Riverstone Networks 9000 manual Distributed intelligence, Multi-layer security

Page 6

Distributed intelligence

Unlike other switches on the market, Alcatel OmniSwitch are unique in that they are able to provide Smart Continuous Switching by using a design where most processes are distributed and handled on the network interfaces themselves, relegating the CMM to a coordination role. A bottleneck is avoided by not using a centralized control plane architecture where the CMM – the key management module – is responsible for all processing. The distributed design allows key processes such as Spanning Tree to maintain a fully operational state, even during a sub-second CMM failover.

Multi-layer security

With networks under constant attack from the outside world and even from within the company, a network needs to provide easy access to users and resources, yet possess extensive security features that can be managed across a global enterprise. The OS9000s provide multi-layer security with a range of security features that can be implemented in the wiring closet, the core, and throughout the network. These include:

User authentication

Virtual local area networks (VLANs)

Quarantine VLANs

Access control lists (ACLs)

Restricts user ports from sending control traffic (BPDU, RIP, OSPF, BGP)

Prevents IP source address spoofing

Authenticated switch access

Encryption for secure management (SSHv2 / HTTPs / SNMPv3)

Denial of service protection

Multi-layer security enables the building of sophisticated hardware and software-based solutions that can be integrated with policy-based management and other technologies such as smart cards, PKI, and biometrics for enhanced security implementations. For secure management there are many features integrated into the architecture including authenticated user access, SNMPv3 and SSL for encrypted sessions, and partitioned management for multi-tiered access and granular network administration.

Advanced network policies for secure & converged networks

Advanced network policies ensure that users and applications get the priority and performance they need with ease of use management that extends across the enterprise. The OS9000s feature state-of-the-art ASIC-based technology for intelligent, wire-speed everything including switching, routing, ACLs, QoS, traffic redirection and load balancing.

The OS9000s provide application aware switching for layers 2, 3, and 4 and the most advanced classification, prioritization, and queuing schemes in the industry. It also supports industry classification standards including 802.1Q/p, TOS, and DiffServ, and is enhanced with complementary features such as extensive QoS mappings and re-tagging of prioritization. And, the OS9000s don’t require additional hardware or specialized software to operate at wire-speed – from the first packet!

> 6 ALCATEL

Image 6
Contents Alcatel OmniSwitch High performance for converged networks Simplified network managementSecurity Alcatel OmniSwitch OmniSwitch 9000 FamilyWiring closet connectivity Enterprise core / Data centerAggregation layer Highest availability for the enterprise Resiliency maximized network uptimeDistributed intelligence Multi-layer securityAdvanced network policies for secure & converged networks Alcatel OmniVista and OneTouch manageability CoreFirst Green switch in the market RoHS compliancy IPv6 supportManagement and fabric modules Chassis and power suppliesBundles Network interface cardsLayer-2 Switching Layer-3 Routing IPv4Layer-3 Routing IPv6 Management Layer-3 Routing IPXConvergence RIP/SAPService and support Support PlusEnvironmental requirements DimensionsNetwork Interface Ieee StandardsQuality of Services ManageabilityOthers Safety Agency Certifications WarrantyImmunity