GS-4210-24P2s

GS-4210-24P2S: 24 Port Managed PoE Gigabit Ethernet Switch

Cost-optimized Managed PoE+ Switch with Advanced L2/L4 Switching and Security

PLANET GS-4210-24P2S is an ideal Gigabit PoE Switch which provides cost-effective advantage to local area network and is widely accepted in the SMB office network. It offers intelligent Layer 2 data packet switching and management functions, friendly web user interface and stable operation. The model complies with IEEE 802.3at Power over Ethernet Plus (PoE+) at an affordable price. The GS-4210-24P2S is equipped with 24 10/100/1000BASE-T Gigabit Ethernet ports and 2 100/1000BASE-X SFP interfaces with inner power system. Its 24 Gigabit Ethernet ports integrated with 802.3at PoE+ injector function on all ports. It offers a rack-mountable, affordable, safe and reliable power solution for SMBs deploying Power over Ethernet networks, or requiring enhanced data security and network traffic management.

Built-in Unique PoE Functions for Powered Devices Management

As the PoE managed switch for surveillance, wireless and VoIP networks, the GS-4210-24P2S features special PoE management functions:

■ PD alive check

■ Scheduled power recycling

■ PoE schedule

■ PoE usage monitoring

Intelligent Powered Device Alive Check

The GS-4210-24P2S can be configured to monitor connected PD (powered device) status in real time via ping action. Once the PD stops working and responding, the GS-4210-24P2S will resume the PoE port power and bring the PD back to work. It will greatly enhance the network reliability through the PoE port resetting the PD’s power source and reducing administrator management burden.

Scheduled Power Recycling

The GS-4210-24P2S allows each of the connected PoE IP cameras or PoE wireless access points to reboot at a specific time each week. Therefore, it will reduce the chance of IP camera or AP crash resulting from buffer overflow.

PoE Schedule for Energy Saving

Under the trend of energy saving worldwide and contributing to environmental protection, the GS-4210-24P2S can effectively control the power supply besides its capability of giving high watts power. The “PoE schedule” function helps you to enable or disable PoE power feeding for each PoE port during specified time intervals and it is a powerful function to help SMBs or enterprises save power and money. It also increases security by powering off PDs that should not be in use during non-business hours.

PoE Usage Monitoring
Via the power usage chart in the web management interface, the GS-4210-24P2S enables the administrator to monitor the status of the power usage of the connected PDs in real time. Thus, it greatly enhances the management efficiency of the facilities.

IPv6/IPv4 Dual Stack

Supporting both IPv6 and IPv4 protocols, the GS-4210-24P2S helps the SMBs to step in the IPv6 era with the lowest investment as its network facilities need not be replaced or overhauled if the IPv6 FTTx edge network is set up.

Robust Layer 2 Features

The GS-4210-24P2S can be programmed for advanced switch management functions such as dynamic port link aggregation, 802.1Q VLAN and Q-in-Q VLAN, Multiple Spanning Tree protocol (MSTP), loop and BPDU guard, IGMP snooping, and MLD snooping. Via the link aggregation, the GS-4210-24P2S allows the operation of a high-speed trunk to combine with multiple ports such as a 4Gbps fat pipe, and supports fail-over as well. Also, the Link Layer Discovery Protocol (LLDP) is the Layer 2 protocol included to help discover basic information about neighboring devices on the local broadcast domain.

Efficient Traffic Control

The GS-4210-24P2S is loaded with robust QoS features and powerful traffic management to enhance services to business-class data, voice, and video solutions. The functionality includes broadcast/multicast/unicast storm control, per port bandwidth control, 802.1p/CoS/IP DSCP QoS priority and remarking. It guarantees the best performance at VoIP and video stream transmission, and empowers the enterprises to take full advantages of the limited network resources.

Enhanced and Secure Management

For efficient management, the GS-4210-24P2S is equipped with console, web, telnet and SNMP management interfaces. With the built-in web-based management interface, the GS-4210-24P2S offers an easy-to-use, platform-independent management and configuration facility. By supporting standard Simple Network Management Protocol (SNMP), the switch can be managed via any standard management software. For text-based management, the switch can be accessed via telnet and the console port. Moreover, the GS-4210-24P2S offers secure remote management by supporting SSH, HTTPS and SNMPv3 connections which encrypt the packet content at each session.

