|
Summit X450å Series
Voice-Class Availability
-
Modular ExtremeXOS operating system
-
Ethernet Automatic Protection Switching (EAPS) resiliency protocol
-
SummitStack™ and SummitStack-V—highly available, highspeed stacking support
Designed for Converged Network Applications
-
High bandwidth, non-blocking architecture for demanding edge applications
-
Exceptional Quality of Service (QoS) with advanced traffic management capabilities for converged applications
-
Convergence-ready connectivity with Voice-over-IP (VoIP) automatic provisioning
-
Efficient management to handle convergence-driven network changes with Power over Gigabit Ethernet
Comprehensive Security
-
User policy and host integrity enforcement and Identity Management
-
Universal Port dynamic security profile to provide fine granular security policy in the network
-
Threat detection and response instrumentation to react to network intrusion with CLEAR-Flow Security Rules Engine
Summit X450e series switches are based on the
revolutionary ExtremeXOS core-class operating
system from Extreme Networks®. ExtremeXOS
highly resilient, modular operating system provides
continuous uptime, manageability and operational
efficiency.
Summit X450e provides high availability and
performance with its advanced traffic management
capabilities to support a large-scale rollout
of a converged network that supports devices
such as IP telephones, wireless APs and other
devices that require power from a LAN connection.
With low-latency line-rate performance,
Summit X450e-24p/48p supports the 802.3af
standards-based Power over Ethernet (PoE) on
every port.
Summit X450e supports hardware-based routing
for both IPv4 and IPv6 which helps provide
investment protection by allowing the rollout of
IPv6 in your network now or in the future.
The flexible Summit X450e switches provide
high-density Gigabit Ethernet ports plus dedicated
40 Gbps high-speed stacking ports and optional
10 Gigabit Ethernet ports in a compact 1RU format,
supporting a full range of Layer 2 to Layer 4
functionalities on every port for high productivity.
Optional redundant power supplies are offered
with each switch to protect against power anomalies,
providing a continuous operational network.
Target Applications
-
PoE and non-PoE edge switches providing
intelligent 10/100/1000BASE-T connectivity
to the desktop in a network running
ExtremeXOS from the core to the edge.
Voice-Class Availability
Powered by the ExtremeXOS modular operating system, the Summit X450e switch supports process recovery and
application upgrades without the need for a system reboot. Summit X450e provides the high network availability
required for converged applications.
Modular Operating System for Non-Stop Operation
-
Preemptive Multitasking and Protected Memory
Summit X450e switches allow each of
many applications—such as Open
Shortest Path First (OSPF) and
Spanning Tree Protocol (STP)—to run
as separate Operating System (OS)
processes that are protected from each
other. This drives increased system
integrity and inherently protects against
Denial of Service (DoS) attacks.
-
Process Monitoring and Restart
The ExtremeXOS modular OS increases
network availability using process
monitoring and restart. Each independent
OS process is monitored in real time. If a
process becomes unresponsive or stops
running, it can be automatically restarted.
-
Loadable Software Modules
The modular design of ExtremeXOS
allows the upgrading of individual
software modules, should this be
necessary, leading to higher availability
in the network (see Figure 1).
|
Figure 1: ExtremeXOS Modular Design
|
High Availability Network Protocols
-
Ethernet Automatic Protection Switching (EAPS)
EAPS allows the IP network to provide the
level of resiliency and uptime that users
expect from their traditional voice network.
EAPS is more adaptable than Spanning
Tree or Rapid Spanning Tree protocols and
offers sub-second (less than 50 milliseconds)
recovery that delivers consistent
failover regardless of the number of VLANs,
network nodes or network topology. Since
EAPS allows the network to recover almost
transparently, VoIP calls will not drop and
digital video feeds will not freeze or pixelize in
most situations.
-
Spanning Tree/Rapid Spanning Tree Protocols
Summit X450e switches support Spanning
Tree (802.1D), Per VLAN Spanning Tree
(PVST+), Rapid Spanning Tree (802.1w) and
Multiple Instances of Spanning Tree (802.1s)
protocols for Layer 2 resiliency.
-
Software-Enhanced Availability
Software-enhanced availability allows users
to remain connected to the network even if
part of the network infrastructure is down.
