Datacom Systems VS-1200-S Series User Manual

Download

Page 1

Datacom Systems Inc

Access Your Network

VS-1200-S Series Data Access Switch

USER

guide

May 2011

541-0133-U-B.00

Page 2

Page 3

Product Description

The VERSAstream™ VS-1200-S Series Data Access Switches are adaptable. All ports are Any-to-Any ports and can be configured by the Command Line Interface (CLI) to be either input or output ports. Aggregation offers a complete view of the traffic and easily lets security and analysis tools collect all the data they need, expanding network visibility.

The Datacom System VERSAstream™ VS-1200-S Data Access Switch series supports your ability to specifically apply your peripheral network tools to the analysis requirements and adapt with your ever-changing network.

Page 4

VS-1200-S Data Acccess Switch

All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including photocopying, recording, taping, or information storage and retrieval systems - without the written permission of the publisher.

Products that are referred to in this document may be either trademarks and/or registered trademarks of the respective owners. The publisher and the author make no claim to these trademarks.

While every precaution has been taken in the preparation of this document, the publisher and the author assume no responsibility for errors or omissions, or for damages resulting from the use of information contained in this document or from the use of programs and source code that may accompany it. In no event shall the publisher and the author be liable for any loss of profit or any other commercial damage caused or alleged to have been caused directly or indirectly by this document.

Printed: September 2011 in East Syracuse, New York

Page 5

5Contents

Table of Contents

Section 1 Terms of Use 9

................................................................................................................................... 91 Copyright

................................................................................................................................... 92 License Agreement

................................................................................................................................... 93 Trademark Attribution

................................................................................................................................... 94 Proprietary Notice

................................................................................................................................... 95 Certifications and Marks

................................................................................................................................... 106 Safety Notices and Warnings

Section 2 Overview 11

................................................................................................................................... 111 VS-1200-S Series Summary

................................................................................................................................... 122 What Shipped?

................................................................................................................................... 123 VS-1200-S Series Features and Benefits

................................................................................................................................... 134 VS-1200-S Series Common Specifications

................................................................................................................................... 135 VS-1200-S Series Model Specific Specifications

Section 3 Hardware 15

................................................................................................................................... 151 VS-1200-S Series Front Panels

................................................................................................................................... 162 Front Panel Description

.......................................................................................................................................................... 16Power

.......................................................................................................................................................... 16Any-to-Any Ports

.......................................................................................................................................................... 17Management Port

................................................................................................................................... 173 Rear Panel Description

.......................................................................................................................................................... 17Serial DB9

.......................................................................................................................................................... 17Power Switch (SFP series)

.......................................................................................................................................................... 17Rear Label (BT series)

.......................................................................................................................................................... 18Rear Labeling (SFP series)

.......................................................................................................................................................... 18Input Power

Section 4 Initial Configuration 19

................................................................................................................................... 191 Command Line Interface (CLI)

.......................................................................................................................................................... 19Basic Functionality

.......................................................................................................................................................... 20Password Recovery

.......................................................................................................................................................... 20Basic Commands (Read Only Access)

......................................................................................................................................................... 20HELP (HE) or (?)

......................................................................................................................................................... 21POWER STATUS (PO ST)

......................................................................................................................................................... 21SHOW (SH)

......................................................................................................................................................... 22SHOW GROUPS (SH GR)

......................................................................................................................................................... 22SHOW MANAGEMENT (SH MA)

......................................................................................................................................................... 23SHOW PORT CONFIG (SH PO CO)

......................................................................................................................................................... 23SHOW PORT ROUTING (SH PO RO)

......................................................................................................................................................... 24SHOW PRODUCT (SH PR)

......................................................................................................................................................... 24SHOW TIME (SH TI)

......................................................................................................................................................... 24SHOW USERS (SH US)

.......................................................................................................................................................... 24Superuser Commands (Configuration Access)

......................................................................................................................................................... 24SU (SU)

Page 6

VS-1200-S Data Acccess Switch6

......................................................................................................................................................... 25SU SET PASSWORD (SU SE PA)

......................................................................................................................................................... 25SET PROMPT (SE PR)

......................................................................................................................................................... 25ADD USER (AD US)

......................................................................................................................................................... 25EDIT USER (ED US)

......................................................................................................................................................... 26DELETE USER (DE US)

......................................................................................................................................................... 26SET DATE (SE DA)

......................................................................................................................................................... 26SET TIME (SE TI)

......................................................................................................................................................... 26SET IP (SE IP), SUBNET (SU), GATEWAY (GA)

......................................................................................................................................................... 27SET PORT GROUP (SE PO GR)

......................................................................................................................................................... 27SET PORT MONITOR (SE PO MO)

......................................................................................................................................................... 28SET PORT NAME (SE PO NA)

......................................................................................................................................................... 28SET PORT SPEED (SE PO SP)

......................................................................................................................................................... 28SET PORT VTAG (SE PO VT)

......................................................................................................................................................... 28SET TCP PORT (SE TC PO)

......................................................................................................................................................... 29SET UPGRADE (SE UP)

......................................................................................................................................................... 29SET TELNET (SE TT)

......................................................................................................................................................... 29SET SSH (SE SH)

......................................................................................................................................................... 30SET SSH KEY (SE SH KY)

......................................................................................................................................................... 30SET PING (SE PI)

......................................................................................................................................................... 30SET SNMPv3 (SE V3)

......................................................................................................................................................... 31SET SNMPv3 SUPERUSER (SE V3 SU)

................................................................................................................................... 312 SERIAL Port Configuration (DB9)

.......................................................................................................................................................... 31HyperTerminal

................................................................................................................................... 323 MANAGEMENT Port Configuration (RJ45)

.......................................................................................................................................................... 32HyperTerminal

.......................................................................................................................................................... 33TELNET

................................................................................................................................... 334 IP Address Configuration

.......................................................................................................................................................... 33IP Address Configuration with HyperTerminal

.......................................................................................................................................................... 37IP Address Configuration with TELNET

................................................................................................................................... 415 Exercise - CLI Setting Ports

................................................................................................................................... 456 Management Connection (RJ45)

.......................................................................................................................................................... 45TELNET

.......................................................................................................................................................... 46SSH

................................................................................................................................... 487 SNMP Configuration

................................................................................................................................... 498 Small Form-Factor Plug Module

.......................................................................................................................................................... 49Intallation Prerequisites

.......................................................................................................................................................... 49Safety Guidelines

.......................................................................................................................................................... 50Installing the SFP Module

.......................................................................................................................................................... 50Removing the SFP Module

Section 5 Hardware Installation 51

................................................................................................................................... 511 Power

................................................................................................................................... 512 Any-to-Any Connection

................................................................................................................................... 523 Management Connection

Section 6 VS-1200-S Series Functional Drawing 53 Section 7 Application 55

................................................................................................................................... 551 Gathering the Data (HyperTerminal configuration example)

Page 7

7Contents

2 All Pluggable in Optical Network (TELNET configuration

................................................................................................................................... 58

example)

Section 8 Customer Service 61

................................................................................................................................... 611 Internet

................................................................................................................................... 612 Warranty

................................................................................................................................... 613 Limits of Liability

Section 9 Appendix A - Agent Capabilities MIB 63 Section 10 Appendix B - Power Supply MIB 71 Section 11 Appendix C - Structure of Management

Information MIB 83

Section 12 Appendix D - FLASHutils 89

Page 8

Page 9

1 Terms of Use

CAUTION: Changes or modifications to this unit not expressly approved by the party responsible for compliance could void the user’s authority to operate the equipment.

The following terms and conditions relate to the use of this document. Please note that Datacom Systems Inc. reserves the right, at its entire discretion, to change, modify, add, or remove portions of these Terms of Use at any time. Please read the Terms of Use carefully as your use of this document is subject to the Terms of Use stipulated herein.

1.1 Copyright

Copyright© 2011 by Datacom Systems, Inc. All rights reserved. Printed in the United States of America. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of Datacom Systems, Inc. To obtain this permission, write to the attention of the Datacom Systems legal department at 9 Adler Drive, East Syracuse, New York 13057-1290, or call 315-463-9541.

1.2 License Agreement

Notice To All Users: By using Datacom Systems, Inc. products, you agree to the terms set forth. No licenses, express or implied, are granted with respect to the technology described and Datacom Systems, Inc. retains all rights with respect to the technology described herein. If applicable, you may return the product to the place of purchase for a full refund.

1.3 Trademark Attribution

Access Your Network , DS3 ACTIVEtap , DS3switch , ETHERNETtap , Empowering Network Professionals , FDDIswitch , FIBERsplitter , FIBERswitch , FIBERSWITCH- system , FLOWcontrol , GIGABITswitch , INSERTswitch , INSERTunit , LANswitch , LINKprotect , MANAgents , MULTINETswitch , NETspan , PERMAlink , PROline , RMON SWITCHINGanalyzer , SINGLEstream , UNIVERSALswitch , VERSAstream , and WANswitch are trademarks of Datacom Systems, Inc. 1ST in Switching Solutions®, DATACOMsystems®, LANclipper®, MANAgents®, and MULTIview® are registered trademarks

of Datacom Systems, Inc. All other registered and unregistered trademarks are the sole property of their respective owners. All specifications may be changed without notice.

1.4 Proprietary Notice

This document contains proprietary information about the VS-1200-S family of products and is not to be disclosed or used except as authorized by written contract with Datacom Systems, Inc.

1.5 Certifications and Marks

Page 10

VS-1200-S Data Acccess Switch10

The CE logo indicates that this equipment has been tested and found to meet radiated and conducted emission to the European Community EMC Directive 89/336/EEC requirements as per EN 61000-6-3:2001, the generic emissions standard for

residential, commercial and light industrial devices, the limits are those for an EN 55022 Class A product.

This equipment also has been tested and found to meet the immunity levels for residential, commercial and light industrial devices according to EN 61000-6-1:2001, the interference severity levels to the standards and requirements of EN 61000-3-2 Harmonic Current, EN 61000-3-3 Voltage Fluctuations and Flicker, EN 61000-4-2 Electrostatic Discharge, EN 610004-3 Radiated Susceptibility, EN 61000-4-4 Electrical Fast Transient/Burst, EN 61000-4-5 Surge and EN 61000-4-6 Conducted Susceptibility.

This equipment has completed the Product Safety Review and found to meet the Low Voltage Directive 98/68/EEC requirements to the standards of EN 60950 Safety of Information Technology Equipment.

The RoHS compliant logo indicates that this electronic product does not exceed the limit requirements of toxic, hazardous substances or elements as set forth in Directive 2002/95/EC of the European Parliament and of the Council of 27 January 2003 on

the restriction of the use of certain hazardous substances in electrical and electronic equipment.

The crossed out wheelie bin logo signifies that the product can be recycled after being discarded, and should not be casually discarded as set forth in Directive 2002/96/EC of the European Parliament and of the Council of 27 January 2003 on waste electrical and electronic equipment (WEEE).

These explanatory labels are included in this information for the user in accordance with the requirements of IEC 60825.1.

WARNING: Class 1 laser and LED product. A class 1 laser is safe under all conditions of normal use. Invisible laser radiation may be emitted from optical port openings when no fiber cable is connected, avoid exposure to laser radiation and do not stare into open optical ports.

1.6 Safety Notices and Warnings

Page 11

2 Overview

The configurable VS-1200-S family of products increases network visibility and leverages your investment in network analyzers, probes, and security equipment by allowing you to simultaneously monitor as many supported configurable ports as you may need to fit your peripheral network tools. Greater visibility accelerates problem resolution, reduces downtime and increases enterprise productivity.

The configurable family of products are compatible with all vendor hardware and can be controlled by our Command Line Interface (CLI) software, which will allow you to control all of your configurable family of products through a single interface regardless of what network appliances you choose to deploy.

2.1 VS-1200-S Series Summary

The configurable VERSAstream Data Access Switch can combine data from multiple Ethernet network segments into one data stream. A single Gigabit device/tool, such as an intrusion detection system, protocol analyzer, or network probe can receive the aggregated data with just one network interface card (NIC).

Overview 11

The configurable product can also have additional input/output ports or Any-to-Any ports, so multiple Gigabit devices can receive the same data stream. This allows different network tools to collect data from the same network segments at the same time, eliminating contention for access to the network. Also, these ports can be configured as more input ports to include more network segments for monitoring.

Network administrators no longer need a separate tool for each network segment to achieve simultaneous 24x7 monitoring of multiple links, nor do they need to "switch" to a different segment to collect data from it. A VS-1200-S series unit simultaneously collects data from multiple network segments and aggregates all the data before sending it to the connected network tools, expanding network visibility and reducing the number of tools needed on the network And, because the VS1200-S series aggregates all the data before sending it to the connected network tool, you can always view the entire conversation even in asymmetric routing, redundant, and load-balanced environments.

Aggregation gives a complete view of traffic. Instead of collecting and manually assembling trace or log files from separate tools on separate network segments, the VS-1200-S lets security and analysis tools collect the data in a single file. In security applications, events and false positives are recorded fewer times. In all applications, data can be analyzed faster than ever, increasing uptime and saving money.

The VERSAstream™ Data Access Switch VS-1200-S series is adaptable; all ports can be configured to be input or output ports. These switches adapt with your ever-changing network.