Powerful Security

PLANET GS-4210-24P2S offers comprehensive IPv4/IPv6 Layer 2 to Layer 4 Access Control List (ACL) for enforcing security to the edge. It can be used to restrict network access by denying packets based on source and destination IP address, TCP/UDP ports or defined typical network applications. Its protection mechanism also comprises 802.1X port-based user and device authentication, which can be deployed with RADIUS to ensure the port level security and block illegal users. With the protected port function, communication between edge ports can be prevented to guarantee user privacy. Furthermore, Port security function allows to limit the number of network devices on a given port.

Advanced Network Security

The GS-4210-24P2S also provides DHCP snooping, IP source guard and dynamic ARP inspection functions to prevent IP snooping from attack and discard ARP packets with invalid MAC address. The network administrators can now construct highly-secure corporate networks with considerably less time and effort than before.

Flexible Extension Solution

The two mini-GBIC slots built in the GS-4210-24P2S are compatible with the 100BASE-FX/1000BASE-SX/LX SFP (Small Form-factor Pluggable) fiber transceiver to uplink to backbone switch and monitor center in long distance. The distance can be extended from 550 meters to 2km (multi-mode fiber) and to 10/20/30/40/50/60/70/120 kilometers (single-mode fiber or WDM fiber). They are well suited for applications within the enterprise data centers and distributions.

Perfectly-Integrated Solution for PoE IP Surveillance
The GS-4210-24P2S brings an ideal, secure surveillance system at a lower total cost. The GS-4210-24P2S provides 24 10/100/1000Mbps 802.3at PoE+ ports able to feed sufficient PoE power for 24 IEEE 802.3af/IEEE 802.3at PoE IP cameras at the same time. It is also able to connect with one 16-channel NVR or two 8-channel NVR systems, uplink to the backbone switch and the monitoring center. With such a high-performance switch architecture, the recorded video files from the PoE IP cameras can be saved in the NVR system to enable the administrators to control and monitor the surveillance images both in the local LAN and the remote sites.

Department/Workgroup PoE Network
Providing 24 PoE in-line power interfaces, the GS-4210-24P2S can easily build a power that centrally controls IP phone system, IP camera system and wireless AP group for enterprises. The GS-4210-24P2S delivers full ports of 802.3af/at compliant Gigabit Ethernet network connectivity with high-performance and cost-effective advantages for the increasing number of PoE IP telephones, PoE IP cameras, PoE wireless access points and other devices applied at the edge of the small or medium enterprise network. The GS-4210-24P2S improves the network efficiency and protects the network clients with the powerful features:
■ Layer 2 to Layer 4 security
■ QoS/802.1Q VLAN/static trunk/LACP
■ 802.1x port-based and MAC-based network access authentication security
■ Multicast IGMP snooping

Physical Port

  • 24-port 10/100/1000BASE-T Gigabit RJ45 copper
  • 2 100/1000BASE-X mini-GBIC/SFP slots
  • RJ45 console interface for switch basic management and setup
  • Reset button for system factory default and reboot

Switching

  • Hardware-based 10/100Mbps, half/full duplex and 1000Mbps full duplex mode, flow control and auto-negotiation, and auto MDI/MDI-X
  • Features Store-and-Forward mode with wire-speed filtering and forwarding rates
  • IEEE 802.3x flow control for full duplex operation and back pressure for half duplex operation
  • 9K jumbo frame
  • Automatic address learning and address aging
  • Supports CSMA/CD protocol

Power over Ethernet

  • Complies with IEEE 802.3at High Power over Ethernet
  • Complies with IEEE 802.3af Power over Ethernet
  • Up to 24 ports of IEEE 802.3af/802.3at devices powered
  • Supports PoE Power up to 30.8 watts for each PoE port
  • 300-watt PoE budget
  • Auto detects powered device (PD)
  • Circuit protection prevents power interference between ports
  • Remote power feeding up to 100m
  • PoE Management
    • Total PoE power budget control
    • Per port PoE function enable/disable
    • PoE Port Power feeding priority
    • Per PoE port power limitation
    • PoE delay
    • PD classification detection
  • Intelligent PoE features
    • PoE usage threshold control
    • PD alive check
    • PoE schedule

