You can enhance in-band security and improve control over access to network resources by configuring static filters to forward (the default action) or drop unwanted traffic. That is, you can configure a traffic filter to either forward or drop all network traffic moving to outbound (destination) ports and trunks (if any) on the switch.
As of June 2010, Traffic/Security filers are available on these current HP switch models:
Switch model filter availability
Model | Source-Port Filters | Protocol Filters | Multicast Filters |
---|---|---|---|
2500 Switches | Yes | Yes | Yes |
2510 Switches | Yes | Yes | Yes |
2620 Switches | Yes | No | Yes |
2800 Switches | Yes | No | No |
2910al Switches | Yes | Yes | Yes |
3400cl Switches | Yes | No | No |
3500/3500yl Switches | Yes | Yes | Yes |
3800 Switches | Yes | Yes | Yes |
4000m and 8000m Switches | Yes | Yes | Yes |
4200vl Switches | Yes | No | No |
5400zl Switches | Yes | Yes | Yes |
6400cl Switches | Yes | No | No |
6600 Switches | Yes | Yes | Yes |
8200zl Switches | Yes | Yes | Yes |
8400cl Switches | Yes | No | No |
The switch accepts up to 101 static filters. These limitations apply:
-
Source-port filters: up to 78
-
Multicast filters: up to 16 with 1024 or fewer VLANs configured. Up to 8 with more than 1024 VLANs configured.
-
Protocol filters: up to 7
The switch manages a port trunk as a single source or destination for sourceport filtering. If you configure a port for filtering before adding it to a port trunk, the port retains the filter configuration, but suspends the filtering action while a member of the trunk. If you want a trunk to perform filtering, first configure the trunk, then configure the trunk for filtering. See Configuring a filter on a port trunk.