-
1www.huawei-3com.com
H3C Router Solutions
旭昇資訊股份有限公司
-
2
Market Trends
-
3
TalkTalk
MusicMusic
TV/VideoTV/Video
ITIT
CommunicateCommunicate
ReferenceReference
PhotosPhotos
過去過去 現在現在 未來未來
Convergence
我們已生活在數位時代,下一世代的需求是整合MarketTrends
-
4
整合通訊的網路
未來可昇級10G
容易管理的網路
可靠及安全的網路
保障應用軟體最佳化的QoS機制
網路的可移動性
市場的需求MarketTrends
-
5
如何有效管理/維運,分散在兩岸三地及其他區域的所有網路設備?
Application ser
ver farm
如何讓網路在不中斷下,依需求來擴充網路
如何減少網路斷線的風險 ?
如何有效處理非法使用者、
Server、未知的病毒, 駭客的攻擊
如何給予 Voice traffic最佳化的網路頻寬? 如何保證 critical applications品質?
企業網路所面臨的挑戰MarketTrends
-
Company
Overview
-
Huawei-3Com 簡介Company Overview
• Huawei-3Com公司成立於2003年11月,註冊於香港,運營總部設在中國杭州
•專注於路由器、乙太網路交換器(Ethernet
Switch)、無線網路(Wireless)、網路安全(Security)、網路語音應用(VoIP)
、網路影像應用(Video)、SOHO產品及軟體管理系統等在內的多層次、提供全系列基於IP網路產品的全業務解決方案提供商
•全球策略合作夥伴 3Com, 華為(Huawei), 西門子(Siemens), NEC , 及Marconi
•3Com 於2006年11月28日將 H3C 公司股權全數買回, 目前為3COM 100%持股的公司
-
全球市場表現亮眼Company Overview
2005年 在中國的市場佔有率達 34.3%(Source: 2006-03 CCID Consulting)
1000
900
800
700
600
500
400
300
200
100
02004 2005 2006(forecast)
• 2005年業績超過 USD700 Million
• 在中國市場每年成長超過60%• 海外市場每年成長超過 200%
TotalInternational
最近三年的營業額成長表現
US
D M
illion
-
人力資源狀況Company Overview
R&D 55% Supply Chain 12% Administration 3%Sales/Marketing
30%
4,500個高資質員工
業務/行銷研發營運支援其他
30%
55%
12% 3%
-
全球佈局Company Overview
•在日本、美國、南非、韓國、泰國、俄羅斯和印度成立了子公司.•在歐洲、拉美、中東、亞太、非洲等地區設立代表處
USA
Brazil
South Africa
Nigeria
EgyptIndia
Russia
Malaysia
Mexico
Hong Kong
France Germany
Japan
UK
Thailand
KoreaHungary
Hangzhou
Huawei-3Com(Headquarters)
Canada
-
Why
Huawei-3Com
-
H3C 的優勢Why Huawei-3Com
• 以客戶為導向 , 重視客戶的需求 Customer-oriented Philosophy
• 強而有力的 R&D 團隊 Strong R&D Capabilities
• 完整的產品線及解決方案 Full Range of Products and Solutions
• 快速的回應與強力的支援 Fast Response and Powerful Support
• 低購買及建置成本 Lower Total Cost of Ownership
-
R&D platform based on global technology, talent,
experience
and quality management
2500 R&D employees15% of revenue invested in R&D
4 R&D Centers, 2 Testing Centers
Beijing China Router, Switch, Security, Voice, Wireless
LAN, Software, Testing Center
Hangzhou China SOHO, Storage, Security, High-end
Switch, Voice, Testing Center
Shenzhen China Core Network, Software, Storage
Bangalore India Software
CMM Practice and IPD Management
R&D CapabilitiesWhy Huawei-3Com
-
4000 Intellectual Property Rights
Huawei-3Com has applied for 300 patents, 80% of which are
invention patents
Huawei-3Com is authorized to use the 4000 patents from its
parent companies Huawei and 3Com.
