|
Summit X350 Series
Rapid Network Deployment
-
High density gigabit ports with optional 10 gigabit uplinks
-
Single streamlined operating system across the entire enterprise network
-
ExtremeXOS operating system provides scripting capability to automate network configuration
-
LLDP/LLDP-MED to provide device management
-
Comprehensive network management through consistent ExtremeXOS CLI, SNMP, Web-based management and XML interface
Voice-Class Availability
-
Modular ExtremeXOS operating system
-
Ethernet Automatic Protection Switching (EAPS) resiliency protocol
-
Quality of Service (QoS) with advanced traffic management capabilities for converged applications
-
Redundant Power Supply to keep the network up even under power anomaly
Comprehensive Security
-
Multiple network edge authentication support with multiple endpoints per port
-
Extensive MAC and IP security functionality to help prevent man-in-the-middle attacks
-
Identity Manager allows network managers to track users who access their network
Summit X350 series switches are based on the
revolutionary ExtremeXOS core-class operating
system from Extreme Networks®. ExtremeXOS
modular operating system is highly resilient and
helps provide continuous uptime, manageability and
operational efficiency. Summit X350 provides
customers with a consistent ExtremeXOS
experience at an affordable price and is best
suited in a network edge application where
simple network deployment is required.
Summit X350 provides high availability and
performance with its advanced traffic
management capabilities.
The flexible Summit X350 switch provides
high-density Gigabit Ethernet ports plus a slot
for an XGM2 dual 10 gigabit option module in a
compact 1RU format, supporting intelligent
Layer 2 switching with Layer 2 – Layer 4 traffic
classification and QoS on every port for high
productivity. Optional redundant power supplies
are available for each switch to help secure
against power anomalies.
Target Applications
Edge switch providing basic
10/100/1000BASE-T connectivity to the
desktop in a network running the ExtremeXOS
operating system from edge to core
Ease of Management Supporting Rapid Network Deployment
Summit X350 switches running ExtremeXOS provide a consistent network operation across the network. Summit X350
provides a variety of methods in configuring and managing the switch for ease of management and for rapid network
deployment.
High Density Gigabit Ports with Optional 10 Gigabit Uplinks
Summit X350 provides ideal performance
and functionality for the gigabit to the
desktop application. It eliminates the need
to funnel traffic through a low bandwidth
gigabit trunk by providing non-blocking 10
gigabit links to the core. As an option
module, the Summit X350 switch provides
a variety of choices for 10 Gigabit Ethernet
uplinks: dual port 10GBASE-T for UTP
connectivity, dual port SFP+ for fiber and
passive copper connectivity, dual port XFP
and dual port XENPAK (see chart on the
accessories page).
Single Streamlined Operating System in the Entire Enterprise Network
Extreme Networks offers an ExtremeXOS
based Ethernet switching platform from
edge, to aggregation, to core of the
enterprise network. Having one operating
system can help simplify network deployment
and operation, as well as ongoing
maintenance, to reduce the total cost of
ownership. Summit X350 running
ExtremeXOS provides a consistent
experience among other switches such as
the BlackDiamond® modular chassis and
provides an excellent user experience
from edge to core of the network.
Network Configuration Automation
ExtremeXOS provides an extensible
scripting capability that allows users to
create a customized series of commands
and executables. Scripting can be used to
add incremental configuration to the
network infrastructure, such as a list of
VLANs to be configured. This capability
eases the rollout of networks and reduces
configuration errors. For example, using
the scripting capabilities of system- and
user-defined environment variables and
constructs, such as if/then and loops, allows
automating regular management tasks and
deployment configurations of QoS rate
limiting and Access Control Lists (ACLs)
to multiple ports or multiple switches.
Link Layer Discovery Protocol (LLDP) and LLDP-Media Endpoint Discovery (LLDP-MED)
ExtremeXOS supports IEEE 802.1ab
standards-based discovery protocol
and provides vendor-independent
device discovery.
LLDP not only simplifies deployment and
location of access devices, but can also be
used as a troubleshooting and firmware
management tool. LLDP is an extensible
standard, providing a framework for industry
consortiums to define application-specific
extensions without causing compatibility
issues. The ANSI/TIA-1057 LLDP-Media
Endpoint Discovery (LLDP-MED) standard
defines extensions specifically for VoIP.
These extensions provide VoIP-specific
information as well as allow transmission of
configuration and location information to
VoIP phones.
Efficient Management to Handle Convergence-Driven Network Changes
-
Voice Grade Connections
Granular QoS, low latency and low jitter
provide voice-quality connections.
