Hp Aruba 2540 24G 4SFP+ (JL354A) User Manual [ru]

DATA SHEET

ARUBA 2540
SWITCH SERIES

PRODUCT OVERVIEW

Designed for the digital workplace, the Aruba 2540 Switch

Series is optimized for mobile users. With advanced security

and network management tools—Aruba ClearPass Policy

Manager and Aruba AirWave—this layer-2 access switch

is easy to deploy and manage. With support from Aruba

Central, you can quickly set up remote branch sites with little

or no IT support. A powerful Aruba ProVision ASIC delivers

performance, robust feature support, and value with exible

programmability for future applications.

The Aruba 2540 Switch Series provides a convenient and

cost-eective wired access solution that can be quickly set

up with Zero Touch Provisioning. PoE+ models deliver power

across all access ports for wireless APs, security cameras, and

IoT devices.

The 2540 has wire-speed backhaul bandwidth capacity with

built-in 10 GbE uplinks, robust QoS, static and RIP routing,

IPv6 and includes a limited lifetime warranty with no software

licensing required.

FEATURES AND BENEFITS

Unied Wired and Wireless

• ClearPass Policy Manager supports unied wired and

wireless policies using Aruba ClearPass Policy Manager.

• Switch auto-conguration automatically congures

switches for dierent settings such as VLAN, CoS, PoE

max power, and PoE priority when an Aruba access point

is detected.

• User Role denes a set of switch-based policies in areas

such as security, authentication, and QoS. A user role can

be assigned to a group of users or devices, using switch-

based local user role or download from ClearPass.

• Static IP Visibility allows ClearPass to do accounting for

clients with static IP address

KEY FEATURES

• Aruba Layer 2 switch series with static and RIP

routing, ACLs, and robust QoS

• Advanced security and network management

tools like Aruba ClearPass Policy Manager, Aruba

Central and Aruba Airwave

• Simple deployment with Zero Touch Provisioning and

cloud-based Aruba Central support

• Convenient built-in 10 GbE uplinks and up to

370 W PoE+

• Limited Lifetime Warranty

Quality of Service (QoS)

• Trac prioritization (IEEE 802.1p) allows real-time

trac classication into eight priority levels mapped to

eight queues.

• Layer 4 prioritization enables prioritization based on

TCP/UDP port numbers.

• Class of service (CoS) sets the IEEE 802.1p priority tag

based on IP address, IP Type of Service (ToS), Layer

3 protocol, TCP/UDP port number, source port, and

DiServ.

• Rate limiting sets per-port ingress enforced maximums

and per-port, per-queue minimums.

• Large buers provide graceful congestion management.

DATA SHEET

ARUBA 2540 SWITCH SERIES

Connectivity

• Flexible 10 Gbps Ethernet connectivity four xed 10

Gigabit ports (SFP+) available.

• Auto-MDIX provides automatic adjustments for

straight-through or crossover cables on all 10/100 and

10/100/1000 ports.

• IEEE 802.3at Power over Ethernet (PoE+) provides up to

30 W per port that allows support of the latest PoE+-

capable devices such as IP phones, wireless access

points, and security cameras, as well as any IEEE 802.3af-

compliant end device; eliminates the cost of additional

electrical cabling and circuits that would otherwise be

necessary in IP phone and WLAN deployments.

• Pre-standard PoE support detects and provides power to

pre-standard PoE devices.

• IPv6

 - IPv6 host Enables switches to be managed in an

IPv6 network.

 - Dual stack (IPv4 and IPv6) Transitions from IPv4 to IPv6,

supporting connectivity for both protocols.

 - MLD snooping Forwards IPv6 multicast trac to the

appropriate interface.

 - IPv6 ACL/QoS Supports ACL and QoS for IPv6

network trac.

 - IPv6 routing Supports static and RIPng protocols.

 - Security Provides RA guard, DHCPv6 protection,

dynamic IPv6 lockdown, and ND snooping.

Performance

• Energy-ecient design

 - 80 PLUS Silver Certied power supply increases power

eciency and savings.

 - Energy-ecient Ethernet (EEE) support Reduces power

consumption in accordance with IEEE 802.3az.

• Aruba ProVision ASIC architecture is designed with the latest

ProVision ASIC, providing very low latency, increased packet

buering, and adaptive power consumption.

• Selectable queue congurations allow for increased

performance by selecting the number of queues

and associated memory buering that best meet the

requirements of the network applications.

Convergence

• IP multicast snooping and data-driven IGMP automatically

prevent ooding of IP multicast trac.

• IEEE 802.1AB Link Layer Discovery Protocol (LLDP) facilitates

easy mapping using network management applications with

LLDP automated device discovery protocol.

• LLDP-MED (Media Endpoint Discovery) denes a standard

extension of LLDP that stores values for parameters such

as QoS and VLAN to congure automatically network

devices such as IP phones.

• PoE and PoE+ allocations support multiple methods

(automatic, IEEE 802.3at dynamic, LLDP-MED ne grain,

IEEE 802.3af device class, or user-specied) to allocate

and manage PoE and PoE+ power for more ecient

energy savings.

• Local MAC Authentication assigns attributes such as VLAN

and QoS using locally congured prole that can be a list

of MAC prexes.

Resiliency and high availability

• IEEE 802.1s Multiple Spanning Tree provides high link

availability in multiple VLAN environments by allowing

multiple spanning trees; provides legacy support for IEEE

802.1d and IEEE 802.1w.

• IEEE 802.3ad link-aggregation-control protocol (LACP)

and port trunking support up to 26 static, dynamic, or

distributed trunks with each trunk having up to eight links

(ports) per static trunk.

• SmartLink provides easy-to-congure link redundancy of

active and standby links.

Management

• SNMPv1, v2, and v3 provide complete support of SNMP;

provide full support of industry-standard Management

Information Base (MIB) plus private extensions; SNMPv3

supports increased security using encryption.

• Zero-Touch Provisioning (ZTP) simplies installation of the

switch infrastructure using the Aruba Activate-based or a

DHCP-based process with AirWave Network Management.

• Flexible management with same hardware – Supports both

cloud-based Central and on-premise AirWave with the

same hardware ensuring change management platform

without ripping and replacing switching infrastructure

• Aruba Central cloud-based management platform oers a

simple, secure, and cost-eective way to manage switches.

DATA SHEET

ARUBA 2540 SWITCH SERIES

Manageability

• Dual ash images provides independent primary

and secondary operating system les for backup

while upgrading.

• Friendly port names allow assignment of descriptive

names to ports.

• Find-Fix-Inform nds and xes common network

problems automatically, then informs administrator.

• Multiple conguration les allow multiple conguration

les to be stored to a ash image.

• Software updates free downloads from the Web.

®

• RMON, XRMON, and sFlow

provide advanced monitoring

and reporting capabilities for statistics, history, alarms,

and events.

• Troubleshooting ingress and egress port monitoring

enable network problem solving.

• Unidirectional link detection (UDLD) monitors the link

between two switches and blocks the ports on both ends

of the link if the link goes down at any point between the

two devices.

Layer 2 switching

• VLAN support and tagging supports IEEE 802.1Q (4,094

VLAN IDs) and 512 VLANs simultaneously.

• Jumbo packet support improves the performance of large

data transfers; supports frame size of up to 9,220 bytes.

• IEEE 802.1v protocol VLANs isolate select non-IPv4

protocols automatically into their own VLANs.

• Rapid per-VLAN spanning tree (RPVST+) allows each

VLAN to build a separate spanning tree to improve link

bandwidth usage; is compatible with PVST+.

• GVRP and MVRP allow automatic learning and dynamic

assignment of VLANs.

Layer 3 services

• DHCP server centralizes and reduces the cost of IPv4

address management.

Layer 3 routing

• Static IP routing provides manually congured routing;

includes ECMP capability.

• 256 static and 2,000 RIP routes facilitate segregation of

user data, without adding external hardware.

• Routing Information Protocol (RIP) provides RIPv1, RIPv2,

and RIPng routing.

Security

• Multiple user authentication methods

 - IEEE 802.1X Uses an IEEE 802.1X supplicant on the client

in conjunction with a RADIUS server to authenticate in

accordance with industry standards.

 - Web-based authentication provides a browser-based

environment, similar to IEEE 802.1X, to authenticate

clients that do not support the IEEE 802.1X supplicant.

 - MAC-based authentication authenticates the client with

the RADIUS server based on the client’s MAC address.

• Authentication exibility

 - Multiple IEEE 802.1X users per port provides

authentication of multiple IEEE 802.1X users per port;

prevents a user from piggybacking on another user’s

IEEE 802.1X authentication.

 - Concurrent IEEE 802.1X, Web, and MAC authentication

schemes per port switch port will accept up to 32

sessions of IEEE 802.1X, Web, and MAC authentications.

• Access control lists (ACLs) provide IP Layer 3 ltering

based on source and destination IP address or subnet and

source and destination TCP/UDP port number.

• Source-port ltering allows only specied ports to

communicate with each other.

• RADIUS/TACACS+ eases switch management security

administration by using a password authentication server.

• Secure shell encrypts all transmitted data for secure

remote CLI access over IP networks.

• Secure Sockets Layer (SSL) encrypts all HTTP trac,

allowing secure access to the browser-based management

GUI in the switch.

• Port security allows access only to specied MAC

addresses, which can be learned or specied by

the administrator.

• MAC address lockout prevents particular congured MAC

addresses from connecting to the network.

• Secure FTP allows secure le transfer to and from the

switch; protects against unwanted le downloads or

unauthorized copying of a switch conguration le.

• Switch management logon security helps secure switch

CLI logon by optionally requiring either RADIUS or

TACACS+ authentication.

• Custom banner displays security policy when users log in

to the switch.

• STP BPDU port protection blocks Bridge Protocol Data

Units (BPDUs) on ports that do not require BPDUs,

preventing forged BPDU attacks.

• DHCP protection blocks DHCP packets from unauthorized

DHCP servers, preventing denial-of-service attacks.

• Dynamic ARP protection blocks ARP broadcasts from

unauthorized hosts, preventing eavesdropping or theft of

network data.

• Dynamic IP lockdown works with DHCP protection to block

trac from unauthorized hosts, preventing IP source

address spoong.

• STP root guard protects the root bridge from malicious

attacks or conguration mistakes.

• Identity-driven ACL enables implementation of a highly

granular and exible access security policy and VLAN

assignment specic to each authenticated network user.

• Per-port broadcast throttling congures broadcast control

selectively on heavy trac port uplinks.

• Monitor and diagnostics digital optical monitoring of SFP+

and 1000BASE-T transceivers allow detailed monitoring of

the transceiver settings and parameters.

DATA SHEET

ARUBA 2540 SWITCH SERIES

Warranty and support

• Limited Lifetime Warranty

See www.hpe.com/networking/warrantysummary for

warranty and support information included with your

product purchase.

• Software releases to nd software for your product, refer

to www.hpe.com/networking/support; for details on the

software releases available with your product purchase,

refer to www.hpe.com/networking/warrantysummary