Page 12

VS-1200-S Data Acccess Switch12

2.2 What Shipped?

VS-1200-S Series Data Access Switch

1 — Model: VS-1200-S series Data Access Switch 2 — Switching AC Adapters 2 — AC Line Cords 1 — DRL512-2M-R serial cable, DB9 M/F straight thru

2.3 VS-1200-S Series Features and Benefits

Connect any Gigabit devices or tools (protocol analyzers, probes, intrusion detection systems) for permanent simultaneous monitoring of multiple full-duplex links — eliminates the need for network connectors to be disconnected and reconnected each time a segment needs to be monitored.

Secure Shell (SSH) allows data to be exchanged using a secure channel between two networked devices.

Simple Network Management Protocol (SNMP ) protocol for managing devices on IP networks.

Multi-point analysis enables you to seamlessly analyze a packet at multiple points in your network with one tool - know exactly what is happening to data as it moves through your network.

View all the data from multiple network segments - allows you to monitor and analyze traffic from asymmetric routing paths, load-balanced applications, and redundant environments.

Any-to-Any ports allow Gigabit devices to simultaneously monitor the same links, providing extended security and analysis options, while eliminating contention for network access. Also, these ports can be configured as more input ports to include more network segments for monitoring.

Simple, easy to use Command Line Interface (CLI) configuration to adapt to your network’s setup.

Easy to install 1U space saving design. 2-year limited manufacturer’s warranty on hardware. Datacom Customer Service Support is available via:

Phone: (315) 463-9541

Fax: (315 ) 463-9557 E-mail: support@datacomsystems.com Website: www.datacomsystems.com

Page 13

2.4 VS-1200-S Series Common Specifications

Management Port (front): RJ45 @ 100 Mbps Full-Duplex

The factory configured IP Address, Subnet Mask and Default Gateway are as follows:

IP Address: 192.168.1.1; Subnet Mask: 255.255.255.0; Default Gateway: 0.0.0.0 Serial Port (rear): DB9 Power Requirement: Two external power adapters

Input: 100 - 240VAC 50 - 60Hz, 0.4-0.2 A — Output: 5VDC, 2.5A

Certified : CE, UL, CUL, CSA, TUV, CCC, PSE, JET, EU RoHS and China RoHS

Power Consumption: 12W; BTU/h: 40.9 Operating Temperature: 32º to 104° F — 0º to 40° C Storage Temperature: -22º to 149° F — -30º to 65° C

Overview 13

Operating Range Relative Humidity: 5 to 90% non-condensing Dimensions (H x W x D): includes RMC-2 rack mount bracket

1.750 x 7.950 x 7.775 inch

4.44 x 20.19 x 19.75 cm

Weight: 1.5 lbs; shipping: 6.5 lbs — 0.68 kg; shipping; 2.95 kg Warranty: Two (2) years - see 'Warranty' section for details.

2.5 VS-1200-S Series Model Specific Specifications

VS-1204BT-S: Any-to-Any Ports: 4 - 10/100/1000BaseT (RJ45 Connectors) VS-1208BT-S: Any-to-Any Ports: 8 - 10/100/1000BaseT (RJ45 Connectors) VS-1210BT/SFP-S: Any-to-Any Ports: 8 - 10/100/1000BaseT (RJ45 Connectors), 2 - SFP* VS-1210SFP-S: Any-to-Any Ports: 10 - SFP*

*SFP = Small Form Pluggable can be LX, SX or 1000Mbs copper

(Support Datacom supplied only)

Page 14

Page 15

3 Hardware

Front panel images of the VS-1200-S series are provided in this section.

3.1 VS-1200-S Series Front Panels

VS-1204BT-S

VS-1208BT-S

Hardware 15

VS-1210BT/SFP-S

Page 16

VS-1200-S Data Acccess Switch16

3.2 Front Panel Description

This section provides a illustration and description of the front panel of the VS-1200-S series. An explanation of each front panel legend follows:

3.2.1 Power

Two switching AC adapter power supplies are provided for each configurable unit. Although only one power supply is required to power the module, use of a second independent power source is strongly recommended to assure uninterrupted monitoring. Furthermore, connecting the second AC input power socket to a different external power source circuit than the first AC input power source eliminates power as a single point of failure. The power barrel sockets are located on the rear.

3.2.2 Any-to-Any Ports

Designated as INPUT or OUTPUT by 'Superuser' for use as input or output ports. See Serial and Management Port - Command Line Interface - Superuser Commands - 'SET PORT MONITOR

(SE PO MO )' section for more information.

Ports: 1 to 8 (VS-1210BT/SFP-S or VS-1208BT-S) and Ports: 1 to 4 (VS-1204BT-S):

are RJ45 connectors used for connection to network devices or tools. These jacks have integrated LEDs that display line status and line speed of each port. See the Any-to-Any RJ-45 LED Display Code table for LED display codes.

Ports: 9 to 10 (VS-1210BT/SFP-S) and Ports: 1 to 10 (VS-1210SFP-S): are sockets used with a small form-factor plug (SFP) module for connection to network devices or tools. They can be

connected through fiber or copper, or a mix of each.

LX-BT/SX-BT - The LEDs located to the right of the SFP connectors are solid green indicating a link has been detected between the respective Any-to-Any Rx port and network device/tool Tx port or network segment. The LEDs are flashing green when data is passed.

Page 17

3.2.3 Management Port

The MANAGEMENT PORT is an RJ45 socket used for 100 Mbs full-duplex connection with a straight-through LAN cable via your management LAN to a Remote Management Console which is a standard PC using any Telnet terminal emulation application.

Link indicates connection. The LED Display Code table deciphers the RJ45 jacks with integrated LEDs that display line status of the MANAGEMENT PORT.

3.3 Rear Panel Description

This section provides a description of the rear panel of the VS-1200-S series.

Hardware 17

An explanation of each rear panel legend follows:

3.3.1 Serial DB9

The SERIAL connector port is a shielded DB9 Female and is cabled to the COM port of any compatible network tool or PC where HyperTerminal software resides. It is the only port that can easily connect the Management PC to set the IP address (default 192.168.1.1) for the first time.

3.3.2 Power Switch (SFP series)

The front panel POWER 1, POWER 2 LEDs are illuminated green, respectively, when the DC power switch is depressed ON and DC power is available at both the two rear DC power sockets. Either POWER 1, POWER 2 LED illuminated red indicates a defective power source and immediate investigation as to the cause is required to insure redundant power integrity.

3.3.3 Rear Label (BT series)

DB9 nomenclature, Serial Number (SN) identifier, Media Access Control (MAC) address identifier, input power requirements, certification compliance identifiers and various other information are provided on this rear label.

Page 18

VS-1200-S Data Acccess Switch18

3.3.4 Rear Labeling (SFP series)

Serial Number (SN) identifier, Media Access Control (MAC) address identifier, input power requirements, certification compliance identifiers and various other information are provided on this rear label.

3.3.5 Input Power

Two DC input power sockets are provided on the rear panel. The front panel POWER 1 and 2 LEDs are illuminated green, respectively:

(SFP series) - when the DC POWER switch is depressed ON and DC power is available at both the two rear DC power sockets; or (BT series) - when DC power is available at both the two rear DC power sockets.

Either POWER 1 or 2 LED not illuminated when powered, indicates a defective power source and immediate investigation as to the cause is required to insure redundant power integrity.

Although only one switching AC adapter power supply is required to power the configurable unit, use of a second independent power source is strongly recommended to assure uninterrupted monitoring. Furthermore, connecting the second DC input power socket to a different external power source circuit than the first DC input power source eliminates power as a single point of failure.

Page 19

4 Initial Configuration

IMPORTANT: Prior to initial configuration of the hardware, it is imperative to review the entire Initial Configuration section before proceeding to the Installation section.

This section explains the considerations and requirements for the initial configuration of the VS1200-S series by a Command Line Interface (CLI) with a management PC using a terminal emulation application connected either through the SERIAL DB9 port or though the MANAGEMENT RJ45 port. Only one configuration session can be open at a time.

4.1 Command Line Interface (CLI)

The Command Line Interface (CLI ) is used to:

set IP address (default 192.168.1.1), Subnet Mask (default 255.255.255.0) and Gateway (default 0.0.0.0) set port speed and duplex enables the user to select which ports or groups of ports receive the data stream copies allows Any-to-Any ports to be configured as either inputs or outputs.

Initial Configuration 19

The VS-1200-S series factory default is off for all Any-to-Any ports.

4.1.1 Basic Functionality

Window Size Functionality: The CLI window is limited to 24 lines per screen and 80 characters per line. If more data than can fit is presented, a “-more-” prompt is shown on the last line.

Character Handling: Printable character (ASCII code 32-126) and non-printable noted below: Non-Printable Character Description

<enter key> Executes command; places command in history buffer <backspace key> Erases previous character entry; removes history buffer entry

Connectivity/Authentication Functionality: Connectivity to the configurable product is made through the Management RJ45 or Serial DB9 port and authentication is required. This password protection yields read-only access. To make configuration changes, Superuser (SU) mode must be accessed with another password. See the 'Superuser Commands ' section for more information.

Base Prompt: This is the text presented to the user logging in to use the CLI (default values shown). All Usernames and passwords are case-sensitive.

Enter Username: Administrator Enter Password: admin >

Superuser log in:

Example: > SU

Enter Password: password

Page 20

VS-1200-S Data Acccess Switch20

4.1.2 Password Recovery

Password Recovery is provided for cases where a user has forgotten the Superuser and/or Administrator login password. Password recovery is accomplished by connecting to the unit serially using a HyperTerminal like program and rebooting the unit. As the power-up sequence is occurring, depress <Control> <C>. Upon receipt of this command, a text recovery key will be generated and displayed prior to the prompt. This key is used to reset the passwords. An example recovery key prompt is: 617A6185774$

You must call Datacom Service Center with this recovery key in order to obtain the required response to reset passwords. Given a valid reset response, the factory default passwords will be saved in Non-Volatile memory. If an invalid response is given, a new recovery key will be calculated and displayed at the prompt, as described above, after first clearing the screen.

4.1.3 Basic Commands (Read Only Access)

The following section shows the long form of the basic command set with the shortcut input for the command noted in parenthesis. All commands, either the exact long form or the shortcut form, are entered after the prompt (default >) at the cursor. No auto-fill mode is available. After the topic heading, a brief overview of the command display function is given followed by an example (Example: >) command input.

4.1.3.1 HELP (HE) or (?)

When this command is entered, a list of commands, their shortcut inputs, and their descriptions will display. For the use and application of each command, refer to the individual command description within this section. The HELP command displays the available commands depending upon the specific product and not in ascending order as shown:

Example: > ? Available commands: ADD USER AD US Add User DELETE USER DE US Delete User EDIT USER ED US Change Username/Password EXIT EX Exit Shell HELP HE / ? Show Help POWER STATUS PO ST Show Power Supply Status SET DATE SE DA Set System Date SET GATEWAY SE GA Set Default Gateway SET IP SE IP Set IP [subnet mask] [default gateway] SET LINK PROTECT SE LP Set Link Protect parameters SET PING SE PI Set Ping ON or OFF SET PORT GROUP SE PO GR Set Group Name SET PORT MONITOR SE PO MO Set Monitor Configuration SET PORT NAME SE PO NA Set Port Name (max 32 bytes) SET PORT SPEED SE PO SP Set Port Speed SET PORT VTAG SE PO VT Set Port VTAG Stripping SET PORT VTAP SE PO VP Set Port VTAP SET PROMPT SE PR Set Command Prompt (max 32 bytes) SET SNMPv3 SE V3 Set SNMP ON or OFF

Page 21

SET SNMPv3 SUPERUSER SE V3 SU Set SNMP SuperUser Parameters SET SSH SE SH Set SSH ON or OFF SET SSH KEY SE SH KY Set SSH Key SET SUBNET SE SU Set Subnet Mask nnn.nnn.nnn.nnn SET TCP PORT SE TC PO Set TCP Port SET TELNET SE TE Set Telnet ON or OFF SET TIME SE TI Set System Time SET UPGRADE SE UP Set Upgrade ON or OFF SHOW SH Show All Current Configurable Values SHOW GROUPS SH GR Show Group Configuration SHOW MANAGEMENT SH MA Show Management Configuration SHOW PORT CONFIG SH PO CO Show Port Configuration SHOW PORT ROUTING SH PO RO Display Routing Summary SHOW PRODUCT SH PR Show Product Name and Serial Number SHOW TIME SH TI Show System Date and Time SHOW USERS SH US Display Users SU SU Enter Superuser Mode SU SET PASSWORD SU SE PA Set Superuser Password

4.1.3.2 POWER STATUS (PO ST)

Initial Configuration 21

This command displays power supply status. It is entered and displays data as shown: > POWER STATUS (PO ST)

Example:

> PO ST Power Supply 1: Good

Power Supply 2: Good >

4.1.3.3 SHOW (SH)

Using this command alone, displays general information about the product as shown:

Example:

> SH

Date/Time: 02-24-2011 16:38:31 Product: VS-1210BT/SFP-S Serial Number: 9326023 Version: 5.3.1.4 Security Version 1.0.0.14 MAC Address: 00-14-e2-00-10-d3 IP Address: 192.168.1.1 IP Subnet: 255.255.0.0 IP Default Gateway: 192.168.1.0 IP Port: 2370 FlashUtils protocol: enabled Telnet protocol: enabled

Page 22

VS-1200-S Data Acccess Switch22

SSH protocol: enabled Ping protocol: enabled SNMPv3 protocol: enabled

> The following SHOW commands, with other qualifiers, displays more specific information.

