Upload
megaboyhn
View
134
Download
3
Tags:
Embed Size (px)
Citation preview
PRODUCTS AND SOLUTIONS 2010
Terence Teo
SE
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
2
Agenda
Company Profile
Brocade DataCenter Product Portfolio
Brocade Application Switch
Brocade Wireless Solution
Brocade NMS – IronView
Next Generation Technology
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
3
BROCADE PRODUCT PORTFOLIO
DATACENTER
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
4
FastIron 10/100 Ethernet Ports Edge SwitchBasic Package:16,000 MAC Addresses4096 VLANsExternal Redundant Power SupplyProtected Link GroupsPort-based Access Control ListsDynamic Voice VLAN AssignmentPrivate VLANs and uplink-switchPort Loop DetectionIP Source GuardBPDU Guard and Root GuardSTP, RSTP, MST, PVST/PVST+802.1x and Port SecurityMetro Ring Protocol (MRP 1)ACL and Rate-limitQuality of Service (QoS)DHCP RelayECMPPIM SnoopingRIP v1/v2 announceVRRP, VSRP and VSRP AwareIPv4 Static RoutesHardware sFlow Network ProberDHCP SnoopingDynamic ARP InspectionDenial of Service (DoS) protectionIPv6 Ready
Edge Premium Package• IGMP V1, V2, and V3• OSPFv1,v2• RIP v1,v2• Route-only support• Routes in hardware maximum: 1000• VRRP
FastIron FWS62420×10/100 Mbps ports plus four RJ45/SFP (1-GE) combo ports
FastIron FWS624-POE20×10/100 Mbps PoE ports plus four RJ45/SFP (1-GE) combo ports
FastIron FWS64844×10/100 Mbps ports plus four RJ45/SFP (1-GE) combo ports
FastIron FWS648-POE44×10/100 Mbps PoE ports plus four RJ45/SFP (1-GE) combo ports
-EPREM
-EPREM
-EPREM
-EPREM
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
5
FastIron 10/100/1000 Ethernet Edge Switch
Edge Premium Package• IGMP V1, V2, and V3• OSPFv1,v2• RIP v1,v2• Route-only support• Routes in hardware maximum: 1000• VRRP
FastIron FWSG62420×10/100/1000 Mbps ports plus four RJ45/SFP (1-GE) combo ports
FastIron FWSG624-POE20×10/100/1000 Mbps PoE ports plus four RJ45/SFP (1-GE) combo ports
FastIron FWSG64844×10/100/1000 Mbps ports plus four RJ45/SFP (1-GE) combo ports
FastIron FWSG648-POE44×10/100/1000 Mbps PoE ports plus four RJ45/SFP (1-GE) combo ports
-EPREM
-EPREM
-EPREM
-EPREM
Basic Package:16,000 MAC Addresses4096 VLANsExternal Redundant Power SupplyProtected Link GroupsPort-based Access Control ListsDynamic Voice VLAN AssignmentPrivate VLANs and uplink-switchPort Loop DetectionIP Source GuardBPDU Guard and Root GuardSTP, RSTP, MST, PVST/PVST+802.1x and Port SecurityMetro Ring Protocol (MRP 1)ACL and Rate-limitQuality of Service (QoS)DHCP RelayECMPPIM SnoopingRIP v1/v2 announceVRRP, VSRP and VSRP AwareIPv4 Static RoutesHardware sFlow Network ProberDHCP SnoopingDynamic ARP InspectionDenial of Service (DoS) protectionIPv6 Ready
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
6
FastIron 10/100/1000 Stackable Edge SwitchBasic Package:• Same as FWS Series• 10GbE Optional• Stacking capable up to 8 units per
stack• 40 Gbps Stacking throughput
Edge Premium Package• IGMP V1, V2, and V3• OSPFv1,v2• RIP v1,v2• Route-only support• Routes in hardware maximum: 1000• VRRP
FastIron LS 62420 x 10/100/1000 Mbps ports plus 4 combination RJ45/SFP Gigabit Ethernet (copper or fiber) ports. The switch includes 3 slots for optional 1 port 10GbE modules
FastIron LS 624-STK 20 x 10/100/1000 Mbps ports plus 4 combination RJ45/SFP Gigabit Ethernet (copper or fiber) ports plus 2 x 10GbE CX4 stacking ports and one open slot for an optional 1 port 10GbE module
FastIron LS 64844 x 10/100/1000 Mbps ports plus 4 combination RJ45/SFP Gigabit Ethernet (copper of fiber) ports. The switch includes 2 slots for optional 1 port 10GbE modules
FastIron LS 648-STK 44 x 10/100/1000 Mbps ports plus 4 combination RJ45/SFP Gigabit Ethernet (copper or fiber) ports plus 2 x 10GbE CX4 stacking ports
-EPREM
-EPREM
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
7
FastIron 10/100/1000 Stackable Edge SwitchBasic Package:• Same as FWS Series• 10GbE Optional• Stacking capable up to 8 units per
stack• 40 Gbps Stacking throughput• Field Upgradable PoE• Built-in Redundant Power Supply• 1.5 RU
Edge Premium Package• IGMP V1, V2, and V3• OSPFv1,v2• RIP v1,v2• Route-only support• Routes in hardware maximum: 1000• VRRP
FastIron GS 624P20 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity
FastIron GS 624-STK 20 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports
FastIron GS 624P-POE20 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity
FastIron GS 624-POE-STK 20 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports
-EPREM
-EPREM
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
8
FastIron 10/100/1000 Stackable Edge SwitchBasic Package:• Same as FWS Series• 10GbE Optional• Stacking capable up to 8 units per
stack• 40 Gbps Stacking throughput• Field Upgradable PoE• Built-in Redundant Power Supply• 1.5RU
Edge Premium Package• IGMP V1, V2, and V3• OSPFv1,v2• RIP v1,v2• Route-only support• Routes in hardware maximum: 1000• VRRP
FastIron GS 648P44 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity
FastIron GS 648-STK 44 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports
FastIron GS 648P-POE44 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity
FastIron GS 648-POE-STK 44 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports
-EPREM
-EPREM
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
9
FastIron 10/100/1000 Stackable Edge SwitchBase Models:• Same as FWS Series• Up to 2 10GbE ports• Stacking capable up to 8 units per
stack• 64 Gbps Stacking throughput• Built-in Redundant Power Supply• 1RU IGMP V1, V2, and V3• OSPFv1,v2• RIP v1,v2• Route-only support• Routes in hardware maximum: 16,000• 32,000 MAC Addresses
Advance Models• BGP
FastIron CX 624S20×10/100/1000 Mbps ports plus four RJ45/SFP (1-GE) combo portsplus 2 x 16GbE dedicated stacking ports, plus 1 x RPS13 power supply
FastIron CX 624S-HPOE20×10/100/1000 Mbps PoE+ ports plus four RJ45/SFP (1-GE) comboports plus 2 x 16GbE dedicated stacking ports, plus 1 x RPS14 power supply
FastIron CX 648S44×10/100/1000 Mbps ports plus four RJ45/SFP (1-GE) combo portsplus 2 x 16GbE dedicated stacking ports, plus 1 x RPS13 power supply
FastIron CX 648S-HPOE44×10/100/1000 Mbps PoE+ ports plus four RJ45/SFP (1-GE) combo ports plus 2 x 16GbE dedicated stacking ports, plus 1 x RPS14 power supply
-ADV
-ADV
-ADV
-ADV
FCX624S-F 24 x 100/1000 Mbps SFP ports plus 2 x 16GbE dedicated stacking ports
FCX624S-F24 x 100/1000 Mbps SFP ports plus 2 x 16GbE dedicated stacking ports. Ships with advance Layer 3 license.
