Web and Unmanaged

Características de seguridad : Scanvenger y trafico no deseado Equipos SW HPE FF 12904E

 
soportenoc
Occasional Visitor

Características de seguridad : Scanvenger y trafico no deseado Equipos SW HPE FF 12904E

buen dia

Quisiera su apoyo para confirmar si el siguiente equipo Swtich HPE FF 12904E, tiene las caracteristicas de seguridad como Scanvenger y trafico no deseado ej: worms.

Google Translated

good day

I would like your support to confirm if the following Swtich HPE FF 12904E equipment has the security features like Scanvenger and unwanted traffic eg worms.

1 REPLY 1
Ivan_B
HPE Pro

Re: Características de seguridad : Scanvenger y trafico no deseado Equipos SW HPE FF 12904

Hello @soportenoc !

Could you be more specific, please? I know the term 'Scavenger' is used primarily in QoS, not security. And if we speak about that scavenger traffic it's a collective term of all less-than-useful apps in enterprise, like p2p file sharing apps etc. Thus many QoS design guides suggest us to mark that traffic by DSCP 51 and set bandwidth restrictions.

You definitely can construct a QoS policy that will use extended ACL/-s to match traffic and then police it to certain CBS, but let's be realistic - with modern obfuscation tactics and encryption methods that apps like Bittorrent use, you won't be able to match their traffic with anything than specialized Firewall device with some sort of DPI embedded. 12900E series are switches after all. Another tactic that can be useful - match all known traffic flows, prioritize them accordingly and limit all the unknown traffic to certain sane limits. But still, if your Bittorrent client mimcs its traffic as HTTPS, this won't save you, you will need DPI and nothing else will help you.

For the features available check:

 

I am an HPE employee

Accept or Kudo