Actively involved in national industry standards
Core ASIC chips with our own IPR
Software platform with our own IPR
IRF technology
DVPN technology
Network management system
Technology AchievementsWhy Huawei-3Com
-
15
網路架構說明
04
-
16
Up-LayerSoftware
Driver
Hardware
Intelligent Resilient Fabric
DRR DDM DLA
IRF
-
17
IRF Stack - S5600
1 power module slot1 power module slot(POE upgradeable)(POE
upgradeable)
AC/DC power supplyAC/DC power supply
1 Uplinks module 1 Uplinks module slotslot
2 Stacking ports2 Stacking ports
9696GbpsGbps Dedicated Dedicated Stacking PortStacking Port
Stackable (Stackable (uptoupto 8 devices) 8 devices)
S5648PS5648P
8* GE/1*10GE/2*10GE8* GE/1*10GE/2*10GE
10/100/1000Base-T Port或1000Base-X SFP Port4×1000 Base-X SFP Port
(combo)Switch Capacity : 136Gbps Throughput 101.19Mpps
IRF
-
18
所有堆疊交換機視為同一台邏輯交換機
彈性的架構讓任何一台故障時都不會影
響其他網路的連線與管理無需設定的快
速堆疊技術
可線上熱抽拔
同一系列最高可堆疊8台
所有堆疊交換機視為同一台邏輯交換機
彈性的架構讓任何一台故障時都不會影
響其他網路的連線與管理無需設定的快
速堆疊技術
可線上熱抽拔
同一系列最高可堆疊8台
Stack 管理
透過單一IP做到SNMP, WEB和CLI管理
在同一畫面可設定該堆疊交換機
的ACL
減少設定時間
增進監控的效率
Stack 管理
透過單一IP做到SNMP, WEB和CLI管理
在同一畫面可設定該堆疊交換機
的ACL
減少設定時間
增進監控的效率
Distributed Device Management (DDM)
Only one logical device1
4
2
3 4
IRF fabric
簡化管理IRF
-
19
創造網路新世紀創造網路新世紀------新的網路設計架構概念
在在IRFIRF堆疊中的任何堆疊中的任何2~82~8埠都可以設定為埠都可以設定為IEEE 802.3ad LACP IEEE
802.3ad LACP ––跨機箱的跨機箱的 aggregated linksaggregated links
Distributed Link Aggregation (DLA)
DLA will facilitate the re-distribution of traffic in case of
any uplink failureDLA will facilitate the reDLA will facilitate the
re--distribution of traffic in case of any uplink
failuredistribution of traffic in case of any uplink failure
強化網路的可靠度
Quidway S5600
Quidway S3600
4 Gbps Load-balancedLAG
Quidway S3600
IRF
-
20
所有所有L3L3的路由流量,皆須依賴的路由流量,皆須依賴單一單一Master Master SwitchSwitch
L3 forwardingL3 forwarding
IRF stack devices IRF stack devices
Traditional stack devicesTraditional stack devices
任何一台交換機都任何一台交換機都有該堆疊的所有有該堆疊的所有FIBFIB表表
Router1
Router2
Router3Router4
IP packet
Unit1
Unit3Unit4
Unit2
Normal stack
Router1
Router2
Router3
Router4
IP packet
Unit1
Unit3Unit4
Unit2
IRF basedDistributed forwarding
Distributed Resilient Routing (DRR)
快速的分散式路由IRF
-
21
Voice VLAN
POE
IRF stacking
中小企業網路架構網路最佳解決方案
Wire Speed的網路效能S5600具有136G交換能力及101Mpps的路由效能
業界領先的效能96Gbps的 IRF趡疊頻寬
Application s
erver farm
S3600
IRF IRF
Stacking
Stacking
IRF IRF
Stacking
Stacking
S3600
S3600
S3100
S5600
S5600
資訊安全控管利用MAC、IP或802.1X認證來達到AAA的安全機制
-
22
1. Mac address 00E0-BB00-0000 mask ffff-ff00-00002. Ah! It is an
IP Phone of Vendor A, B, C……( Totally, 16 Vendors)3. Put the
traffic from IP Phone into Voice VLAN automatically4. Other traffic
will be processed with lower priority
Voice QueueVoice Queue
Data Queue 1Data Queue 1
Data Queue 2Data Queue 2
Voice VLAN網路最佳解決方案
-
23
Performance and Features-VCT
VCT (Virtual Cable Test)VCT (Virtual Cable Test)
S3100 series
Benefits: ✔ Easy maintenance
✔ Save labour
Benefits: ✔ Easy maintenance
✔ Save labour
XX
Manage
-
24
大型製造業完整解決方案網路最佳解決方案
RRPPRRPP
S9500S9500
S5100S5100S3600S3600
S7502S7502
Application server farm
S7500S7500
InternetMAN
MailMailFTPFTP
S5100S5100
1000F1000FAR28AR28
台灣台灣
S3100S3100
ERPERPVideoVideo
-
25