Layer 2 Features

  • Prevents packet loss with back pressure (half-duplex) and IEEE 802.3x pause frame flow control (full-duplex)
  • High performance Store and Forward architecture, runt/CRC filtering eliminates erroneous packets to optimize the network bandwidth
  • Supports VLAN
    • IEEE 802.1Q tagged VLAN
    • Provider Bridging (VLAN Q-in-Q) support (IEEE 802.1ad)
    • Protocol VLAN
    • Voice VLAN
    • Private VLAN
    • Management VLAN
    • GVRP
  • Supports Spanning Tree Protocol
    • STP (Spanning Tree Protocol)
    • RSTP (Rapid Spanning Tree Protocol)
    • MSTP (Multiple Spanning Tree Protocol)
    • STP BPDU Guard, BPDU Filtering and BPDU Forwarding
  • Supports Link Aggregation
    • IEEE 802.3ad Link Aggregation Control Protocol (LACP)
    • 1 LACP group, up to 2 ports per LACP group- Cisco ether-channel (static trunk)
    • 1 trunk group, up to 2 ports per trunk group
  • Provides port mirror (many-to-1)
  • Loop protection to avoid broadcast loops

Quality of Service

  • Ingress/Egress Rate Limit per port bandwidth control
  • Storm Control support
    • Broadcast/unknown unicast/unknown multicast
  • Traffic classification
    • IEEE 802.1p CoS
    • TOS/DSCP/IP precedence of IPv4/IPv6 packets
  • Strict priority and Weighted Round Robin (WRR) CoS policies

Multicast

  • Supports IPv4 IGMP snooping v2 and v3
  • Supports IPv6 MLD snooping v1, v2
  • IGMP querier mode support
  • IGMP snooping port filtering
  • MLD snooping port filtering

Security

  • Authentication
    • IEEE 802.1X port-based network access authentication
    • Built-in RADIUS client to co-operate with the RADIUS servers
    • DHCP Option 82
    • RADIUS/TACACS+ login user access authentication
  • Access Control List
    • IPv4/IPv6 IP-based ACL
    • IPv4/IPv6 IP-based ACE
    • MAC-based ACL
    • MAC-based ACE
  • MAC Security
    • Static MAC
    • MAC Filtering
  • Port security for source MAC address entries filtering
  • DHCP snooping to filter distrusted DHCP messages
  • Dynamic ARP Inspection discards ARP packets with invalid MAC address to IP address binding
  • IP source guard prevents IP spoofing attacks
  • DoS attack prevention
  • SSH/SSL

