NETGEAR M4100 Series
As a cost-effective component of converged voice, video and data networking solutions, NETGEAR M4100 series offers ideal, advanced features for a secure edge in commercial buildings and campus LAN environments.
– High availability and PoE/PoE+ full power capability
– Industry standard management
– Industry leading warranty
– Layer 2+ with static routing
– Engineered for convergence
– High-value performance and IPv6 ready
Performance
– Layer 3 hardware with L2+ software affordability
– Built upon L3 hardware platform while Layer 2+ software package allows for better budget optimization
– Uses latest generation silicon low-power 40-nanometer technology
– L2 and L3 switching features (access control list, classification, filtering, IPv4 routing) are performed in hardware at interface line rate for voice, video, and data convergence
– Layer 2+ software package provides straight forward IP static routing capabilities for physical interfaces, VLANs and subnets
– 16K MAC address table, 1K concurrent VLANs and 64 static routes for SMB and small enterprise access layers
– Increased packet buffering with up to 12 Mb dynamically shared accross all interfaces for most intensive applications
– Low latency at all network speeds
– Jumbo frames support of up to 9Kb accelerating storage performance for backup and cloud applications
– Broad portfolio of access layer solutions, ranging from 8 ports Fast Ethernet to 50 ports Gigabit Ethernet
Connectivity
– IEEE 802.3af Power over Ethernet (PoE) provides up to 15.4W per port
– IEEE 802.3at Power over Ethernet Plus (PoE+) provides up to 30W per port
– Desktop versions can be powered by upstream PoE+ switch
– M4100-D12G-POE+ can even redistribute PoE power from the upstream PoE+ switch to VoIP phones or other devices in meeting rooms, retail sales floors or other challenging environments without outlet
– Both IEEE 802.3at Layer 2 LLDP method and 802.3at 2-event classification methods are supported for compatibility with all PoE+ PD devices
– Automatic MDIX and Auto-negotiation on all ports select the right transmission modes (half or full duplex) as well as data transmission for crossover or straight-through cables dynamically for the admin
– 100Mbps backward compatiblity on all SFP ports
– IPv6 support with multicasting (MLD for IPv6 filtering), ACLs and QoS
Ease of Use
– Fully functional Web console (GUI) for IT admins who prefer an easy to use graphical interface
– Placement outside the wiring closet (conference rooms, offices, class rooms, sales floor in retail stores, etc)
– For secure deployment in open areas , desktop versions come with a Wall Mount Kit with four brackets
– Select desktop versions also come with a set of strong magnets for mounting on any metal surface
– Automatic configuration with DHCP and BootP Auto Install
– Both the Switch Serial Number and Switch primary MAC address are reported by a simple “show” command in the CLI
– Automatic Voice over IP prioritization with Auto-VoIP
– An associated Voice VLAN can be easily configured with Auto-VoIP for further traffic isolation
– When deployed IP phones are LLDP-MED compliant, the Voice VLAN will use LLDP-MED to pass on the VLAN ID, 802.1P priority and DSCP values to the IP phones, accelerating convergent deployments
– DHCP/BootP innovative auto-installation including firmware and configuration file upload automation
– Dual firmware image and configuration file for updates with minimum service interruption
Security
– Traffic control MAC Filter and Port Security
– DHCP Snooping monitors DHCP traffic between DHCP clients and DHCP servers to filter harmful DHCP message and prevent DHCP spoofing attacks
– IP source guard and Dynamic ARP Inspection for malicious users traffic elimination
– Layer 2 / Layer 3-v4 / Layer 3-v6 / Layer 4 Access Control Lists (ACLs) can be binded to ports, Layer 2 interfaces, VLANs and LAGs (Link Aggregation Groups or Port channel) for fast unauthorized data prevention and right granularity
– Bridge protocol data unit (BPDU) Guard allows the network administrator to enforce the Spanning Tree (STP) domain borders and keep the active topology consistent and predictable – unauthorized devices or switches behind the edge ports that have BPDU enabled will not be able to influence the overall STP topology by creating loops
– Spanning Tree Root Guard (STRG) enforces the Layer 2 network topology by preventing rogue root bridges potential issues when for instance, unauthorized or unexpected new equipment in the network may accidentally become a root bridge for a given VLAN
– Dynamic 802.1x VLAN assignment mode, including Dynamic VLAN creation mode and Guest VLAN / Unauthenticated VLAN are supported for rigorous user and equipment RADIUS policy server enforcement
– 802.1x MAC Address Authentication Bypass (MAB)
– Double VLANs (DVLAN – QoQ) pass traffic from one customer domain to another through the “metro core” in a multi-tenancy environment
– Private VLANs (with Primary VLAN, Isolated VLAN, Community VLAN, Promiscuous port, Host port, Trunks) provide Layer 2 isolation between ports that share the same broadcast domain
– Secure Shell (SSH) and SNMPv3 (with or without MD5 or SHA authentication) ensure SNMP and Telnet sessions are secured
– TACACS+ and RADIUS enhanced administrator management provides strict “Login” and “Enable” authentication enforcement for the switch configuration and authentication based on user domain in addition to user ID and password