4.1.3.4 SHOW GROUPS (SH GR)

This command displays all ports as designated by the administrator (Superuser) as belonging to the same logical group. Specifically, groups can be configured as if they were a single logical port, enabling a high degree of control during both the initial setup and all subsequent moves or changes.

The GROUP NAME followed by the ports included in the group are displayed. It is entered and displays data as shown:

> SHOW GROUPS (SH GR)

Example:

> SH GR TAP:

9: Port 9

10: Port 10

4.1.3.5 SHOW MANAGEMENT (SH MA)

This command displays Management RJ45 port information as shown: > SHOW MANAGEMENT (SH MA)

Example:

> SH MA

Security Version: 1.0.0.14

MAC Address: 00-14-e2-00-10-d3

IP Address: 192.168.1.1

IP Subnet: 255.255.0.0

IP Default Gateway: 192.168.1.0

IP Port: 2370

FlashUtils protocol: enabled

Telnet protocol: enabled

SSH protocol: enabled

Ping protocol: enabled

SNMPv3 protocol: enabled >

Page 23

4.1.3.6 SHOW PORT CONFIG (SH PO CO)

This command displays all configurable related data for all ports as shown: > SHOW PORT CONFIG (SH PO CO)

Example:

> SH PO CO 01: Port 1

CFG: 1G Full Duplex Current: No Link

Type: Tap (1..2:)

Group Member: TAP

Copies to: 2,5,6,7,8,9,10

VLAN Tag Stripping: OFF 02: Port 2 CFG: 1G Full Duplex Current: No Link

Type: Tap (2..1)

Group Member: TAP

Copies to: 1,5,6,7,8,9,10

VLAN Tag Stripping: OFF Press any key...

Initial Configuration 23

4.1.3.7 SHOW PORT ROUTING (SH PO RO)

This command displays all port interface routing in a brief matrix summary as shown: > SHOW PORT ROUTING (SH PO RO)

Example:

> SH PO RO Outputs 01 02 03 04 05 06 07 08 09 10 01 ------------X-----------------------------------------------------02 ------X-----------------------------------------------------------03 -------------------------------------------------------------------04 -------------------------------------------------------------------05 -------------------------------------------------------------------06 -------------------------------------------------------------------07 -------------------------------------------------------------------08 -------------------------------------------------------------------09 -------------------------------------------------------------------10 ------------------------------------------------------------------->

Page 24

VS-1200-S Data Acccess Switch24

4.1.3.8 SHOW PRODUCT (SH PR)

This displays the name, serial number, and firmware version (x.x.x.x = boot loader. major micro. minor micro. build) of the product as shown:

> SHOW PRODUCT (SH PR)

Example:

> SH PR

Product: VS-1210BT/SFP-S

Serial Number: 9326023

Version: 5.2.0.0

4.1.3.9 SHOW TIME (SH TI)

This command displays the set date and time for the product, it is entered as shown: > SHOW TIME (SH TI)

Example:

> SH TI

Date/Time 10-09-2007 12:40:25

4.1.3.10 SHOW USERS (SH US)

This command displays all users for the configurable product. SHOW USERS (SH US)

Example:

> SH US

Administrator edituser

4.1.4 Superuser Commands (Configuration Access)

The topic headings in the following section show the long form of the Superuser command set with the shortcut input for the command noted in parenthesis. After the topic heading, a brief overview of the command display function is given followed by an example (Example: #) command input. All commands are entered after the prompt (default #) at the cursor. No auto-fill mode is available.

4.1.4.1 SU (SU)

This command accesses the Superuser mode where the product can be configured. A password prompt is displayed and the default password is “password.” Then the Superuser prompt is displayed. It looks exactly like the basic prompt, except the prompt end has turned from “>” to “#,” as shown below:

> SU (SU) Enter Password: ******** #

Page 25

4.1.4.2 SU SET PASSWORD (SU SE PA)

This command is used to change the Superuser access password as shown: SU SET PASSWORD (SU SE PA)

Example:

# SU SE PA

***Warning***

Modification of the SU password has serious consequences if the password is lost!!

***Warning***

# Enter Password: ********

# Confirm Password: ********

4.1.4.3 SET PROMPT (SE PR)

This command, followed by a text string, changes the Base Prompt as shown: # SET PROMPT (SE PR) prompt text (up to 32 characters)

Initial Configuration 25

Example:

# SE PR Datacom Datacom#

4.1.4.4 ADD USER (AD US)

This command is used to add users to the configurable product as shown: ADD USER (AD US)

Example:

# AD US Enter New Username: newuser Confirm Password: **** User newuser has been saved #

4.1.4.5 EDIT USER (ED US)

This command edits Usernames/Passwords as shown: EDIT USER (ED US) user name

Example:

# ED US newuser Enter New Username: edituser Enter Password: **** Confirm Password: **** User edituser has been saved #

Page 26

VS-1200-S Data Acccess Switch26

4.1.4.6 DELETE USER (DE US)

This command deletes users as shown: DELETE USER (USERNAME)

Example:

# DE US edituser User edituser deleted #

4.1.4.7 SET DATE (SE DA)

This command, followed by the date (MMDDYY), sets the real time clock date as shown: SET DATE (MMDDYY)

Example:

# SE DA 123107 #

4.1.4.8 SET TIME (SE TI)

This command, followed by the time (HHMMSS), sets the real time clock time as shown: SET TIME (HHMMSS)

Example:

# SE TI 033526 #

4.1.4.9 SET IP (SE IP), SUBNET (SU), GATEWAY (GA)

This command configures the IP address (default 192.168.1.1), Subnet Mask (default

255.255.255.0) and Default Gateway (default 0.0.0.0) parameters. Initially, it is highly

recommended that this be done through the direct serial connection using the HyperTerminal or equivalent terminal emulation application. Only those variables that require configuration need to be entered. The parameters may be entered separately as shown:

# SET IP (SE IP) [IP Address nnn.nnn.nnn.nnn] [SUBNET] [GATEWAY] # SET SUBNET (SE SU) [Subnet Mask nnn.nnn.nnn.nnn] # SET GATEWAY (SE GA) [Default Gateway nnn.nnn.nnn.nn*n]

Example:

# SE IP 172.169.50.134 IP will be updated at end of session

# SE SU 255.255.0.0 Subnet Mask will be updated at end of session

Page 27

# SE GA 172.169.50.1 Default Gateway will be updated at end of session

# Or, the parameters can also be entered jointly, (i.e., IP Address, Subnet Mask, Default Gateway)

but entry must be in the proper sequence order and separated by a space delimiter, as shown: # SET IP [SUBNET] [GATEWAY]

Example:

# SE IP 172.169.50.134 255.255.0.0 172.169.50.1 IP will be updated at end of session Subnet Mask will be updated at end of session Default Gateway will be updated at end of session #

4.1.4.10 SET PORT GROUP (SE PO GR)

Initial Configuration 27

This command is used to create a port list under a common name for ease of use. When displayed, the common name is all caps, regardless of case entry. As part of this command, there is a command separator (CONTAINS) or, if the OFF parameter (delete the group) is used, the CONTAINS is not used. A maximum of 10 groups is allowed.

Groups, as designated by the administrator (Superuser,) belong to the same logical group.

Specifically, groups can be configured as if they were a single logical port, enabling a high degree of control during both the initial setup and all subsequent moves or changes as shown:

SET PORT GROUP (SE PO GR) group name [OFF] or [CONTAINS] port list

Example:

# SE PO GR DatacomPorts CONTAINS 4,5,6 # SE PO GR DatacomPorts OFF #

4.1.4.11 SET PORT MONITOR (SE PO MO)

This command sets the data routing by selecting the port (output) on which the monitoring device is to be located as well as ports (input TAPS, SPAN) to be redirected to that monitor port. As part of this command, there is a command separator (FROM) or, if the OFF parameter (turn off all data routing to the selected port) is used, the FROM is not used as shown:

SET PORT MONITOR (SE PO MO) comma separated list of port numbers, port names or group names [OFF] or [FROM comma separated list of port numbers, port names or group names]

Example:

# SE PO MO Port1 FROM Engineering # SE PO MO 4 FROM 3,2,PortNine

Page 28

VS-1200-S Data Acccess Switch28

# SE PO MO 3 OFF #

NOTE: See the 'Exercise - CLI Setting Ports ' and 'Application ' sections for further explanation and examples using input and output settings for tap and Any-to-Any ports.

4.1.4.12 SET PORT NAME (SE PO NA)

This command, followed by the port number or port name, a command separator (TO), then the name text (up to 32 characters), assigns the new name text entered as shown:

SET PORT NAME (SE PO NA) port number or port name TO name text

Example:

# SE PO NA 4 TO Port 4 #

4.1.4.13 SET PORT SPEED (SE PO SP)

Speed duplex is one of the following: 10HALF, 10FULL, 100HALF, 100FULL, 1000FULL, AUTO. This command changes the port speed for a single port or a group of ports as shown:

SET PORT SPEED (Comma separated list of Port numbers, port names, or group names) (Speed duplex)

Example:

# SE PO SP 4,6,7,8 100HALF Speed set for port(s) 4, 6, 7, 8

41 55

4.1.4.14 SET PORT VTAG (SE PO VT)

This command is used to change the capability of a port to either pass VLAN Tags or strip them from a frame and recalculate the CRC of the frame as shown:

SE PO VT (Comma separated list of port numbers, port names, or group names) ON/OFF

Example:

# SE PO VT 1,4,6,7 ON #

4.1.4.15 SET TCP PORT (SE TC PO)

This command configures the TCP Port (default 2370) parameter. Initially this should be done using the serial port with a terminal application. The parameter is entered as shown:

SET TCP PORT (SE TC PO) [nnnnn]

Example:

# SE TC PO 17216 TCP Port is now updated. #

Page 29

4.1.4.16 SET UPGRADE (SE UP)

This command sets the FLASHutils service (default ENABLED) process. It is entered as shown: SET UPDATE (SE UP) [OFF or ON]

Example 1:

# SE UP OFF The FlashUtils protocol is now disabled. #

Example 2:

# SE UP ON The FlashUtils protocol is now enabled. #

4.1.4.17 SET TELNET (SE TT)

This command sets the TELNET service (default ENABLED) process. It is entered as shown: SET TELNET (SE TT) [OFF or ON]

Initial Configuration 29

Example 1:

# SE TT OFF The Telnet protocol will be disabled at end of session. #

Example 2:

# SE TT ON The Telnet protocol will be enabled at end of session. #

4.1.4.18 SET SSH (SE SH)

This command sets the SSH service (default ENABLED) process. It is entered as shown: SET SSH (SE SH) [OFF or ON]

Example 1:

# SE SH OFF The SSH protocol will be disabled at end of session. #

Example 2:

> SE SH ON The SSH protocol will be enabled at end of session. #

Page 30

VS-1200-S Data Acccess Switch30

4.1.4.19 SET SSH KEY (SE SH KY)

This command sets the SSH service (default ENABLED) process. It is entered as shown: SET SSH KEY (SE SH KY) [RSA or DSA] — RSA and DSA are algorithms for public-private-

key cryptography. Cut and paste the PEM (Privacy Enhanced Mail) encoded RSA or DSA key.

Example 1:

# SE SH KY RSA Please cut & paste the PEM encoded rsa SSH key . . . <--right mouse click if Putty or Terra Term rsa SSH Key successfully loaded #

Example 2:

> SE SH KY DSA Please cut & paste the PEM encoded dsa SSH key . . . <--right mouse click if Putty or Terra Term dsa SSH Key successfully loaded #

4.1.4.20 SET PING (SE PI)

This command enables or disables PING (default ENABLED) service process. It is entered as shown:

SET PING ENABLE (SE PI EN) [OFF or ON]

Example 1:

# SE PI EN OFF The PING protocol is now disabled.

Example 2:

# SE PI EN ON The PING protocol is now disabled. #

4.1.4.21 SET SNMPv3 (SE V3)

This command sets the SNMP service (default ENABLED) process. It is entered as shown: SET SNMPv3 (SE V3) [OFF or ON]

Example 1:

# SE V3 OFF The SNMP protocol is now disabled. #

Example 2:

> SE V3 ON The SNMP protocol is now enabled. #

Page 31

4.1.4.22 SET SNMPv3 SUPERUSER (SE V3 SU)

SET SNMPV3 SUPERUSER (SE V3 SU) name auth authPass priv privPass: This command is required to create an SNMP V3 user. There MUST be at least one SNMP user for the feature to work. It is entered as shown:

SET SNMPV3 SUPERUSER (SE V3 SU) name auth authPass priv privPass

where:

name SNMP principal [maximum of 32 characters] auth MD5/SHA [authorization encryption type] authPass authorization password - at least 12 characters priv DES/AES [privilege encryption type] privPass privilege password - at least 12 characters

Example:

> SE V3 SU username MD5 12characters DES characters12 SNMP V3 user created

4.2 SERIAL Port Configuration (DB9)

Initial Configuration 31

Note: Use of the SERIAL DB9 port, which is fairly simple and straight forward, is strongly recommended for initial configuration of the hardware.

4.2.1 HyperTerminal

Once series connection is made, any freely available terminal emulator may be utilized, however Microsoft HyperTerminal is the preferred terminal emulation program, but please take note of the specific HyperTerminal setup settings if an alternate terminal emulator is used.

HyperTerminal (terminal emulator) enter:

9600 bits per second

8 data bits

Parity none

1 stop bit

Flow control none

After completing review of the Command Line Interface (CLI) section and Exercise - CLI setting

41 33

Ports section, detailed IP Address configuration can be found in the IP Address Configuration

section.

