ExtremeXOS Release Notes
> Extreme Switch Security Assessment
Published January 2018
prev
|
next
Print this page
Email this topic
Feedback
View PDF
Download EPUB
Preface
Conventions
Text Conventions
Platform-Dependent Conventions
Terminology
Providing Feedback to Us
Getting Help
Related Publications
Overview
Common Criteria Compliance
Upgrading ExtremeXOS
New and Corrected Features in ExtremeXOS 22.3
Multiprotocol Border Gateway Protocol (MBGP) Support for Virtual Extensible LAN (VXLAN)
Explicit Congestion Notification (ECN)
Address Resolution Protocol (ARP) Suppression
BGP Multipath-Relax Feature
Locally Administered MAC Addresses
Captive Portal Redirection
CLI File Name Completion
Command Aliases
USB Zero Touch Provisioning for Transferring Switch Configuration
New Stacking Port Statistics Commands
Automatic Authentication When Using Telnet Between Stack Nodes
Extension of Ethernet Ring Protection Switching (ERPS) Clear Command
Increase in Open Shortest Path First (OSPFv3) Equal-Cost Multi-path Routing (ECMP) Limit
Ethernet Automatic Protection Switching (EAPS) Shared Port Capability Added to Advanced Edge License
Enabling/Disabling the USB Port
Certificate Signing Request
Iterative Online Certificate Status Protocol (OCSP) for Intermediate Certificates
SSHv2 Rekeying Interval
Federal Information Processing Standards (FIPS) Compliance for Passwords
Entity Sensor MIB (RFC-3433) Support Added
Enabling/Disabling DSA and X509v3 Public Key Algorithms
IEEE Forward Error Correction (FEC) Capability
New Hardware Supported in ExtremeXOS 22.3
Updating the Programmable Logic Firmware on the Summit X440-G2 and ExtremeSwitching X620 Series Switches
End of Support for Non-persistent Adj-Rib-Out (ARO)
Multiple Spanning Tree Protocol (MSTP) Enabled by Default
Vulnerability Notice
Direct Attach Feature No Longer Requires Separate License
Summit X460-G2 Series Switches Have Advanced Edge License
VLAN Option Formatting in Commands
Circuit Emulation Service (CES) No Longer Supported
OpenFlow and SSH Included in ExtremeXOS Base Image
ExtremeXOS SSH Server Upgraded with OpenSSH v6.5
CLI Command Output Format of Ports Lists
Extreme Hardware/Software Compatibility and Recommendation Matrices
Compatibility with Extreme Management Center (Formerly NetSight)
Supported MIBs
Tested Third-Party Products
Extreme Switch Security Assessment
Service Notifications
Limits
Open Issues, Known Behaviors, and Resolved Issues
Open Issues
Known Behaviors
Resolved Issues in ExtremeXOS 22.3.1-Patch1CC-2
Resolved Issues in ExtremeXOS 22.3.1-Patch1-4
Resolved Issues in ExtremeXOS 22.3
Extreme Switch Security Assessment
DoS Attack Assessment
Tools used to assess DoS attack vulnerability:
Network Mapper (NMAP)
ICMP Attack Assessment
Tools used to assess ICMP attack vulnerability:
SSPing
Twinge
Nuke
WinFreeze
Port Scan Assessment
Tools used to assess port scan assessment:
Nessus