-ADV
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
10
Scaling the Intelligent EdgeStacking Capable FastIron GS/LS/CX Models
Up to 8 Units Up to 8 Units
FastIron GS/LS PoE or non-PoE Models FastIron CX HPoE or non-HPoE Models
IronStack - Up to 40Gbps
Backpane- Up to 384 10/100/1000
PoE or non-PoE ports
IronStack - Up to 64Gbps
Backpane- Up to 384 10/100/1000
PoE+ or non-PoE+ ports
- Up to 16 10GbE ports
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
11
FastIron 10/100/1000 Performance Edge Switch
FastIron FESX62424 ports 10/100/1000 Mbps Ethernet with 4 combinationRJ45/SFP Gigabit Ethernet for copper or fiber uplink connectivity plus 2 ports of 10GbE uplinks
FastIron FESX64848 ports 10/100/1000 Mbps Ethernet with 4 combinationRJ45/SFP Gigabit Ethernet for copper or fiber uplink connectivity plus 2 ports of 10GbE uplinks
FastIron FESX624HF24 ports 100/1000 Mbps SFP with 4 combination RJ45/SFPGigabit Ethernet for copper or fiber uplink connectivity plus 2 ports of 10GbE uplinks
Base Models:• Built-in Redundant Power Supply• 1.5 RU• 256,000 IPv4 Route Entries• 32,000 IPv6 Route Entries• 16,000 MAC Addresses• Static Route
PREMIUM Upgrade:• RIP v1, v2• OSPF v1, v2• BGP4• IGMP, PIM, etc.
-PREM -PREM -PREM
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
12
Modular Power • Internal AC power supplies• Auto-sensing 110V/220V AC• Redundant, load sharing • Hot-swappable
Airflow • Front-to-back airflow• Variable-speed fan• Hot-swappable fan assembly
Performance• 488 Gbps forwarding throughput• 1.5 usec cut-through latency• 2 MB buffer for transient
congestion protection
Flexibility and Green Design • Low-power SFP+ ports• Only 7.3W per port• Cu-SFP+ (Twinax) option• 1 GbE SFP support
TurboIron 24X24-port 10 GbE/1 GbE SFP+/SFP with 4-port 10/100/1000 RJ45
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
13
TurboIron 1G/10G Top-of-Rack SwitchPOWER:• Load sharing, Hot-swappable• 176 W power consumption• 600 BTU/hr dissipationFEATURES:
• STP, RSTP, MSTP, PVST/PVST+, PVRST+
• Link aggregation• 802.3X Pause Frame• QoS, Jumbo, Rate limiting, Rate
Shaping• L2 Multicast• Port Mirroring• ACLs • sFlow
PERFORMANCE:• 488 Gbps throughput• 363 Mpps forwarding capacity• 1.5 uSec latency• 512 M Memory• 32 M Flash • 2000 Rate Limiters• 512 STP groups• 32,000 MAC forwarding• 4000 VLAN• 9000 Jumbo Frame• 128 Trunk Groups/8 Links
TurboIron TI-24X-ACTurboIron 24-port 10GbE/1GbE SFP+ with 1 AC power supply (RPS11) and Fan
10Gbps Optics:10G-SFPP-SR10GBASE-SR, SFP+ optic (LC), target range 300m over MMF
10G-SFPP-LR10GBASE-LR, SFP+ optic (LC), for up to 10km over SMF
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
14
Brocade FastIron SX800/SX1600
Advanced L2/L3 switching with scalable POE, wire-speed 10/100/1000 Mbps, 100/1000 Mbps Fiber, and 10-Gigabit Ethernet
FastIron SX 800 FastIron SX 1600
Common OS, Line Modules, Power Supplies with SuperX
Modular, High-Availability Enterprise Convergence Switches
Redundant System + POE Power, Management and Switch
• Full Layer 3 IPv4 Upgrade• 256,000 Routes FIB• 1 Million BGP Routes in RIB
PREMIUM
• Full Layer 3 IPv6 Upgrade• 64,000 Active Routes• RIPng, OSPFv3, BGP4+
PREMIUM6
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
15
Brocade FastIron SX Series SwitchesProduct Highlights
Industry’s highest PoE density in a chassis:– Ideal for aggregation and high-density wiring closet– Up to 384 10/100/1000 Class 3 PoE ports with
redundant PoE power supply
High-performance enterprise solution:– Features a 2-port 10 GbE management module– Up to 36 10 GbE ports– 24-port copper modules are PoE-upgradable– 10 GbE module supports LAN and WAN PHY
Complete VoIP software features:– Power management, including power priority– Dynamic Voice VLAN configuration– sFlow for detailed network traffic accounting– Support for 802.3af devices, including IP phones,
access points, and security cameras
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
16
Brocade BigIron RX Series Switches
Advanced Gigabit and 10-Gigabit Ethernet Densities– Up to 1,536 Gigabit or 512
10-Gigabit ports in a single chassis
High availability Hardware and Software architecture for core resiliency
Advanced Layer 2/3 feature set for the High Performance Core
Purpose-built for increasing efficiency– Best in class power efficiency
lowers Watts/Gbps– Consolidate network into fewer
devices
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
17
Brocade BigIron RX Series Core Switch
RX-4- 16 10GbE Line-rate- 192 1GbE Line-rate- 400Gbps Data Switching
Capacity- 285Mpps L2/L3 Throughput
RX-8- 32 10GbE Line-rate- 384 1GbE Line-rate- 800Gbps Data Switching
Capacity- 570Mpps L2/L3 Throughput
RX-16- 64 10GbE Line-rate- 768 1GbE Line-rate- 1.6Tbps Data Switching Capacity- 1.14Bpps L2/L3 Throughput
RX-32- 128 10GbE Line-rate- 1536 1GbE Line-rate- 3.2Tbps Data Switching Capacity- 2.3Bpps L2/L3 Throughput
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
18
BigIron RX-32 Highlights
Switch Fabric• Eight 3-Stage Clos Switch
Fabric Modules
Interface Module• 32 Half slot I/O Module
Slots• Same 16x10GE, 4x10GE,
24x1GE and 48x1GE as entire BigIron RX Series
Management Modules• 512 MB SDRAM Base• Upgradeable to 2 GB
SDRAM• PowerPC processor• 1:1 redundancy• Same System Software
for Entire BigIron RX Series
Modular Cooling System
• Front to Back Airflow
Integrated Cable Management
• Top, Bottom and Side
M + N Power Supply Redundancy
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
19
Brocade BigIron RX Series Core Switch Modular, scalable, resilient system architecture
– Complete hardware redundancy– Hitless Layer 2 and Layer 3 failover– Hitless Software upgrade
Enables high availability network architectures for VoIP, video conferencing, and mission critical Data– Sub-second L-2 convergence: MRP, VSRP, RSTP– Fast Re-route for SONET-like 50ms resiliency
Powerful security with line rate traffic monitoring and filtering– High performance L2/L3/L4 Inbound ACL support – Line rate sFlow monitoring with port mirroring for optimal security
Meeting tomorrows needs today– Over 2 Billion Packets per Second for room to grow– 40/100 GE ready design compatible with today’s hardware
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
20
RX System Architecture
CLOS SWITCH FABRIC
CPU
GIGController
CPUSystemController
Management Module
Interface Module1 x 10GbE
1 x 10GbE
A Tower = 1 PP + 1 TMEach Tower has a 12Giglink multiplexed to the SFM
512MBDRAM
10/100/1000
1 Gig
Tower1 Tower2
1 x 10GbE
1 x 10GbE
12Gig Multiplexedto the SFM
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
21
BigIron RX-series - The Specs
RX-series Model BigIron RX-4 BigIron RX-8
BigIron RX-16 BigIron RX-32
Data switching capacity
Packet forwarding capacity
400 Gbps
285 Mpps
800 Gbps
570 Mpps
1.6 Tbps
1.14 Bpps
3.2 Tbps
2.3 Bpps
I/O Modules Common Line Modules : 16x10GbE (up to 10Km SFP+); 4x10GbE (up to 80Km XFP); 48x1GE (mini-RJ21); 24x1GE (up to 150km SFP) and 24x1GE Copper
Height Chassis (4 RU high)
Chassis (7 RU high)