Page 32

VS-1200-S Data Acccess Switch32

4.3 MANAGEMENT Port Configuration (RJ45)

Once VS-1200-S series connection is made to the MANAGEMENT RJ45 port, open the terminal emulation application and create a connection with settings that fit your needs:

The factory configured VS-1200-S series IP Address, Subnet Mask and Default Gateway are as follows:

IP Address: 192.168.1.1; Subnet Mask: 255.255.255.0; Default Gateway: 0.0.0.0

4.3.1 HyperTerminal

The following example utilizes Microsoft HyperTerminal. Any freely available terminal emulator may be utilized, but please take note of the specific HyperTerminal setup settings if an alternate terminal emulator is used.

IMPORTANT: For Host Address, if initial IP Address HAS NOT BEEN configured, use 192.168.1.1 (default) or if initial IP Address HAS BEEN configured, use the Local Area Network address input during initial IP Address configuration.

HyperTerminal (terminal emulator) enter:

TCP/IP (Winsock)

Host Address: nnn.nnn.nnn.nnn [i.e., 192.168.1.1 or Local Area Network]

Port Number: 23

Set HyperTerminal (terminal emulator) properties

Under File>Properties>Settings

Emulation: VT100

Under File>Properties>Settings>ASCII Setup

Check box: Send line ends with line feeds Check box: Echo typed characters locally

After completing review of the Command Line Interface (CLI) section and Exercise - CLI setting

41 33

Ports section, detailed IP Address configuration can be found in the IP Address Configuration

section.

Page 33

4.3.2 TELNET

Most network equipment and operating systems with a TCP/IP stack also support some kind of TELNET service server for remote configuration. Security-related shortcomings have limited TELNET (TErminaL NETwork) usage, although TELNET is still widely used when diagnosing problems, manually "talking" to other services without specialized client software, and administration of network elements such as integration and maintenance of core network elements.

IMPORTANT: For hostname, if initial IP Address HAS NOT BEEN configured, use 192.168.1.1 (default) or if initial IP Address HAS BEEN configured, use the Local Area Network address setting input during initial IP Address configuration.

TELNET using MANAGEMENT RJ45 - software configuration of the hardware

At the Windows command prompt enter:

telnet

At the Microsoft Telnet> prompt enter:

o nnn.nnn.nnn.nnn (open hostname) [i.e., o 192.168.1.1 or Local Area Network])

Initial Configuration 33

After reviewing the Command Line Interface (CLI) section and Exercise - CLI setting Ports

19 41

section, detailed IP Address configuration can be found in the IP Address Configuration section.

4.4 IP Address Configuration

All VS-1200-S series are shipped with a factory default configuration as follows: IP Address:192.168.1.1; Subnet Mask: 255.255.255.0; Default Gateway: 0.0.0.0

IMPORTANT: If you expect to remotely connect to the VS-1200-S series, you must change the IP Address, Subnet Mask and Default Gateway to match your Local Area Network as described in either the 'IP Address Configuration with HyperTerminal ' section or 'IP Address Configuration

with TELNET ' section.

Note: If your VS-1200-S already has the IP Address, Subnet Mask and Default Gateway set for your network, you may proceed to the 'Small Form-Factor Plug Module ' section.

4.4.1 IP Address Configuration with HyperTerminal

The IP address of the configurable series can be configured via a serial connection with either Microsoft's HyperTerminal application (available on most Windows PCs) or an open source free software terminal emulator for MS-Windows.

Step 1. Plug the VS-1200-S into an external power source using a supplied switching AC adapter and AC line cord. Note, POWER 1 or 2 LED is illuminated green indicating power is available from

the connected DC power socket. The other POWER LED is not illuminated, indicating a lack of power to the unconnected DC power socket.

Page 34

VS-1200-S Data Acccess Switch34

Step 2. Connect your PC and VS-1200-S using the provided Datacom Systems DRL512-2M-R cable. Connect the DB9 Female pin end to the serial port on your PC and connect the DB9 Male pin to the SERIAL port on the unit.

NOTE: For PCs without 9-pin serial ports, check with your product representative for available sources of a USB to RS-232 Plug-in Adapter.

Step 3. Open the HyperTerminal application on your PC by selecting START > All Programs > Accessories > Communications > HyperTerminal

Step 4. Name a new HyperTerminal connection and select OK

Page 35

Initial Configuration 35

Step 5. On the Connect to window, create a serial link by selecting the COM port assigned to the serial port on your PC from the Connect using: pull-down menu and select OK

Step 6. Next, configure the COM Properties. The initial correct settings to communicate with the VS-1200-S series (9600, 8, None, 1, None) are shown below. Once all settings are configured correctly, click Apply, then click OK.

Step 7. You are now connected, hit the Enter key twice in succession (i.e., Enter, Enter) to display the Enter Username: prompt. All Usernames and passwords are case-sensitive. Type Administrator (default value) and press the Enter key. At the Enter Password: prompt, type admin (default value) and press the Enter key to display the command line > prompt. At the command line > prompt, type su and press the Enter key. At the Enter Password: prompt, type password (default value) and press the Enter key to display the command line # prompt. To see a list of available commands, at either the > or # command line prompt, type ? and press the Enter key.

Page 36

VS-1200-S Data Acccess Switch36

Step 8. SET IP (SE IP) by typing se ip xxx.xxx.xxx.xxx corresponding to a valid IP address for your network. Press the Enter key to continue.

Step 9. SET SUBNET (SE SU) by typing se su xxx.xxx.xxx.xxx corresponding to your network's subnet mask. Press the Enter key to continue.

Step 10. SET GATEWAY (SE GA) (if needed) by typing se ga xxx.xxx.xxx.xxx corresponding to your network's default gateway. Press the Enter key to continue.

Step 11. SHOW (SH) by typing sh and press the Enter key to display and affirm that the pending IP Address, IP Subnet and IP Default Gateway match the intended Local Area Network input IP Address, IP Subnet and IP Default Gateway.

Step 12. If the pending IP Address is not correct, repeat Step 8, if the pending IP Subnet is not correct, repeat Step 9 and if the pending IP Default Gateway is not correct, repeat Step 10. Repeat Step 11 to review and verify that the pending IP Address, IP Subnet and IP Default Gateway match the intended Local Area Network input IP Address, IP Subnet and IP Default Gateway.

Page 37

Initial Configuration 37

Step 13. Type Exit to save the network address changes and press the Enter key to end the connection session indicated by 'Connection closed' response.

Step 14. Close HyperTerminal, respond 'Yes' to the "You are currently connected. Are you sure you want to disconnect now?' prompt and respond 'Yes, No or Cancel,' as you prefer, to the "Do you want to save the connection named "Connect"?" prompt.

Step 15. Disconnect the DRL512-2M-R serial cable.

Step 16. Install the VS-1200-S series in your chosen network location.

4.4.2 IP Address Configuration with TELNET

The IP address of the configurable series can be configured via a RJ45 connection with a TELNET application (available on most Windows PCs) or an open source free software terminal emulator for MS-Windows.

Step 1. Connect the VS-1200-S with one of the supplied switching AC adapters and AC line cords into an external power source. Either POWER 1 or 2 LED illuminates green indicating power is

available from the connected source. The other POWER LED is not illuminated, indicating a lack of power to the unconnected DC power socket.

Step 2. Using a cross-over Cat 5e cable, connect one end to the VS-1200-S MANAGEMENT port and the other end to the RJ45 port on your management PC.

Page 38

VS-1200-S Data Acccess Switch38

Step 3. Check the PC Local Area Network Connection by selecting START > Control Panel > Network Connections

Step 4. Right click the Local Area Connection and from the drop down menu select Properties. Highlight Internet Protocol (TCP/IP) and highlight and click the Properties box. Check the button Use the following IP Address: Use IP Address: 192.168.1.5 and Subnet Mask: 255.255.255.0. Click OK.

Page 39

Initial Configuration 39

Step 5. Open the Command Prompt on your PC by selecting START > All Programs > Accessories > Command Prompt

Step 6. In the Command Prompt window, at the prompt, enter TELNET and hit the Enter key. (To

see a list of available Microsoft Telnet Client Commands, at the prompt, enter ? and hit the Enter key. Supported commands will be displayed.)

Step 7. At the Command Prompt window prompt, enter o 192.168.1.1 and hit the Enter key.

Page 40

VS-1200-S Data Acccess Switch40

Step 8. You are now connected at the Enter Username: prompt. Usernames and passwords are case-sensitive. Type Administrator (default value) and press the Enter key. At the Enter Password: prompt, type admin (default value) and press the Enter key to display the command line > prompt. At the command line > prompt, type su and press the Enter key. At the Enter Password: prompt, type password (default value) and press the Enter key to display the command line # prompt. To see a list of available commands, at either the > or # command line prompt, type ? and press the Enter key .

Step 9. SET IP (SE IP) by typing se ip xxx.xxx.xxx.xxx corresponding to a valid IP address for your network. Press the Enter key to continue.

Step 10. SET SUBNET (SE SU) by typing se su xxx.xxx.xxx.xxx corresponding to your network's subnet mask. Press the Enter key to continue.

Step 11. SET GATEWAY (SE GA) (if needed) by typing se ga xxx.xxx.xxx.xxx corresponding to your network's default gateway. Press the Enter key to continue.

Step 12. SHOW (SH) by typing sh and press the Enter key to display and affirm that the pending IP Address, IP Subnet and IP Default Gateway match the intended Local Area Network input IP Address, IP Subnet and IP Default Gateway.

Page 41

Initial Configuration 41

Step 13. If the pending IP Address is not correct, repeat Step 9, if the pending IP Subnet is not correct, repeat Step 10 and if the pending IP Default Gateway is not correct, repeat Step 11. Repeat Step 12 to review and verify that the pending IP Address, IP Subnet and IP Default Gateway match the intended Local Area Network input IP Address, IP Subnet and IP Default Gateway.

Step 14. Type Exit and press the Enter key to save the network address changes which ends the connection session as indicated in a few seconds by .the Windows informational message balloon pop-up icon "Local Area Connection - A network cable is unplugged."

Step 15. Close TELNET

Step 16. Disconnect the DRL512-2M-R serial cable.

Step 17. Install the VS-1200-S series in your chosen network location.

4.5 Exercise - CLI Setting Ports

PREMISE: The configurable VERSAstream allows multiple network devices/tools to receive the combined data of multiple Ethernet network segments. All VERSAstream 1200-S Series’ Any-

to-Any ports can be set to be inputs or outputs as shown in the 'Command Line Interface (CLI) ' section.

Page 42

VS-1200-S Data Acccess Switch42

GOAL/SOLUTION: The exercise for the setup of a VS-1210BT/SFP-S shown is as follows:

Ports 1, 2, 3 and 4 have been setup as inputs. Port 5 has been setup to output data to a Network IDS from Port 4’s input. Port 6 has been setup to output aggregated data to a Probe from Port 3 and 4’s inputs. Port 7 has been setup to output data to a Network IDS from Port 1’s input and returns TCP resets from the Network IDS. Port 8 has been setup to output data to a Network IDS from Port 2’s input and returns TCP resets from the Network IDS. Port 9 has been setup to output aggregated data to a Network IDS from Port 1 and 2’s inputs/ outputs and returns TCP resets from the Network IDS. Port 10 has been setup to output aggregated data to a Probe from Port 1, 2, 3, and 4’s inputs.

NOTE: Port 9’s Network IDS’s network interface card (NIC) can handle both sides of the network conversation at once. Port 7 and 8’s Network IDS’s network interface cards cannot handle the whole conversation at once and must use two separate NICs for each side of the conversation. It can be setup either way to fit your network devices/tools’ requirements.

CONFIGURATION: For the connections to be properly set, use the syntax below in the Command Line Interface (CLI) to setup Any-to-Any ports. As the IP address (default 192.168.1.1) is set during the 'Initial Configuration' it is not covered in this section, see the 'IP Address ' section for those steps. The connections in this exercise are setup in the CLI as shown below (syntax is shown with either user > or Superuser # prompts):

For Initial Configuration, open HyperTerminal on your Management PC using the VS-1210BT/SFP SERIAL DB9 port. Settings are found in the 'Initial Configuration', 'SERIAL Port Configuration (DB9)', 'HyperTerminal ' section.

Press Enter key, Enter key, then enter your Username (default: Administrator), Enter key, Password (default: admin) and Enter key. Default prompt is the > symbol.

Page 43

Initial Configuration 43

Then enter Superuser mode, at the user prompt >, enter SU, Enter key, and enter the Password (default: password) and Enter key. Default prompt is the # symbol.

In Superuser mode use the following syntax for the different connections. This syntax sets the input/ output for Any-to-Any ports as well as the input/output for Tap ports.

The VS-1200-S Series factory default for all Any-to-Any ports is off.

Ensure there are no previous settings present, go through Ports 1-10 and set them to OFF as shown:

# SET PORT MONITOR 1 OFF # SET PORT MONITOR 2 OFF # SET PORT MONITOR 3 OFF # SET PORT MONITOR 4 OFF # SET PORT MONITOR 5 OFF # SET PORT MONITOR 6 OFF # SET PORT MONITOR 7 OFF # SET PORT MONITOR 8 OFF # SET PORT MONITOR 9 OFF # SET PORT MONITOR 10 OFF

Now you can begin setting the Tap and Monitor ports as to which port inputs the data and which ports aggregate and/or output the data.

