LAN installation | Extreme Networks Switches–Summit | Summit X250e Description

Summit X250e Series

Voice-Class Availability
  • Modular ExtremeXOS operating system
  • Ethernet Automatic Protection Switching (EAPS) resiliency protocol
  • SummitStack™ — highly available, high-speed stacking support

Designed for Converged Network Applications
  • Quality of Service (QoS) with advanced traffic management capabilities for converged applications
  • Convergence-ready connectivity with Voice-over-IP (VoIP) automatic provisioning with Universal Port capability
  • Comprehensive network management

Comprehensive Security
  • User policy, host integrity enforcement and Identity Management
  • Extensive MAC and IP security functionality to help prevent man-in-the-middle attacks
  • Universal Port dynamic security profile to provide fine granular security policy in the network

Summit X250e series switches are based on Extreme Networks® revolutionary ExtremeXOS core-class operating system. ExtremeXOS is a highly resilient, modular operating system that helps provide continuous uptime, manageability and operational efficiency at an affordable price.

Summit X250e provides high availability and performance with its advanced traffic management capabilities. Summit X250e supports the largescale rollout of a converged network with devices such as IP telephones, wireless access points and other devices that require power from a LAN connection. Summit X250e-24x supports Carrier Ethernet edge deployment with its flexible fiber connectivity options. Summit X250e-24x can support 100BASE-FX, 100BASE-LX10 and 100BASE-BX on its SFP ports depending upon deployment requirements.

Summit X250e supports hardware-based routing for both IPv4 and IPv6 to help provide investment protection by allowing the rollout of IPv6 in your network now or in the future.
The flexible Summit X250e switch provides high-density Fast Ethernet ports plus dedicated 40 Gbps high-speed stacking ports in a compact 1RU format, supporting a full range of Layer 2 to Layer 4 functionality on every port for high productivity. Optional redundant power supplies are available with each switch to help secure against power anomalies.

Target Applications
  • Edge Power over Ethernet (PoE) and non-PoE switch providing intelligent 10/100BASE-T connectivity to the desktop in a network running ExtremeXOS from the core to the edge
  • Carrier Ethernet edge switching with 100BASE-X provides advanced fiber connectivity to the customer for both AC and DC powered environments

Voice-Class Availability

Powered by the ExtremeXOS operating system, the Summit X250e switch supports process recovery and application upgrades without the need for a system reboot. Summit X250e offers the high network availability required for converged applications.

Modular Operating System for High Availability Operation
  • Preemptive Multitasking and Protected Memory
    Summit X250e switches allow each of many applications—such as Open Shortest Path First (OSPF) and Spanning Tree Protocol (STP)—to run as separate Operating System (OS) processes that are protected from each other. This drives increased system integrity and helps protect against Denial of Service (DoS) attacks.

  • Process Monitoring and Restart
    ExtremeXOS improves network availability using process monitoring and restart. Each independent OS process is monitored in real time. If a process becomes unresponsive or stops running, it can be automatically restarted.

  • Loadable Software Modules
    The modular design of the ExtremeXOS OS allows the upgrading of individual software modules, should this be necessary, leading to higher availability in the network (see Figure 1).
Figure 1: ExtremeXOS Modular Design

High Availability Network Protocols
  • Ethernet Automatic Protection Switching (EAPS)
    EAPS allows the IP network to provide the level of resiliency and uptime that users expect from their traditional voice network. EAPS differs from Spanning Tree or Rapid Spanning Tree protocols and offers sub-second (less than 50 milliseconds) recovery that helps deliver consistent failover regardless of the number of VLANs, network nodes or network topology. Since EAPS allows the network to recover almost transparently, VoIP calls will not drop and digital video feeds will not freeze or pixelize in most situations.

  • Spanning Tree/Rapid Spanning Tree Protocols
    Summit X250e switches support Spanning Tree (802.1D), Per VLAN Spanning Tree (PVST+), Rapid Spanning Tree (802.1w) and Multiple Instances of Spanning Tree (802.1s) protocols for Layer 2 resiliency.

  • Software-Enhanced Availability
    Software-enhanced availability allows users to remain connected to the network even if part of the network infrastructure is down. Summit X250e switches continuously check for problems in the uplink connections using advanced Layer 3 protocols such as OSPF, VRRP and Extreme Standby Router Protocol™ (ESRP, supported in Layer 2 or Layer 3), and dynamically route traffic around the problem.