Chassis (14 RU high)
Chassis (33 RU high)
Max Power Draw 1217W 2417W 4905W 11,353W
Software RIB Route Capacity
Up to 1M RoutesUp to 4M Routes (with MR2)
HW FIB Route Capacity per interface module
Up to 512K Routes
IPv6 Management and Protocols
YES; RIP NG, OSPFv3, ISIS, BGPv6
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
22
BROCADE CARRIER ETHERNET
SERVICEPROVIDER
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
23
Brocade NetIron MLX Series Core Routers
MLX-4- 16 10GbE Line-rate- 80 1GbE Line-rate- 960Gbps Fabric Switching
Capacity- 400Gbps Data Switching
Capacity- 240Mpps L2/L3 Throughput
MLX-8- 32 10GbE Line-rate- 160 1GbE Line-rate- 1.92Tbps Fabric Switching
Capacity- 800Gbps Data Switching
Capacity- 480Mpps L2/L3 Throughput
MLX-16- 64 10GbE Line-rate- 320 1GbE Line-rate- 3.84Tbps Fabric Switching
Capacity- 1.6Tbps Data Switching Capacity- 960Mpps L2/L3 Throughput
MLX-32- 128 10GbE Line-rate- 640 1GbE Line-rate- 7.68Tbps Fabric Switching
Capacity- 3.2Tbps Data Switching Capacity- 1.92Bpps L2/L3 Throughput
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
24
Brocade NetIron MLX Series Core RoutersSneak Preview
MLX-4- 32 10GbE Line-rate- 192 1GbE Line-rate- 400Gbps Data Switching
Capacity
MLX-8- 64 10GbE Line-rate- 384 1GbE Line-rate- 1.6Tbps Data Switching Capacity
MLX-16- 128 10GbE Line-rate- 768 1GbE Line-rate- 3.2Tbps Data Switching Capacity
MLX-32- 256 10GbE Line-rate- 1536 1GbE Line-rate- 6.4Tbps Data Switching Capacity
- High Capacity Switch Fabric Modules- 48-port 1G RJ-21 Line Modules-8-port 10G Line Modules- 2-port 100G Full-Slot Line Modules
Double Capacity in 2010
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
25
NetIron MLX Series Highlights
Scalable, high-capacity core routers: – 3.2 Tbps capacity in a single chassis– Redundant hardware and non-stop software design– Power-efficient design– Collapse multiple network layers
Advanced services:– Multi-services (IPv4, IPv6 and MPLS)– Advanced Virtualization with Multi-VRF
Cost-effective and Industry’s Highest port density per rack:– 128 x 10 GbE ports, – 64 x 1 GbE ports– 40/100 GbE ready
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
26
Brocade NetIron MLX Series Core Router
1:1 Redundant Management Modules
N+1 Switch Fabric Element Redundancy
Modular CoolingSystem
Half-slot Modules for Graceful Growth & Lower Sparing Cost
N+1 / N+N Power Supply Redundancy (AC & DC)
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
27
NetIron MLX Series Highlights
Rich mix of broadband services– IPv4 Routing: IPv4, IP over MPLS– Full IPv6 routing for unicast & multicast today– MPLS-TE– MPLS L2 VPNs: VLL, VPLS– MPLS L3 VPNs: BGP/MPLS (RFC 2547bis)
State-of-the-art CLOS fabric design
Hardware-based forwarding for all services
Multiple concurrent services over the same interfaces
High-availability design for non-stop operation– Hardware redundancy: 1:1 management, N+1 fabric, N+1 power, N+1 fans– Hitless management failover with protocol graceful restart– Hitless software upgrades
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
28
NetIron MLX Series Highlights
Advanced Metro Ethernet switching– 802.1Q, Q-in-Q, RSTP, 802.1s, PVST, VSRP, MRP
Full IPv4 and IPv6 unicast/multicast routing protocol support Designed for NEBS Level 3 compliance Extensive OAM capabilities incl. MAC ping, traceroute Enables high availability services
– Sub-second L-2 convergence: MRP, VSRP, RSTP– Fast Re-route for SONET-like 50ms resiliency
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
29
NetIron MLX Series Power of Performance
512K IPv4 routes or 120k IPv6 routes in hardware FIB (Line Modules)
2M IPv4 BGP routes in RIB (Manangement Modules)
256 BGP peers
4,000 VLL & VPLS instances; 256K VPLS MACs
1M MAC addresses
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
30
Brocade NetIron CER Series RoutersProduct highlights Leading high-capacity routers
– Scalable routing in compact form factor– Scalable to full Internet routing table: 512K routes– Dense BGP applications: 128 peers– Wire-speed performance: 88 to 136 Gbps– Deep packet buffers
Advanced functionality– MEF 9, 14, 21 certification– Virtualization through multi-VRF and MPLS– Full IPv4 unicast and multicast capabilities– Advanced QoS capabilities– Ingress and egress ACL
Optimum flexibility– 24- and 48-port copper and fiber models– All models are field-upgradable to 2-port 10 GbE
High availability– NEBS level 3 certification– Hot-swappable, redundant, load-sharing AC/DC
power supplies– N+1 redundant, replaceable cooling system
SP/DC/Campus Edge
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
31
Feature NetIron CES NetIron CER NetIron MLX NetIron XMR
IPv4 FIB 32K 512K 512K 1M
IPv4 RIB 256K 4M+ 2M 10M
IPv6 FIB 8K 128K 112K 240K
BGP peers 64 128 512 2000
Multicast cache 2500 4K 16K 16K
ACL Ingress 8K 16K * 64K 64K
ACL Egress 4K 8K * 12K 12K
VRF 16 128 256 2K
LSP (I+E) 128 1K 5K 10K
LSP (LSR) 1K 4K 10K 20K
VLL 512 1536 8K 48K
VPLS 128 1K 4K 16K
Brocade NetIron CER
* Not tested and subjected to change
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
32
BROCADE APPLICATIONSWITCH - SERVERIRON
DATACENTER
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
33
Basic Deployment Scenario
ADCs enable virtual server farms OnDemand server farm and application scalability High Availability applications with failure detection and automatic failover Load balancing for best service response time and application performance Robust server farm and application security from most attacks Server resource conservation by offloading connection management, SSL handshake Maximized server utilization and better return on investment (ROI)
Web Apps Email Business Applications
Application Delivery Infrastructure
ServerIron ADC
BigIron RX
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
34
DoS and SYN Attack MitigationPartnering with McAfee Firewall Enterprise
Firewall Operational Issues Scaling firewall bandwidth without
replacing existing firewalls Firewalls can be “melted down” by L2-3
Denial-of-Service attacks Firewall service needs to be 24x7 to
insure communications
ServerIron FWLB Solution ServerIron FWLB transparently supports
firewall clusters Provides high-speed DoS protection to
prevent firewall meltdown Can offload NAT processing from firewalls Ensures that firewalls can be scaled
inexpensively, securely, with maximum performance
Supports McAfee, CheckPoint, Cisco, Juniper, and other firewall clustering systems
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
35
Web Application FirewallPartnering with Imperva SecureSphere
Automated Operations Dynamic Profiling models user interactions with
applications and adapts as applications change over time, eliminating manual tuning
Accuracy Security events are correlated across security layers
(Dynamic Profile, IPS, and so on) and over time to identify attacks without false positives
Acceleration and Performance ServerIron uses load balancing, SSL offloading and