Port 1 is set as output for Ports 7 and 9’s input which is set with this syntax:

# SET PORT MONITOR 1 FROM 7,9

Port 2 is set as output for Ports 8 and 9’s input which is set with this syntax:

# SET PORT MONITOR 2 FROM 8,9

Page 44

VS-1200-S Data Acccess Switch44

Port 5 is set as output for Port 4’s input which is set with this syntax:

# SET PORT MONITOR 5 FROM 4

Port 6 is set as output for Ports 3 and 4’s input which is set with this syntax:

# SET PORT MONITOR 6 FROM 3,4

Port 7 is set as output for Port 1’s input/output which is set with this syntax:

# SET PORT MONITOR 7 FROM 1

Port 8 is set as output for Port 2’s input/output which is set with this syntax:

# SET PORT MONITOR 8 FROM 2

Port 9 is set as output for Ports 1 and 2’s input/output which is set with this syntax:

# SET PORT MONITOR 9 FROM 1,2

Port 10 is set as output for Ports 1, 2, 3, and 4’s input which is set with this syntax:

# SET PORT MONITOR 10 FROM 1,2,3, 4

As a quick check, show port routing interface matrix with this syntax:

# SH PO RO Outputs 01 02 03 04 05 06 07 08 09 10 01 ---------------------------------------X-----------X----X 02 ----------------------------------------------X----X----X 03 ---------------------------------X-----------------------X 04 ---------------------------X----X-----------------------X 05 ----------------------X----------------------------------06 ----------------X----X----------------------------------07 ---X-----------------------------------------------------08 ---------X-----------------------------------------------09 ---X----X-----------------------------------------------10 ---X----X-----X----X-----------------------------------#

This completes the exercise using the Command Line Interface for setting ports.

Page 45

4.6 Management Connection (RJ45)

Once installation of the Link Aggregation Tap has been completed in your chosen network location, see Hardware Installation section, management connection is initiated over the network via either TELNET or SSH as explained in the following section.

4.6.1 TELNET

Note: For security, TELNET can be disabled using the Command Line Interface.

IMPORTANT: For hostname, if initial IP Address HAS BEEN configured, as is the case shown below,

use the Local Area Network address setting input during initial IP Address configuration. Otherwise, if initial IP Address HAS NOT BEEN configured, see the Management Module Connection section in the Management (RJ45) section.

Initial Configuration 45

TELNET using MANAGEMENT RJ45 - software configuration of the hardware

At the Windows command prompt enter:

telnet

At the Microsoft Telnet> prompt enter:

o nnn.nnn.nnn.nnn (open hostname) [i.e., o Local Area Network IP] Step 1. Open the Command Prompt on your PC by selecting START > All Programs >

Accessories > Command Prompt

Step 2. In the Command Prompt window, at the prompt, enter TELNET and hit the Enter key. (To

see a list of available Microsoft Telnet Client Commands, at the prompt, enter ? and hit the Enter key. Supported commands will be displayed.)

Step 3. At the Command Prompt window, enter o Local Area Network IP and hit the Enter key.

Step 4. You are now at the Enter Username: prompt. Usernames and passwords are case-

sensitive. Type Administrator (default value) and press the Enter key. At the Enter Password: prompt, type admin (default value) and press the Enter key to display the command line > prompt. To see a list of available commands, at the > command line prompt, type ? and press the Enter key .

Step 5. Type Exit and press the Enter key to end the connection session as indicated in a few seconds by the Windows informational message balloon pop-up icon "Local Area Connection - A network cable is unplugged."

Step 6. Close TELNET.

Page 46

4.6.2 SSH

Secure Shell (SSH ) is a network protocol that uses public key cryptography that allows secure network services to be exchanged over an insecure network between two networked devices. SSH Secure Shell with its array of unmatched security features is an essential tool in today's network environment. It is a powerful guardian against the numerous security hazards that nowadays threaten network communications.

Several different versions of the Secure Shell client and server exist. Please note that the different versions may use different implementations of the SSH protocol, and therefore you may not be able to connect to an SSH1 server using SSH2 client software, or vice versa.

Restrictions for Secure Shell Version 2 Support:

The following instructions illustrate a "typical" PuTTy SSH client configuration. This example was prepared using PuTTy version 0.60. PuTTy.

VS-1200-S Data Acccess Switch46

Execution Shell and remote command execution are the only applications supported. Compression is not supported.

Step 1. When you start PuTTy, you see the dialog box that allows you to control everything PuTTy can do. You don't need to change most of the configuration options. To start the simplest kind of session, all you need to do is to enter a few basic parameters.

Page 47

Initial Configuration 47

Step 2. In the Host Name (or IP address) box, enter the host name or IP address of the SSH Server you want to connect to. Once you have filled in the Host Name (or IP address), Connection

type: [default: SSH] and possibly Port [default: 22] settings, you are ready to connect.

Step 3. Press the Open button at the bottom of the dialog box, and PuTTy will begin trying to

connect you to the server. If you are using SSH to connect to the SSH Server for the first time, you will probably see a message looking something like this:

The warning message above asks you whether you want to trust this host key or not. This is a feature of the SSH protocol, it is designed to protect against a network attack known as spoofing which redirects your connection to a different computer, so that you send your password to the wrong machine. To prevent this attack, each SSH Server has a unique identifying code, called a host key. So if you connect to a SSH Server and it sends you a different host key from the one you were expecting, you will have the chance to abandon your connection before you type any private information (such as a password) into it.

Page 48

VS-1200-S Data Acccess Switch48

Whether or not to trust the host key is your choice. Connecting within a company network, you might feel that all the network users are on the same side and spoofing attacks are unlikely, so you might choose to trust the key without checking it. Connecting across a hostile network (such as the Internet) you should check with your system administrator.

Step 4. After you have connected, you will be asked to login as:, type Administrator (default value) and press the Enter key. At the Administrator@hostname (or IP address)'s password: prompt, type admin (default value) and press the Enter key to display the command line > prompt. To see a list of available commands, at the > command line prompt, type ? and press the Enter key .

Step 5. Type Exit and press the Enter key to end the connection session. Close PuTTy.

4.7 SNMP Configuration

IMPORTANT: SNMP MUST be enabled and there MUST be at least one SNMP user for the SNMP feature to work.

Once installation of the Link Aggregation Tap has been completed in your chosen network location, if at least one SNMP user has not been created, refer to the CLI Command Set to:

Step 1. SET SNMPv3 (SE V3) [ON].

Step 2. SET SNMPV3 SUPERUSER (SE V3 SU) name auth authPass priv privPass

Use your Network Management System to access the Link Aggregation Tap to perform GET, SET, TRAP, etc. SNMP functions.

The Appendix A - Agent Capabilities MIB , Appendix B - Power Supply MIB and Appendix

C - Structure of Management MIB sections are for your reference.

63 71

RELEASE NOTES:

1. When adding a TRAP destination, any specified snmpTargetAddrTagList string must be

restricted to alphanumeric characters (0-9, a-z, A-Z).

Page 49

4.8 Small Form-Factor Plug Module

This section provides information about small form-factor plug (SFP) modules. The SFP modules are input/output devices that plug into a Gigabit Ethernet (GE) small form-factor (SFF) port, linking the port with a 1000Base-X fiber or 1000Base-T copper network.

The fiber SFP module have a receiver port (Rx) and a transmitter port (Tx) that make up one optical interface.The 1000Base-SX (short wavelength) SFP module operates on standard multimode fiber networks compliant with the 1000Base SX standard. The 1000Base-LX (long wavelength) SFP module operates on standard single-mode fiber networks compliant with the 1000Base LX standard. The fiber SFP module is a 1000 Mbps optical interface in the form of an LC-type duplex port that supports interfaces compliant with the 1000Base-X standard.

The copper SFP module is compliant with the 1000Base-T standard and operates on standard Category 5 wiring and has an RJ45 connector.

4.8.1 Intallation Prerequisites

This section describes safety and compliance guidelines you should observe before you install an SFP module in your VS-1200-S series unit.

Initial Configuration 49

NOTE: You can install and remove SFP modules with power on to the system; however, it is strongly recommended that you do not install or remove the SFP module with fiber or copper cables attached to it. Disconnect all cables before removing or installing a SFP module.

CAUTION: Prevent system problems, use only Datacom Systems Inc. supplied SFP modules.

4.8.2 Safety Guidelines

Before handling a SFP module, observe the following guidelines:

Copper and fiber SFP modules are static-sensitive. To prevent electrostatic discharge (ESD) damage, follow your normal ESD handling procedures. Fiber SFP modules are dust-sensitive. When storing a SFP module or when a fiber cable is not plugged in, always keep plugs in the SFP module optical hole. The most common source of contaminants in the fiber SFP optical aperture is debris picked up on the terminations of the optical connectors. Use an alcohol swab or lint-free absorbent wipes to clean the terminations of the optical connector.

WARNING: Fiber SFP modules are class 1 laser and LED products. Invisible laser radiation may be emitted from the port opening when no fiber cable is connected, avoid exposure to laser radiation and do not stare in open optical ports.

Page 50

VS-1200-S Data Acccess Switch50

4.8.3 Installing the SFP Module

SFP modules might ship already installed in your VS-1200-S, or they might arrive packaged separately. This section describes how to install the SFP module.

NOTE: You can install SFP modules with power on to the system; however, it is strongly recommended that you do not install the SFP module with fiber or copper cables attached to it. Disconnect all cables before installing a SFP module.

CAUTION: Prevent system problems, use only Datacom Systems Inc. supplied SFP modules.

Step 1. Turn the SFP module so the latch is towards the center of the Gigabit Ethernet Interface

sockets. The SFP module is keyed so that it cannot be inserted incorrectly.

Step 2. Insert the SFP module into the SFF port and repeat Step 1 and Step 2 inserting other SFP modules until completed.

Step 3. Attach the appropriate network cable to the LC-type or RJ45-type connector on the SFP module. For fiber optic SFP modules you can use either simplex or duplex connectors. For simplex connectors, two cables are required, one cable for transmit (Rx) and a second cable for receive (Rx). For duplex connectors, only one cable that has both Tx and Rx connectors is required.

4.8.4 Removing the SFP Module

SFP modules might ship already installed in your VS-1200-S, or they might arrive packaged separately. This section describes how to remove the SFP module.

NOTE: You can remove SFP modules with power on to the system; however, it is strongly recommended that you do not remove the SFP module with fiber or copper cables attached to it. Disconnect all cables before removing a SFP module.

Step 1. Disconnect the network cable from the SFP module LC-type or RJ45-type connector.

Step 2. Release the SFP module from the GE SFF port by moving the swing latch away from the

body of the unit.

Step 3. Slide the SFP module out of the GE SFF port.

Page 51

5 Hardware Installation

This section describes the VS-1200-S series hardware installation at the network site of your choice.

Hardware Installation 51

For specific VS-1200-S applications see the 'Application ' section.

5.1 Power

This section describes the power connection at the network installation site of the VS-1200-S configurable series.

Two DC input power sockets are provided on the rear panel. The front panel POWER 1 and 2 LEDs are illuminated green, respectively:

(BT series) - when DC power is available at both the two rear DC power sockets; or (SFP series) - when the DC POWER switch is depressed ON and DC power is available at both the two rear DC power sockets.

Either POWER 1 or 2 LED not illuminated when powered, indicates a defective power source and immediate investigation as to the cause is required to insure redundant power integrity.

1. Step 1. Using the supplied Power Adapters and AC Line Cords, plug the VS-1200-S series into

different circuit external power sources.Although only one power supply is required to power the configurable unit, use of a second independent power source is strongly recommended to assure uninterrupted monitoring. Furthermore, connecting the second Power Adapter to a different external power source circuit than the first AC power source eliminates power as a single point of failure.

5.2 Any-to-Any Connection

This section will focus on the Any-to-Any port connection of the typical VS-1200-S series hardware installation.

NOTE: For the VS-1200 series with a Gigabit Ethernet (GE) small form-factor (SFF) port, the SFP modules might ship already installed in your unit, or they might arrive packaged separately. See the 'Small Form-Factor Pluggable' section, 'Installing the SFP Module ,' on how to install the SFP module.

Page 52

VS-1200-S Data Acccess Switch52

Step 1. Connect a network or monitoring cable to an Any-to-Any port socket and the other side of this cable to the network or monitoring tool NIC port as appropriate..

Step 2. Continue repeating Step 1. for any remaining Any-to-Any port socket you want connected VS-1200-S series.

These port sockets have integrated LEDs that display line status and line speed of each port. See the Any-to-Any Port LED Display Code table for LED display codes.

5.3 Management Connection

This section shows the MANAGEMENT port 100 Mbs Full-Duplex connection of the typical VS1200-S configurable series hardware installation.

Step 1. Connect a network cable to the MANAGEMENT port RJ45 socket. The MANAGEMENT port RJ45 left LED illuminates green when link has been established with the network. The MANAGEMENT port right LED illuminates green when passing data.

Link indicates connection. The LED Display Code table deciphers the RJ45 jacks with integrated LEDs that display line status of the MANAGEMENT PORT.

Page 53

VS-1200-S Series Functional Drawing 53

6 VS-1200-S Series Functional Drawing

VS-1210BT/SFP-S

VS-1210SFP-S

VS-1208BT-S

VS-1204BT-S

Page 54

VS-1200-S Data Acccess Switch54

Page 55

Application 55

7 Application

This section will present techniques and applications describing the practical use and new remedies for performing network analysis requirements using VS-1200-S series solutions.

