s series overview
DESCRIPTION
S Series Switch Entrasys By Info tech middle eastTRANSCRIPT
“There is nothing more important than our customers” “There is nothing more important than our customers”
S-Series Overview
June 2011
©2011 Enterasys Networks, Inc.,– All rights reserved.
S-Series and CoreFlow2Technology
6
custom ASIC technology encapsulates
over 15-years of advanced research & development
Enterasys’ patented design is the only
enterprise switch-router with flow-based ASICs
Automatically classify and enforce application traffic
at line rate providing unsurpassed visibility & control
enables application layer classification
& control and future capability at 100-gig line rate
speeds
S-Series – The platform for
Enterasys innovation!
6
©2011 Enterasys Networks, Inc.,– All rights reserved.
S-Series Family Overview
Scalable high performance
- Performance core-to-edge deployments
- Future proofed to >6 Tbps backplane capacity
- 128Tbps, 950Mpps load sharing I/O fabric pair
Connectivity
- Triple speed with PoE
Gigabit SFP and 10 Gigabit Ethernet SFP+
- Future support for 40/100 Gigabit Ethernet
Maximum port capacities
- 576 Triple speed ports, 576 GbE SFP ports
- 128 10GbE SFP+ ports
S-Series stand-alone (SSA)
- Compact top of rack server aggregator or
premium featured workgroup and network
access/edge solution
- Triple speed and GbE connectivity with 10GbE
SFP+ uplinks
7
©2011 Enterasys Networks, Inc.,– All rights reserved.
S-Series Flexible Architecture
S4, S6 and S8 fully distributed
architecture
S3 full mesh backplane
Fully redundant control and data
planes
High density front panel
connectivity
Flexible interface modularity
Scalable control plane architecture
O M
O M
O M
O M
13
©2011 Enterasys Networks, Inc.,– All rights reserved.
Modules and Option Modules
Industry leading port density flexibility
- 12-72 Triple speed PoE ports/slot
- 12-72 1G SFP ports/slot
- 2-16 10G SFP+ ports/slot
- 128 ports of 10G SFP+ per chassis
- 576 ports of Gigabit per chassis
S150/S155 class modules
- 160 Gbps/slot
- 120 Mpps
S130 class module
- 40 Gbps/slot
- 30 Mpps
14
©2011 Enterasys Networks, Inc.,– All rights reserved.
S-Series Stand Alone (SSA)
Ideal as a top of rack line rate
Gigabit server switch
Line rate aggregation switch
Line rate premium featured
workgroup switch
Premium featured edge switch
Triple speed and Gigabit
connectivity with 10 Gigabit uplinks
- Triple speed SSA’s include 802.3af/at PoE
support as standard
- Hot swappable redundant power supplies
and fan elements
- SSA’s includes standard S-Series features
Three models
- S150 class 48 line rate triple speed ports and 4 10 Gigabit SFP+ uplinks
- S150 class 48 line rate Gigabit SFP ports and 4 10 Gigabit SFP+ uplinks
- S130 class 48 access/edge optimized triple speed ports and 4 10 Gigabit SFP+ uplinks
18
©2011 Enterasys Networks, Inc.,– All rights reserved.
S-Series Unified Visibility
Centralized management & control
- Network Management System (NMS)
Complete real-time visibility to
network traffic
Innovative end user location
services
Open standards based
management interfaces
- CLI
- SNMP
- Web
21
Unrivalled end-to-end visibility and
control over users, services &
applications ensure a consistent end-
user experience
Unified
Visibility
21
©2011 Enterasys Networks, Inc.,– All rights reserved.
Enterasys NMS Console
Centralized visibility and control
- Manages the network as a unified system rather
than as a disparate components
- Transforms complex network data into graphical,
business-centric information
Allows authorized, secure access from
any node on the network
Platform from which all Enterasys NMS
network and security applications are
launched
- Works with leading enterprise management
apps from HP, CA and IBM
22 22
©2011 Enterasys Networks, Inc.,– All rights reserved.