HTTP multiplexing to accelerate end users and Web traffic. Transparent inspection technology from Imperva delivers gigabit throughput and sub-millisecond latency
Scalability Hierarchical management enables large enterprises
and ASPs to efficiently manage hundreds of applications and many thousands of users
User Awareness Imperva user tracking technology ensures an audit
trail that links security violations to specific Web application user names without making any changes to protected applications
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
36
Transparent Cache Switching (TCS)Partnering with Blue Coat ProxySG
Load Balancing Cache Servers Cache Servers use a different paradigm
than regular servers Client requests must be diverted from real
servers to cache servers In case all cache servers are down, client
requests must go to real servers Scaling to multiple cache servers is not
transparent to clients
ServerIron TCS with ProxySG ServerIron ports can be configured as
TCS ports Client requests are diverted to cache
servers for content Client requests are load balanced among
cache servers TCS supports HTTP, FTP, and other
protocols Client requests go directly to real servers
if cache servers are all down
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
37
SYN-GuardIndustry’s Most Comprehensive High-Speed DoS Protection
Most scalable high speed DoS protection at up to 120M Syn/Second
TCP syn packet seen by SI, which sends TCP SYN ACK back to client (with special sequence number)
If no corresponding client ack seen, SI simply drops the original connection request
If client ack seen for original connection request, connection is then made to appropriate server
Hardware based implementation in SI guarantees high-speed with no CPU overhead
Prevents Server Session Table meltdown when under attack
Must be used in non-DSR mode
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
38
SYN-DefenseThe ONLY DoS Solution for Direct Server Return (DSR) Config
Many customers use DSR mode so that return traffic from Server does not go back through ADC
SYN-Guard security feature only available if ADC sees return traffic
Using Syn-Defense, ServerIron can provide DoS attack security, even in DSR mode
ServerIron sees original TCP syn from hacker and forwards to appropriate server
TCP SYN ACK sent by server back to client (not seen by SI)
SI waits to see client return the ACK to server. If not seen in specified interval, SI resets the TCP connection on Server (freeing Server session state table space and overhead)
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
39
Advanced SSL Acceleration and Offload
ServerIron supports two optional SSL acceleration capabilities– Integrated SSL on WSM– Separate SSL module
SSL is terminated on the ServerIron, and client traffic is delivered to server via a single TCP connection– Server no longer must process SSL
and TCP connection management is reduced
Multiple SSL modules supported for added scalability & performance– Up to 34,000 SSL transactions/sec– Up to 2Gig Bulk SSL throughput
SSL Proxy mode allows ServerIron to re-establish SSL connection to server for added security
Support for multiple ciphers allows added flexibility
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
40
Web Application Firewall Enhanced Security
Advanced, high-speed Web Application Firewall available at no charge in ServerIron
Allow /Deny/Log incoming HTTP requests based on configurable security policies
Hides back-end application specific error information that could be used to launch additional attacks
Prevents a range of web application attacks, including:– Cookie and Parameter Tampering– Cross-Site Scripting– Buffer Overflows– Internal web page access
Allows cloaking to be used to replace 4xx/5xx error responses with configured responses
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
41
Securing Enterprise ApplicationsDelivering Performance and Scalability
Application Deployment Problems Scaling Application Performance Securing Applications from DoS
and other attacks Delivering Application &
Infrastructure High Availability Offloading Server SSL and HTTP
processingServerIron Solution Increased Application
Performance for multiple servers Industry’s highest speed DoS
Defense at over 7Mpps Active-Active & Hot Standby HA Integrated & Upgradeable SSL &
HTTP offload solutions Application Health Checks Chassis & Stackable solutions
with redundant power
ServerIron
ADX 8000
ServerIron
ADX 4000 HA Pair
ServerIron
350 HA Pair + SSL
Layer
2-3
I
N
F
R
A
S
T
R
U
C
T
U
R
E
Intranet
Internet
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
42
ServerIron
DNS
Datacenter
Datacenter
Datacenter
ServerIron GSLB Solution• GSLB controller works with local ServerIron to load balance global datacenter traffic• Incorporates site health, load, user proximity, and service response for user site selection• Provides transparent site failover in case of disaster or service outage• Supports route health injection using OSPF/BGP when DNS cannot easily be employed
Global DC Deployment Issues
• Handling site failures transparently
• Providing best site selection per user
• Leveraging both DNS and non-DNS solutions for multi-site redundancy
• Providing disaster recovery and non-stop operation
Using Global Sever Load BalancingMulti-Site Redundancy and Enhanced Performance
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
43
Unified Communications (UC) Ensuring High Availability, Security, and Responsiveness
Unified Communications Issues
End User Response times need to be predictably low
High Availability is required for these business critical services
Communications must be secured
Investment protection & flexibility is important to address future growth
A/V Conf Server
IIS Server
Telephony Conf Server
Web Conf Server
Focus
IM Conf Server
Active Directory
SQL Server Backend
ServerIron HA Pair
UC Users
ServerIron UC Solutions Industry’s most scalable, high speed L4-7 switching ensures users with rapid response times ServerIron HA configuration prevents any loss of communication service Denial-of-Service at wire-speed fully secures UC services Brocade and Microsoft have certified ServerIron with MS Unified Communications Services
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
44
Mirrored TrafficTrunk
Network Traffic
Web IDS email IDS
GenericIDS
Issues with Scaling IDS• For high bandwidth environments
IDS systems are extremely expensive
• Even the highest performing IDS systems cannot effectively handle all of the traffic
• IDS systems typically focus on specific types of application traffic
• Some mechanism must be provided to categorize & segment the traffic
ServerIron IDS Load Balancing Solution• ServerIron can support multiple Gig and 10 Gig mirrored trunks from network devices• Traffic is then categorized and segmented by application type in real-time• Segmented traffic is then load balanced across multiple IDS systems that handle only that
application type• Ideal for legal intercept and high bandwidth SP and Enterprise environments