Summit X450e switches continuously check
for problems in the uplink connections
using advanced Layer 3 protocols such as
OSPF, VRRP and Extreme Standby Router
Protocol™ (ESRP, supported in Layer 2 or
Layer 3), and dynamically route traffic
around the problem.
-
Equal Cost Multipath
Equal Cost Multipath (ECMP) routing allows
uplinks to be load balanced for performance
and cost savings while also supporting
redundant failover. If an uplink fails, traffic is
automatically routed to the remaining
uplinks and connectivity is maintained.
-
Link Aggregation (802.3ad)
Link aggregation allows trunking of up to
eight links on a single logical connection, for
up to 20 gigabits per second (Gbps) of
redundant bandwidth per logical connection.
-
Multi-Switch LAG (Ì-LAG)
M-LAG can address bandwidth limitations
and improve network resiliency, in part by
routing network traffic around bottlenecks,
reducing the risks of a single point
of failure, and allowing load balancing
across multiple switches.
Voice-Grade Stacking with SummitStack
Summit X450e offers dual stacking
interfaces to provide high-speed 40 Gbps
stacking bandwidth. SummitStack stacking
architecture is designed to support
converged services such as VoIP and video
by its highly available, rapid failover
capability with n-1 master redundancy,
distributed Layer 2 and Layer 3 switching,
link aggregation across the stack and
distributed uplinks. SummitStack supports
up to eight units in a stack and the mixture
of the units can be Summit X250e, X450e,
X450a, X460, X480, and X650 switches
running the same version of ExtremeXOS. It
provides sub-second failover for path failure
and hitless master/backup failover along
with hitless protocol support such as OSPF
graceful restart, PoE configuration and
Network Login user authentication.
SummitStack-V Flexible Stacking Over 10 Gigabit Ethernet
SummitStack-V capability utilizes 10 GbE
ports as stacking ports, enabling the use of
standard cabling and optics technologies
used for 10 GbE such as XFP, SFP+,
10GBASE-T and XENPAK. SummitStack-V
provides long-distance stacking connectivity
of up to 40 km while reducing the cable
complexity of implementing a stacking
solution. SummitStack-V enabled 10 GbE
ports must be physically direct-connected.
SummitStack-V is compatible with
Summit X450e, X450a, X460, X480 and
X650 switches running the same version of
ExtremeXOS (version 12.5 or greater).
Summit X450e provides chassis-like
management and availability with its
SummitStack stacking technology (see
Figure 2).
|
Figure 2: SummitStack Stacking Architecture
|
Designed for Converged Network Applications
Summit X450e provides a high bandwidth, non-blocking architecture with tri-speed copper Gigabit Ethernet ports in PoE
and non-PoE versions for demanding edge applications.
High Density Gigabit Ports with Optional 10 Gigabit Uplinks
The Summit X450e series provides ideal
performance and functionalities for access
switches. They eliminate the need to funnel
traffic through a low bandwidth gigabit
trunk by providing non-blocking 10 gigabit
links to the core. As an option module,
Summit X450e provides a variety of choices
for 10 Gigabit Ethernet uplinks: dual port
10GBASE-T for UTP connectivity, dual port
SFP+ for fiber and passive copper connectivity,
dual port XFP and dual port XENPAK.
Exceptional Policy-based QoS
PoE enabled Summit X450e switches
provide eight hardware queues per port
to support granular traffic classification
with bandwidth allocation. 1024 centralized
classifiers per 24 ports can use
information from Layers 1 through 4 to
prioritize and meter incoming packets at
line-rate. When metering traffic, the
switches can drop out-of-spec traffic or
flag it for later action. To expedite
upstream traffic handling, a packet’s
classification can be carried forward with
Layer 2 (802.1p) and Layer 3 (DiffServ)
markings. Summit X450e switches
provide advanced traffic management
features that support the highest-quality
triple play of voice, video and data services.
Efficient Management to Handle Convergence-Driven Network Changes
-
Universal Port—Voice-over-IP Auto-Provisioning
PoE enabled Summit X450e switches set the
stage for convergence applications by
allowing enterprises to add new access
devices in a plug-and-play fashion. Voice
and wireless services can be easily
implemented without major network
upgrades. Summit X450e supports automatic
provisioning of VoIP using LLDP and
event-based command scripting capability.
It allows dynamic configuration of voice
VLANs and QoS. This auto-configuration
capability allows you to configure VoIP
phone settings such as voice VLAN settings,
call server IP address configuration, etc.