Industry Leading Network Flow Monitoring
Enterasys provides high fidelity network instrumentation on every port
- Un-sampled NetFlow monitoring and statistics
gathering
- Ideal for trouble shooting and capacity
planning
- NetFlow v5/v9 is standard on all S-Series
switches
Most competitors offer sampled data collection (sFlow)
- Sampling limits accuracy
- Does not provide source and destination
information
- Usually provided at additional cost
- May produce incorrect and misleading data
- Doesn’t scale to large networks
Graphics provided by Plixer International Scrutinizer
23
©2011 Enterasys Networks, Inc.,– All rights reserved.
Unified Multi-Platform Firmware
Synchronized feature releases and fixes
across platforms
- Simplifies network wide feature roll-out and
reduces TCO through operational efficiency
- Enables consistent network wide feature
upgrades in mixed platform environments
- Takes guesswork out of system to system and
cross network interoperability and compatibility
Industry standard CLI
- Reduced learning curve with standardized look
and feel
- Consistent and scalable CLI from network edge
to core
N-Series
S-Series
24
©2011 Enterasys Networks, Inc.,– All rights reserved.
S-Series Dynamic Automation & Control
Enterasys’ technologies:
- Innovative Enterasys flow-based
network processors (ASICS)
- Automatically provides unsurpassed
visibility and control through line-rate
application layer classification
True user level control at every
location in the network
Flex-Edge intelligent
oversubscription
26
Management automation and built-in
resiliency features drive down operational
costs and increase uptime
Dynamic
Automation &
Control
26
©2011 Enterasys Networks, Inc.,– All rights reserved.
Premium Features Included No Additional Cost
MLD, MLDv2 PIM/SM, PM/SSM, IGMP, DVMRP (IPv4)
Unsampled NetFlow
*Some features available in a future firmware release
S130 Class S150 Class S155 Class
*Virtual Switch Bonding
*L3 VPNs: IP, MPLS
VRF, BGPv4, IS-IS
NAT, LSNAT, TWCB
32
OSPF, OSPFv3, RIP, RIPng, Static Routing for IPv4 & IPv6, PBR and
Route Maps, IS-IS Neighbor Discovery, VRRP, VRRPv3
MLD, MLDv2 PIM/SM, PM/SSM, IGMP, DVMRP (IPv4)
Unsampled NetFlow
OSPF, OSPFv3, RIP, RIPng, Static Routing for IPv4 & IPv6, PBR and
Route Maps, IS-IS Neighbor Discovery, VRRP, VRRPv3
VRF, BGPv4, IS-IS
NAT, LSNAT, TWCB
MLD, MLDv2 PIM/SM, PM/SSM, IGMP, DVMRP (IPv4)
Unsampled NetFlow
OSPF, OSPFv3, RIP, RIPng, Static Routing for IPv4 & IPv6, PBR and
Route Maps, IS-IS Neighbor Discovery, VRRP, VRRPv3
©2011 Enterasys Networks, Inc.,– All rights reserved.
Flexible Licensed Features
MLD, MLDv2, PIM/SM, PM/SSM, IGMP, DVMRP (IPv4)
Unsampled NetFlow
*Some features available in a future
firmware release
S130 Class S150 Class S155 Class
*Virtual Switch Bonding
*L3 VPNs: IP, MPLS
VRF, BGPv4, IS-IS
NAT, LSNAT, TWCB
33
OSPF, OSPFv3, RIP, RIPng, Static Routing for IPv4 & IPv6, PBR and
Route Maps, IS-IS Neighbor Discovery, VRRP, VRRPv3
MLD, MLDv2, PIM/SM, PM/SSM, IGMP, DVMRP (IPv4)
Unsampled NetFlow
OSPF, OSPFv3, RIP, RIPng, Static Routing for IPv4 & IPv6, PBR and
Route Maps, IS-IS Neighbor Discovery, VRRP, VRRPv3
VRF, BGPv4, IS-IS
NAT, LSNAT, TWCB
MLD, MLDv2, PIM/SM, PM/SSM, IGMP, DVMRP (IPv4)
Unsampled NetFlow
OSPF, OSPFv3, RIP, RIPng, Static Routing for IPv4 & IPv6, PBR and
Route Maps, IS-IS Neighbor Discovery, VRRP, VRRPv3
S-EOS-L3-S150
*L3 VPNs: IP, MPLS
BGPv4
VRF
S-EOS-L3-S130
S-EOS-VSB
*Virtual Switch Bonding
SSA-EOS-VSB
*Virtual Switch Bonding
S-EOS-VSB
*Virtual Switch Bonding
SSA-EOS-VSB
*Virtual Switch Bonding
©2011 Enterasys Networks, Inc.,– All rights reserved.