7.1 Gathering the Data (HyperTerminal configuration example)

PREMISE: This application consists of workgroup switches that allow end users to access a group of servers. The servers are connected to a single server switch and the users are distributed across several workgroup switches. The security department wants to see all server bound access from the users and server to server traffic.

GOAL: This application will use a VS-1210BT/SFP-S as follows:

1. TAP access to critical server

2. Aggregate SPAN.

3. Provide access for analysis, security and recording devices.

The first goal requires an external tap between the server switch and the critical financial server. The tap copies all the data going to the financial server, and can't be shutdown like a SPAN port. The tap allows enhanced visibility for security purposes.

The second goal requires that a SPAN port is configured on the workgoup switches. This will only allow workgroup traffic to be replicated out the SPAN port.

The third goal involves aggregating and replicating traffic from the two previous goals for specific security and network analysis to be done.

Page 56

VS-1200-S Data Acccess Switch56

SOLUTION: The VS-1210BT/SFP-S solves all goals by accepting the input from the two SPAN ports along with the output from the TAP, aggregating and replicating the traffic to multiple ports and ports 9 and 10 provide small form pluggables that allow either fiber or copper connectivity.

CONFIGURATION: The IP address (default 192.168.1.1), Subnet Mask and Default Gateway is set during the 'Initial Configuration' for your Local Area Network settings and will not be covered in this section, see the 'IP Address Configuration with HyperTerminal ' section for those steps. Use the

syntax below in the Command Line Interface (CLI) to setup Tap and Any-to-Any ports (syntax is shown with either user > or Superuser # prompts):

For configuration, open HyperTerminal on your Management PC using the VS-1210BT/SFP-S SERIAL DB9 port. Settings are found in the 'Initial Configuration', 'SERIAL Port Configuration (DB9)', 'HyperTerminal ' section.

Press twice Enter key and Enter key. Enter Username (default: Administrator) and Enter key. Enter Password (default: admin) and Enter key. Default prompt is the > symbol. Enter superuser mode, type su and Enter key. Enter Password (default: password) and Enter key. Default prompt is the # symbol. Use the following syntax to set the input/output for Any-to-Any ports as well as the output for Tap ports.

The VS-1200-S Series factory default for all Any-to-Any ports is off.

Ensure there are no previous settings present, go through Ports 1-10 and set them to OFF as shown:

Page 57

Application 57

Now you can begin setting the ports as to which port inputs the data and which ports aggregate and/ or output the data.

Port 4 is set as output for Port 1’s input which is set with this syntax:

# SET PORT MONITOR 4 FROM 1

Port 5 is set as output for Port 1’s input which is set with this syntax:

# SET PORT MONITOR 5 FROM 1

Port 6 is set as output for Port 2’s input which is set with this syntax:

# SET PORT MONITOR 6 FROM 2

Port 7 is set as output for Port 2’s input which is set with this syntax:

# SET PORT MONITOR 7 FROM 2

Port 8 is set as output for Port 3’s input which is set with this syntax:

# SET PORT MONITOR 8 FROM 3

Port 9 is set as output for Port 3’s input which is set with this syntax:

# SET PORT MONITOR 9 FROM 3

Port 10 is set as output for Ports 1, 2, and 3’s input which is set with this syntax:

# SET PORT MONITOR 10 FROM 1,2,3

CONCLUSION: The VS-1210BT/SFP-S provides the ability to aggregate data streams from TAPs and from SPAN or Port Mirrors. Aggregating streams together improves overall visibility for the tools and permits specific departmental devices to only see the traffic they need. The VS-1210BT/ SFP-S allows many devices to share a single SPAN output. The VS-1210BT/SFP-S Small Form Pluggable capacity, allows users to send data across multimode or single-mode fiber.

Page 58

VS-1200-S Data Acccess Switch58

7.2 All Pluggable in Optical Network (TELNET configuration example)

PREMISE: This network application consists of several workgroup optical switches that allow end users to access a group of servers.; The servers are all connected to a single server optical switch and the users are distributed across several workgroup switches. The security department wants to view all server bound access from the users and view server to server traffic.

GOAL: This application will use a VS-1210SFP-S as follows:

1. Fiber TAP access to optical networks

2. Aggregate traffic to provide access for analysis, security and recording devices.

The first goal requires an external fiber taps between the optical network devices. The tap makes a copy of all the data going to the financial server, and can not be shutdown like a SPAN port. The tap will allow enhanced visibility for security purposes.

The second goal involves aggregating and replicating traffic from the previous goal for specific security and network analysis to be done.

Page 59

Application 59

SOLUTION: The VS-1210SFP-S solves the goals by accepting both sides of each optical network traffic from four optical tap full-duplex ports and aggregating and replicating the traffic to multiple ports. The VS-1210SFP-S also provides media conversion with the small form pluggables so that both copper and fiber ports are available for connectivity.

below in the Command Line Interface (CLI) to setup Tap and Any-to-Any ports (syntax is shown with either user > or Superuser # prompts): For Configuration, open TELNET on your Management PC and open a hostname connection with the VS-1210SFP-S MANAGEMENT RJ45 port. Settings are found in the 'Initial Configuration', 'MANAGEMENT Port Configuration (RJ45)', 'TELNET ' section.

Enter Username (default: Administrator) and Enter key. Enter Password (default: admin) and Enter key. Default prompt is the > symbol. Enter superuser mode, type su and Enter key. Enter Password (default: password) and Enter key. Default prompt is the # symbol. Use the following syntax to set the input/output for Any-to-Any ports as well as the output for Tap ports.

The VS-1200-S Series factory default for all Any-to-Any ports is off.

Ensure there are no previous settings present, go through Ports 1-10 and set them to OFF as shown:

Page 60

VS-1200-S Data Acccess Switch60

IMPORTANT: Fiber taps are not capable and CAN NOT auto-negotiate link with the VS- 1210SFP-S ports and MUST BE be hard set to 1,000 Mbs and full-duplex.

Port 1, 2, 3, and 4's is set to 1,000 Mbs and full-duplex with this syntax:

# SET PORT SPEED 1,2,3,4 1000FULL

Now you can begin setting the ports as to which port inputs the data and which ports aggregate and/or output the data.

Port 5 is set as output for Port 1 and 3’s input which is set with this syntax:

# SET PORT MONITOR 5 FROM 1,3

Port 6 is set as output for Port 1 and 3’s input which is set with this syntax:

# SET PORT MONITOR 6 FROM 1,3

Port 7 is set as output for Port 2 and 4’s input which is set with this syntax:

# SET PORT MONITOR 7 FROM 2,4

Port 8 is set as output for Port 2 and 4’s input which is set with this syntax:

# SET PORT MONITOR 8 FROM 2,4

Port 9 is set as output for Port 1, 2, 3 and 4’s input which is set with this syntax:

# SET PORT MONITOR 9 FROM 1,2,3,4

Port 10 is set as output for Ports 4’s input which is set with this syntax:

# SET PORT MONITOR 10 FROM 4

CONCLUSION: The VS-1210BT/SFP-S provides the ability to aggregate data streams from TAPs. Aggregating streams together improves overall visibility for the tools and permits specific departmental devices to only see the traffic they need. The VS-1210SFP-S allows many devices to share a single output. The VS-1210SFP-S Small Form Pluggable capacity, allows users to send data across multimode, single-mode fiber or copper.

Page 61

8 Customer Service

This USERguide was written to help you get to know your new VS-1200-S Series quickly and easily. We would welcome any comments or suggestions you may have regarding this USERguide. Datacom Customer Service is available via telephone, facsimile, E-mail and Web. Outside of support hours, please leave a voice message and our Customer Service Staff will return your call as soon as possible.

Tel: (315) 463-9541 Fax: (315) 463-9557 E-mail:support@datacomsystems.com Web: http://www.datacomsystems.com

8.1 Internet

Obtain additional information about Datacom Systems, Inc. at: http://www.datacomsystems.com

8.2 Warranty

Customer Service 61

Datacom Systems, Inc. (DSI) warrants that the hardware which it supplies will be free from significant defects in materials and workmanship for a period of two years from the date of delivery (Warranty Period), under normal use and conditions. In the event of any such defect, you can return an item of defective hardware, freight prepaid, to DSI during the Warranty Period, and DSI will repair or replace the defective equipment and return it to you, freight prepaid. If DSI determines that the equipment is not defective, it will return it to you, freight collect. DSI shall have no responsibility for any deficiency resulting from accidents, misuse, modifications, power disturbances (including use of a power supply not specified by DSI), or various other forms of disaster, e.g., earthquakes, floods, etc.

PLEASE DO NOT ATTEMPT TO RETURN ANY ITEM PRIOR TO RECEIVING A RETURN MATERIAL AUTHORIZATION (RMA) NUMBER FROM DATACOM CUSTOMER SERVICE AT (315) 463-9541 or support@datacomsystems.com

8.3 Limits of Liability

The warranties set forth above are exclusive and in lieu of all other warranties. Datacom Systems, Inc. (DSI) makes no other warranties, expressed or implied, and DSI expressly disclaims all other warranties, including but not limited to implied warranties of merchantability and fitness for a particular purpose. Moreover, the provisions set forth above state DSI’s entire responsibility and your sole and exclusive remedy with respect to any breach of warranty or contract.

No liability for consequential damages. Under no circumstances and under no theory of Liability shall DSI be liable for costs of procurement of substitute products or services, lost profits, lost savings, loss of information or data, or any other special, indirect, consequential or incidental damages, arising in any way out of the sale of, use of, or inability to use, any DSI product or service, even if DSI has been advised of the possibility of such damages.

Page 62

Page 63

Appendix A - Agent Capabilities MIB 63

9 Appendix A - Agent Capabilities MIB

The Datacom Agent Capabilities MIB This Appendix specifies a proprietary MIB module of Datacom Systems Inc. Distribution of this memo is limited to Datacom product licensees

and other interested parties having express written consent from Datacom Systems Inc.

The current set of Datacom Enterprise MIB modules may be requested by sending an email to support@datacom.com.

subject to license terms. Abstract This memo defines a set of agent identities used to identify Datacom

SNMP agents and a set of agent capabilities used to convey the capabilities of Datacom SNMP Agents.

Table of Contents

1. Introduction

2. The Internet-Standard SNMP Management Framework

3. Conventions

4. Overview of the Datacom Agent Capabilities MIB Module

4.1 Agent Identities

4.2 AGENT-CAPABILITIES statements

5. Definitions

6. Acknowledgments

7. Security Considerations

8. References

8.1 Normative References

8.2 Informative References

9. Change Log

Page 64

VS-1200-S Data Acccess Switch64

1. Introduction This memo defines a set of agent identities used to identify Datacom

SNMP agents and a set of agent capabilities used to convey the capabilities of Datacom SNMP Agents.

2. The Internet-Standard SNMP Management Framework For a detailed overview of the documents that describe the current

Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410].

Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP).

Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580].

3. Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",

"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

4. Overview of the Datacom Agent Capabilities MIB Module This MIB module contains OBJECT-IDENTITY definitions used to

identify Datacom SNMP agents and contains AGENT-CAPABILITIES statements used to express the capabilities of Datacom SNMP agents.

Each set of definitions is described in the following sections.

4.1 Agent Identities The identity of a Datacom SNMP agent is exposed as the value of the

sysObjectID object. For additional information about the definition of sysObject, see the SNMPv2-MIB [RFC 3418].

Datacom agent identities are defined within the Datacom agentIdents subtree.

Page 65

Appendix A - Agent Capabilities MIB 65

Examples of sysObjectID values retrieved from a Datacom SNMP agent by a management application include the following:

sysObjectID.0 = agentIdCopperConfigurables218 sysObjectID.0 = agentIdAllPluggables227

4.2 AGENT-CAPABILITIES statements The capabilities of a Datacom SNMP agent are exposed as a set of

values in the sysORTable. For additional information about the object definitions comprising the sysORTable, see the SNMPv2-MIB [RFC 3418].

Datacom agent capabilities are defined within the Datacom agentCaps subtree.

Refer to section 6, "Mapping of the AGENT-CAPABILITIES macro" in RFC 2580, "Conformance Statements for SMIv2" [RFC2580] for further information on the use of agent capabilities statements by management application and SNMP agents.

An example of values exposed in the sysORTable follows: sysORID.1 = dcomCapsSNMPv3Base

sysORDescr.1 = "supports SNMPv3" sysORUpTime.1 = 54

sysORID.2 = dcomCapsAres1dot0dot0 sysORDescr.2 = "supports Datacom ARES version 1.0.0" sysORUpTime.1 = 55

5. Definitions DATACOM-AGENT-CAPS-MIB DEFINITIONS ::= BEGIN IMPORTS

MODULE-IDENTITY, OBJECT-IDENTITY FROM SNMPv2-SMI -- [RFC2578] AGENT-CAPABILITIES FROM SNMPv2-CONF -- [RFC2580] datacomMibs, agentIdents, agentCaps FROM DATACOM-SMI-MIB;

Page 66

VS-1200-S Data Acccess Switch66

datacomAgentCapsMib MODULE-IDENTITY LAST-UPDATED "201007260000Z" -- 26 July 2010, midnight ORGANIZATION "Datacom Systems Inc." CONTACT-INFO "Datacom Systems Inc. 9 Adler Drive East Syracuse, NY 13057 USA

Telephone: +1 315 463 1585 EMail: support@datacomsystems.com URL: http://www.datacomsystems.com

Send comments to <support@datacomsystems.com> " DESCRIPTION "The MIB module for defining agent identities and agent capabilities for Datacom SNMP Agents.