Summit X350 supports a range of QoS
technologies that can prioritize and
predictably handle high priority traffic
policing or rate limiting on ingress, 802.1Q
tagging and Diffserv marking, and shaping
on egress with eight queues per port. The
Extreme Networks tradition of building
products with low latency and jitter
continues with the Summit X350 series.
-
Comprehensive Network Management
As the network becomes a foundation of the
enterprise application, network management
becomes an important piece of the
solution. Summit X350 supports comprehensive
network management through
Command Line Interface (CLI), SNMP v1,
v2c, v3 and the embedded XML-based Web
User Interface, ExtremeXOS ScreenPlay™.
With a variety of management options and
consistency across other Extreme Networks
modular and fixed configuration switches,
Summit X350 series switches provide
ease of management for demanding
converged applications.
Extreme Networks has developed tools that
help save you time and resources in managing
your network. EPICenter® management
platform provides fault, configuration,
accounting, performance and security
functions, allowing more effective management
of Extreme Networks multilayer switching
equipment in a converged network..
Voice-Class Availability
Powered by the ExtremeXOS operating system, the Summit X350 switch supports process recovery and application upgrades
without the need for a system reboot. Summit X350 offers the high network availability required for converged applications.
Modular Operating System to Help Maximize Uptime
-
Preemptive Multitasking and Protected Memory
Summit X350 switches allow each of
many applications—such as Spanning
Tree Protocol (STP)—to run as separate
operating system processes that are
protected from each other. This drives
increased system integrity and helps
protect against Denial of Service
(DoS) attacks.
-
Process Monitoring and Restart
The ExtremeXOS operating system
improves network availability using
process monitoring and restart. Each
independent operating system is monitored
in real time. If a process becomes
unresponsive or stops running, it can be
automatically restarted.
-
Loadable Software Modules
The modular design of ExtremeXOS
allows the upgrading of individual
software modules, should this be necessary,
leading to higher availability in the network
(see Figure 1).
|
Figure 1: ExtremeXOS Modular Design
|
High Availability Network Protocols
-
Ethernet Automatic Protection Switching (EAPS)
EAPS allows the IP network to provide the
level of resiliency and uptime that users
expect from their traditional voice network.
EAPS differs from Spanning Tree and Rapid
Spanning Tree protocols, offering sub-second
(less than 50 milliseconds) recovery that helps
deliver consistent failover regardless of the
number of VLANs, network nodes or network
topology. Since EAPS allows the network to
recover almost transparently, VoIP calls will
not drop and digital video feeds will not
freeze or pixelize in most situations.
-
Spanning Tree/Rapid Spanning Tree Protocols
Summit X350 switches support Spanning
Tree (802.1D), Per VLAN Spanning Tree
(PVST+), Rapid Spanning Tree (802.1w)
and Multiple Instances of Spanning Tree
(802.1s) protocols for Layer 2 resiliency.
-
Link Aggregation (802.3ad)
Link aggregation allows trunking of up to
eight links on a single logical connection,
for up to 20 Gbps (10Gbps x 2) of redundant
bandwidth per logical connection.
Exceptional Policy-based
QoS with Advanced Traffic
Management for Converged
Applications
Summit X350 provides eight hardware
queues per port to support granular traffic
classification with bandwidth allocation. The
1,024 centralized classifiers per 24-port block
can use information from Layers 1 through 4
to prioritize and meter incoming packets at
line-rate. When metering traffic, the switch
can drop out-of-spec traffic or flag it for later
action. To expedite upstream traffic handling,
a packet’s classification can be carried
forward with Layer 2 (802.1p) and Layer 3
(Diffserv) markings. Summit X350 switches
provide advanced traffic management
features that support the high-quality triple
play of voice, video and data services.
Redundant Power Supplies
Summit X350 switches are designed with an
external redundant power supply that offers
a convenient and easy-to-upgrade in-field
option to protect against power anomalies.
Comprehensive Security Management
Implementing a secure network means providing protection at the network perimeter as well as the core. Working together with
the Sentriant® family of products from Extreme Networks, Summit X350 series switches use advanced security functions to help
protect your network from known or potential threats. Security offerings from Extreme Networks encompass three key areas:
user and host integrity, threat detection and response, and hardened network infrastructure.
User Authentication and Host Integrity Checking
-
Network Login
Network Login capability enforces user
admission and usage policies. Summit X350
series switches support a comprehensive
range of Network Login options by
providing an 802.1x agent-based approach,
a Web-based (agent-less) login capability
for guests, and a MAC-based authentication
model for devices. With these modes
of Network Login, only authorized users
and devices are permitted to connect to
the network and be assigned to the
appropriate VLAN.
