|
Summit X450a Series
Voice-Class Availability
-
Modular ExtremeXOS Operating System (OS)
-
Ethernet Automatic Protection Switching (EAPS) resiliency protocol
-
SummitStack™ and SummitStack-V — highly available stacking support
Advanced Features Offer Versatile Deployment
-
High bandwidth, non-blocking architecture for demanding edge applications
-
High density gigabit ports with optional 10 gigabit uplinks that provide high-performance aggregation
-
Advanced routing protocols such OSPF, BGP and multicast for an efficient and productive small network core
-
Exceptional Quality of Service (QoS) with advanced traffic
management capabilities for triple play services in Carrier Ethernet networks
Comprehensive Security
-
User authentication, host integrity enforcement and Identity Management
-
Universal Port dynamic security profile to provide fine granular
security policies in the network
-
Threat detection and response instrumentation to react to
network intrusion with CLEAR-Flow Security Rules Engine
-
Harden the network infrastructure with Denial of Service (DoS)
protection and IP security against man-in-the-middle and DoS attacks
The Summit X450a series is based on
Extreme Networks® revolutionary ExtremeXOS
operating system. ExtremeXOS modular OS is
highly resilient and provides continuous uptime,
manageability and operational efficiency. Each
Summit X450a switch offers the same high-performance,
non-blocking hardware technology used on
Extreme Networks BlackDiamond® 8800 series, in
the Extreme Networks tradition of simplifying
network deployments through the use of common
hardware and software throughout the network.
The flexible and scalable Summit X450a switch is
an ideal aggregation switch for traditional small core
enterprise networks. The Summit X450a series is a
perfect first level aggregation device for DSLAMs
at a local central office before traffic is passed on
to the Extreme Networks BlackDiamond 20808 or
BlackDiamond 20804 core switch at the Point of
Presence (POP) where traffic is managed and
connected to service networks.
The versatile Summit X450a switch provides
high-density gigabit plus optional 10 Gigabit
Ethernet ports in a compact 1RU format, supporting
a full range of Layer 2 to Layer 4 functionalities
on every port to allow high productivity. Optional
redundant power supplies are offered with each
switch to protect against power anomalies,
providing a continuous operational network.
Target Applications
-
Aggregation switch in a traditional three tiered
network that requires high availability and
ExtremeXOS advanced features
-
DSLAM aggregation, active Ethernet access or
access aggregation device in a Carrier Ethernet network
-
Access or access aggregation switch in a business E-Line or E-LAN over VPLS network
-
Top-of-Rack switch in a data center deploment
-
Interconnect switch providing low latency
connections for High Performance Cluster Computing (HPCC)
-
Core switch for a small network
Voice-Class Availability
Powered by the ExtremeXOS, Summit X450a supports process recovery and application upgrades without the need for a
system reboot. Summit X450a provides the high network availability required for converged applications.
Modular Operating System for Non-Stop Operation
-
Preemptive Multitasking and Protected Memory
The Summit X450a series switch allows
each of many applications—such as
Open Shortest Path First (OSPF) and
Spanning Tree Protocol (STP)—to run
as separate OS processes that are
protected from each other. This drives
increased system integrity and inherently
protects against DoS attacks.
-
Process Monitoring and Restart
ExtremeXOS dramatically increases
network availability using process
monitoring and restart. Each independent
OS process is monitored in real time. If a
process becomes unresponsive or stops
running, it can be automatically restarted.
-
Loadable Software Modules
The modular design of ExtremeXOS
allows the upgrading of individual
software modules, should this be necessary,
leading to higher availability in the network
(see Figure 1).
|
Figure 1: ExtremeXOS Modular Design
|
High Availability Network Protocols
-
Ethernet Automatic Protection Switching (EAPS)
EAPS allows the IP network to provide
the level of resiliency and uptime that
users expect from their traditional voice
network. EAPS is more adaptable than
Spanning Tree or Rapid Spanning Tree
protocols and offers sub-second (less
than 50 milliseconds) recovery that
delivers consistent failover regardless of
the number of VLANs, network nodes or
network topology. Since EAPS allows the
network to recover almost transparently,
Voice-over-IP calls will not drop and
digital video feeds will not freeze or
pixelize in most situations.
-
Spanning Tree/Rapid Spanning Tree Protocols
The Summit X450a series supports
Spanning Tree (802.1D), Per VLAN
Spanning Tree (PVST+), Rapid Spanning
Tree (802.1w) and Multiple Instances of
Spanning Tree (802.1s) protocols for
Layer 2 resiliency.
-
Software-Enhanced Availability
Software-enhanced availability allows
users to remain connected to the network
even if part of the network infrastructure
is down. The Summit X450a series
continuously checks for problems in the
uplink connections using advanced Layer 3
protocols such as OSPF, VRRP and
Extreme Standby Router Protocol (ESRP,
supported in Layer 2 or Layer 3), and
dynamically routes traffic around the
problem.
