Extreme Policy – Access Control

Role-Based Policy – Policy Management • Secure and provision network resources based upon the

role a user or device plays within the business

• Create rules to define treatment of specific traffic types

• Centrally managed; no scripts; can be applied to the entire network with a single click

• Policy follows the user/device - VLAN not required

• Works across both switches and wireless APs

Granular network access and control across wired and wireless infrastructure

Campus Automation & OrchestrationZero-Touch User & Device Attachment

• Integrates Extreme Edge products & connection services with next-generation Fabric Core

• Automates switch port provisioning for required topologies

• Fabric Attach extends Fabric Connect services to EXOS and ExtremeWireless™ Edge

• Leverage Extreme’s dynamic role based policy control and automation and orchestration to secure auto-attachment of users/devices to Fabric-based services

• Customers – Extreme, Avaya, and net-new – now have more design & product options

Fabric Connect

ExtremeWireless™ 3900 APs

Extreme Intelligent Access – Add On SW Solutions

ExtremeXOS

Automated, Secure, Policy-enabled Architecture

Services and Support – Ranked No. 1

Extreme Management Center

Management | Control | Analytics | Security

AirDefenseExtremeGuest ExtremeLocation NSight ExtremeManagement ExtremeControlExtremeAnalytics ExtremeCloud

Extreme ERS / VSP

Extreme Management Center

4

Security IT Operations Marketing

ExtremeControl

In-depth visibility.

Granular policy control.

Wired and wireless networks and Heterogeneous endpoints.

ExtremeAnalytics

Actionable business insights.

Network and applications.

Users, locations, devices.

ExtremeManagement

Integrated management.

Wired and wireless.

Single pane of glass.

ExtremeConnect

Automation & integration with VMware, MS, OpenStack, BYOD, MDM, Security, NGFW, etc. Provides direct access to Management Center Open API – Build-Your-Own-Integration.

Extreme Management CenterInsights, Visibility, and Control for Superior Quality of User Experience

Information Governance Engine

Fully automated network configuration compliance solution

Analyzes and assesses network configurations for compliance

Out-of-the-box audit-driven and user-defined compliance templates reports

360˚ View for Superior Quality of Experience

5

Visibility and Control

Get in-depth visibility and control over users, devices, applications

Enable secure access and set granular policies

Integrate with major MDM and security solutions

ExtremeControlExtremeConnect

Actionable Business Insights

Correlating network and application performance with user and device activities

Speeds up troubleshooting by separating network from application performance

Secure your network by monitoring shadow IT, malicious and unwanted applications

ExtremeAnalytics

Manage with a 360˚ View

Zero touch provisioning +

Alarm and event management

Configuration, inventory and change management

Capacity planning

Discovery and topology

ExtremeManagement

Extreme Management Center

©2017 Extreme Networks, Inc. All rights reserved

Extreme Connect

Data Center

and Private Cloud

Security

Management and Analytics

Mobility

ExtremeConnect

• Enables automation and integration with VMware, MS, OpenStack, BYOD, MDM, Security, NGFW, etc.

• Provides direct access to Management Center Open API – Build-Your-Own-Integration.

Making Integration Easy for Our Eco System Partners

6

Official Wi-Fi & Analytics Provider of the NFL

• ExtremeWireless (APs, Controllers)

• Extreme Switching

• Extreme Control

• Extreme Management

• Extreme Analytics

• Mobile Point of Sale

• Mobile Ticketing

• Guest Wi-Fi

• Game Day App

• Streaming Video

• Incident Management App

• Security Systems

• Wired and Wireless

• Best in class Fan experience

• Uninterrupted access to social media, stats, streaming of live video, team content, replays, and more

• Analytics provided actionable intelligence to further improve game data experience

• Simplified network management

21 out of 31 NFL stadiums rely on Extreme

Technology Needs The Solution The Value

Global Transportation Company

• SmartRF self resilient and self healing solution provided smooth Wi-Fi experience

• Ability of access points to make dynamic decision to minimize the effect of change in RF environment provided seamless and uninterrupted service to the company’s package tracking through their distribution sites.

Seamless Mobility

Full Redundancy

Site Survivability

3x Faster to Deploy

• Distributed environment -over 1800 sites

• Wi-Fi used extensively throughout operations

• Total site survivability essential - even in the event of lost WAN connection.

• High visibility & control over network paramount

The Challenge The Value Provided

Large Retail Company

• Architectural flexibility saved more than $3M for building WLAN infrastructure & centrally managing it

• Highly scalable solutions

• Intelligent auto access point provisioning allowing set up of multiple APs in no time

Seamless Mobility

Consistent User Experience

High Scalability

• Wireless network that enables company to “connect” with their shoppers via mobile devices

• Same shopper experience chain-wide (790+ stores)

The Challenge The Value Provided

Large Glass Manufacturing Company

• Architectural flexibility for locations keeping possibility of changes by local IT teams

• SmartRF self resilient and self healing solution provided smooth Wi-Fi experience

• Central management for monitoring and setting profiles used for auto provisioning

• Highly scalable solutions

High availability

Seamless Mobility

Consistent User Experience

Flexibility for changes

• Wireless network that enables company to “connect” devices used for glass flats manufacturing

• Production plans in different locations / countries

• High-availability solution for indoor / outdoor

• Central management for locations in different countries

The Challenge The Value Provided

Flexible Management and Deployment

Your IT Infrastructure & Applications

Switches

Analytics

Network Management

Service Engines

Wireless APs

Wireless Management

Network Access Control

Application Provisioning

Market Landscape

12

“What is running on my network?”

“How can I enhance network

security?”

“How good is the user

experience?”

“How can I make IoTsecure?”

“How can I virtualize my data center?”

“How can I accelerate the rollout of new

services?”

Secure Automated Campus – Customer Choice

13

Stat

ic A

rch

itec

ture

Merchant Silicon

Network OS

Feature Set

Merchant Silicon

Merchant Silicon

Merchant Silicon

Network OS Network OS Network OS

Feature Set Feature Set Feature Set

Analytics and Security Assisted

Management

TODAY

Investment Protection

Best-in-class solutions for each PIN

Optimized architecture that fuels innovation

Common Merchant Silicon

Linux 4.9 Application Container Framework

Analytics / Control

Management

Soft

war

e-D

rive

nA

rch

itec

ture

Network OS Container

Guest VM ContainerFeature Bundle

Container

NEAR FUTURE

Fabric Connect / Fabric Attach

Extreme ManagementCenter

Services and Support

Secure Automated Campus

14

First person resolution to issues for increased customer

satisfaction.

Proven Results

No. 1 in the Industry

100% in house support

Average tenure of support staff is over 10 years

Over 90% first person resolution

Combining leading networking, software and services into an integrated solution.

Network automation, simplicity and

enhanced security.

Proven Results

11x faster time to service

7x faster mean time to repair

100% improvement in outage due to human error

28x higher multicast scaling

Visibility, control and management through a single pane-of-glass.

Proven Results

100% application visibility on any wired / wireless network

Massive and customizable signature set with more than 7000 applications

Centralized policies for as many as 200K users / devices

Simplify and Automate with Extreme Fabric Connect

15

Deployments

1500+

Fabric deployments on every continent and industry

Largest customer network ~ 600 virtualized nodes

Olympic Grade

First Fabric Olympics

7 secure zones over one converged network

Multiple Hackathons

ZERO

Breaches

Hyper Segmentation

Stealth

Service Elasticity

“Fabric Connect is the networking industry’s best kept secret.”

Reduced

OPEX

Elimination of manual tasks

66% reduction in Operating costs (internal analysis)

50%-60% reduction in provisioning

(according to Dubai World Trade Center)

Fabric Connect is a standards-based network virtualization technology. It enables hundreds of thousands of isolated, secure virtualized networks to run as “ships in the night” over a single physical network. These networks can be set up and changed with ease, often without delay.

Fabric Connect is Simple: From 4-10 Protocols to 1

16

Fabric Connect Benefits

Lower Costs

Increased Stability

Faster Deploying &

Resiliency

Easier Troubleshooting

Traditional

STP

OSPF

MPLS

Extreme Fabric Connect

1 Protocol(IEEE/ IETF Shortest Path Bridging)

Fabric Connect is Simple: Edge Provisioning

17

ApplicationServers

Edge Provisioning only

Core is hands off

Moves, adds and changes on the fly

(no more maintenance

windows)

Services abstracted from topology

With Extreme

Hop by hop provisioning

Moves, adds and changes require core

reconfiguration

Vulnerable to human error during change

Services coupled to physical topology

Status Quo

Video Surveillance

Servers

Fabric Connect

Simplify the Network by Automating the Edge

18

Allows the values of Fabric to be extended to non-fabric enabled devices (edge switches, wireless

APs and even IP cameras).

Offers the secure attachment of users and devices to the appropriate service.

Fabric Attach

Secure onboarding and control over users and devices.

Users and devices can connect from anywhere and be assigned the right policy with attachment to

the right Fabric service without manual intervention.

Policy

Zero-Touch Edge = IoT- Ready

Control Access to Hyper-Segments with ExtremeControl

19

Frictionless hyper-segmentation, stealth and elasticity for isolation, security & breach containment

Policy and fabric for secure on-boarding and auto-attachment of users/devices to hyper-segment

3rd party APIs for integration with other security vendors to orchestrate work flows based on alerts

Security is Enhanced Without Increasing Complexity

Imaging

Surveillance

EMR

Point of sale

Why Extreme’s Approach to Campus Networking is Unique

20

Traditional Networking

Protocol Overlays

Complex multicast

Hop by hop provisioning

Manual CLI-based operations

Separate wired and wireless

Competitive Approaches

Protocol Overlays

Complex multicast

Hop by hop provisioning

Automation via python scripting and centralized provisioning

tools

Partially unified but either wired or wireless centric

Extreme’s Approach

One Protocol

Simple multicast

Edge Provisioning for vast majority of moves, adds and changes

Automation through Fabric, Policy and ZTP+ on Extreme Management

Center

Unified wired and wireless

While our competitors focus on automating complex networks, only Extreme streamlines and simplifies the network first, significantly reducing OPEX.

Security1 2 3

Enhance Network Security through Fabric Connect

21

Rob JoyceChief of Tailored Access Operations US National Security Agency

“A well segmented network means that if a breach occurs, it can be contained… the difference between a contained and uncontained breach is the difference between an incident and a catastrophe.”

End to end isolation of traffic; isolates critical information, applications or

groups of users

Breaches contained to where they occurred; prevention of lateral

movements.

Deployed with ease and scale

Hyper-segmentation

Network topology completely invisible to users

Services are Ethernet Switched Paths and are not vulnerable to IP scanning

/ hacking tools

Stealth Networking

Eliminates back door entry points to the network

Services extend and retract as users and devices connect and disconnect

from the network.

Service Elasticity

Security: Massive Scale Segmentation with Ease

22

Largest hospital in Scandinavia

1.2M patient treatments

20,000 employees across 40 locations

More than 50% of the total medical research in Norwegian medical centers performed at

Oslo University Hospital

Wanted a secure, easy to manage segmented network

Result: 1700 isolated networks for different user groups, services, and applications

deployed with ease and without risk of error

Security: Massive Scale Segmentation with Ease

23

30k employees in multiple locations

Business objectives: Network has to support double digit growth

• Wanted a secure, 100% available and easy to manage segmented network that

support full virtualization

• Need to abstract services from physical topology = no more need for separate

networks

• Cost retention

Result: x100 isolated networks for different user groups, services, and applications

deployed with ease and without risk of error and supporting all above business objectives

©2018 Extreme Networks, Inc. All rights reserved24

Summary: Why Extreme’s Secure Automated Campus?

Simple Secure Intelligent

True network simplification

Automated edge

Unified wired and wireless

True 360 degree network view with

context & scale

Single pane of glass

100% application visibility

Frictionless Hyper-Segmentation

Policy-based control

Security ecosystem

WWW.EXTREMENETWORKS.COM

Thank You