LAN installation | Extreme Networks Switches–Summit | Summit X150 Description

Summit X150 Series

Summit® X150 series 24- or 48-port 10/100 Fast Ethernet standalone switches deliver high performance in a simple enterprise edge solution with the revolutionary modular operating system, ExtremeXOS.

Ease of Management Supporting Rapid Network Deployment
  • Single streamlined operating system across the entire enterprise network
  • ExtremeXOS provides scripting capability to automate network configuration
  • LLDP/LLDP-MED to provide device management
  • Comprehensive network management through consistent ExtremeXOS CLI, SNMP, Web-based management and XML Interface

Voice-Class Availability
  • Modular ExtremeXOS operating system
  • Ethernet Automatic Protection Switching (EAPS) resiliency protocol
  • Quality of Service (QoS) with advanced traffic management capabilities for converged applications
  • Redundant Power Supply to keep the network up even under power anomaly

Comprehensive Security
  • Multiple network edge authentication support with multiple endpoints per port
  • Extensive MAC and IP security functionality to help prevent man-in-the-middle attacks
  • Identity Manager allows network managers to track users who access their network

Summit X150 series switches are based on the revolutionary ExtremeXOS core-class operating system from Extreme Networks®. ExtremeXOS is a highly resilient, modular operating system that helps provide continuous uptime, manageability and operational efficiency. Summit X150 provides customers with a consistent ExtremeXOS experience at an affordable price and is best suited in the network edge application where simple network deployment is required.
Summit X150 provides high availability and performance with its advanced traffic management capabilities. Summit X150 supports the rollout of a converged network with devices such as IP telephones, wireless Access Points (APs) and other devices that require power from a LAN connection, including regular computing devices such as desktop and laptop computers. Summit X150-24p supports the 802.3af standards-based Power over Ethernet (PoE) on every port of its PoE models.

The flexible Summit X150 switch provides high-density Fast Ethernet ports plus dual personality Gigabit Ethernet ports in a compact 1RU format, supporting intelligent Layer 2 switching with Layer 2 – Layer 4 traffic classification and QoS on every port for high productivity. Optional redundant power supplies are provided with each switch to help secure against power anomalies.

Target Application
Edge PoE and non-PoE switch providing basic 10/100BASE-T connectivity to the desktop in a network running ExtremeXOS from the core to the edge

Ease of Management Supporting Rapid Network Deployment

Summit X150 switches running ExtremeXOS provide a consistent network operation across the network. Summit X150 provides a variety of methods in configuring and managing the switch for ease of management and for rapid network deployment.

Single Streamlined Operating System in the Entire Enterprise Network
Extreme Networks provides an ExtremeXOS-based Ethernet switching platform from edge, to aggregation, to core of the enterprise network. Having one operating system can help simplify network deployment and operation, as well as ongoing maintenance, to reduce the total cost of ownership. Summit X150 running the ExtremeXOS operating system in the network, provides a consistent experience among other switches such as the BlackDiamond® modular chassis, and an excellent user experience from edge to core.

Network Configuration Automation
ExtremeXOS provides extensible scripting capability that allows users to create a customized series of commands and executables. Scripting can be used to add incremental configuration to the network infrastructure, such as a list of VLANs to be configured. This capability eases the rollout of networks and reduces configuration errors. For example, using the scripting capabilities of system- and user-defined environment variables and constructs, such as if/then and loops, allows automating regular management tasks and deployment configurations of QoS rate limiting and ACLs to multiple ports or multiple switches.

Link Layer Discovery Protocol (LLDP) and LLDP-Media Endpoint Discovery (LLDP-MED)
ExtremeXOS supports IEEE 802.1ab standards-based discovery protocol and provides vendor-independent device discovery. It also provides tight integration with VoIP infrastructure and phones, including E911 ECS location, inventory information and fine-grained PoE budgeting and configuration of information such as VLANs and QoS tagging. LLDP not only simplifies deployment and location of access devices, but can also be used as a troubleshooting and firmware management tool. LLDP is an extensible standard, providing a framework for industry consortiums to define application-specific extensions without causing compatibility issues. The ANSI/TIA-1057 LLDP-Media Endpoint Discovery (LLDP-MED) standard defines extensions specifically for VoIP. These extensions provide VoIP-specific information as well as allow transmission of configuration and location information to VoIP phones.