Intelligent Multi-service VII– RRPP
• RRPP – Cost-effective ring technology– Offering sub-second
recovery from link failure
RRPP RRPP
RRPPS7500
S9500 S9500
S7500S7500
RRPP Ring
S9500S7500
-
26
Performance and Features-HGMPv2
HGMP v2 (Huawei Group Management Protocol v2)
Quidway S5600 series
QuidwayS5100 series
Command Switch
Member Switches Benefits:
✔ Save IP address for network management
✔ Easy to install and maintain
✔Manage the network more efficiently
Benefits: ✔ Save IP address for network management
✔ Easy to install and maintain
✔Manage the network more efficiently
S5600 series are designated as command switch
S5100 series automatically join the cluster after startup as
member switches
Manage several member switches through one command switch and
only the command switch need a public network IP address
Handshake and status maintenance between S5600 and S5100
series
Alarm failure and recovery on line ……
QuidwayS5100 series
QuidwayS5100 series
QuidwayS5100 seriesHGMP v2HGMP v2
NDPNDP
NDPNDP
Security
-
27
Device Security• IP+MAC+Port Control
– 可彈性配置IP+MAC+Port設定,確認用戶合法性,並加強安全管控
• DHCP Snooping+DHCP Snooping Trust– 避免用戶私架DHCP Server–
合法用戶可由合法DHCP主機get到IP
• DHCP Relay Security– 可以禁止固定IP訪問網路。
• DHCP IP+MAC Binding– 運作DHCP環境下,可根據Mac配發固定IP,方便故障查詢
及稽核,最重要本功能不需外加軟、硬體
Security
-
28
Full Range Product Portfolio: Router
AR18-1X
NE20-2/4/8
AR46-20
Branch Access RouterAR 18
Hot-swappable Multi-service
Modular Router
NE40-2/4/8
Backbone RouterNetEngine
AR46-40 AR46-80 NE05/08E/16E
AR28-09
Multi-service Modular Router
AR 28AR28-1x AR28-3x AR28-40/80
AR18-2X AR18-3X
RouterOverview
-
29
H3C New Multiple Services Routers
MSR 30 Series MSR 50 Series
MSR 20 Series
Multiple Service Routers
Open Architecture; Embedded Application ; Concurrent Services at
wire-speed;
Higher Performance:MSR 20:110-130KppsMSR 30:180-220KppsMSR
50:600Kpps
Embedded Security;High-density analog and digital voice
Open Application ArchitectureService integrated
Win-Win solution with partner
Compatible with MIM/FIC of AR Series
Abundant New & High Performance Modules
-
30
Modular Design (e.g. MSR50)
SICSICSICSIC
CF USB
USB
FICFIC
FICFIC
FICFIC
DFIC
GEGE
ESMVPMVP
MVP
MVP
MPower+POE
Power
DSIC
ESM
Enhanced Service Module
Improved Encryption Function
Voice Processing Card
POE (2007.Q1)
GE Combo Port
Support USB Memory Disk
Future Service Extension (Future)
CF Card
Double Width SIC
Flexible & Increased Port Density
Double Width FIC(DFIC)
(DMIM for MSR 30)
Flexible & Increased Port Density
-
31
MSR 50-40/50-60 (e.g. MSR50-60)
MSR50-60
6/0; 4/1; 2/2; 0/3
4/0; 2/1; 0/2FIC/DFIC
SupportSupportOAP22ESM
44VPM
4/0; 2/1;0/24/0; 2/1; 0/2SIC/DSIC
MSR50-60MSR50-40
Integrated Services:Security: Embedded security card (SNDE &
ANDE) to ensure abundant VPN tunnels & high performance
firewallVoice: High-density analogue/digital voice to meet
different IP demand.
Services Density:Maximum density for both connectivity and
service modulesSlots support new modules & compatible with
existing interfaces
Expansibility: Open Application Platform: can integrate WAN
optimization, IPS/IDS, Network analysis in the future;
Enhanced Reliability: Dual internal power, hot swappable.