-
Equal Cost Multipath
Equal Cost Multipath (ECMP) routing allows
uplinks to be load balanced for performance
and cost savings while also supporting
redundant failover. If an uplink fails, traffic
is automatically routed to the remaining
uplinks and connectivity is maintained.
-
Link Aggregation (802.3ad)
Link aggregation allows trunking of up to
eight links on a single logical connection,
for up to 20 Gigabits per Second (Gbps) of
redundant bandwidth per logical connection.
-
Multi-Switch LAG (M-LAG)
M-LAG can address bandwidth limitations
and improve network resiliency, in part by
routing network traffic around bottlenecks,
reducing the risks of a single point
of failure, and allowing load balancing
across multiple switches.
Voice-Grade Stacking with SummitStack
The Summit X450a series offers dual
stacking interfaces to provide high-speed
40 Gbps stacking bandwidth. SummitStack
stacking architecture is designed to
support converged services such as VoIP
and video by its highly available, rapid
failover capability with n-1 master
redundancy, distributed Layer 2 and Layer
3 switching, link aggregation across the
stack and distributed uplinks. The 40 Gbps
SummitStack supports up to eight units in
a stack, including any mix of Summit
X460, X480, X650, X450a, X450e, and
X250e running the same version of
ExtremeXOS. It provides sub-second
failover for path failure and hitless master/
backup failover along with hitless protocol
support such as OSPF graceful restart and
Network Login user authentication.
The Summit X450a switch provides chassislike
management and availability with its
SummitStack stacking technology (see
Figure 2).
|
Figure 2: SummitStack Stacking Architecture
|
SummitStack-V–Flexible Stacking Over 10 Gigabit Ethernet
SummitStack-V capability utilizes 10 GbE
ports as stacking ports, enabling the use
of standard cabling and optics technologies
used for 10 GbE such as XFP, SFP+,
10GBASE-T and XENPAK.
SummitStack-V provides long-distance
stacking connectivity of up to 40 km
while reducing the cable complexity of
implementing a stacking solution.
SummitStack-V enabled 10 GbE ports
must be physically direct-connected.
SummitStack-V is compatible with
Summit X450e, X450a, X460, X480 and
X650 switches running the same version
of ExtremeXOS (version 12.5 or greater).
Advanced Features Offer Versatile Deployment
Combining superior resiliency, comprehensive security, and nonblocking performance, the Summit X450a switch is the
cornerstone of a high-performance network. Summit X450a series provides a high bandwidth, non-blocking architecture
with tri-speed copper Gigabit Ethernet ports for demanding Top-of-Rack data center applications. With optional 10 gigabit
trunks, Summit X450a switches connect to gigabit edge devices and provide a high-performance aggregation layer in a
traditional three-tier LAN. For Carrier Ethernet networks, Summit X450a switches deliver exceptional QoS and traffic
management capabilities.
High Bandwidth, Non-Blocking Architecture for Demanding Edge Applications
When deployed as an access switch,
Summit X450a, with its modular 10
gigabit integrated fiber ports, provides
the bandwidth required by the most
demanding applications. With more than
20 gigabits of uplink capacity, uplink
bandwidth bottlenecks are eliminated.
Providing line-rate throughput and
supporting jumbo frames up to 9,216
bytes, Summit X450a allows transfers to
be completed in minimal time.
High Density Gigabit Ports with Optional 10 Gigabit Uplinks
The Summit X450a switches provide ideal
performance and functionalities for the
aggregation layer. They eliminate the need
to funnel traffic through a low bandwidth
gigabit trunk by providing non-blocking 10
gigabit links to the core. As an option
module, Summit X450a provides a variety
of choices for 10 Gigabit Ethernet uplinks:
dual port 10GBASE-T for UTP connectivity,
dual port SFP+ for fiber and passive copper
connectivity, dual port XFP and dual port
XENPAK.
Link Redundancy Protocols
Aggregation switches are located in the
network crossroads with high-density
traffic from many users. Because of its
location, every connection to and from an
aggregation switch must be redundant in
order to allow a safe failover of traffic to a
secondary path in case of link or device
failure. The Summit X450a series offers
superior link redundancy features that
provide a highly available aggregation layer.
For example, where voice-grade resiliency
is required, EAPS allows links to
failover rapidly so that voice call sessions
are not dropped. Other link resiliency
features include OSPF, ECMP and VRRP,
providing standards-based Layer 3 dual
homing, Extreme Standby Router
Protocol™ (ESRP) that offers dual homing
at both Layer 2 and Layer 3, and a unique
software redundant port that does not
require any loop detection protocol and is
easy to configure.