Efficient Management to Handle Convergence-Driven Network Changes
  • Power over Ethernet (PoE)
    Deployments of IP Telephony depend on reliable, consistent power from the Ethernet jack. Summit X150-24p is the basis for a reliable LAN Telephony infrastructure with fully redundant 15.4 watts per port, and QoS and resiliency to match the failover requirements for latency-sensitive services like VoIP phones. With Summit X150, deployment of powered LAN devices is quick and easy with its support of the IEEE 802.3af standard and full Class 3 power availability on all ports, backed up 100% by the EPS-500 redundant power supply.

  • Voice Grade Connections
    Granular QoS, low latency and low jitter provide voice-quality connections. Summit X150 supports a range of QoS technologies that can prioritize and predictably handle high priority traffic policing or rate limiting on ingress, 802.1Q tagging and Diffserv marking, and shaping on egress with eight queues per port. The Extreme Networks tradition of building products with low latency and jitter continues with the Summit X150 series.

  • Comprehensive Network Management
    As the network becomes a foundation of the enterprise application, network management becomes an important piece of the solution. Summit X150 supports comprehensive network management through Command Line Interface (CLI), SNMP v1, v2c, v3 and the embedded XML-based Web User Interface, ExtremeXOS ScreenPlay™. With a variety of management options and consistency across other Extreme Networks modular and fixed configuration switches, Summit X150 series switches provide ease of management for demanding applications.
    Extreme Networks has developed tools that help save you time and resources in managing your network. EPICenter® provides fault, configuration, accounting, performance and security functions, allowing more effective management of Extreme Networks multilayer switching equipment in a converged network.

Voice-Class Availability

Powered by ExtremeXOS, the Summit X150 switch supports process recovery and application upgrades without the need for a system reboot. Summit X150 offers the high network availability required for converged applications.

Modular Operating System to Help Maximize Uptime
  • Preemptive Multitasking and Protected Memory
    Summit X150 switches allow each of many applications—such as Spanning Tree Protocol (STP)—to run as separate operating system processes that are protected from each other. This drives increased system integrity and helps protect against Denial of Service (DoS) attacks.

  • Process Monitoring and Restart
    ExtremeXOS improves network availability using process monitoring and restart. Each independent operating system process is monitored in real time. If a process becomes unresponsive or stops running, it can be automatically restarted.

  • Loadable Software Modules
    The modular design of ExtremeXOS allows the upgrading of individual software modules, should this be necessary, leading to higher availability in the network (see Figure 1).
Figure 1: ExtremeXOS Modular Design

High Availability Network Protocols
  • Ethernet Automatic Protection Switching (EAPS)
    EAPS allows the IP network to provide the level of resiliency and uptime that users expect from their traditional voice network. EAPS differs from Spanning Tree and Rapid Spanning Tree protocols offering sub-second (less than 50 milliseconds) recovery that helps deliver consistent failover regardless of the number of VLANs, network nodes or network topology. Since EAPS allows the network to recover almost transparently, VoIP calls will not drop and digital video feeds will not freeze or pixelize in most situations.

  • Spanning Tree/Rapid Spanning Tree Protocols
    Summit X150 switches support Spanning Tree (802.1D), Per VLAN Spanning Tree (PVST+), Rapid Spanning Tree (802.1w) and Multiple Instances of Spanning Tree (802.1s) protocols for Layer 2 resiliency.

  • Link Aggregation (802.3ad)
    Link aggregation allows trunking of up to eight links on a single logical connection, for up to 2 gigabits per second (Gbps) of redundant bandwidth per logical connection.

Exceptional Policy-based QoS with Advanced Traffic Management for Converged Applications
Summit X150 provides eight hardware queues per port to support granular traffic classification with bandwidth allocation. The 1,024 centralized classifiers per 24-port block can use information from Layers 1 through 4 to prioritize and meter incoming packets at line-rate. When metering traffic, the switch can drop out-of-spec traffic or flag it for later action. To expedite upstream traffic handling, a packet’s classification can be carried forward with Layer 2 (802.1p) and Layer 3 (Diffserv) markings. Summit X150 switches provide advanced traffic management features that support high-quality triple play of voice, video and data services.

Redundant Power Supplies
Summit X150 switches provide an optional external redundant power supply which offers a convenient and easy-to-upgrade in-field option to protect against power anomalies.

Comprehensive Security Management

Implementing a secure network means providing protection at the network perimeter as well as the core. Working together with the Sentriant® family of products from Extreme Networks, Summit X150 series switches use advanced security functions to help protect your network from known or potential threats.
Security offerings from Extreme Networks encompass three key areas: user and host integrity, threat detection and response, and hardened network infrastructure.

