System DescriptionH3C S3600 Series Ethernet Switches Chapter 3 Software Features3-14 When multiple systems are used to deal with complex events, it ensures thecorrect order of these events. It ensures the RPC between systems be normally performed. It provides time information about such operations as system login of users, filemodification for application program.3.9 SecurityThe popularity of network applications, especially in some sensitive occasions(e-commerce for example), highlights the issue of network security. The S3600 seriesprovide these network security features: Hierarchical user management and password protection MAC address black hole MAC address learning limit MAC address and port binding SSH 802.1x authentication Centralized MAC address authentication DUD authentication Local and RADIUS authentication Port isolationWith respect to filtering and authenticating Ethernet frames and packets from the upperlayers, the S3600 series support: ACL, with which information is filtered at layers 2 through 4 (such as based on port,by source/destination MAC address, by source/destination IP address, or by thetype of upper layer protocol). RIPv2/OSPFv2 packet authentication with the clear text and MD5 approaches Encrypted authentication of SNMPv33.9.1 Terminal Access User ClassificationThe S3600 series protect command lines in a hierarchical way by dividing thecommand lines into four levels: visitor, monitor, operator, and administrator.Commensurate with the command division, login users are classified into four levels. Alogin user can use only the commands equal to or lower than its level.3.9.2 SSHWhen users log onto the Ethernet switch from an insecure network, Secure Shell (SSH)offers security information protection and powerful authentication function to safeguardthe Ethernet switch from attacks such as IP address spoofing and plain text cipherinterception. The Ethernet switch can accept multiple SSH customer connections at the