Physical Port
- 16 10/100/1000BASE-T Gigabit RJ45 copper ports with 16-port IEEE 802.3af/at/Ultra PoE injector
- 4 100/1000BASE-X mini-GBIC/SFP slots
- 2 10GBASE-SR/LR SFP+ slots, compatible with 1000BASE-SX/LX/BX SFP
- RJ45 console interface for switch basic management and setup
Power over Ethernet
- Complies with IEEE 802.3at Power over Ethernet Plus, end-span/mid-span PSE
- Backward compatible with IEEE 802.3af Power over Ethernet
- Up to 16 ports of IEEE 802.3af/IEEE 802.3at/ultra PoE devices powered
- Supports PoE power up to 75 watts for each ultra PoE port
- Auto detects powered device (PD)
- Circuit protection prevents power interference between ports
- Remote power feeding up to 100 meters
- PoE management
- Total PoE power budget control - Per port PoE function enable/disable - PoE admin-mode control - PoE port power feeding priority - Per PoE port power limitation - PD classification detection - Temperature threshold control - PD alive check - PoE schedule Layer 2 Features
- Prevents packet loss with back pressure (half-duplex) and IEEE 802.3x pause frame flow control (full-duplex)
- High performance of Store-and-Forward architecture and runt/CRC filtering eliminates erroneous packets to optimize the network bandwidth
- Storm Control support
- Broadcast/Multicast/Unknown unicast
- Supports VLAN
- IEEE 802.1Q tagged VLAN - Up to 255 VLANs groups, out of 4094 VLAN IDs - Supports provider bridging (VLAN Q-in-Q, IEEE 802.1ad) - Private VLAN Edge (PVE) - Protocol-based VLAN - MAC-based VLAN - Voice VLAN
- Supports Spanning Tree Protocol
- IEEE 802.1D Spanning Tree Protocol - IEEE 802.1w Rapid Spanning Tree Protocol - IEEE 802.1s Multiple Spanning Tree Protocol, spanning tree by VLAN - BPDU Guard
- Supports Link Aggregation
- 802.3ad Link Aggregation Control Protocol (LACP) - Cisco ether-channel (static trunk) - Maximum 11 trunk groups, up to 6 ports per trunk group - Up to 12Gbps bandwidth (full duplex mode)
- Provides port mirror (many-to-1)
- Port mirroring to monitor the incoming or outgoing traffic on a particular port
- Loop protection to avoid broadcast loops
Layer 3 Features
- IP interfaces (Max. 8 VLAN interfaces)
- Routing table (Max. 32 routing entries)
- Routing Protocols (IPv4/IPv6 software static routing)
Quality of Service
- Ingress Shaper and Egress Rate Limit per port bandwidth control
- 8 priority queues on all switch ports
- Traffic classification
- IEEE 802.1p CoS - TOS/DSCP/IP precedence of IPv4/IPv6 packets - IP TCP/UDP port number - Typical network application
- Strict priority and Weighted Round Robin (WRR) CoS policies
- Supports QoS and In/Out bandwidth control on each port
- Traffic-policing policies on the switch port
- DSCP remarking
Multicast
- Supports IGMP snooping v1, v2 and v3
- Supports MLD snooping v1 and v2
- Querier mode support
- IGMP snooping port filtering
- MLD snooping port filtering
- Multicast VLAN Registration (MVR) support
Security
- Authentication
- IEEE 802.1x port-based/MAC-based network access authentication - Built-in RADIUS client to cooperate with the RADIUS servers - TACACS+ login users access authentication - RADIUS/TACACS+ users access authentication
- Access Control List
- IP-based Access Control List (ACL) - MAC-based Access Control List
- Source MAC/IP address binding
- DHCP Snooping to filter untrusted DHCP messages
- Dynamic ARP Inspection discards ARP packets with invalid MAC address to IP address binding
- IP Source Guard prevents IP spoofing attacks
- Auto DoS rule to defend DoS attack
- IP address access management to prevent unauthorized intruder
Management
- IPv4 and IPv6 dual stack management
- Switch Management Interfaces
- Console/Telnet Command Line Interface - Web switch management - SNMP v1, v2c, and v3 switch management - SSH/SSL secure access
- IPv6 IP Address/NTP/DNS management
- Built-in Trivial File Transfer Protocol (TFTP) client
- BOOTP and DHCP for IP address assignment
- System Maintenance
- Firmware upload/download via HTTP/TFTP - Reset button for system reboot or reset to factory default - Dual images
- DHCP Relay
- DHCP Option 82
- User Privilege levels control
- NTP (Network Time Protocol)
- Link Layer Discovery Protocol (LLDP) and LLDP-MED
- Network Diagnostic
- ICMPv6/ICMPv4 remote ping - Cable diagnostic technology provides the mechanism to detect and report potential cabling issues
- SMTP/Syslog remote alarm
- Four RMON groups (history, statistics, alarms and events)
- SNMP trap for interface Link Up and Link Down notification
- System Log
- PLANET Smart Discovery Utility for deployment management
- Smart fan with speed control
Redundant Power System (GS-5220-16UP4S2XR)
- Redundant 100~240V AC/36-60V DC dual power
- Active-active redundant power failure protection
- Backup of catastrophic power failure on one supply
- Fault tolerance and resilience