SICSICSICSIC
CF USB
USB
FICFIC
FICFIC
FICFIC
DFIC
GEGE
ESMVPMVP
MVP
MVP
MPower+POE
Power
DSIC
ESM
Flagship Products of High Performance & High Density2nd
Phase
-
32
MSR 30-20/30-40/30-60
CF
SICSIC
SICSIC
USB
VPM
Power
MIM
CF
VPM
Power
MIM
MIMMIM
SICSIC
SICSIC
MIM
MIM
CF
VPM
Power
GEGE
MIMMIM
SICSIC
SICSIC
MIM
MIM
MIM
MIM
USB
VPM
VPM
GE
USBUSB
GE
GE
USBUSB
GE
MSR30-20
MSR30-40
MSR30-60
MIM
MIM
VPM
VPM
ESM ESM
ESM ESM
ESM ESM
Integrated Services:Security: Embedded security card (SNDE &
ANDE) to ensure higher VPN tunnels and throughput;Voice:
High-density analogue/digital voiceServices Density:Slots support
new modules & compatible with existing interfacesDouble width
modulesExpansibility: Open Application Platform: can integrate WAN
optimization, IPS/IDS, Network analysis in the future;Enhanced
Reliability: Redundant power design,
222ESM
6/0;4/1;2/24/0;2/12/0MIM/DMIM
Support
2
4/0;2/1;0/2
MSR30-40
SupportSupportOAP
32VPM
4/0;2/1;0/24/0;2/1;0/2SIC/DSIC
MSR30-60MSR30-20
-
33
MSR 20-20/20-21/20-40
CF
SICSIC
CF
ESMVP
MPower
FEFESICSIC
SICSIC
USBFEFE
USB
CF
SICSIC
USBFEFE
USB
MSR20-20
MSR20-21
MSR20-40
VPM
112+8
2/0
MSR20-21
21ESM21USB22FE
4/0;2/12/0SIC/DSIC
MSR20-40MSR20-20
Power
Power ESM
ESM
ESM
Integrated Services:Security:On-board encryption or
ANDE/SNDE;Voice:Analogue/digital voice access to meet low density
VoIP demand (only 20-40)support digital voice;Services
Density:Integrated high density switching interfacesSlots support
new modules & compatible with existing interfaces
-
34
Case Study
05
-
35
Hunming Yanan hospital network topology
QuidwayS8505 core switch
Inpatient department building
14th floor S305011th floor S3050
7th floor S3050
3rd floor S3050
5th floor S3050
cardiology department
S3026E
existing 4507 switch
S3026ES3026E S3050canteen
INTERNET
WWW Email
DMZ NMSHIS server
Medical insurance server
Quidway S5516Financial affairs
Folks district
Network management
Authentication server
QuidwayS8505 core switch
S3026E
outpatient departmentfinancial affairsoffice
-
36
RS6000-S70
Quidway S8505 S8505
Quidway S5516 Quidway S5516
Activity building
Medical technician information point
Nurse school building
...
VRRP
MT building X-ray department
Quidway S6506R
NMS Quidview
Access control server CAMS
GE
GEGE
GE
GE
GE
GE
S3000S3000
S3000
Medicine buildingS3000
Guest building S3000
Quidway S3000
Outpatient
Inpatient
S3000
Teaching building
S3000
GERescue building S3000
/internetFirewall Eudemon 200
Mobile OA
VPN
FE
FE
H50
DMZ
IDS
S3000
Shanghai first hospital whole
network reform topology
-
37
Departmental Network of new HK EMSD HQ
10GE
Active 2GE
Active 2GEbackup
2GE
Active 2GE Active 1GEbackup 1GE
Core tier
Typical type 1 user Typical type 2 user Typical type 3 user
Typical type 4 user
Achieve high bandwidth, reliability
and availability
Offer up to 240GE each
closet Offer up to 96FE ports
S8512
S6506R S6506R S3552G STACKS3552G S3026G
10GE
10GE
Active 10GE
-
38
選擇H3C可以為企業帶來什麼好處
• 完整的解決方案:Router、Switch、Security、Management
• 超高C/P值:領先業界的效能• 穩定的網路硬體:被動元件背板、雙網路通道
• 可靠的網路架構:IRF、RRPP• 完整的安全機制
– 硬體設備的安全機制– Netstream/NAT/DIG– CAMS
• Quidview 網管平台• 二岸三地的最好的支援
WhyH3C
-
39
Q & A
旭昇資訊股份有限公司TEL+886-2-2701-6052FAX+886-2-2701-6053