Intrusion Detection System (IDS) SolutionsHighly Scalable Traffic Classification
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
45
Message Reputation and Email Servers Providing SPAM Mitigation and Load Balancing Services
Effective SPAM Mitigation Message Reputation Service is
costly and difficult to scale Multiple servers are often needed to
deal with the high volume of email and SPAM
Some mechanism to quickly discard known SPAM from even getting to complex reputation servers should be provide
ServerIron IP Black List Support ServerIron can import IP Black Lists
from a number of trusted sites ServerIron IP Black List support
eliminates up to 30% of SPAM This allows reputation servers to
focus on more complex SPAM mitigation
IP Black List
ServerIron
Email Servers
Message Reputation
SPAM Servers
Internet
IP Black List Sites
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
46
Enhanced GUI Management and Monitoring
ContentManipulation
Policy Management
SSL Key and Certificate
Management
Dashboard for Real-Time
Health Monitoring
System Traffic Monitoring with Live Charts and
Graphs
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
47
Web GUI Additions
High Availability – All 3 HA modes
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
48
Web GUI Additions
Health Checks – L4/7 Health Checks, Port Profiles, Port Policies, Element Health Checks, Match Lists
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
49
Web GUI DEMO
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
50
IronView Network ManagerNetwork Management for ServerIron L4-7 Products
• ServerIron discovery and topology management
• Configuration and image deployment
• Thumbnail status and alarm views• Configuration backup• Security policy management• SSL certificate management
IronView Provides
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
51
Introducing ServerIron ADXTechnology and Business Drivers
Scalable Architecture—combines the leading processing performance with the highest density…the only way to support advanced ADC features and data center growth
Investment Protection—modular, easily upgradeable line cards, management cards, acceleration cards, and switch fabrics ensure ongoing value
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
52
ServerIron ADX 1000Industry’s highest-performing, 10 Gigabit-capable 1U ADC
CPSL4 = 1Mil L7 = 75KConcurr = 8 MilThroughputL4= 4.5G L7 = 9G16x1Gig ports SSL Bulk 1G SSL TPS 12K
SI-1016-2-SSL
CPSL4 = 2Mil L7 = 150KConcurr = 16 MilThroughputL4= 9G L7 = 9G16x1Gig ports SSL Bulk 2G SSL TPS 24K
SI-1016-4-SSL
CPSL4 = 2Mil L7 = 150KConcurr = 16 MilThroughputL4= 9G L7 = 9G16x1Gig ports2x10GbE ports SSL Bulk 2G SSL TPS 24K
SI-1216-4-SSL
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
53
App Switch Module (ASM)• Up to two ASMs• Each ASM with eight
cores• 16 total cores• 2 GB memory per core
Two line card slots• 12 x 1 Gb line card• 4 x 10 Gb line card
Hot-swap fan tray
• Front-serviceable power• Redundant AC/DC option
Switch Fabric Module (SFM)• Modular• Scalable
Management Module (MM)• Dual-core management• FAT-compatible USB• Ethernet and DB9 mgmt• Future upgradable
options
ServerIron ADX 4000The industry’s only highly scalable 4U platform
• Single SSL exp card • Single ASM• 12 Gig ports• 17.5 Gig L4 & L7 throughput• 4Mil L4 CPS• 300K L7 TPS• 32 Mil concurent connections• 30M Syn Cookie• SSL Bulk 4G SSL TPS 48K
Basic• Single SSL exp card • Dual ASM• 12 Gig ports + 4x10Gig• 35G Gig L4 & L7 throughput• 8 Mil L4 CPS• 600K L7 TPS• 64 Mil concurent connections• 60M Syn Cookie• SSL Bulk 8G SSL TPS 96K
Full
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
54
ServerIron ADX 10000 ChassisHighest-performance, highest-density cores and line cards
App Switch Module (ASM)• Up to four ASMs• Each ASM with eight
cores• 32 total cores• 2 GB memory per core
Hot-swap fan tray
Front-serviceable power• AC or DC option• 2 + 2 redundancy
Management Module (MM)• Dual-core management• Redundant mgmt option• FAT-compatible USB• Ethernet and DB9 mgmt• Future upgradable options
Four line cards per chassis• 12 x 1 Gb line card• 4 x 10 Gb line card
Switch Fabric Module (SFM)• Modular• Scalable
• Dual ASM• Single SSL exp. module• 8x10Gig• 35G Gig L4 & L7 throughput• 16 Application Cores• 8 Mil L4 CPS• 600K L7 TPS• 64 Mil concurent connections• 60M Syn Cookie• SSL Bulk 8G SSL TPS 96K
Half Load• Quad ASM• Dual SSL exp. module • 16x10Gig ports• 70G Gig L4 & L7 throughput• 32 Application Cores• 16M L4 CPS• 1.2M L7 TPS• 128 Mil concurent connections• 120M Syn Cookie• Dual mgmt• SSL Bulk 13.5G SSL TPS 192K
Full Load
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
55
ServerIron ADX SeriesASM, Management Module, SFM and Line Cards
ASM8 Application Switching Module• 4 dual core
Barrel Processors, for 8 application cores
Management Module• Dual Core• Space for
specialized hardware
4 x 10 GbLine Card
12 x 1 GbLine Card
RJ-45
Switch FabricModule
12 x 1 GbLine Card
SFP
SSL&
Compression
COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
56
Application Switch Module (ASM8)State of the Art Technology and Performance Upgradability
ASM Switch Fabric PAX
AXP AXP
4 Dual Core CPU’s8 App Cores (BPs)
2GB Mem/coreL4-7 Processing
~Up to 4M TPS~Up to 17.5G thruput Packet
Acceleration Processor (PAX)• Counter Sync• Server Selection
H/W Assist
App Acceleration Processor (AXP)• One AXP per 4 App Cores• Provides Syn-cookie & DDoS H/W support• TCP Options Processing• Checksum Processing• Outbound packet processing• Room for future app acceleration functions
AC1
AC2
AC3
AC4
AC5
AC6
AC7
AC8
1 App Core = 1 BP
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
57
BROCADE WIRELESSSOLUTION
CAMPUSLAN
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
58
Brocade Mobility Enterprise Wireless LAN
Access Points Mobility Controllers Wireless IDS
Mobility 7131
Mobility 5181
Mobility RFS7000
Mobility RFS6000
AirDefense Enterprise
LiveRFAdvanced Forensics
Advanced Troubleshooting Spectrum Analysis
Mobility 300
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
59
Introducing Brocade’s New Mobility Enterprise WLAN Switch and AP Product Set
WIRELESS SWITCHES ACCESS POINTS
Large-Very Large Enterprises
Mobility RFS7000
Supports 256 dependent and 1024 adaptive AP’s
Medium-Large Enterprises and
Branch Offices
Mobility RFS6000
Supports 48 dependent and 256 adaptive AP’s 3G WAN Backhaul Expansion Slot
Mobility 300 (Dual-radio a/b/g)• Dependent AP• Internal/External Antenna
Versions
Mobility 7131
(Single/dual-radio a/b/g/n)• Adaptive AP • Remote Site Survivability• Resilient, Self Forming Mesh• Internal/External Antenna Versions• Integrated Firewall, RADIUS
Mobility 5181 (Dual-radio a/b/g)• Outdoor AP• Supports mesh• Adaptive AP• Integrated Firewall
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
60
AirDefense Security For Brocade MobilityINDUSTRY-LEADING WLAN SECURITY PORTFOLIO
Rogue Detection & Elimination
24x7 Wireless Intrusion Detection
Automated Prevention