  • Equal Cost Multipath Routing
    Equal Cost Multipath (ECMP) routing allows uplinks to be load balanced for performance and cost savings while also supporting redundant failover. If an uplink fails, traffic is automatically routed to the remaining uplinks and connectivity is maintained.

  • Link Aggregation (802.3ad)
    Link aggregation allows trunking of up to eight links on a single logical connection, for up to 2 Gigabits per Second (Gbps) of redundant bandwidth per logical connection.

  • Multi-Switch LAG (Ì-LAG)
    M-LAG can address bandwidth limitations and improve network resiliency, in part by routing network traffic around bottlenecks, reducing the risks of a single point of failure, and allowing load balancing across multiple switches.

Voice-Grade Stacking with SummitStack
Summit X250e offers dual stacking interfaces to provide high-speed 40 Gbps stacking bandwidth. SummitStack architecture is designed to support converged services by its highly available, rapid failover capability with n-1 master redundancy, distributed Layer 2 and Layer 3 switching, link aggregation across the stack and distributed uplinks. SummitStack supports up to eight units in a stack (the mixture of the units can be Summit X250e, X450e, X450a, X460, X480 and X650 series switches running the same version of ExtremeXOS) and provides sub-second failover for path failure and hitless master/ backup failover along with hitless protocol support such as OSPF graceful restart, PoE configuration and Network Login user authentication. Summit X250e provides chassis-like management and availability with its SummitStack stacking technology (see Figure 2).
Figure 2: SummitStack Stacking Architecture

Designed for High-Performance Network Applications

Summit X250e switches provide non-blocking architecture with copper and fiber Fast Ethernet ports for demanding edge applications. Combining exceptional QoS and advanced traffic management with resiliency, comprehensive security features and non-blocking performance, Summit X250e switches are designed to be the cornerstone of an advanced intelligent converged network.

Exceptional Policy-based QoS with Advanced Traffic Management for Converged Applications
Summit X250e provides eight hardware queues per port to support granular traffic classification with bandwidth allocation. 1,024 centralized classifiers per 24-port block can use information from Layers 1 through 4 to prioritize and meter incoming packets at line-rate. When metering traffic, the switches can drop out-of-spec traffic or flag it for later action. To expedite upstream traffic handling, a packet’s classification can be carried forward with Layer 2 (802.1p) and Layer 3 (Diffserv) markings. Summit X250e provides advanced traffic management features that support the high-quality triple play of voice, video and data services.

Efficient Management to Handle Convergence-Driven Network Changes
  • Universal Port—Voice-over-IP Auto-Provisioning
    Summit X250e sets the stage for convergence applications by allowing enterprises to add new access devices in a non-disruptive plug-and-play fashion. Voice and wireless services can be easily implemented without major network upgrades. Summit X250e supports the automated provisioning of VoIP using Link Layer Discovery Protocol (LLDP) and the event-based command scripting capability. It allows dynamic configuration of voice VLANs and QoS. This auto-configuration capability allows you to configure VoIP phone settings such as voice VLAN settings, call server IP address configuration, etc. (see Figure 3). This level of simplicity in managing network changes can reduce operating expenses.
  • Figure 3: Universal Port Voice-over-IP Provisioning


  • Power over Ethernet (PoE)
    Deployments of IP Telephony depend on reliable, consistent power from the Ethernet jack. Summit X250e-24p and Summit X250e-48p are the basis for a reliable LAN telephony infrastructure with fully redundant resiliency to match the failover requirements for latency-sensitive services like VoIP phones. With Summit X250e-24p or 48p, deployment of powered LAN devices is quick and easy with its support of the IEEE 802.3af standard and full Class 3 power availability on all ports, backed up 100% by the EPS-500 redundant power supply (Summit X250e-24p).
    Summit X250e-48p can provide up to 370W of PoE power and can be increased up to 740W of PoE power to provide full 15.4W Class 3 devices on all 48 ports by adding an External Power System (EPS-C and EPS-600LS).

