard to prioritize network traffic, support for Layer 4 prioritization, rate limiting on a per-port basis, and more. Connectivity features include auto-MDIX support, IPv6 compatibility, and more. Managing the network has also been simplified as the JL354A offers support for the SNMP v1, v2, and v3, zero touch provisioning, the option to utilize dual flash images, troubleshooting ingress, and more.
To secure the network HP has included a variety of security features in this Aruba switch. Multiple user authentication methods allow for a variety of avenues for users to access the network including a browser based method, MAC-based authentication, and 802.1X authentication. Other security features include access control lists, source-port filtering, secure shell encryption, port security, and more.
Unified Wired and Wireless
- ClearPass Policy Manager support Unified wired and wireless policies using Aruba ClearPass Policy Manager
- Switch auto-configuration automatically configures switches for different settings such as VLAN, and CoS
- User role defines a set of switch-based policies in areas such as security, authentication, and QoS. A user role can be assigned to a group of users or devices, using switch configuration or ClearPass
- HTTP redirect function supports HPE Intelligent Management Center (IMC) bring your own device (BYOD) solution
- Static IP Visibility allows ClearPass to do accounting for clients with static IP address
Quality of Service (QoS)
- Traffic prioritization (IEEE 802.1p) allows real-time traffic classification into eight priority levels mapped to eight queues
- Layer 4 prioritization enables prioritization based on TCP/UDP port numbers
- Class of service (CoS) sets the IEEE 802.1p priority tag based on IP address, IP Type of Service (ToS), Layer 3 protocol, TCP/UDP port number, source port, and DiffServ
- Rate limiting sets per-port ingress enforced maximums and per-port, per-queue minimums
- Large buffers provide graceful congestion management
Connectivity
- Flexible 10 Gbps Ethernet connectivity with four fixed 10 Gigabit ports (SFP+) available
- Auto-MDIX provides automatic adjustments for straight-through or crossover cables on all 10/100 and 10/100/1000 ports
- IPv6
- IPv6 host Enables switches to be managed in an IPv6 network.
- Dual stack (IPv4 and IPv6) Transitions from IPv4 to IPv6, supporting connectivity for both protocols.
- MLD snooping Forwards IPv6 multicast traffic to the appropriate interface.
- IPv6 ACL/QoS Supports ACL and QoS for IPv6 network traffic.
- IPv6 routing Supports static and RIPng protocols.
- Security Provides RA guard, DHCPv6 protection, dynamic IPv6 lockdown, and ND snooping
Performance
- Energy-Efficient Design
- 80 PLUS Silver Certified power supply increases power efficiency and savings.
- Energy-efficient Ethernet (EEE) support Reduces power consumption in accordance with IEEE 802.3az
- Aruba ProVision ASIC architecture is designed with the latest Aruba ProVision ASIC, providing very low latency, increased packet buffering, and adaptive power consumption
- Selectable queue configurations allow for increased performance by selecting the number of queues and associated memory buffering that best meet the requirements of the network applications
Convergence
- IP multicast snooping and data-driven IGMP automatically prevent flooding of IP multicast traffic
- IEEE 802.1AB Link Layer Discovery Protocol (LLDP) facilitates easy mapping using network management applications with LLDP automated device discovery protocol
- LLDP-MED (Media Endpoint Discovery) defines a standard extension of LLDP that stores values for parameters such as QoS and VLAN to configure automatically network devices such as IP phones
- Local MAC Authentication assigns attributes such as VLAN and QoS using locally configured profile that can be a list of MAC prefixes
Resiliency and High Availability
- IEEE 802.1s Multiple Spanning Tree provides high link availability in multiple VLAN environments by allowing multiple spanning trees; provides legacy support for IEEE 802.1d and IEEE 802.1w
- IEEE 802.3ad link-aggregation-control protocol (LACP) and port trunking support up to 26 static, dynamic, or distributed trunks with each trunk having up to eight links (ports) per static trunk
- SmartLink provides easy-to-configure link redundancy of active and standby links
Management
- SNMPv1, v2, and v3 provide complete support of SNMP; provide full support of industry-standard Management Information Base (MIB) plus private extensions; SNMPv3 supports increased security using encryption
- Zero-Touch Provisioning (ZTP) simplifies installation of the switch infrastructure using the Aruba Activate-based or a DHCP-based process with AirWave Network Management
