General corporate use of Ethernet switch network is divided into two main classes, one is using protocol converters into Ethernet access switch line; the second is rented bare fiber directly. Specifically, in category IV network, select the three-layer switch can only configure a simple dynamic routing protocols, simple policy routing, QoS, and simple access control capabilities, and this location the device functionality requirements and more, using an Ethernet switch network need to be aware of the following issues.
Now online more and more viruses, network virus and larger losses, export of a network device does not have certain firewall features are unthinkable. Low-end switches Basic Firewall properties, ACL access control feature is bad, while for the router, and even the lowest-end routers may support based on a stateful ACL control, you can allow users to filter based on types and characteristics of network virus configuration, you can also limit the maximum number of links for each IP address in order to prevent abnormal.
(2) operational support flexibility
Some Web servers within the network needs to be non-symmetric access control, that is accepted only from the outside of the access request but may not request or to the Internet, this will help prevent the server from being used as a hacker tool or cause leaks. Router based on the ACL configuration to determine session status, making it not only into; and low-end switches because all packets within the ASCI to complete, it is impossible to implement this business.