This level of simplicity in managing
network changes can greatly reduce
operating expenses.
|
Figure 3: Universal Port Voice-over-IP Provisioning
|
-
Power over Gigabit Ethernet (PoE)
Deployments of IP Telephony depend on
reliable, consistent power from the Ethernet
jack. Summit X450e-24p/48p is the basis for
a reliable LAN telephony infrastructure with
fully redundant 15.4 watts per port, and
QoS and resiliency to match the failover
requirements for latency-sensitive services
like VoIP phones. With Summit X450e,
deployment of powered LAN devices is
quick and easy with its support of the IEEE
802.3af standard and full Class 3 power
availability on all ports, backed up 100% by
the optional EPS-500 redundant power supply
(Summit X450e-24p). Summit X450e-48p can
provide up to 370W of PoE power and can
be increased up to 740W of PoE power to
support full 15.4W Class 3 devices on all 48
ports by adding the External Power System
(EPS-C and EPS-600LS).
-
Voice-Grade Connections
Summit X450e supports a range of QoS
technologies that can prioritize and predictably
handle high-priority traffic policing or rate
limiting on ingress, 802.1q tagging and
DiffServ marking, and shaping on egress with
eight queues per port. The Extreme Networks
tradition of building products with low latency
and jitter continues with Summit X450e.
-
Universal Connectivity
Summit X450e-24p/48p switches offer
universal connectivity with high-performance
gigabit to the desktop, PoE and wireless
support from every RJ-45 port. Installing
universal services ports everywhere for data
and device power greatly simplifies installations
and moves, and helps to future-proof
your edge network. Summit X450e-24p/48p
provides universal attachment at any desktop
Ethernet speed, and any power level from
none to full 15.4 Watts.
Comprehensive Network Management
Summit X450e switches support comprehensive
network management through
Command Line Interface (CLI), SNMP v1,
v2c, v3, and an embedded XML-based Web
User Interface, ExtremeXOS ScreenPlay™.
With a variety of management options and
consistency across other Extreme Networks
modular and stackable switches, Summit X450e
series switches provide ease of management
for demanding converged applications.
Extreme Networks has developed tools that
help save you time and resources in managing
your network. EPICenter® management
suite provides fault, configuration, accounting,
performance and security functions, allowing
more effective management of
Extreme Networks multi-layer switching
equipment in a converged network.
Advanced Routing Capabilities for the Edge
Summit X450e switches support advanced
protocols for an efficient and productive
network. Summit X450e switches provide
static and RIP routing for simple IPv4 and
IPv6 Layer 3 deployment. An optional
ExtremeXOS Advanced Edge license
extends the feature set to include other
important edge functions such as:
-
Edge OSPF for much greater extensibility than RIP can provide
-
Edge PIM sparse modes for routing of multicast streams
-
Policy-based routing
-
sFlow® hardware sampling
Comprehensive Security Management
Implementing a secure network means providing protection at the network perimeter as well as the core. Working together with
the Sentriant® family of products from Extreme Networks, Summit X450e uses advanced security functions in protecting your
network from known or potential threats.
Extreme Networks security offerings encompass three key areas: user and host
integrity, threat detection and response, and hardened network infrastructure. Furthermore, with policy-based routing, measures
can be taken to provide confidentiality of selective data in transit between internal network nodes.
User Authentication and Host Integrity Checking
-
Network Login and Dynamic Security Profile
Network Login capability implemented
in ExtremeXOS enforces user admission
and usage policies. Summit X450e series
switches support a comprehensive range
of Network Login options by providing
an 802.1x agent-based approach, a Webbased
(agent-less) login capability for
guests, and a MAC-based authentication
model for devices. With these modes of
Network Login, only authorized users
and devices can connect to the network
and be assigned to the appropriate VLAN.
The Universal Port scripting framework
available in Summit X450e lets you
implement Dynamic Security Profiles,
which in sync with Network Login allows
you to implement fine-grained and robust
security policies. Upon authentication,
the switch can load dynamic ACLs/QoS
profiles for a user or group of users, to
deny/allow the access to the application
servers or segments within the network.
-
Multiple Supplicant Support
Shared ports represent a potential
vulnerability in a network. Multiple
supplicant capability on a switch allows
it to uniquely authenticate and apply the
appropriate policies and VLANs for each
user or device on a shared port.