-
Multiple Supplicant Support
Shared ports represent a potential
vulnerability in a network. Multiple
supplicant capability on a switch allows it
to uniquely authenticate and apply the
appropriate policies and VLANs for each
user or device on a shared port.
Multiple supplicant support helps secure
IP Telephony and wireless access.
Converged network designs often involve
the use of shared ports (see Figure 2).
|
Figure 2: Multiple Supplicant Support
|
-
Host Integrity Checking
Host integrity checking helps keep
infected or noncompliant machines off the
network. Summit X350 series switches
support a host integrity or endpoint
integrity solution that is based on the
model from the Trusted Computing Group.
Summit X350 interfaces with
Sentriant AG200 endpoint security
appliance from Extreme Networks to
verify that each endpoint meets the
security policies that have been set, and to
quarantine those that are not in compliance.
Extensive MAC and IP Security Functionality
-
Media Access Control (MAC) Security
MAC security allows the lockdown of a port
to a given MAC address and limiting the
number of MAC addresses on a port. MAC
security can be used to dedicate ports to
specific hosts or devices such as VoIP
phones or printers and avoid abuse of the
port—a capability that can be especially
useful in environments such as hotels. In
addition, an aging timer can be configured
for the MAC lockdown, protecting the
network from the effects of attacks using
(often rapidly) changing MAC addresses.
-
IP Security
ExtremeXOS IP Security Framework helps
protect the network infrastructure, network
services such as DHCP and DNS and host
computers from spoofing and man-in-the
middle attacks. It also helps protect the
network from statically configured and/or
spoofed IP addresses and builds an external
trusted database of MAC/IP/port bindings
providing the traffic’s source from a specific
address for immediate defense.
-
Identity Manager
Identity Manager allows network managers
to track users who access their network.
User identity is captured based on NetLogin
authentication, LLDP discovery and
Kerberos snooping. ExtremeXOS uses the
information to then report on the MAC,
VLAN, computer hostname, and port
location of the user. Further, Identity
Manager can create both roles and
policies, and then bind them together to
create role-based profiles based on
organizational structure or other logical
groupings, and apply them across multiple
users to allow appropriate access to
network resources. In addition, support for
Wide Key ACLs further improves security
by going beyond the typical source/
destination and MAC address as identification
criteria access mechanism to provide
filtering capabilities.
Network Intrusion Detection and Response
-
Hardware-Based sFlow Sampling
sFlow® is a sampling technology that
provides the ability to continuously
monitor application-level traffic flows on
all interfaces simultaneously. The sFlow
agent is a software process that runs on
Summit X350 switches and packages data
into sFlow datagrams that are sent over
the network to an sFlow collector. The
collector gives an up-to-the minute view of
traffic across the entire network, providing
the ability to troubleshoot network
problems, control congestion and detect
network security threats.
-
Port Mirroring
To allow threat detection and prevention,
Summit X350 switches support many-toone
and one-to-many port mirroring. This
allows the mirroring of traffic to an
external network appliance such as an
intrusion detection device for trend
analysis or for utilization by a network
administrator for diagnostic purposes.
-
Line-Rate ACLs
ACLs are one of the most powerful
components used in controlling network
resource utilization as well as protecting
the network. Summit X350 switches
support 1,024 centralized ACLs per
24-port block based on Layer 2, 3, or 4
header information such as the MAC, IPv4
and IPv6 address or TCP/UDP port. ACLs
are used for filtering the traffic, as well as
classifying the traffic flow to control
bandwidth, priority, mirroring, and
policy-based routing/switching.
-
Denial of Service Protection
Summit X350 can effectively handle DoS
attacks. If the switch detects an unusually
large number of packets in the CPU input
queue, it will assemble ACLs that automatically
stop these packets from reaching the
CPU. After a period of time, these ACLs are
removed, and reinstalled if the attack
continues.
Secure Management
To prevent management data from
being intercepted or altered by
unauthorized access, Summit X350
supports SSH2, SCP and SNMPv3
protocols.
Target Application
Edge Connectivity for Advanced Applications
-
Edge switch providing intelligent
10/100/1000BASE-T connectivity to
the desktop in a network running
ExtremeXOS from the core to the edge Summit X350 is deployed as an intelligent
Gigabit Ethernet edge switch, extending the
benefits of the ExtremeXOS operating system
to the network edge. This uniformity allows
consistent quality and performance throughout
your converged network while minimizing
operational inefficiencies.
|
|
|
|
|