- Aruba Central support cloud-based management platform offers a simple, secure, and cost-effective way to manage switches
Manageability
- Dual flash images provide independent primary and secondary operating system files for backup while upgrading
- Friendly port names allow assignment of descriptive names to ports
- Find-Fix-Inform finds and fixes common network problems automatically, then informs administrator
- Multiple configuration files allow multiple configuration files to be stored to a flash image
- Software updates free downloads from the Web
- RMON, XRMON, and sFlow provide advanced monitoring and reporting capabilities for statistics, history, alarms, and events
- Troubleshooting ingress and egress port monitoring enable network problem solving
- Unidirectional link detection (UDLD) monitors the link between two switches and blocks the ports on both ends of the link if the link goes down at any point between the two devices
Layer 2 Switching
- VLAN support and tagging supports IEEE 802.1Q (4,094 VLAN IDs) and 512 VLANs simultaneously
- Jumbo packet support improves the performance of large data transfers; supports frame size of up to 9,220 bytes
- IEEE 802.1v protocol VLANs isolate select non-IPv4 protocols automatically into their own VLANs
- Rapid per-VLAN spanning tree (RPVST+) allows each VLAN to build a separate spanning tree to improve link bandwidth usage; is compatible with PVST+
- GVRP and MVRP allow automatic learning and dynamic assignment of VLANs
Layer 3 Services
- DHCP server centralizes and reduces the cost of IPv4 address management
Layer 3 Routing
- Static IP routing provides manually configured routing; includes ECMP capability
- 256 static and 2,000 RIP routes facilitate segregation of user data, without adding external hardware
- Routing Information Protocol (RIP) provides RIPv1, RIPv2, and RIPng routing
- DHCP protection blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks
- Dynamic ARP protection blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or theft of network data
- Dynamic IP lockdown works with DHCP protection to block traffic from unauthorized hosts, preventing IP source address spoofing
- STP root guard protects the root bridge from malicious attacks or configuration mistakes
- Identity-driven ACL enables implementation of a highly granular and flexible access security policy and VLAN assignment specific to each authenticated network user
- Per-port broadcast throttling configures broadcast control selectively on heavy traffic port uplinks
- Monitor and diagnostics digital optical monitoring of SFP+ and 1000BASE-T transceivers allow detailed monitoring of the transceiver settings and parameters
Security
- Multiple user authentication methods
- IEEE 802.1X Uses an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server to authenticate in accordance with industry standards.
- Web-based authentication provides a browser-based environment, similar to IEEE 802.1X, to authenticate clients that do not support the IEEE 802.1X supplicant.
- MAC-based authentication authenticates the client with the RADIUS server based on the client's MAC address
- Authentication flexibility
- Multiple IEEE 802.1X users per port provides authentication of multiple IEEE 802.1X users per port; prevents a user from piggybacking on another user's IEEE 802.1X authentication.
- Concurrent IEEE 802.1X, Web, and MAC authentication schemes per port switch port will accept up to 32 sessions of IEEE 802.1X, Web, and MAC authentications
- Access control lists (ACLs) provide IP Layer 3 filtering based on source and destination IP address or subnet and source and destination TCP/UDP port number
- Source-port filtering allows only specified ports to communicate with each other
- RADIUS/TACACS+ eases switch management security administration by using a password authentication server
- Secure shell encrypts all transmitted data for secure remote CLI access over IP networks
- Secure Sockets Layer (SSL) encrypts all HTTP traffic, allowing secure access to the browser-based management GUI in the switch
- Port security allows access only to specified MAC addresses, which can be learned or specified by the administrator
- MAC address lockout prevents particular configured MAC addresses from connecting to the network
- Secure FTP allows secure file transfer to and from the switch; protects against unwanted file downloads or unauthorized copying of a switch configuration file
- Switch management logon security helps secure switch CLI logon by optionally requiring either RADIUS or TACACS+ authentication
- Custom banner displays security policy when users log in to the switch
- STP BPDU port protection blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged BPDU attacks