  • Voice-Grade Connections
    Granular QoS, low latency and low jitter enable voice-quality connections. Summit X250e supports a range of QoS technologies that can prioritize and predictably handle high-priority traffic policing or rate limiting on ingress, 802.1Q tagging and Diffserv marking, and shaping on egress with eight queues per port. The Extreme Networks tradition of building products with low latency and jitter continues with the Summit X250e series.

  • Comprehensive Network Management
    As the network becomes a foundation of the enterprise application, network management becomes an important piece of the solution. Summit X250e supports comprehensive network management through Command Line Interface (CLI), SNMP v1, v2c, v3 and an embedded XML-based Web User Interface, ExtremeXOS ScreenPlay™. With a variety of management options and consistency across other Extreme Networks modular and stackable switches, Summit X250e series switches can provide ease of management for demanding converged applications.
    Extreme Networks has developed tools that help save you time and resources in managing your network. EPICenter® management suite provides fault, configuration, accounting, performance and security functions, allowing more effective management of Extreme Networks multi-layer switching equipment in a converged network.
    For carrier networks, Extreme Networks Ridgeline™ Service Advisor enables the shift from reactive circuit monitoring to proactive service monitoring. Ridgeline Service Advisor unifies service fulfillment, service assurance, and service engineering so carriers can effectively manage nextgeneration residential triple play, business Ethernet and mobile backhaul services.

  • Advanced Routing Capabilities for the Edge
    Summit X250e supports advanced protocols for an efficient and productive network. Summit X250e switches provide static and RIP routing for simple IPv4 and IPv6 Layer 3 deployment. An optional ExtremeXOS Advanced Edge license extends the feature set to include other important edge functions such as:
    - Edge OSPF for much greater extensibility than RIP can provide
    - Edge PIM sparse modes for routing of multicast streams
    - Policy-based routing
    - sFlow® hardware sampling

Comprehensive Security Management

Implementing a secure network means providing protection at the network perimeter as well as the core. Working together with the Sentriant® family of products from Extreme Networks, Summit X250e series uses advanced security functions to help protect your network from known or potential threats. Security offerings from Extreme Networks encompass three key areas: user and host integrity, threat detection and response, and hardened network infrastructure.

User Authentication and Host Integrity Checking
  • Network Login and Dynamic Security Profile
    Network Login capability enforces user admission and usage policies. Summit X250e series switches support a comprehensive range of Network Login options by providing an 802.1x agent-based approach, a Webbased (agent-less) login capability for guests, and a MAC-based authentication model for devices. With these modes of Network Login, only authorized users and devices are permitted to connect to the network and be assigned to the appropriate VLAN. The Universal Port scripting framework lets you implement Dynamic Security Profiles which in sync with Network Login allows you to implement fine-grained and robust security policies. Upon authentication, the switch can load dynamic ACL/QoS profiles for a user or group of users, to deny/allow the access to the application servers or segments within the network.

  • Multiple Supplicant Support
    Shared ports represent a potential vulnerability in a network. Multiple supplicant capability on a switch allows it to uniquely authenticate and apply the appropriate policies and VLANs for each user or device on a shared port.
    Multiple supplicant support helps secure IP Telephony and wireless access. Converged network designs often involve the use of shared ports (see Figure 4).
  • Figure 4: Multiple Supplicant Support

  • Media Access Control (MAC) Lockdown
    MAC security allows the lockdown of a port to a given MAC address and limiting the number of MAC addresses on a port. This can be used to dedicate ports to specific hosts or devices such as VoIP phones or printers and avoid abuse of the port—a capability that can be especially useful in environments such as hotels. In addition, an aging timer can be configured for the MAC lockdown, protecting the network from the effects of attacks using (often rapidly) changing MAC addresses.

  • IP Security
    ExtremeXOS IP security framework helps protect the network infrastructure, network services such as DHCP and DNS, and host computers from spoofing and man-in-themiddle attacks. It also helps protect the network from statically configured and/or spoofed IP addresses and builds an external trusted database of MAC/IP/port bindings so you know where the traffic from a specific address comes from for immediate defense.