Advanced Routing Capabilities for Small Network Core
Supporting core deployments requires full
protocol support. Summit X450a switches
support advanced protocols for an efficient
and productive small network core. The
switches provide static, RIP and Edge-OSPF
protocols with policy-based routing
capabilities. An optional ExtremeXOS core
license extends the feature set to include
other important core functions such as:
-
Full OSPF for much greater extensibility than RIP can provide
-
BGP for inter-autonomous system forwarding
-
PIM, sparse and dense modes for routing of multicast streams
-
IPv6 hardware forwarding with OSPFv3
-
IPv6 tunnels, IPv6-to-IPv4 translation, and IPv6 multicast discovery for extensive IPv6 support
Supports Virtualized Data Centers
Summit X450a switches also support
Direct Attach™, which eliminates the
virtual switch layer, simplifying the
network and improving performance.
Direct Attach enables data center simplification
by reducing network tiers from 4 or
5 tiers to just 3 or 2 tiers, depending on the
size of the data center. To further enhance
data center operations, Summit X450a
switches support XNV™ (ExtremeXOS
Network Virtualization), a set of licensable
software modules for both the
ExtremeXOS based switching product
portfolio, as well as for EPICenter®, a
network provisioning and management
application. XNV brings insight, control and
automation for highly virtualized data
centers to the network.
Exceptional Policy-Based QoS and Traffic Management for Triple Play Services
The Summit X450a series provides eight
hardware queues per port to support
granular traffic classification, and up to
2,048 centralized ACLs per 24-port block
that can use information from Layers 1 – 4
to prioritize and meter incoming packets at
line-rate. When metering traffic, the switches
can drop out-of-spec traffic or flag it for
later action. To expedite upstream traffic
handling, a packet’s classification can be
carried forward with Layer 2 (802.1p) and
Layer 3 (DiffServ) markings. Summit X450a
provides advanced traffic management
features that support the high quality triple
play of voice, video and data services.
Summit X450a switches support
Extreme Networks vMAN tag stacking
mechanism, which is compliant with the
IEEE 802.1ad Provider Bridges standard.
vMAN allows service providers to aggregate
subscribers by using stacked Q-tags.
Summit X450a switches provide low
latency and hardware-based support for
multicast traffic, making them excellent
solutions for IPTV deployment over Carrier
Ethernet infrastructures. The DC-powered
version of Summit X450a switches provides
an internal DC PSU and an optional
redundant PSU and can be deployed in a
POP where AC is not available.
Comprehensive Security Management
Implementing a secure network means providing protection at the network perimeter as well as the core. Working together with
Extreme Networks Sentriant® family of products, Summit X450a switches use advanced security functions in protecting your
network from known or potential threats.
User Authentication and Host Integrity Checking
-
Network Login and Dynamic Security Profile
Summit X450a series switches support a
comprehensive range of Network Login
options by providing an 802.1x agentbased
approach, a Web-based (agent-less)
login capability, and a MAC-based
authentication model. With these modes
of Network Login, only authorized users
and devices can connect to the network
and be assigned to the appropriate
VLAN. The Universal Port feature
available in Summit X450a lets you
implement Dynamic Security Profiles
with Network Login and allows you to
implement fine-grained and robust
security policies. Upon authentication,
the switch can load dynamic ACL/QoS
profiles for a user or group of users to
deny/allow access to the application
servers or segments within the network.
-
Multiple Supplicant Support
Converged network designs often
involve the use of shared ports that
represent a potential vulnerability in a
network. Multiple supplicant capabilities
on a switch allow it to uniquely recognize
and apply the appropriate policies for
each user or device on a shared port.
-
Media Access Control (MAC) Lockdown
MAC security allows the lockdown of a
port to a given MAC address and limiting
the number of MAC addresses on a port.
This can be used to dedicate ports to
specific hosts or devices such as VoIP
phones or printers, and avoid abuse of
the port—a capability that can be
especially useful in environments such
as hotels. In addition, an aging timer can
be configured for the MAC lockdown,
protecting the network from the effects
of attacks using (often rapidly) changing
MAC addresses.
-
IP Security
ExtremeXOS IP security framework
protects the network infrastructure,
network services such as DHCP and
DNS, and host computers from spoofing
and man-in-the-middle attacks. It also
protects the network from statically
configured and/or spoofed IP addresses.
It builds an external trusted database of
MAC/IP/port bindings so you know
where traffic from a specific address
comes from for immediate defense.
-
Identity Manager
Identity Manager allows network managers
to track users who access their network.