User Authentication and Host Integrity Checking
  • Network Login
    Network Login capability enforces user admission and usage policies. Summit X150 series switches support a comprehensive range of Network Login options by providing an 802.1x agent-based approach, a Webbased (agent-less) login capability for guests, and a MAC-based authentication model for devices. With these modes of Network Login, only authorized users and devices are permitted to connect to the network and be assigned to the appropriate VLAN.

  • Multiple Supplicant Support
    Shared ports represent a potential vulnerability in a network. Multiple supplicant capability on a switch allows it to uniquely authenticate and apply the appropriate policies and VLANs for each user or device on a shared port. Multiple supplicant support helps secure IP Telephony and wireless access. Converged network designs often involve the use of shared ports (see Figure 2).
  • Figure 2: Multiple Supplicant Support

  • Host Integrity Checking
    Host integrity checking helps keep infected or non-compliant machines off the network. Summit X150 series switches support a host integrity or endpoint integrity solution that is based on the model from the Trusted Computing Group. Summit X150 interfaces with Sentriant AG200 endpoint security software from Extreme Networks to verify that each endpoint meets the security policies that have been set, and to quarantine those that are not in compliance.

Extensive MAC and IP Security Functionality
  • Media Access Control (MAC) Lockdown
    MAC security allows the lockdown of a port to a given MAC address and limiting the number of MAC addresses on a port. MAC security can be used to dedicate ports to specific hosts or devices such as VoIP phones or printers and avoid abuse of the port—a capability that is particularly useful in environments such as hotels. In addition, an aging timer can be configured for the MAC lockdown, protecting the network from the effects of attacks using (often rapidly) changing MAC addresses.

  • IP Security
    ExtremeXOS IP Security Framework helps protect the network infrastructure, network services such as DHCP and DNS and host computers from spoofing and man-in-the middle attacks. It also helps protect the network from statically configured and/or spoofed IP addresses and builds an external trusted database of MAC/IP/port bindings providing the traffic’s source from a specific address for immediate defense.

  • Identity Manager
    Identity Manager allows network managers to track users who access their network. User identity is captured based on NetLogin authentication, LLDP discovery and Kerberos snooping. ExtremeXOS uses the information to then report on the MAC, VLAN, computer hostname, and port location of the user. Further, Identity Manager can create both roles and policies, and then bind them together to create role-based profiles based on organizational structure or other logical groupings, and apply them across multiple users to allow appropriate access to network resources.

Network Intrusion Detection and Response
  • Hardware-Based sFlow Sampling
    sFlow® is a sampling technology that provides the ability to continuously monitor applicationlevel traffic flows on all interfaces simultaneously. The sFlow agent is a software process that runs on Summit X150 switches and packages data into sFlow datagrams that are sent over the network to an sFlow collector. The collector gives an up-to-the minute view of traffic across the entire network, providing the ability to troubleshoot network problems, control congestion and detect network security threats.

  • Port Mirroring
    To allow threat detection and prevention, Summit X150 switches support many-to-one and one-to-many port mirroring. This allows the mirroring of traffic to an external network appliance such as an intrusion detection device for trend analysis or for utilization by a network administrator for diagnostic purposes.

  • Line-Rate ACLs
    ACLs are one of the most powerful components used in controlling network resource utilization as well as protecting the network. Summit X150 switches support 1,024 centralized ACLs per 24-port block based on Layer 2, 3 or 4-header information such as the MAC, IPv4 and IPv6 address or TCP/UDP port. ACLs are used for filtering the traffic, as well as classifying the traffic flow to control bandwidth, priority, mirroring, and policybased routing/switching.

  • Denial of Service Protection
    Summit X150 can effectively handle DoS attacks. If the switch detects an unusually large number of packets in the CPU input queue, it will assemble ACLs that automatically stop these packets from reaching the CPU. After a period of time, these ACLs are removed, and reinstalled if the attack continues.

Secure Management
To prevent management data from being intercepted or altered by unauthorized access, Summit X150 supports SSH2, SCP and SNMPv3 protocols.

Target Applications

Edge Connectivity for Advanced Applications
  • Edge PoE and non-PoE switch providing intelligent 10/100BASE-T connectivity to the desktop in a network running ExtremeXOS from the core to the edge

Summit X150 is deployed as an intelligent Fast Ethernet edge switch, extending the benefits of the ExtremeXOS operating system to the network edge. This uniformity allows consistent quality and performance throughout your network while minimizing operational inefficiencies. With low latency and line-rate performance, the Summit X150 edge switch connects wireless devices, LAN Telephony, PDAs and other equipment without compromising security, scalability, availability, mobility or management

 
© 2013 Diawest.net.ua