Security and Availability
The DES-3200 Series supports 802.1X port-based/host-based access control, Guest VLAN and RADIUS/TACACS /XTACACS/TACACS+ Authentication for strict access control over the network. The IP-MAC-Port Binding feature allows administrators to bind a source IP address with an associated MAC for a defined port number to enhance user access control. Furthermore, with the DHCP snooping feature, the switch automatically pairs the IP/MAC by snooping DHCP packets and saving them to the IMPB white list. These features play a significant role in keeping the network secure and auditable. The built-in D-Link Safeguard Engine identifies and prioritizes “CPU interested” packets to prevent malicious traffic from interrupting normal network flows and protects switch operation. In addition, the DES-3200 Series provides various multi-layer Access Control List (ACL) rules. Administrators are able to limit the network services or access rights without impacting the switch performance.
For mission critical environments the DES-3200 Series supports 802.1D-2004 edition, 802.1w and 802.1s Multiple Spanning Tree (MSTP). STP allows you to configure the switch with a redundant backup bridge path, so transmission and reception of packets can be guaranteed in the event of any failed switch on the network. The switches also support 802.1AX and 802.3ad Link Aggregation, enabling you to group multiple ports in parallel to form a single port, increasing bandwidth and redundancy for higher availability. For Quality of Service (QoS), the switch supports 802.1p and advanced packet classification based on TOS, DSCP, MAC address, IP addresses, VLAN ID, TCP/UDP port number, protocol type, and user-defined packet content. This enables flexible configuration for specific multi-media applications such as VoIP or IPTV. Furthermore, the DES-3200 series supports automatic, effective QoS function for voice traffic. The Voice VLAN1 includes the voice end points automatically in to a dedicated VLAN with higher priority to guarantee the quality and security of the voice traffic.
Traffic and Bandwidth Control
The bandwidth control feature allows network administrators to define the ingress/egress throughput levels for each port with granularity down to 8kpbs. The switch also supports the storm control feature which minimizes damages within the network. Port mirroring helps administrators facilitate traffic diagnostics or track switch performance and make changes if necessary. The DES-3200 Series supports a two rate and single-rate Three Color Marker (trTCM/srTCM) to classify traffic streams into conforming and nonconforming groups to guarantee the minimum bandwidth for important traffic.
The DES-3200 series provides full L2 multicast functions, including IGMP snooping, IGMP filtering, fast leave, and multicast traffic configuration for specific ports. With L2 Multicast support, the DES-3200 series shows its ability to handle growing IPTV application. The Host-based IGMP/MLD Snooping allows multiple multicast subscribers per physical interface and ISM VLAN sends multicast streams in a multicast VLAN to save bandwidth in the backbone network. The ISM VLAN profiles allow users to bind/replace the pre-defined multicast registration information to subscription ports quickly and easily.
The DES-3200 series provides cable diagnostics to check the status of network cables and pinpoint the cause of any network cable malfunction without requiring on-site operator support. The 802.1ag Connectivity Fault Management (CFM) feature provides tools to monitor and troubleshoot end-to-end Ethernet networks, allowing service providers to check connectivity, isolate network issues, and identify customers afected by network issues. The 802.3ah Ethernet OAM, Dying Gasp, and D-Link Unidirectional Link Detection (DULD) functions can improve network management on the Ethernet and help maintain a stable network connection and support fault locating.
The DES-3200 series supports standard management protocols such as SNMP, RMON, Telnet, SSH/SSL security authentication, and DHCP relay option 82. The switch series also features a web-based GUI that provides a user-friendly interface and easy management. DHCP auto-configuration is an enhanced management feature that allows administrators to preset a configuration on a TFTP server and apply to switches automatically when the switch is trying to get IP addresses from DHCP. It makes the switch deployment easier and quicker, especially in a large scale network. LLDP and LLDP-MED1 provide quick discovery of Ethernet equipment especially for endpoint devices. According to the discovery result, administrators can easily push the configurations to corresponding devices and build up a topology drawing through the network management system (NMS) quickly.
D-Link Single IP Management (SIM) simplifies and speeds up management tasks, allowing multiple switches to be configured, monitored and maintained from any workstation running a web browser through one unique IP address. The DES-3200 Series also works with D-Link’s D-View 6.0 software. D-View 6.0 is a Network Management System that allows for the central management of critical network characteristics such as availability, reliability, resilience, and security. D-View 6.0 provides a useful set of tools for network administrators who want to effectively manage device configurations, fault tolerance, performance, and security.
The DES-3200 Series has been certified with IPv6 Ready Logo Phase 2 which guarantees the connectivity and manageability in an IPv6 network. Furthermore, it supports IPv4/v6 dual stack function that allows the switch to act as a bridge between IPv4 and IPv6 networks. As networks grow and the need for larger addressing and higher security becomes critical, the DES-3200 Series supports various IPv6 ACL, IMPBv6 1, and L3 Control Packet Filtering functions to protect the network against attacks and meet the requirements for the design of the IPv6 architecture.