Policy Compliance (PCI, HIPAA, SOX)
Wireless Troubleshooting
Forensic Analysis
Location Tracking
Enterprise-class Scalability
LiveRF Advanced Forensics
AdvancedTroubleshooting
Spectrum Analysis
AIRDEFENSE PRODUCT OPTIONS
Wireless IDSSV-1250-P-1 (Appliance Model 1250)SV-3650-P-1 (Appliance Model 3650) SV-4250-P-1 (Appliance Model 4250) BKSV-1250-P-1 (Backup Appliance Model 1250)BKSV-3650-P-1 (Backup Appliance Model 3650) BKSV-4250-P-1 (Backup Appliance Model 4250) AD-SNFL-P-1 (WIPS license for 1 sensor) AD-ATSN-P-1 (Adv Troubleshooting license) AD-CMC-P-1 (Centralized Mgmt Console license) AD-EPSN-P-1 (Encryption Prot., WEP Cloaking license) AD-FESN-P-1 (Adv Forensic Analysis license) AD-SASN-P-1 (Spectrum Analysis) AD-TRSN-P-1 (Access Point Tracker license) MB-SW2G-P-1 (Mobile WLAN analyzer sw license)
IDS
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
61
Brocade Mobility RFS7000Product highlights Scalable, robust wireless infrastructure
– A converged platform to deliver multimedia applications (data, voice, video), wireless networking, and value-added mobility services such as secure guest access and locationing for Multi-RF networks.
Advanced features– Wireless VoWLAN with unmatched QoS,
prioritization, SIP CAC functionality. – Support for VoIP protocols and handsets
Ease of management– Simple management for wireless– Deploy, configure, and monitor all controllers and
APs from a single consoleRobust Gap-free security
– Integrated wired/ wireless solutions for IDS/IPS, wireless firewall, identity and location-based access policies
– IPSec VPN Gateway, AAA Radius Server, Secure Guest Access, MAC-based authentication
– Geofencing, NAC support with Microsoft and Symantec
– FIPS 140-2 and CC EAL4 model
Campus Access
256 AP300;1024AAP 5181;1024 AAP 7131;Cluster up to 12Units.
SPEC
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
62
Brocade Mobility RFS6000Product highlights Scalable, robust wireless infrastructure
– An architecture that is purpose-built to deliver high availability and scalability
– Secure reliable voice, data, and video delivery– Enterprise class delivers the best in class
performance, security, scalability and manageability required to meet the needs of demanding mission critical business applications
Advanced features– QoS, prioritization, SIP CAC functionality. – Support for VoIP protocols and handsets
Ease of management– Simple management for wireless– Deploy, configure, and monitor all controllers and APs
from a single consoleRobust Gap-free security
– Integrated wired/ wireless solutions for IDS/IPS, wireless firewall, identity and location-based access policies
– IPSec VPN Gateway, AAA Radius Server, Secure Guest Access, MAC-based authentication
– Geofencing, NAC support with Microsoft and Symantec
Campus Access
48 AP300256 AAP 5181;256 AAP 7131;Cluster up to 12Units.
SPEC
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
63
Brocade Mobility 7131 Product highlights
Scalable resilient wireless infrastructure– SiStationltaneous service to Stationltiple
802.11a/b/g/n– Adaptive Switch assisted Mesh– Mesh networking for data backhaul
Advanced features– Best solution for 802.11n with PoE+ support– 802.11h WW operation dynamic freq selection– Virtual AP: wireless VLANs, separate broadcast
domains– Wireless mobility at Layer 2 or Layer 3– WiFi Multimedia extensions for QoS
Ease of management– Zero-configuration setup using plug-and-play
architecture – WLAN Manager: deploy, configure, and monitor all
controllers and APs from single consoleRobust security
– Integrated Wireless IPS, rogue AP protection, wireless firewall, and guest access
– WIPS sensor for Air Defense– 802.1x supplicant: auth to Radius server
Campus Access
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
64
Brocade Mobility 5181Product highlights Scalable resilient wireless infrastructure
– Simultaneous service to Multiple 802.11a/b/g– Adaptive Switch assisted Mesh– Mesh networking for data backhaul
Advanced features– 802.11h WW operation dynamic freq selection– Virtual AP: wireless VLANs, separate broadcast
domains– Wireless mobility at Layer 2 or Layer 3– WiFi Multimedia extensions for QoS
Ease of management– Zero-configuration setup using plug-and-play
architecture – WLAN Manager: deploy, configure, and monitor all
controllers and APs from single consoleRobust security
– Integrated Wireless IPS, rogue AP protection, wireless firewall, and guest access
– WIPS sensor for Air Defense– 802.1x supplicant: auth to Radius server
Campus Access
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
65
Brocade Mobility 300 Product highlights Scalable resilient wireless infrastructure
– Delivers IEEE 802.11a/b/g connectivity– Dual-radio 802.11a and 802.11g design
Advanced features– 802.11h WW operation dynamic freq selection– Virtual AP: wireless VLANs, separate broadcast
domains– Wireless mobility at Layer 2 or Layer 3– WiFi Multimedia extensions for QoS
Ease of management– Zero-configuration setup using plug-and-play
architecture – WLAN Manager: deploy, configure, and monitor all
controllers and APs from single consoleRobust security
– Integrated Wireless IPS, rogue AP protection, wireless firewall, and guest access
– WIPS sensor for Air Defense– 802.1x supplicant: auth to Radius serverCampus Access
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
66
Brocade Mobility Key Differentiators
Maximum Flexibility Dependent, Independent & Adaptive AP deployment – Scales easily from
Enterprise Branch office to Large Campuses Mesh and Point to point deployments indoors and outdoors
Unmatched Reliability: SmartRF with Mesh Controller Clustering Maximum survivability (WWAN backhaul support in controllers)
Enhanced Wireless Security: Maximum security: L2 and L3 Stateful Firewall – WLAN traffic is L2 FIPS 140-2 and CC EAL4 certification 24x7 Wireless IDS/IPS with over 200+ WLAN signatures
Wired/Wireless Integration PoE+ (for 802.11n), Power management, Security, Auto-discovery
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
67
Enterprise WLAN Competitive Landscape
Cisco– Market leader with 50%+ revenue share of market (CY08)– Uses WLAN sales as ‘trojan horse’ for broader account
penetration– WLAN Product Offering: 2/3/5XXX Series Controllers and
AiroNet Series APs
Aruba– Start-up with sole focus on WLAN controllers and access points– Motorola gained share over Aruba during CY2008*– WLAN Product Offering: Aruba 2/3/6000 Controllers and Aruba
65/75/105/120 APs
* Per Wireless LAN and WiFi Mesh Equipment and Phones, Infonetics Research, March, 2009
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
68
Competitive: Reliability REQUIREMENT Brocade CISCO ARUBA
Accurate RF Planning
Wireless Mesh Redundancy
QoS and Network Segmentation over Mesh Links
Smart Clustering with Cost Effective Redundancy
AP Load Balancing
SMART RF
24x7 Monitoring
Remote Site Survivability
Advanced Troubleshooting
Spectrum Analysis
Excellent
Average
Good
Poor