S-Series Convergence Ready
Intelligent network infrastructure
for diverse applications
Individual access control for up
to 9,000 authenticated users
and devices
Industry leading Quality of
Service (QoS) flexibility
- Granular bandwidth controls
- Robust traffic prioritization
- Voice
- Video
- Surveillance and process control
36
Optimized for high-bandwidth converged
applications including voice, virtualization,
video and unified communication
Convergence
Ready
36
©2011 Enterasys Networks, Inc.,– All rights reserved.
Green Power Distribution
Distributed system and PoE power
- Buy and deploy only the power you need
- Power provisioned incrementally
- Reduces capital investment and operational costs
Integrated PoE power system
- All chassis available with or without integrated PoE
power system
- All triple speed I/O modules include high power PoE
- IEEE802.3af PoE (S8 supports up to 576 ports @ 15.4W)
- IEEE802.3at high power PoE (S8 supports up to 576 ports @
25W)
- Advanced PoE management that intelligently provisions power
- Optional field upgradable PoE power system
- Chassis originally purchased without Integrated PoE can be
upgraded in the field
- PoE power supplies can be provisioned in 1200w or 2000w
increments S8-Chassis-POE4 = 16.5RU, 28.8”
N-Series N7 = 17.43 RU, 30.5”
16.5u
28.8”
37
©2011 Enterasys Networks, Inc.,– All rights reserved.
S-Series Converged Network Optimization
Open, standards based & interoperable with all major VoIP Vendors
- QoS functions for converged networks: Policers, Queues, Shapers, and Buffer
Management
Choice
- Support for VoIP products from Siemens, 3Com, Alcatel, Asterisk, Avaya/Nortel,
Cisco, Mitel, NEC (Sphere), Panasonic, Polycom, ShoreTel and others
- High capacity, standards-based PoE
- Automatic policy enforcement for voice service-level requirements
Manageability
- Enterasys NMS software with centralized visibility and control of voice
communication policies, security and endpoint location
Security
- Policy enforcement throughout the network infrastructure
- Integration with Enterasys IDS and IPS with specific VoIP threat signatures
38
©2011 Enterasys Networks, Inc.,– All rights reserved.
Security in a Converged World
Convergence End-Point (CEP) Policies
- An Enterasys Networks mechanism for authenticating IP
phones
• When an endpoint (IP phone) is discovered, a pre provisioned policy
is then assigned to the endpoint
- Many different detection schemes for different IP phones
• Cisco Discovery Protocol (CDP)
• LLDP (Link Layer Discovery Protocol with Media Endpoint Discovery)
• TCP/UDP port number snooping
• Reserved IP address snooping
• H.323
• SIP (Session Initiation Protocol)
- Includes support for full provisioning of Cisco phones through
Cisco Discovery Protocol
39
©2011 Enterasys Networks, Inc.,– All rights reserved.