User identity is captured based on
NetLogin authentication, LLDP discovery
and Kerberos snooping. ExtremeXOS uses
the information to then report on the MAC,
VLAN, computer hostname, and port
location of the user. Further, Identity
Manager can create both roles and policies,
and then bind them together to create
role-based profiles based on organizational
structure or other logical groupings, and
apply them across multiple users to allow
appropriate access to network resources. In
addition, support for Wide Key ACLs
further improves security by going beyond
the typical source/destination and MAC
address as identification criteria access
mechanism to provide filtering capabilities.
-
Host Integrity
Host integrity checking keeps infected or
non-compliant machines off the network.
Summit X450a series support a host and
endpoint integrity solution that is based
on a model promoted by the Trusted
Computing Group by interfacing with
Extreme Networks endpoint security
product, Sentriant AG200.
Threat Detection and Response
-
CLEAR-Flow Security Rules Engine
CLEAR-Flow Security Rules Engine
provides first order threat detection and
mitigation, and mirrors traffic to appliances
for further analysis of suspicious traffic in
the network.
-
sFlow
sFlow® is a sampling technology that provides
the ability to sample application level traffic
flows on all interfaces simultaneously.
-
Port Mirroring
To allow threat detection and prevention,
Summit X450a switches support many-to-one
and one-to-many port mirroring. This
allows the mirroring of traffic to an external
network appliance such as an intrusion
detection device for trend analysis or for
utilization by a network administrator for
diagnostic purposes. Port mirroring can
also be enabled across switches in a stack.
-
Line-Rate ACLs
ACLs are one of the most powerful
components used in controlling network
resource utilization as well as protecting
the network. The Summit X450a series
supports up to 2,048 centralized ACLs per
24-port block based on Layer 2, 3 or 4
header information such as the MAC or IP
source/destination address. ACLs are used
for filtering the traffic, as well as classifying
the traffic flow to control bandwidth,
priority, mirroring, and policy-based routing/
switching.
-
Denial of Service Protection
Summit X450a effectively handles DoS
attacks. If the switch detects an unusually
large number of packets in the CPU input
queue, it will assemble ACLs that automatically
stop these packets from reaching the
CPU. After a period of time, these ACLs are
removed and reinstalled if the attack
continues. ASIC-based LPM routing
eliminates the need for control plane
software to learn new flows, allowing more
network resilience against DoS attacks.
-
Secure and Comprehensive Network Management
As the network becomes a foundation of the
enterprise application, network management
becomes an important piece of solution.
Summit X450a supports comprehensive
network management through Command
Line Interface (CLI), SNMP v1, v2c, v3, and
the embedded XML-based web user
interface, ExtremeXOS ScreenPlay™. With
a variety of management options and
consistency across other Extreme Networks
modular and stackable switches, Summit X450a
series switches provide ease-of-management
for demanding converged applications.
Extreme Networks has developed tools that
help save you time and resources in
managing your network. EPICenter management
suite provides fault, configuration,
accounting, performance and security
functions,allowing more effective management
of Extreme Networks multi-layer
switching equipment in a converged network.
For carrier networks, Extreme Networks
Ridgeline™ Service Advisor enables the
shift from reactive circuit monitoring to
proactive service monitoring. Ridgeline
Service Advisor unifies service fulfillment,
service assurance, and service engineering
so carriers can effectively manage next-generation
residential triple play, business
Ethernet and mobile Ethernet backhaul
services.
Target Applications
Small Network Core Switch
Summit X450a is ideal as a small network switch.
The optional 10 gigabit ports are perfect for
setting up a high bandwidth 10 gigabit backbone,
or for aggregating multiple gigabit ports for
inter-switch connectivity. All necessary core
protocols are available, including BGPv4 and IPv6.
With non-blocking performance, extensive DoS
protection, Longest Prefix Match routing and
superior traffic management features, Summit X450a
has been designed from the ground up to be an
ideal small core switch.
Traditional Aggregation Layer
Summit X450a is easily deployed as a technology
upgrade to a traditional aggregation layer,
bringing 10 gigabit uplinks and high availability.
For copper and fiber deployments, a pair of
Summit X450a switches provides redundant
aggregation switching
Carrier Ethernet Services
Summit X450a is an ideal service delivery
platform for Carrier Ethernet networks. The
advanced traffic management, resiliency and
scalability features give it the flexibility to be
deployed as an access switch or as an aggregation
switch. By supporting both access and aggregation
service delivery requirements, Summit X450a
minimizes service providers’ operational expenses.
High-Performance Cluster Computing (HPCC)
HPCC consists of many servers working cooperatively
to solve large computational problems. With
the use of relatively inexpensive and compact 1RU
servers, a significant amount of processing power
can be cost-effectively packed into a relatively
small footprint. Summit X450a series switches
address the need for high-performance and
cost-effective connectivity required for HPCC
using gigabit and 10 Gigabit Ethernet as the
interconnect technology.
|
|
|
|
|