Non ExistentEnsuring users have uninterrupted access to applications in enterprise & extreme environments
FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
69
Competitive: SecurityREQUIREMENT Brocade CISCO ARUBA
Authentication and Encryption
24x7 WIPS
Simultaneous Full Time AP and Sensor Operation
Rogue Device Elimination
Wireless Firewall
Reporting & Compliance
Legacy Protection
GeoFencing
NAC
Integrated Security Services
Brocade provides the most comprehensive WLAN security offering in the industry
Excellent
Average
Good
Poor
Non Existent
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
70
DATACENTER
BROCADE NMS - IRONVIEW
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
71
The Need for Intelligent Management
The Complexity of Network Management grows faster as the Network grows– Configuration gets complex– More VLANs, subnets, IPv6, etc– More Events, Alerts– Network Troubleshooting
becomes more difficult– Require granular traffic analysis – Network wide security threats
increase Intelligent Management
– NMS with the capability to scale as the Network grows
– Intelligent features that saves time and enhance productivity
– Network wide traffic monitoring and analysis tools
– Closed loop security
# of Network Elements
Complexity of Network Management
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
72
Brocade IronView Network ManagerValue proposition
Unified Management
Simplify Network Management
Increase Network Availability
Robust Security
• Layers 2-3• Layers 4-7• MPLS• Wireless• Northbound Interface
• Easy to use• L2-3 Topology• Group Configuration• Change Management• Reporting
• MAC Filter Manager• ACL Manager• IronShield 360
• Event Manager• Traffic Analyzer• sFlow Collector• Performance Monitor
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
73
Brocade IronView Network ManagerOnly unified network manager for wired, wireless, and MPLS
Security
Event Management Policy Management Configuration
TopologyMPLS Provisioning
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
74
AggregationFI-ES Series
Scalable to over 10,000 devices
Manage the Full Brocade IP Product PortfolioIncluding support for third-party devices
FI-WS Series
FI-LS Series
FI-GS Series
FI-CX Series
NI-XMR Series
Core
Access
NI-MLX Series
BI-RX Series
FI-SX Series
FI-ESX Series
NI-CES Series
IPM Series
SI-ADX Series
TI-24X
Third Party
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
75
Unified ManagementMPLS Manager Easy-to-use, intuitive GUI Support for VLL, Local VLL, VPLS, Local
VPLS, and VCIP pools Status, configuration, statistics, topology,
and end-point settings NetIron MLX, XMR, and CES support
Wireless Manager Centralized management of wireless
switches and Access Points (APs) across the network
RF monitoring to detect rogue APs
ServerIron Manager Physical and virtual IP management Gobal Server Load Balancing (GSLB) Support for new ServerIron ADX
Application Delivery Controllers
Northbound Interface Integration with third-party Network
Management Systems (NMSs) Inventory information for Brocade and
third-party devices Java or Perl scripting interface
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
76
Simplified Network ManagementEase of Use Intuitive Web-based tools to reduce
management time and OpEx Access from anywhere within the network Dashboard with at-a-glance summary
asset and event information
Device Configuration Manager Automatically deploy device
configurations Execute CLI commands across groups of
switches
Change Manager View, retrieve, and restore configurations Manual or scheduled backups Pre/post-change snapshots Roll back configuration changes
Topology Manager Integrated topology discovery L2, VLAN, IP, STP/RSTP, MRP, and MPLS Background maps support Device search capabilities
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
77
Increased Network AvailabilityEvent Manager SNMP, Syslog, Snort, and partner events SNMP Trap forwarding Reporting, analysis, monitoring, and
remediation Easier to meet Service Level Agreements
(SLAs) Closed-loop remediation through
integration with Device Configuration Manager
Traffic Analyzer sFlow reporting, accounting, and
presentation Gain visibility into network activity Custom report generator Trending and analysis for troubleshooting
Performance Monitor Monitor essential network performance
information Advanced graphing tool Brocade and third-party device support Export graphs as images or CSV files
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
78
Robust Security
MAC Filter Manager Importing, configuration, and deployment
of MAC filters across devices Wired and wireless device support
Access Control List (ACL) Manager Rapidly configure and deploy ACLs Replicate ACLs to groups of switches Supports predefined service ACLs ACL customization support
Brocade IronShield 360 sFlow collection and conversion to PCAP Integration with Snort and other open
source Intrusion Detection Solutions (IDSs)
Identify accidental or malicious activity
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
79
Brocade INM BenefitsFEATURE BENEFIT
Intuitive GUI Ease of use
INM Dashboard At-a-glance asset and event summary information
AoR (Area of Responsibility) support Delegate management tasks
Device Configuration Manager Automate repetitive tasks to reduce OpEx
Performance Monitor Understand network performance characteristics
Proactive event notifications with closed-loop remediation Meet SLAs
Support more than 10,000 devices Manage large environments from a single console
Northbound InterfaceIntegration with third-party Network Management Systems (NMS) and Operational Support Systems (OSS)
Wireless Manager Centrally manage wireless resources across an entire campus
Change ManagerSchedule switch configuration backups with the capacity to roll back configuration changes
ServerIron Manager Integrated management of application delivery controllers
MPLS Manager Intuitive interface to manage MPLS settings across the WAN
Topology Manager Physical and virtual topology maps for L2, VLANs, IP, and MPLS
Report Manager Asset reports with detailed information of all managed devices
IronShield 360 Closed-Loop Security Full intrusion detection and prevention
Traffic Analyzer with sFlow collector Gain visibility into network activity, even at the edge
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
80
Operating System SupportINM Server Windows 2003 Server SP2, XP Professional SP3, and 2008 Server Red Hat Enterprise Linux Release 4 AS, ES,WS and Desktop; Red Hat
Enterprise Linux Release 5 Advanced Platform, Base Server and Desktop Sun Solaris 9 and 10 SPARC VMware Workstation 6.5.2 for Windows:
‒ Guest OS: Windows 2008 Enterprise Server 64-bit
VMware Workstation 6.5.2 for Red Hat Enterprise Linux 5:‒ Guest OS: Red Hat Enterprise Linux 5 64-bit
Microsoft Hyper-V Manager 6.0.6001.18016‒ Windows 2008 Enterprise Server 64-bit
INM Client Windows 2003 Server SP2, XP Professional SP3, Vista Business, and 2008
Server Red Hat Enterprise Linux 5 Advanced Platform, Base Server, and Desktop Sun Solaris 10 SPARC