User authenticated/access and application
control enforced here - up to 1024 users per
port or up to 9000 users per system
Edge
Distribution
Enables simplified user/device identification within a
Secure Network™
Users physically connected here
Built-in Security – Not Bolted-on
Multi User/Method Authentication
Allows multiple users (or devices) to concurrently authenticate via 802.1X, MAC-based, Web-based (PWA),
RADIUS snooping and CEP on a single port
- Up to 8 users per port and 512 users per S130 class I/O modules and unlimited users per port for S150 class I/O modules
Provides full edge security for existing or low cost edge switches and wireless APs
- S in the distribution layer provides advanced authentication and policy enforcement for downstream edge switches
Only Enterasys can do this…!
40
©2011 Enterasys Networks, Inc.,– All rights reserved.
Users per Chassis and Port
Each module installed adds to
the total system user capacity
- S130 Modules add 512 users
- S150/S155 Modules add 1024
- Multi-slot Chassis contributes 1024
users
S130 Class has per port limits
- S-EOS-PPC license removes port
limits
S130 S3 S4 S6 S8
Chassis 1024
Module 3x
512
4x
512
6x
512
8x
512
Total
Chassis 2560 3072 4096 5120
S150/S155 S4 S6 S8
Chassis 1024
Module 4x
1024
6x
1024
8x
1024
Total Chassis 5120 7168 9216
Class Users/Port
Port Type Triple
Speed SFP/SFP+
S130 8 128
S130 (S-EOS-PPC) Unlimited to Chassis capacity
S150/S155 Unlimited to Chassis capacity
41
©2011 Enterasys Networks, Inc.,– All rights reserved.
Intelligent Traffic Control – Flex-Edge
The Problem
- Most switches suffer when the
network is congested and will
randomly drop traffic
• Network performance is drastically
impacted by packet retransmissions
• Applications slow down and latency
critical applications begin to fail
The Solution – Flex-Edge
- Flex-Edge and deep packet buffers
makes the S-Series switch
significantly less vulnerable to
network congestion issues at peak
traffic times than other “line rate”
switches
Benefits
- Maintains critical application traffic in
times of network congestion
- Ensures latency sensitive
applications are maintained
- Reduces packet retransmissions and
networks slow-downs
- Maintains productivity
42
©2011 Enterasys Networks, Inc.,– All rights reserved.
Automated VoIP Provisioning & Dynamic Mobility
An Enterasys intelligent network infrastructure provides
- Advanced identification and authentication for IP phones and users
connected through the phones
- Role-based access and prioritization for phones, users and applications
- Dynamic mobility enables touch-less relocation of phones and users
- Pinpoint threat identification & mitigation to the device
- Supports Multiple VoIP vendors – no vendor lock-in
Automatic phone and user provisioning
The network dynamically re-applies the VoIP
client and user connectivity policies as they move
IP phone and user are
automatically provisioned
IP phone and
laptop plug into
the network
Dynamic mobility
43
©2011 Enterasys Networks, Inc.,– All rights reserved.
S-Series Feature Summary
Multilayer Classification • User, Port and Device Level
• Multiple Control Features
• Granular QoS/Rate Limiting
• VLAN to Policy Mapping
• Multi-field Classification
Network, User & Host Security • User: Auth (802.1X, MAC and Web), MAC
Locking
• Multi-user Authentication/Policy
• Network: ACL – Basic and Extended, Policy-
based Services (Acceptable Use)
• Host: SSH, SNMP v3
IP Routing Services • IPv4 Unicast/Multicast
• IPv6 Unicast/Multicast Ready
• RIP v1/2. RIPng Ready
• OSPF. OSPFv3 Ready
• VRRP. VRRPv3 Ready
• IS-IS Ready
• MPLS & VPLS Ready
• VRF Ready
Switching/VLAN Services • Spanning Trees, Multiple Spanning
Trees, VLANs
• Link Aggregation/Rapid
Reconfiguration
• Span Guard
• Flow Setup Throttling
Multi-
Platform
Unified
Firmware
Image
Management Control & Analysis • Industry-Standard CLI
• SNMP v1/v2c/v3 and Web
• RMON (9 Groups)
• Un-sampled NetFlow on all interfaces
• Radius, Tacacs+
• BOOTP, DHCP, TFTP, SCP
• Multiple images
44