TL-SH5654 is a 5-series 10 Gigabit uplink Layer 3 network management switch newly developed and launched by TP-LINK, which adopts a new generation of high-performance hardware and software platform, provides flexible full Gigabit access and cost-effective 10 Gigabit uplink ports, supports Layer 3 routing protocol, complete security protection mechanism, perfect ACL/QoS policy and rich VLAN functions, is easy to manage and maintain, and is suitable for network aggregation layers such as hotels and campuses.
- 48 x 10/100/1000Base-T RJ45 ports
- 6 10 Gigabit SFP+ ports
- It supports remote management of TP-LINK commercial cloud platform and mobile APP management
- It supports intelligent deployment, automatic configuration networking, and graphical topology display
- Dynamic and static routes are supported
- DHCP server, DHCP relay, and DHCP snooping are supported
- Supports quaternary binding, ARP/IP/DoS protection, and 802.1X authentication
- VLANs, QoS, ACLs, spanning trees, multicast, and IPv6 are supported
- Web management, CLI command line, and SNMP are supported
Gigabit access, 10 Gigabit uplink
- TL-SH5654 can provide 48 Gigabit RJ45 electrical ports and 6 Gigabit SFP+ optical ports, and supports the combination of "Gigabit Ethernet port + 10 Gigabit optical port", which is convenient for users to flexibly network and meet the networking requirements of various scenarios.
- All ports have wire-speed forwarding capabilities to meet the needs of different users.
Strong business processing capabilities
- It supports the RIP dynamic routing protocol to solve the routing problem of small and medium-sized networks after subnets are divided, simplifying network configuration.
- Static routes are supported, and the administrator manually configures route entries to achieve simple, efficient, and reliable communication between different network segments.
- DHCP servers are supported, which assign IP addresses to hosts in the network.
- DHCP trunking is supported, and switches in different interfaces or subnets can also obtain IP addresses, reducing the number of DHCP servers.
- Proxy ARP is supported, so that hosts in different physical networks on the same network segment can communicate normally.
- IEEE 802.1Q VLAN, MAC VLAN, protocol VLAN, and private VLAN are supported, allowing users to flexibly divide VLANs according to different requirements.
- GVRP is supported to implement dynamic distribution, registration, and attribute propagation of VLANs, reducing the amount of manual configuration and ensuring the correctness of configuration.
- The VLAN VPN function encapsulates the outer VLAN tag for the user's private network packets at the public network access end, so that the packets carry two layers of VLAN tags across the public network.
- It supports QoS, three priority modes based on port, 802.1P-based and DSCP-based, and four queue scheduling algorithms of Equ, SP, WRR, and SP+WRR.
- ACLs are supported to filter packets by configuring matching rules, processing operations, and time permissions, providing flexible security access control policies.
- It supports IGMP V1/V2 multicast protocols, MLD snooping, and IGMP snooping to meet the requirements of multi-terminal HD video surveillance and video conferencing access.
Complete security protection mechanism
- Supports IP address, MAC address, VLAN, and port quaternary binding to filter data packets.
- Supports ARP protection against ARP spoofing and ARP flood attacks, such as gateway spoofing and man-in-the-middle attacks, which are common in LANs.
- IP source protection is supported to prevent illegal address spoofing, including MAC address spoofing, IP spoofing, and MAC/IP spoofing.
- DoS protection is supported, and attacks such as Land Attack, Scan SYNFIN, Xmascan, and Ping Flooding are supported.
- It supports 802.1X authentication, provides authentication functions for LAN computers, and controls the authorization status of controlled ports according to the authentication results.
- Port security is supported, which stops learning when the number of MAC addresses learned on a port reaches the maximum number to prevent MAC address attacks and control port network traffic.
- Support DHCP Snooping, effectively eliminate private DHCP servers, and ensure the legitimacy of DHCP servers.
Versatile reliability protection
- Supports STP/RSTP/MSTP production tree protocols to eliminate Layer 2 loops and implement link backup.
- Spanning tree security functions are supported to prevent devices in a spanning tree network from various forms of malicious attacks.
- Static aggregation and dynamic aggregation are supported, effectively increasing link bandwidth, implementing load balancing, link backup, and improving link reliability.
Easy operation and maintenance
- It supports TP-LINK commercial flat gimbal, which can easily manage and maintain equipment remotely, reducing on-site operation and maintenance costs.
- Supports multiple management and maintenance methods, such as web management, CLI command line (console, Telnet), and SNMP (V1/V2/V3).
- Supports HTTPS, SSL V3, TLSV1, SSHV1/V2 and other encryption methods for safer management.
- RMON, system logs, and port traffic statistics are supported, which is convenient for network optimization and transformation.
- Supports cable detection, ping detection, and Tracert detection operations to easily analyze faulty network nodes.
- It supports LLDP, which is convenient for the network management system to query and judge the communication status of the link.
- CPU monitoring, memory monitoring, ping detection, Tracert detection, and cable detection are supported.
 
        