  • Identity Manager
    Identity Manager allows network managers to track users who access their network. User identity is captured based on NetLogin authentication, LLDP discovery and Kerberos snooping. ExtremeXOS uses the information to then report on the MAC, VLAN, computer hostname, and port location of the user. Further, Identity Manager can create both roles and policies, and then bind them together to create role-based profiles based on organizational structure or other logical groupings, and apply them across multiple users to allow appropriate access to network resources. In addition, support for Wide Key ACLs further improves security by going beyond the typical source/ destination and MAC address as identification criteria access mechanism to provide filtering capabilities.

  • Host Integrity Checking
    Host integrity checking helps keep infected or noncompliant machines off the network. Summit X250e series switches support a host integrity or endpoint integrity solution that is based on the model from the Trusted Computing Group. Summit X250e interfaces with Sentriant AG200 endpoint security appliance from Extreme Networks to verify that each endpoint meets the security policies that have been set and to quarantine those that are not in compliance.

Network Intrusion Detection and Response
  • CLEAR-Flow Security Rules Engine
    CLEAR-Flow Security Rules Engine provides first order threat detection and mitigation, and mirrors traffic to appliances for further analysis of suspicious traffic in the network.

  • Hardware-Based sFlow Sampling
    sFlow is a sampling technology that provides the ability to continuously monitor application- level traffic flows on all interfaces simultaneously. The sFlow agent is a software process that runs on Summit X250e and packages data into sFlow datagrams that are sent over the network to an sFlow collector. The collector gives an up-to-theminute view of traffic across the entire network, providing the ability to troubleshoot network problems, control congestion and detect network security threats.

  • Port Mirroring
    For threat detection and prevention, Summit X250e supports many-to-one and one-to-many port mirroring. This allows the mirroring of traffic to an external network appliance such as an intrusion detection device for trend analysis or for utilization by a network administrator for diagnostic purposes. Port Mirroring can also be enabled across switches in a stack.

  • Line-Rate ACLs
    ACLs are one of the most powerful components used in controlling network resource utilization as well as protecting the network. Summit X250e supports 1,024 centralized ACLs per 24-port block based on Layer 2, 3 or 4-header information such as the MAC, IPv4 and IPv6 address or TCP/UDP port. ACLs are used for filtering the traffic, as well as classifying the traffic flow to control bandwidth, priority, mirroring and policy-based routing/ switching

  • Denial of Service Protection
    Summit X250e can effectively handle DoS attacks. If the switch detects an unusually large number of packets in the CPU input queue, it will assemble ACLs that automatically stop these packets from reaching the CPU. After a period of time, these ACLs are removed, and reinstalled if the attack continues. ASIC-based LPM routing eliminates the need for control plane software to learn new flows, allowing more network resilience against DoS attacks.

  • Secure Management
    To prevent management data from being intercepted or altered by unauthorized access, Summit X250e supports SSH2, SCP and SNMPv3 protocols. The MD5 hash algorithm used in authentication prevents attackers from tampering with valid data during routing sessions.

Target Applications

Edge Connectivity for Advanced Enterprise Applications
Edge PoE and non-PoE switches provide intelligent 10/100BASE-T connectivity to the desktop in a network running ExtremeXOS from the edge to the core.

Summit X250e is deployed as intelligent Fast Ethernet edge switch, extending the benefits of the ExtremeXOS operating system to the network edge in the enterprise network. This uniformity allows consistent quality and performance throughout your converged network while minimizing operational inefficiencies. With line-rate performance and low latency, the Summit X250e edge switch connects wireless devices, LAN telephony, PDAs and other equipment without compromising security, scalability, availability, mobility or management.

Edge Connectivity for Advanced Carrier Ethernet Applications
Carrier Ethernet edge switching with 100BASE-X provides advanced fiber connectivity to the customer.
Summit X250e is deployed as an intelligent Fast Ethernet edge switch, extending the benefits of the ExtremeXOS operating system to the network edge in the Carrier Ethernet network. This uniformity allows consistent quality and performance throughout a converged network while minimizing operational inefficiencies. With line-rate performance and low latency, the Summit X250e edge switch provides copper 10/100BASE-T connectivity as well as 100BASE-X connectivity including 100BASE-FX, 100BASE-LX10 and 100BASE-BX. A flexible connectivity option is offered without compromising security, scalability, availability, mobility or management. Summit X250e has both AC and DC powered models for flexible deployments
 
© 2013 Diawest.net.ua