Advanced Layer 2 management functions: Auto Feed, NAT, and Restful API

Datasheet

ITU G.8032 Ring Environmental Monitoring DDoS NAT PoE off timer Auto feed configuration IEC 62443-4-2 compliant

OVERVIEW

Lantech OS2 PRO management features provides L2 management, NAT and advanced security functions for onboard network deployment. WebGUI, and complete CLI settings make configuration easy. The Restful API can greatly improve central management efficiency for various applications including fleet management and AIOT. The advanced cybersecurity mechanism can prevent hackers from hacking or attacking.


ITXPT label* for delay shut down, inventory service, standby green mode
Lantech OS2 PRO switch supports Module inventory, Time service and MQTT broker. When the engine of the vehicle turns off, the switch is able to extend the work from 30sec to 60mins. The switch must be able to provide SRV and TXT records to back office and exports the data in xml file format. The consumption power under sleep mode meets the standard of ITxPT. (-IGN model)


Auto feed configuration for swapped new switches for Seamless Network Maintenance*
Lantech OS2 PRO switch supports auto-feed configuration features* that revolutionize network switch setup and management. It ensures that new and replacement switches automatically receive the correct configuration without manual intervention.


MQTT – Publisher & Broker
MQTT is a publish-subscribe-based messaging protocol and works on top of the 80CP/IP protocol. An MQTT system comprises one broker and several clients, where clients can either be publishers or subscribers. The publishers send data to the broker in the form of MQTT packets, which consist of a “topic” and “payload”, then the broker distributes the “payload” to the subscribers based on which "topics" they have subscribed.


NAT/PAT & Firewall supported
The switch supports Static IP address, PPPoE (V4&V6), DHCP client, NAT, PAT, OSPF and RIP routing functions, including static route, dynamic route as well as basic firewall functions with Port forwarding, DMZ, Filtering, Remote admin and DDoS protection.


mDNS (Multicast DNS) feature
mDNS (Multicast DNS) enables hosts in the LAN to discover and communicate with each other in compliance with the DNS protocol without a traditional DNS server.


Support OPEN API document format for Restful API for better switch performance
Lantech OS2 PRO switch supports OPEN API document format for Restful API hat uses JSON format to access and use data for GET, PUT, POST and DELETE types to avoid traditional SNMP management occupying CPU utilization.


Ignition PoE timer function on IGN model
Lantech OS2 PRO switch (IGN model) has a programmed timer by port to shut down each PoE port, with variants from 30 seconds to 60 minutes, eliminating the additional relay wire to shut down PoE ports and allowing for remote configuration to change the PoE timer time anytime, anywhere.


Certified cybersecurity development process with IEC 62443-4-1, and IEC 62443-4-2** compliance with physical tamper resistance and detection for integrity and authenticity of the boot process
Lantech OS2 PRO platform is designed with a high standard of cybersecurity to prevent threats from network attacks. To ensure the safety and reliability of communication networks, Lantech software development is certified with IEC 62443-4-1 security process standards and the switch is also compliant to IEC 62443-4-2**. The switch uses roots of trust to verify the integrity and authenticity of the firmware, software, and configuration data needed for the switch’s boot process.


802.1X security by MAC address
MAC-based port authentication is an alternative approach to 802.1x for authenticating hosts connected to a port. By authenticating based on the host's source MAC address, the host is not required to run a user for the 802.1x protocol. The RADIUS server that performs the authentication will inform the switch if this MAC can be registered in the MAC address table of the switch.


RADIUS and TACACS+
Lantech OS2 PRO switch supports RADIUS and TACACS+ to handle authentication, authorization, and accounting (AAA) services for network access control.


Enhanced G.8032 ring, 8 MSTI MSTP
Lantech OS2 PRO switch features enhanced G.8032 ring which can be self-healed in less than 20ms for single ring topology protection covering multicast packets. It also supports various ring topologies that covers enhanced ring and basic ring by easy setup than others. It supports MSTP that allows each spanning tree for each VLAN for redundant links with 8 MSTI.


DHCP option 82 & Port based, Mac based DHCP, Option66, DHCP Snooping
DHCP server can assign dedicated IP address by MAC or by port (Port based for single switch), it also can assign IP address by port for multiple switches with single DHCP option82 server. DHCP Snooping is supported. DHCP Option66 server can offer IP address of TFTP server to DHCP client for VOIP application.


IGMPv3, MLD snooping, query, GMRP, static multicast forwarding and multicast Ring protection
The unique multicast protection under enhanced G.8032 ring can offer immediate self-recovery instead of waiting for IGMP table timeout. It also supports IGMP v3 with Query mode for multimedia, GMRP, router port, MLD snooping and static multicast forwarding binding by ports for video surveillance applications.