Multiple supplicant support secures IP
Telephony and wireless access. Converged
network designs often involve the use of
shared ports.
-
Media Access Control (MAC) Lockdown
MAC lockdown secures printers, wireless
APs and servers. The MAC address
security/lockdown feature allows
Summit X450e to block access to any
Ethernet port when the MAC address of
a station attempting to access the port is
different from the configured MAC
address. This feature is used to “lock
down” any device to a specific port.
-
Host Integrity Checking
Host integrity checking helps keep
infected or non-compliant machines off
the network. Summit X450e series
switches support a host integrity or
endpoint integrity solution that is based on
the model from the Trusted Computing
Group. Summit X450e interfaces with
Sentriant AG200 endpoint security appliance
from Extreme Networks to verify that each
endpoint meets the security policies that
have been set and to quarantine those that
are not in compliance.
-
Identity Manager
Identity Manager allows network managers
to track users who access their network.
User identity is captured based on
NetLogin authentication, LLDP discovery
and Kerberos snooping. ExtremeXOS uses
the information to then report on the
MAC, VLAN, computer hostname, and port
location of the user. Further, Identity
Manager can create both roles and
policies, and then bind them together to
create role-based profiles based on
organizational structure or other logical
groupings, and apply them across multiple
users to allow appropriate access to
network resources. In addition, support for
Wide Key ACLs further improves security
by going beyond the typical source/
destination and MAC address as identification
criteria access mechanism to provide
filtering capabilities.
Network Intrusion Detection and Response
-
CLEAR-Flow Security Rules Engine
CLEAR-Flow Security Rules Engine
provides first order threat detection and
mitigation, and mirrors traffic to appliances
for further analysis of suspicious
traffic in the network.
-
Hardware-based sFlow Sampling
sFlow is a sampling technology that provides
the ability to continuously monitor
application-level traffic flows on all interfaces
simultaneously. The sFlow agent is a software
process that runs on Summit X450e and
packages data into sFlow datagrams that are
sent over the network to an sFlow collector.
The collector gives an up-to-the-minute view
of traffic across the entire network, providing
the ability to troubleshoot network problems,
control congestion and detect network
security threats.
-
Port Mirroring
To allow threat detection and prevention,
Summit X450e switches support many-to-one
and one-to-many port mirroring. This allows
the mirroring of traffic to an external
network appliance such as an intrusion
detection device for trend analysis or for
utilization by a network administrator for
diagnostic purposes. Port mirroring can
also be enabled across switches in a stack.
-
Line-Rate ACLs
ACLs are one of the most powerful components
used in controlling network resource
utilization as well as protecting the network.
Summit X450e switches support 1,024
centralized ACLs per 24-port block based on
Layer 2, 3 or 4 header information such as
the MAC or IP source/destination address.
ACLs are used for filtering the traffic, as well
as classifying the traffic flow to control
bandwidth, priority, mirroring, and policybased
routing/switching.
-
Denial of Service Protection
Summit X450e switches effectively handle
DoS attacks. If the switch detects an
unusually large number of packets in the
CPU input queue, it will assemble ACLs
that automatically stop these packets from
reaching the CPU. After a period of time,
these ACLs are removed, and reinstalled if
the attack continues. ASIC-based LPM
routing eliminates the need for control
plane software to learn new flows, allowing
more network resilience against DoS attacks.
Secure Management
To prevent management data from being
intercepted or altered by unauthorized
access, Summit X450e switches support
SSH2, SCP and SNMPv3 protocols. The MD5
hash algorithm used in authentication
prevents attackers from tampering with
valid data during routing sessions.
Target Applications
PoE and Non-PoE Edge Switches for High-Bandwidth Applications
With line-rate performance and low latency, all
Summit X450e switches extend the benefits of
the ExtremeXOS operating system to the
network edge. This uniformity provides consistent
quality and performance throughout your
converged network while reducing operational
inefficiencies. The Summit X450e-24p/48p
PoE edge switches connect wireless devices,
LAN telephony, PDAs and other equipment
without compromising security, scalability,
availability, mobility or management. The
Summit X450e-24t/48t non-PoE edge switches
provide the same uncompromising service
when PoE is not a requirement.
|
|
|
|
|