Management

  • IPv4 and IPv6 dual stack management
  • Switch management interface
    • Web switch management
    • Telnet command line interface
    • SNMP v1, v2c and v3
    • SSH and SSL secure access
  • User privilege levels control
  • Built-in Trivial File Transfer Protocol (TFTP) client
  • BOOTP and DHCP for IP address assignment
  • System maintenance
    • Firmware upload/download via HTTP/TFTP
    • Configuration upload/download through web interface
    • Dual images
    • Hardware reset button for system reboot or reset to factory default
  • SNTP Network Time Protocol
  • Cable diagnostics
  • Link Layer Discovery Protocol (LLDP) and LLDP-MED
  • SNMP trap for interface link up and link down notification
  • Event message logging to remote Syslog server
  • Four RMON groups (history, statistics, alarms and events)
  • PLANET smart discovery utility
Hardware Specifications 
Hardware Version2
Copper Ports24 x 10/100/1000BASE-T RJ45 Auto-MDI/MDI-X Ports
PoE Injector Port24 802.3af/802.3at PoE Injector Ports
SFP/mini-GBIC Slots2 100/1000BASE-X SFP interfaces, supporting 100/1000Mbps dual mode
Console1 x RS-232-to-RJ45 serial port (115200, 8, N, 1)
Switch ArchitectureStore-and-Forward
Switch Fabric52Gbps/non-blocking
Switch Throughput@64 bytes38.6Mpps @64 bytes
MAC Address Table8K entries
Shared Data Buffer4.1 megabits
Flow ControlIEEE 802.3x pause frame for full-duplex
Back pressure for half-duplex
Jumbo Frame9216 bytes
Reset Button< 5 sec: System reboot
> 5 sec: Factory default
LEDSystem:
Power (Green)
10/100/1000T RJ45 Interfaces (Port 1 to Port 24):
1000 LNK/ACT (Green), 10/100 LNK/ACT (Orange), PoE (Orange)
100/1000Mbps SFP Interfaces (Port 25 to Port 26):
1000 LNK/ACT (Green), 100 LNK/ACT (Orange)
Thermal Fan2
Power Requirements100~240V AC, 50/60Hz, 4A (max.)
Power Consumption/DissipationMax. 330 watts/1122 BTU
Dimensions (W x D x H)445 x 207 x 45 mm (1U height)
Weight2.8kg
EnclosureMetal
Power over Ethernet
PoE StandardIEEE 802.3af Power over Ethernet/PSE
IEEE 802.3at Power over Ethernet Plus/PSE
PoE Power OutputPer Port 52V DC, 300mA. Max. 15.4 watts (IEEE 802.3af)
Per Port 52V DC, 600mA. Max. 30 watts (IEEE 802.3at)
PoE Power Budget300 watts
Number of PDs, 7 watts24
Number of PDs, 15.4 watts19
Number of PDs, 30 watts9
Layer 2 Functions
Port MirroringTX/RX/both
Many-to-1 monitor
VLAN802.1Q tagged-based VLAN
Up to 256 VLAN groups, out of 4094 VLAN IDs
802.1ad Q-in-Q tunneling
Voice VLAN
Protocol VLAN
Private VLAN (Protected port)
GVRP
Management VLAN
Link AggregationIEEE 802.3ad LACP supports 1 group of 2-port trunk and static trunk supports 1 group of 2-port trunk
Spanning Tree ProtocolIEEE 802.1D Spanning Tree Protocol (STP)
IEEE 802.1w Rapid Spanning Tree Protocol (RSTP)
IEEE 802.1s Multiple Spanning Tree Protocol (MSTP)
IGMP SnoopingIGMP (v2/v3) snooping
IGMP querier
Up to 256 multicast groups
MLD SnoopingIPv6 MLD (v1/v2) snooping, up to 256 multicast groups
Access Control ListIPv4/IPv6 IP-based ACL/MAC-based ACL
Pv4/IPv6 IP-based ACE/MAC-based ACE
QoS8 mapping IDs to 8 level priority queues
– Port number
– 802.1p priority
– DSCP/IP precedence of IPv4/IPv6 packets
Traffic classification based, strict priority and WRR
Ingress/Egress Rate Limit per port bandwidth control
SecurityIEEE 802.1X port-based authentication
Built-in RADIUS client to cooperate with RADIUS server
RADIUS/TACACS+ authentication
IP-MAC port binding
MAC filtering
Static MAC address
DHCP snooping and DHCP Option82
STP BPDU guard, BPDU filtering and BPDU forwarding
DoS attack prevention
ARP inspection
IP source guard
Storm control support
Broadcast/unknown unicast/unknown multicast
Management Functions
Basic Management InterfacesRJ45 Console; Web browser; Telnet; SNMP v1, v2c, v3
Firmware upgrade by HTTP/TFTP Protocol through Ethernet network
Configuration upload/download through HTTP/TFTP
Remote/Local Syslog
System log
LLDP Protocol
SNTP
PLANET Smart Discovery Utility
Secure Management InterfacesHTTPs, SNMP v3
SNMP MIBsRFC 3635 Ethernet-like MIB
RFC 2863 Interface Group MIB
RFC 2819 RMON (1, 2, 3, 9)
RFC 1493 Bridge MIB
Standards Conformance
Regulatory ComplianceFCC Part 15 Class A, CE
Standards ComplianceIEEE 802.3 10BASE-T
IEEE 802.3u 100BASE-TX/100BASE-FX
IEEE 802.3z Gigabit SX/LX
IEEE 802.3ab Gigabit 1000T
IEEE 802.3x flow control and back pressure
IEEE 802.3ad port trunk with LACP
IEEE 802.1D Spanning Tree Protocol
IEEE 802.1w Rapid Spanning Tree Protocol
IEEE 802.1s Multiple Spanning Tree Protocol
IEEE 802.1p Class of Service
IEEE 802.1Q VLAN tagging
IEEE 802.1x Port Authentication Network Control
IEEE 802.1ab LLDP
IEEE 802.3af Power over Ethernet
IEEE 802.3at Power over Ethernet Plus
RFC 768 UDP
RFC 793 TFTP
RFC 791 IP
RFC 792 ICMP
RFC 2068 HTTP