Support RTC (Real Time Clock) with longevity Golden Capacitor; CPU watchdog
Our switch supports RTC which is powered by a golden capacitor, ensuring accurate real-time event logs. The built-in watchdog design can automatically reboot the switch when CPU is found dead.


User-friendly GUI, Editable configuration text file, Auto topology drawing, Enhanced Environmental Monitoring
The user-friendly UI, innovative auto topology drawing and topology demo makes Lantech OS2 PRO switch much easier to get hands-on. The complete CLI enables professional engineer to configure setting by command line. The configuration file of Lantech OS2 PRO switch can be exported in text file so that it can be edited and configured back to switch with ease for mass deployment. It supports enhanced environmental monitoring for actual input voltage, current, ambient temperature and total power load.


*Future release
**Optional

SPECIFICATIONS

Management

SNMP v1 v2c, v3/ Web/Telnet/CLI/OPEN API document format for Restful API

SNMP MIB

MIBII
MIB
SNMP MIB,
IF MIB
RMON MIB,
Bridge MIB,
LLDP MIB
Private MIB

Enhanced G.8032 ring

Support ITU G.8032 v2/2012 for Ring protection in less than 20ms for self-heal recovery (single ring enhanced mode)
Support various ring/chain topologies
Includes basic single ring and enhanced ring
Enhanced G.8032 ring configuration with ease
Cover multicast & data packets protection

PoE Management (PoE model)

PoE Detection to check if PD is hang up then restart the PD
PoE Scheduling to On/OFF PD upon routine time table

Per Port PoE Status (PoE model)

On/ Off, voltage, current, watts, temperature

PoE Off/Timer on ignition standby mode** (PoE model)

System Shutdown Duration, PoE Disable Duration
(-IGN model)

User-friendly UI

  • Auto topology drawing
  • Topology demo
  • Complete CLI for professional setting

Port Trunk with LACP

LACP Port Trunk: 8 Trunk groups

LLDP

Supports LLDP to allow switch to advise its identification and capability on the LAN

CDP

Cisco Discovery Protocol for topology mapping

VLAN

Port Based VLAN
IEEE 802.1Q Tag VLAN (256 entries)/ VLAN ID (Up to 4K, VLAN ID can be assigned from 1 to 4096.)
GVRP

IPv6/4

Present

RSTP/MSTP

Supports IEEE802.1d Spanning Tree and IEEE802.1w Rapid Spanning Tree, IEEE802.1s Multiple Spanning Tree 8 MSTI

Quality of Service

The quality of service is determined by port, Tag and IPv4 Type of service, IPv4 Differentiated Services Code Points - DSCP

Class of Service

Support IEEE802.1p class of service, per port provides 8 priority queues

Remote Admin

Supports 10 IP addresses that have permission to access the switch management and to prevent unauthorized intruder.

Login Security

Supports IEEE802.1X Authentication/RADIUS/TACACS+

Port Mirror

Support 3 mirroring types: “RX, TX and Both packet”

Network Security

Support 10 IP addresses that have permission to access the switch management and to prevent unauthorized intruders.
802.1X access control/MAC-Port binding
INGRESS ACL L2/L3
SSL/ SSH v2 for Management
HTTPS for secure access to the web interface

IGMP

Support IGMP snooping v1,v2,v3; 1024 multicast groups; IGMP router port ; IGMP query; GMRP, MLD snooping

Static MAC-Port bridge

Static multicast forwarding forward reversed IGMP flow with multicast packets binding with ports for IP surveillance application

L3 routing function

Static route, NAT, OSPF and RIP

Firewall

Port forwarding
DMZ
Filtering
Remote admin
DDoS protection

Bandwidth Control

Support ingress packet filter.
Ingress filter packet type combination rules are Broadcast/Multicast/Flooded Unicast packet, Broadcast/Multicast packet, Broadcast packet only and all types of packet.
The packet filter rate can be set an accurate value through the pull-down menu for the ingress packet filter.

Flow Control

Supports Flow Control for Full-duplex and Back Pressure for Half-duplex

System Log

Supports System log record and remote system log server

Protection

  • Miss-wiring avoidance
  • Node failure protection
  • Loop protection

SNMP Trap

Up to 10 trap stations; trap types including:

  • Device cold start
  • Authorization failure
  • Port link up/link down
  • Topology change (ITU ring)
  • Power failure
  • Environmental abnormal

DHCP

Provide DHCP Client/ DHCP Server/DHCP Option 82 (Server and relay)/Port-based DHCP; DHCP Snooping; DHCP option 66

*Future release
**Optional

ORDERING INFORMATION

P/N Model name Description
9000-127 OS2 PRO – IEC62443-4-2 OS2 PRO software platform IEC-62443-4-2 Cybersecurity features