This version of the DATACOM-AGENT-CAPS-MIB module is part of Datacom publication, `The Datacom Agent Capabilities MIB', July 2010. See the publication itself for full legal notices. "

-- Revision log REVISION "201007260000Z" -- 26 July 2010, midnight DESCRIPTION "Initial version, as part of Datacom publication 'The Datacom Agent Capabilities MIB', July 2010. " ::= { datacomMibs 3 }

-- Agent Identities

- agentIdCopperConfigurables218 OBJECT-IDENTITY

STATUS current DESCRIPTION "The Datacom SNMP agent identity for the 'Copper Configurables' system based upon the 218 circuit board.

Page 67

Appendix A - Agent Capabilities MIB 67

This value is exposed by the sysObjectID object. " ::= { agentIdents 218 }

agentIdAllPluggables227 OBJECT-IDENTITY STATUS current DESCRIPTION "The Datacom SNMP agent identity for the 'All Pluggables' system based upon the 227 circuit board.

This value is exposed by the sysObjectID object. " ::= { agentIdents 227 }

-- Agent Capabilities

- dcomCapsSNMPv3Base AGENT-CAPABILITIES

PRODUCT-RELEASE "Various releases- Indicates support for the base set of SNMPv3 MIB modules. " STATUS current DESCRIPTION "The Agent Capabilities statement indicating support for the base set of SNMPv3 MIB modules. "

SUPPORTS SNMP-MPD-MIB INCLUDES { snmpMPDGroup }

SUPPORTS SNMP-FRAMEWORK-MIB INCLUDES { snmpEngineGroup }

SUPPORTS SNMP-TARGET-MIB INCLUDES { snmpTargetBasicGroup, snmpTargetResponseGroup, snmpTargetCommandResponderGroup }

Page 68

VS-1200-S Data Acccess Switch68

SUPPORTS SNMP-NOTIFICATION-MIB INCLUDES { snmpNotifyGroup, snmpNotifyFilterGroup }

SUPPORTS SNMP-USER-BASED-SM-MIB INCLUDES { usmMIBBasicGroup }

SUPPORTS SNMP-VIEW-BASED-ACM-MIB INCLUDES { vacmBasicGroup }

SUPPORTS SNMPv2-MIB INCLUDES { snmpGroup, snmpSetGroup, systemGroup, snmpBasicNotificationsGroup } ::= { agentCaps 1 }

dcomCapsAres1dot0dot0 AGENT-CAPABILITIES PRODUCT-RELEASE "Datacom ARES version 1.0.0 " STATUS current DESCRIPTION "The Agent Capabilities statement for Datacom ARES version 1.0.0 " SUPPORTS IF-MIB INCLUDES { ifGeneralInformationGroup, linkUpDownNotificationsGroup

} VARIATION ifPhysAddress

ACCESS not-implemented DESCRIPTION "not implemented"

Page 69

Appendix A - Agent Capabilities MIB 69

VARIATION ifAdminStatus ACCESS read-only DESCRIPTION "values change according to the corresponding value of ifOperStatus as follow:

ifAdminStatus ifOperStatus

------------- ----------- up(1) up(1) down(2) down(2) down(3) unknown(4) "

VARIATION ifOperStatus ACCESS read-only DESCRIPTION "only the following states are implemented: up(1) down(2) unknown(4) "

VARIATION ifAlias ACCESS not-implemented DESCRIPTION "not implemented"

SUPPORTS DATACOM-POWER-SUPPLY-MIB INCLUDES { dcomPowerSupplyStatusGroup, dcomPowerSupplyEventGroup }

::= { agentCaps 2 } END

6. Acknowledgments The production and maintenance of this memo is a group effort of the

Datacom development team.

7. Security Considerations This module does not define any management objects. Instead, it defines

the top level assignments within the Datacom enterprise name space.

Page 70

VS-1200-S Data Acccess Switch70

Meaningful security considerations can only be written in MIB modules that define management objects. Therefore, this module does not present any known security concerns.

8. References

8.1 Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate

Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,

Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April

1999. [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,

Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999.

[RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999.

8.2 Informative References [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,

"Introduction and Applicability Statements for Internet-Standard Network Management Framework", RFC 3410, December, 2002.

[RFC3418] R. Presuhn, "Management Information Base (MIB) for the Simple Network Management Protocol (SNMP)", RFC 3418, December, 2002.

9.0 Change Log Changes introduced in revision "201007260000Z", 26 July 2010

- initial version

Page 71

10 Appendix B - Power Supply MIB

The Datacom Power Supply (PS) MIB

This Appendix specifies a proprietary MIB module of Datacom Systems Inc. Distribution of this Appendix is limited to Datacom product licensees and other interested parties

having express written consent from Datacom Systems Inc. The current set of Datacom Enterprise MIB modules may be requested by sending an email to

support@datacom.com.

Abstract

This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community.

In particular, it defines managed objects and notifications exposing status information about power supplies associated with Datacom products.

Appendix B - Power Supply MIB 71

Section Contents

1. Introduction

2. The Internet-Standard SNMP Management Framework

3. Conventions

4. Overview

4.1 Use of SMIv2 Syntax and Textual-Conventions

4.1.1 SMIv2 Syntax

4.1.1.1 Unsigned32

4.1.1.2 INTEGER

4.2 SNMPv2-TC Textual Conventions

4.2.1 TimeStamp

4.3 Relationship to Other MIB Modules

4.3.1 ENTITY-MIB and ENTITY-STATE-MIB

4.4 Organization of This MIB Module

4.4.1 The dcomPowerSupplyStatusTable

4.4.2 Event Notifications

4.4.2.1 dcomPowerSupplyEventUp

4.4.2.2 dcomPowerSupplyEventDown

4.5 Notes for Management Applications

5. Definitions

6. Acknowledgments

7. Security Considerations

8. References

8.1 Normative References

8.2 Informative References

9. Change Log

Page 72

VS-1200-S Data Acccess Switch72

1. Introduction This memo defines managed objects and notifications exposing status information about power

supplies associated with Datacom products.

2. The Internet-Standard SNMP Management Framework For a detailed overview of the documents that describe the current Internet-Standard

Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management

Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP).

3. Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",

"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

4. Overview This section provides an overview of this MIB module. Section 4.1 provides a discussion on the use of SMIv2 Syntax and Textual-Conventions. Section 4.2 discusses the relationship of this MIB module to other MIB modules. Section 4.3 presents the organization of this MIB module. Section 4.4 provides suggestions for management applications using this MIB module to monitor

the status of power supplies associated with Datacom products.

4.1 Use of SMIv2 Syntax and Textual-Conventions This section discusses the SMIv2 syntax and Textual-Conventions (TC) used for the syntax of

SNMP managed objects defined within this MIB module.

4.1.1 SMIv2 Syntax This section discusses the syntax types defined in the 'Structure of Management Information

Version 2 (SMIv2)' [RFC2578] and used in this MIB module.

4.1.1.1 Unsigned32 There is one object defined in this MIB module using the SMIv2 Unsigned32 syntax type.

Page 73

Appendix B - Power Supply MIB 73

An instance of an object definition using the Unsigned32 syntax type can represent an integer value between 0 and 2^32-1 inclusive (0 to 4,294,967,295 decimal).

The object definition using the Unsigned32 syntax type follows:

in the dcomPowerSupplyStatusTable - dcomPowerSupplyIndex

The dcomPowerSupplyIndex object defines the SNMP index component associated with a power supply.

4.1.1.2 INTEGER

There is one object defined in this MIB module using the SMIv2 INTEGER syntax type. An instance of an object definition using the INTEGER syntax type is used to represent an integer

value as a named-number enumeration. Only named-numbers defined in the enumeration may be present as a value.

The object definition using the INTEGER syntax type follows:

in the dcomPowerSupplyStatusTable - dcomPowerSupplyStatus

The dcomPowerSupplyStatus object defines the current state of a power supply. The namednumber enumerated values are as follow:

stateUnknown(1) - the current state is 'unknown' stateDown(2) - the current state is 'down' stateUp(3) - the current state is 'up'

4.2 SNMPv2-TC Textual Conventions This section discusses Textual Conventions defined in the SNMPv2-TC [RFC2579] and used in

this MIB module.

4.2.1 TimeStamp There is one object defined in this MIB module using the SMIv2 TimeStamp TC. An object using the SMIv2 TimeStamp TC exposes a notion of local time relative to a local time

source. In the SNMP, the sysUpTime [RFC3418] object provides this local time source. The value of an instance of an object using the TimeStamp TC changes when a specific event

occurs, as described in its description clause. The SNMP managed objects using a TimeStamp TC follow:

in the dcomPowerSupplyStatusTable - dcomPowerSupplyLastChange

A change in the value of a dcomPowerSupplyLastChange instance indicates the time at which a power supply transitioned into its current state.

A value of zero(0) indicates that a power supply was already in its current state when the SNMP agent last re-initialized.

Page 74

VS-1200-S Data Acccess Switch74

4.3 Relationship to Other MIB Modules This section discusses the relationship of this MIB module to MIB modules published by the

Internet Engineering Task Force (IETF).

4.3.1 ENTITY-MIB and ENTITY-STATE-MIB The ENTITY-MIB and ENTITY-STATE-MIB are designed to expose management

information about the full inventory of components associated with a managed system. These components include power supplies.

In contrast, this MIB module addresses the specific requirement for exposing management information about just the power supplies associated with Datacom products. Other than power supplies, no management information is exposed for components comprising Datacom products.

An SNMP agent that implements both the ENTITY-MIB and the ENTITY-STATE-MIB is capable of exposing the same management information about power supplies as exposed by this MIB module.

However, within the Internet community, the usual expectations for an implementation of the ENTITY-MIB and ENTITY-STATE-MIB is for fully populated tables containing management information about the complete inventory of components associated with a managed system.

Thus, this MIB module is used to expose management information relevant to power supplies associated with Datacom products.

Note, that the use of this MIB module does not preclude the potential for future use of the ENTITY-MIB and ENTITY-STATE-MIB for Datacom products.

4.4 Organization of This MIB Module This MIB module organizes its object definitions into one conceptual table. This table is

discussed in the following section. There are also two notification definitions contained in this MIB module. These notifications are

discussed in a subsequent section.

4.4.1 The dcomPowerSupplyStatusTable This table contains object definitions providing essential statistics for power supplies associated

with the managed system. An entry exists in this table for each power supply associated with the managed system. A unique value for the dcomPowerSupplyIndex object identifies each power supply. The value of the dcomPowerSupplyStatus object indicates the current state of a power supply.

A value of 'stateDown(2)' indicates the power suppply is not operating or is not plugged in. A value of 'stateUp(3)' indicates the power supply is operating as intended.

A dcomPowerSupplyStatus value of 'stateUnknown(1)' indicates the current state of the power

Page 75

Appendix B - Power Supply MIB 75

supply is unknown. This value is defined for architectural purposes and is unlikely to be observed in deployed systems.

The value of the dcomPowerSupplyLastChange object provides a TimeStamp indication of when a power supply entered its current state. The special value of zero(0) indicates a power supply was already in its current state when the SNMP agent last re-initialized.

4.4.2 Event Notifications This MIB module defines two event notifications for reporting state transitions associated with

power supplies. These notifications are discussed in the following sections.

4.4.2.1 dcomPowerSupplyEventUp A dcomPowerSupplyEventUp event notification provides an indication that a power supply has

transitioned into the 'up' state. The power supply involved in this event is identified by the dcomPowerSupplyIndex value

appended to the object name of the dcomPowerSupplyStatus variable binding.

4.4.2.2 dcomPowerSupplyEventDown A dcomPowerSupplyEventUp event notification provides an indication that a power supply has

transitioned into the 'down' state. The power supply involved in this event is identified by the dcomPowerSupplyIndex value

appended to the object name of the dcomPowerSupplyStatus variable binding.

4.5 Notes for Management Applications

- when the SNMP agent re-initializes, subsequent to receiving the coldStart event notification, a management application will receive a dcomPowerSupplyEventDown event notification for any power supply currently in the 'down' state.

- when a dcomPowerSupplyEventDown event notification is received, a management application SHOULD determine why the power supply is not functioning. If it is determined that the power supply has failed, then make arrangements to order and install an appropriate Datacom replacement unit for the failed power supply. If it is determined that the power supply is unplugged or otherwise disconnected from its electrical source, then make arrangements to replug and reconnect the power supply.

- when a dcomPowerSupplyEventUp event notification is received, a management application SHOULD determine which previously received dcomPowerSupplyEventDown event this dcomPowerSupplyEventUp event notification resolves.

5. Definitions

DATACOM-POWER-SUPPLY-MIB DEFINITIONS ::= BEGIN IMPORTS

Page 76

VS-1200-S Data Acccess Switch76

MODULE-IDENTITY, OBJECT-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Unsigned32 FROM SNMPv2-SMI TimeStamp FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF datacomMibs FROM DATACOM-SMI-MIB;

datacomPowerSupplyMib MODULE-IDENTITY LAST-UPDATED "201007150000Z" -- 15 July 2010, midnight ORGANIZATION "Datacom Systems Inc." CONTACT-INFO "Datacom Systems Inc. 9 Adler Drive East Syracuse, NY 13057 USA

Telephone: +1 315 463 1585 EMail: support@datacomsystems.com URL: http://www.datacomsystems.com

Send comments to <support@datacomsystems.com> " DESCRIPTION "This MIB modules defines managed objects and notifications exposing status information about power supplies associated with Datacom products.