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
81
Server and Client System RequirementsINM Server Windows Linux Solaris
CPU and Memory
1 to 200 Devices
3.0 GHz Pentium 43 GB RAMSun UltraSPARC T1 (or similar
UltraSPARC processor), 3 GB RAM
201 to 1000 Devices
Multicore Xeon Processor 3000 sequence or above (or
similar AMD processor), 4 GB RAM
Sun UltraSPARC T2 (or similar UltraSPARC processor), 4 GB RAM
1001+ Devices
Dual (or more) Xeon 5000 sequence or above (or similar AMD processor), 4+ GB RAM
Sun UltraSPARC T2+ (or similar UltraSPARC processor), 4+ GB
RAM
HDD 200 GB
INM Client Windows Linux Solaris
Web Browser
Internet Explorer
IE 7 and 8 N/A
Mozilla Firefox 3.0.x
Java Runtime Environment (JRE) 1.6.0_13
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
82
Licensing Options
License Type Part Number Details
INM Base License • IVIEW-NT
• IVIEW-LINUX
• IVIEW-SOL
• INM base license for each OS versions
Concurrent User License
• IVIEW-LIC
• IVIEW-20-LIC
• Five additional concurrent user license
• 20 additional concurrent user license
MPLS License • IVIEW-MPLS-LIC
• IVIEW-MPLS25-LIC
• IVIEW-MPLS40-LIC
• License for 10 MPLS-configured devices
• License for 25 MPLS-configured devices
• License for 40 MPLS-configured devices
INM MPLS Bundle • IVIEW-NT-MPLS
• IVIEW-LINUX-MPLS
• IVIEW-SOL-MPLS
• INM base with license for 10 MPLS-configured devices for each OS version
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
83
Event Management – Automated Alerts & Countermeasures
Use of SNMP Collector + Trap Forwarding + INM Event Manager
Configure customized email alerts based on SNMP MIBs
Very flexible – email alerts can be generated on any MIB based event– High CPU– High Temperature– Fan Failure
INM can also generate CLI reports or send CLI commands to fix the issue
INM Server
Corp Net
Corp Net
SNMPCPU Utilization
Enable STP
Loop
SNMPCPU Utilization
CPU above 70%?Trap
Send email alertHigh CPU from switch
Disable Loop
Add greater Productivity – Get instant customized email alerts. INM can also generate reports and even fix your network
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
84
Security – IronShield 360 Snort + sFlow
Closed Loop Security Automatic threat detection and
remediation Complementary IDS/IPS Solution that
is extremely cost effective Use each Foundry switch as a
network monitor INM + SNORT for signature analysis
with automatic alerts & remediation
INM Server
Corp Net
Corp Net
10.55.1.124
sFlow
sFlow
Network Attacks
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
85
MPLS Manager – VLL Manager
Configure & Edit VLLDisplay VLL View
and Statistics VLL View
– VCID– Name– Status – Conflict– Endpoints
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
86
MPLS Manager – VPLS ManagerConfigure & Edit VPLSDisplays VPLS View
and StatisticsVPLS View &
Topology – Details tab shows textual
status of VPLS Settings & Status
– Endpoint Settings– Topology status is updated via
polling & traps– Dotted line indicates peer is
down– Solid line indicates peer is up
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
87
Non-Brocade Device SupportIP discovery Topology map supportMIB IIICMP Ping health checkFDP, CDP, LLDPSupport any non-Brocade
device with standard MIB support
© 2009 Brocade Communications Systems, Inc. All Rights Reserved.
88
Performance Manager
Performance Manager (Enhanced SNMP Collector)
Support for non-Brocade devices
Display real time status of SNMP MIB values
CPU Utilization
Temperature
Fan status
etc
Up to 5 values can be plotted
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
89
NEXT GENERATION TECHNOLOGY UPDATE
DATACENTER
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
90
Data Center Market Dynamics
Key trends
Global competition
Recession
Data center consolidation
New technology
- Intel Xeon 5500 + Server 10 GbE
- Server virtualization
- FCoE
High availability
Price/performance value
Converged Enhanced Ethernet (CEE)
10, 40, and 100 GbE
Low latency
Solutions needed
Resulting needs
24 x 7 uptime
ROI
More storage
More bandwidth
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
91
Storage Arrays
Tape Libraries
NAS
8 Gbps DCX 4S / 48000 / 5300 / 5100
Agg
rega
tion
Acc
ess
10 GbE L4-7 ServerIron
10 GbE L2-3 BigIron RX
GbE ToRCES
WAN
Cor
e 10 GbE L2L3 BigIron RX
SAN
8 Gbps DCX Backbones
Serv
ers
10 GbE L2-3 BigIron RX
10 GbE ToR FCoE/CEE 8000
10 GbE MoRFastIron SX
Brocade Data Center NetworksHigh-level architecture 1 GbE
8 Gbps FC
10 Gbps CEE
10 GbE
4 Gbps FC
1/10 GbE ToR TurboIron
GbE ToRFastIron
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
92
Aggregation
Core
Access
Next-Generation Data Center LAN
BigIron RX
BigIron RX
FastIron CX24/48x1 GbE server 4x10 GbE uplink
TurboIron 24X24x10 GbE Server/uplink
NetIron CES24/48x1 GbE2x10 GbE uplink
100 GbE
WAN
Tape Libraries
SAN
Storage Arrays
DCX 16 Gbps
DCX 16 Gbps
10 GbE
TRILL
Calisto
Brocade 8000
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
93
40G / 100G Ethernet Standard
Higher Speed Ethernet being defined in IEEE P802.3ba project
Standard intended to define MAC and physical layer for 40G and 100G Ethernet speeds
Standard expected to be ratified in mid-2010
Brocade is actively investing in development of these technologies
Brocade BigIron is 40G / 100G ready
BigIron RX will be industry most cost-effective 100G chassis!
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
94
100 GE and 40 GE Reach Options
PHY 40 Gbps support 100 Gbps support
At least 1m over a backplane 40GBASE-KR4
At least 10m over copper cable 40GBASE-CR4 100GBASE-CR10
At least 100m over MMF (ribbon cable)
40GBASE-SR4 100GBASE-SR10
At least 10km over SMF 40GBASE-LR4 100GBASE-LR4
At least 40km over SMF 100GBASE-ER4
Brocade Confidential - Under NDA
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
95
Brocade’s Current Plans for 40G & 100G
40G Module:– Targeted for DC access and
aggregation layers– Inherits current capabilities of
RX modules– Requires hSFM– Backward compatible with
existing modules– QSFP optics
• Initial optics focus on short-reach
– Target Availability:• H1, 2011
100G Module:– Targeted for SP backbones
and DC backbones– Inherits current capabilities of
RX modules– Requires hSFM– Backward compatible with
existing modules– CFP optics
• Permits longer reach from day 1 (at least 10 km)
– Target Availability:• H2, 2010
Preliminary Info: Subject to Change without Notice
Brocade Proprietary and Confidential
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
96
Summary of Industry Trends
Increase scalabilityIncrease bandwidthReduce costReduce complexityRemain committed to open standardsRemain green
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
97
Our Value Proposition
Industry leading performance
Compelling TCO advantages
Superior quality products
Delivered and supported by world-class global supply chain and global service organization
© 2009 Brocade Communications Systems, Inc. Company Proprietary Information
98
THANK YOU
DATACENTER