Características de seguridad : Scanvenger y trafico no deseado Equipos SW HPE FF 12904E

soportenoc · ‎09-20-2021

buen dia

Quisiera su apoyo para confirmar si el siguiente equipo Swtich HPE FF 12904E, tiene las caracteristicas de seguridad como Scanvenger y trafico no deseado ej: worms.

Google Translated

good day

I would like your support to confirm if the following Swtich HPE FF 12904E equipment has the security features like Scanvenger and unwanted traffic eg worms.

Ivan_B · ‎09-20-2021

Hello @soportenoc !

Could you be more specific, please? I know the term 'Scavenger' is used primarily in QoS, not security. And if we speak about that scavenger traffic it's a collective term of all less-than-useful apps in enterprise, like p2p file sharing apps etc. Thus many QoS design guides suggest us to mark that traffic by DSCP 51 and set bandwidth restrictions.

You definitely can construct a QoS policy that will use extended ACL/-s to match traffic and then police it to certain CBS, but let's be realistic - with modern obfuscation tactics and encryption methods that apps like Bittorrent use, you won't be able to match their traffic with anything than specialized Firewall device with some sort of DPI embedded. 12900E series are switches after all. Another tactic that can be useful - match all known traffic flows, prioritize them accordingly and limit all the unknown traffic to certain sane limits. But still, if your Bittorrent client mimcs its traffic as HTTPS, this won't save you, you will need DPI and nothing else will help you.

For the features available check:

ACL and QoS Configuration Guide for the platform here - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00041370en_us
Laterst Release Notes, page 130 - https://support.hpe.com/hpesc/public/docDisplay?docId=a00117802en_us

I am an HPE employee

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Características de seguridad : Scanvenger y trafico no deseado Equipos SW HPE FF 12904E

Características de seguridad : Scanvenger y trafico no deseado Equipos SW HPE FF 12904E

Re: Características de seguridad : Scanvenger y trafico no deseado Equipos SW HPE FF 12904