This version of the DATACOM-POWER-SUPPLY-MIB module is part of Datacom publication, `The Datacom Power Supply MIB', July 2010. See the publication itself for full legal notices. "

-- Revision log

REVISION "201007150000Z" -- 15 July 2010, midnight DESCRIPTION "Initial version, as part of Datacom publication 'The Datacom Power Supply MIB', July 2010.

Page 77

Appendix B - Power Supply MIB 77

" ::= { datacomMibs 4 }

dcomPowerSupplyObjects OBJECT-IDENTITY STATUS current DESCRIPTION "This subtree contains OBJECT-TYPE definitions exposing status information for power supplies associated with Datacom products. " ::= { datacomPowerSupplyMib 1 }

dcomPowerSupplyEvents OBJECT-IDENTITY STATUS current DESCRIPTION "This subtree contains NOTIFICATION-TYPE definitions for asynchronous reporting of events about power supplies associated with Datacom products. " ::= { datacomPowerSupplyMib 2 }

dcomPowerSupplyConformance OBJECT-IDENTITY STATUS current DESCRIPTION "This subtree contains conformance statements for this MIB module. " ::= { datacomPowerSupplyMib 3 }

-- assignments under dcomPowerSupplyEvents

dcomPowerSupplyEventsNotify OBJECT-IDENTITY STATUS current DESCRIPTION "The required SNMP notification prefix. " ::= { dcomPowerSupplyEvents 0 }

-- assignments under dcomPowerSupplyConformance

dcomPowerSupplyCompliances OBJECT-IDENTITY STATUS current

Page 78

VS-1200-S Data Acccess Switch78

DESCRIPTION "This subtree contains compliance statements for this MIB module. " ::= { dcomPowerSupplyConformance 1 }

dcomPowerSupplyGroups OBJECT-IDENTITY STATUS current DESCRIPTION "This subtree contains OBJECT-GROUP and NOTIFICATION-GROUP definitions for this MIB module. " ::= { dcomPowerSupplyConformance 2 }

-- power supply status table

dcomPowerSupplyStatusTable OBJECT-TYPE SYNTAX SEQUENCE OF DcomPowerSupplyStatusEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of status information for power supplies associated with a Datacom product. " ::= { dcomPowerSupplyObjects 1 }

dcomPowerSupplyStatusEntry OBJECT-TYPE SYNTAX DcomPowerSupplyStatusEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Status information for a power supply associated with a Datacom product. " INDEX { dcomPowerSupplyIndex } ::= { dcomPowerSupplyStatusTable 1 }

DcomPowerSupplyStatusEntry ::= SEQUENCE { dcomPowerSupplyIndex Unsigned32, dcomPowerSupplyStatus INTEGER, dcomPowerSupplyLastChange TimeStamp }

dcomPowerSupplyIndex OBJECT-TYPE

Page 79

SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index for this power supply. " ::= { dcomPowerSupplyStatusEntry 1 }

dcomPowerSupplyStatus OBJECT-TYPE SYNTAX INTEGER { stateUnknown(1), stateDown(2), stateUp(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The current state for this power supply.

Appendix B - Power Supply MIB 79

The named-number enumerated values are as follow: stateUnknown(1) - the current state is 'unknown'

stateDown(2) - the current state is 'down' stateUp(3) - the current state is 'up' " ::= { dcomPowerSupplyStatusEntry 2 }

dcomPowerSupplyLastChange OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUptime when this power supply transitioned into its current state.

A value of zero(0) indicates this power supply was already in its current state when the SNMP agent last re-initialized. " ::= { dcomPowerSupplyStatusEntry 3 }

-- power supply event notifications

dcomPowerSupplyEventUp NOTIFICATION-TYPE

Page 80

VS-1200-S Data Acccess Switch80

OBJECTS { dcomPowerSupplyStatus } STATUS current DESCRIPTION "A dcomPowerSupplyEventUp event notification provides an indication that a power supply has transitioned into the 'up' state.

The power supply involved in this event is identified by the dcomPowerSupplyIndex value appended to the object name of the dcomPowerSupplyStatus variable binding. " ::= { dcomPowerSupplyEventsNotify 1 }

dcomPowerSupplyEventDown NOTIFICATION-TYPE OBJECTS { dcomPowerSupplyStatus } STATUS current DESCRIPTION "A dcomPowerSupplyEventDown event notification provides an indication that a power supply has transitioned into the 'down' state.

-- conformance and compliance statements

dcomPowerSupplyCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for systems supporting the Datacom Power Supply MIB." MODULE -- this module MANDATORY-GROUPS { dcomPowerSupplyStatusGroup , dcomPowerSupplyEventGroup } ::= { dcomPowerSupplyCompliances 1 }

Page 81

Appendix B - Power Supply MIB 81

-- units of conformance

dcomPowerSupplyStatusGroup OBJECT-GROUP OBJECTS { dcomPowerSupplyStatus, dcomPowerSupplyLastChange } STATUS current DESCRIPTION "A collection of managed objects exposing status information for power supplies associated with Datacom products." ::= { dcomPowerSupplyGroups 1}

dcomPowerSupplyEventGroup NOTIFICATION-GROUP NOTIFICATIONS { dcomPowerSupplyEventUp, dcomPowerSupplyEventDown } STATUS current DESCRIPTION "A collection of event notifications for reporting state transitions for power supplies associated with Datacom products." ::= { dcomPowerSupplyGroups 2}

END

6. Acknowledgments The production and maintenance of this memo is a group effort of the Datacom development

team.

7. Security Considerations There are no management objects defined in this MIB module that have a MAX-ACCESS

clause of read-write and/or read-create. So, if this MIB module is implemented correctly, then there is no risk that an intruder can alter or create any management objects of this MIB module via direct SNMP SET operations.

None of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) are considered sensitive or vulnerable within network environments.

SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is

Page 82

VS-1200-S Data Acccess Switch82

secure (for example by using IPsec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.

It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy).

Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.

8. References

8.1 Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP

14, RFC 2119, March 1997. [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S.

Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.

[RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999.

[RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999.

[DSI-SMI] Datacom Systems, Inc., "The Datacom Structure of Management Information (SMI), July 2010.

8.2 Informative References [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability

Statements for Internet-Standard Network Management Framework", RFC 3410, December,

2002.

9. Change Log Changes introduced in revision "201007015000Z", 15 July 2010 - initial version

Page 83

Appendix C - Structure of Management Information MIB 83

11 Appendix C - Structure of Management Information MIB

The Datacom Structure of Management Information (SMI) MIB This Appendix specifies a proprietary MIB module of Datacom Systems

Inc. Distribution of this memo is limited to Datacom product licensees

and other interested parties having express written consent from Datacom Systems Inc.

The current set of Datacom Enterprise MIB modules may be requested by sending an email to support@datacom.com.

subject to license terms. Abstract This memo defines a portion of the Management Information Base (MIB)

for use with network management protocols in The Internet community. In particular, it defines the top level structure of management

information and administrative registrations within the Datacom private enterprise namespace.

Table of Contents

1. Introduction

2. The Internet-Standard SNMP Management Framework

3. Conventions

4. The Datacom Structure of Management Information

5. Definitions

6. Acknowledgments

7. Security Considerations

8. References

8.1 Normative References

8.2 Informative References

9. Change Log

Page 84

VS-1200-S Data Acccess Switch84

1. Introduction

This memo defines the top level structure of management information and administrative registrations within the Datacom private enterprise namespace.

2. The Internet-Standard SNMP Management Framework

For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410].

Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP).

3. Conventions

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

4. The Datacom Structure of Management Information

Datacom enterprise MIB modules are consistent with and extend as appropriate, management objects defined within IETF standards track MIB modules.

The Internet Assigned Numbers Authority (IANA) has assigned Datacom the private enterprise number 9762. An up-to-date list of private enterprise number assignments is maintained by IANA at http://www.iana.org/assignments/enterprise-numbers.

The organization of the datacom(9762) subtree follows: agentIdents(1)

The agentIdents subtree provides an area for OBJECT-IDENTITY definitions used for the identification of Datacom SNMP

Page 85

Appendix C - Structure of Management Information MIB 85

agents. Definitions occur within the DATACOM-AGENT-CAPS MIB

module. agentCaps(2)

The agentCaps subtree provides an area AGENT-CAPABILITIES statements used to indicate the capabilities of Datacom SNMP agents.

Definitions occur within the DATACOM-AGENT-CAPS MIB module.

datacomMibs(3) The datacomMibs subtree provides an area for MODULE-IDENTITY definitions with Datacom MIB modules.

MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, MODULE-COMPLIANCE, OBJECT-GROUP and NOTIFICATION-GROUP definitions occur within the respective Datacom MIB module.

Additions and deprecations to assignments within the top level of the Datacom private enterprise name space may occur from time to time as documented in revisions to this memo.

5. Definitions

DATACOM-SMI-MIB DEFINITIONS ::= BEGIN IMPORTS

MODULE-IDENTITY, OBJECT-IDENTITY, enterprises FROM SNMPv2-SMI; -- [RFC2578]

datacomSmiMib MODULE-IDENTITY LAST-UPDATED "201007010000Z" -- 1 July 2010, midnight ORGANIZATION "Datacom Systems Inc." CONTACT-INFO "Datacom Systems Inc. 9 Adler Drive East Syracuse, NY 13057 USA

Telephone: +1 315 463 1585 EMail: support@datacomsystems.com URL: http://www.datacomsystems.com

Page 86

VS-1200-S Data Acccess Switch86

Send comments to <support@datacomsystems.com> " DESCRIPTION "The top level organization of the Datacom private enterprise name space.

This version of the DATACOM-SMI-MIB module is part of Datacom publication, `The Datacom SMI MIB', July 2010. See the publication itself for full legal notices. "

-- Revision log

REVISION "201007010000Z" -- 1 July 2010, midnight DESCRIPTION "Initial version, as part of Datacom publication `The Datacom SMI MIB', July 2010. " ::= { datacomMibs 1 }

datacom OBJECT-IDENTITY STATUS current DESCRIPTION "The private enterprise number assigned to Datacom by the Internet Assigned Numbers Authority (IANA). " ::= { enterprises 9762 }

agentIdents OBJECT-IDENTITY STATUS current DESCRIPTION "The agentIdents subtree provides an area for OID assignments used to identify Datacom managed systems.

Datacom agent identity values are exposed by the sysObjectID object.

Definitions occur within the DATACOM-AGENT-CAPS MIB module. " ::= { datacom 1 }

agentCaps OBJECT-IDENTITY STATUS current

Page 87

Appendix C - Structure of Management Information MIB 87

DESCRIPTION "The agentCaps subtree provides an area for OID assignments as used in Datacom AGENT-CAPABILITIES macros.

Definitions occur within the DATACOM-AGENT-CAPS MIB module. " ::= { datacom 2 }

datacomMibs OBJECT-IDENTITY STATUS current DESCRIPTION "The datacomMibs subtree contains assignments as used in MODULE-IDENTITY macros in Datacom MIB modules.

MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, MODULE-COMPLIANCE, OBJECT-GROUP and NOTIFICATION-GROUP definitions occur within the respective Datacom MIB module. " ::= { datacom 3 }

-- The following list tracks assignments known as of this

-- revision of the DATACOM-SMI-MIB.

-- datacomSmiMib { datacomMibs 1 }

-- <reserved> { datacomMibs 2 }

-- datacomAgentCapsMib { datacomMibs 3 }

-- datacomPowerSupplyMib ( datacomMibs 4 }

END

6. Acknowledgments

The production and maintenance of this memo is a group effort of the Datacom development team.

7. Security Considerations

This module does not define any management objects. Instead, it defines the top level assignments within the Datacom enterprise name space.

Meaningful security considerations can only be written in MIB

Page 88

VS-1200-S Data Acccess Switch88

modules that define management objects. Therefore, this module does not present any known security concerns.

8. References

8.1 Normative References

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April

1999.

[RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999.

[RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999.

8.2 Informative References

[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Network Management Framework", RFC 3410, December, 2002.

9. Change Log

Changes introduced in revision "201007010000Z", 1 July 2010

- initial version

Page 89

12 Appendix D - FLASHutils

A small utility to update firmware from a binary file.

1. Insert the CD into your CD ROM drive. The installation will start automatically. (If 'autostart' is

turned off on your computer, you will need to open the CD on your computer, double-click on 'setup.exe.'

2. Follow the prompts to install the software. When finished, under Start>All Programs>Datacom

Systems open FLASHutils. A window will display, select the Product Selection from the drop down list, browse to find the binary file (i.e., C:\Program Files\DSI\, input the IP address of the product and click the Program box to begin.

3. Provide Login information, Username: Administrator (default), Password: admin (default), click

the Login box to continue.

4. Programming Status window opens to display the programming operation. Erasing the micro

should begin within 30 seconds, followed by Updating MicroProcessor. The firmware update will take three to four minutes. CAUTION: Do not interrupt the programming process, otherwise you may be unable to access the unit.

Appendix D - FLASHutils 89

5. When the firmware update is complete the product will automatically reboot.

Page 90

Datacom Systems Inc.

9 Adler Drive • East Syracuse, NY 13057

TEL: (315) 463-9541 • FAX: (315) 463-9557

http://www.datacomsystems.com

Datacom Systems Inc

Access Your Network

Datacom Systems VS-1200-S Series User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual