IP Product Suites - Q12010

PRODUCTS AND SOLUTIONS 2010

Terence Teo

SE

FOR INTERNAL USE ONLY© 2009 Brocade Communications Systems, Inc. All Rights Reserved.

2

Agenda

Company Profile

Brocade DataCenter Product Portfolio

Brocade Application Switch

Brocade Wireless Solution

Brocade NMS – IronView

Next Generation Technology

© 2009 Brocade Communications Systems, Inc. Company Proprietary Information

3

BROCADE PRODUCT PORTFOLIO

DATACENTER

© 2009 Brocade Communications Systems, Inc. All Rights Reserved.

4

FastIron 10/100 Ethernet Ports Edge SwitchBasic Package:16,000 MAC Addresses4096 VLANsExternal Redundant Power SupplyProtected Link GroupsPort-based Access Control ListsDynamic Voice VLAN AssignmentPrivate VLANs and uplink-switchPort Loop DetectionIP Source GuardBPDU Guard and Root GuardSTP, RSTP, MST, PVST/PVST+802.1x and Port SecurityMetro Ring Protocol (MRP 1)ACL and Rate-limitQuality of Service (QoS)DHCP RelayECMPPIM SnoopingRIP v1/v2 announceVRRP, VSRP and VSRP AwareIPv4 Static RoutesHardware sFlow Network ProberDHCP SnoopingDynamic ARP InspectionDenial of Service (DoS) protectionIPv6 Ready

Edge Premium Package• IGMP V1, V2, and V3• OSPFv1,v2• RIP v1,v2• Route-only support• Routes in hardware maximum: 1000• VRRP

FastIron FWS62420×10/100 Mbps ports plus four RJ45/SFP (1-GE) combo ports

FastIron FWS624-POE20×10/100 Mbps PoE ports plus four RJ45/SFP (1-GE) combo ports

FastIron FWS64844×10/100 Mbps ports plus four RJ45/SFP (1-GE) combo ports

FastIron FWS648-POE44×10/100 Mbps PoE ports plus four RJ45/SFP (1-GE) combo ports

-EPREM

-EPREM

-EPREM

-EPREM


5

FastIron 10/100/1000 Ethernet Edge Switch


FastIron FWSG62420×10/100/1000 Mbps ports plus four RJ45/SFP (1-GE) combo ports

FastIron FWSG624-POE20×10/100/1000 Mbps PoE ports plus four RJ45/SFP (1-GE) combo ports

FastIron FWSG64844×10/100/1000 Mbps ports plus four RJ45/SFP (1-GE) combo ports

FastIron FWSG648-POE44×10/100/1000 Mbps PoE ports plus four RJ45/SFP (1-GE) combo ports

-EPREM

-EPREM

-EPREM

-EPREM

Basic Package:16,000 MAC Addresses4096 VLANsExternal Redundant Power SupplyProtected Link GroupsPort-based Access Control ListsDynamic Voice VLAN AssignmentPrivate VLANs and uplink-switchPort Loop DetectionIP Source GuardBPDU Guard and Root GuardSTP, RSTP, MST, PVST/PVST+802.1x and Port SecurityMetro Ring Protocol (MRP 1)ACL and Rate-limitQuality of Service (QoS)DHCP RelayECMPPIM SnoopingRIP v1/v2 announceVRRP, VSRP and VSRP AwareIPv4 Static RoutesHardware sFlow Network ProberDHCP SnoopingDynamic ARP InspectionDenial of Service (DoS) protectionIPv6 Ready


6

FastIron 10/100/1000 Stackable Edge SwitchBasic Package:• Same as FWS Series• 10GbE Optional• Stacking capable up to 8 units per

stack• 40 Gbps Stacking throughput


FastIron LS 62420 x 10/100/1000 Mbps ports plus 4 combination RJ45/SFP Gigabit Ethernet (copper or fiber) ports. The switch includes 3 slots for optional 1 port 10GbE modules

FastIron LS 624-STK 20 x 10/100/1000 Mbps ports plus 4 combination RJ45/SFP Gigabit Ethernet (copper or fiber) ports plus 2 x 10GbE CX4 stacking ports and one open slot for an optional 1 port 10GbE module

FastIron LS 64844 x 10/100/1000 Mbps ports plus 4 combination RJ45/SFP Gigabit Ethernet (copper of fiber) ports. The switch includes 2 slots for optional 1 port 10GbE modules

FastIron LS 648-STK 44 x 10/100/1000 Mbps ports plus 4 combination RJ45/SFP Gigabit Ethernet (copper or fiber) ports plus 2 x 10GbE CX4 stacking ports

-EPREM

-EPREM


7


stack• 40 Gbps Stacking throughput• Field Upgradable PoE• Built-in Redundant Power Supply• 1.5 RU


FastIron GS 624P20 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity

FastIron GS 624-STK 20 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports

FastIron GS 624P-POE20 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity

FastIron GS 624-POE-STK 20 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports

-EPREM

-EPREM


8


stack• 40 Gbps Stacking throughput• Field Upgradable PoE• Built-in Redundant Power Supply• 1.5RU


FastIron GS 648P44 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity

FastIron GS 648-STK 44 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports

FastIron GS 648P-POE44 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity

FastIron GS 648-POE-STK 44 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports

-EPREM

-EPREM


9

FastIron 10/100/1000 Stackable Edge SwitchBase Models:• Same as FWS Series• Up to 2 10GbE ports• Stacking capable up to 8 units per

stack• 64 Gbps Stacking throughput• Built-in Redundant Power Supply• 1RU IGMP V1, V2, and V3• OSPFv1,v2• RIP v1,v2• Route-only support• Routes in hardware maximum: 16,000• 32,000 MAC Addresses

Advance Models• BGP

FastIron CX 624S20×10/100/1000 Mbps ports plus four RJ45/SFP (1-GE) combo portsplus 2 x 16GbE dedicated stacking ports, plus 1 x RPS13 power supply

FastIron CX 624S-HPOE20×10/100/1000 Mbps PoE+ ports plus four RJ45/SFP (1-GE) comboports plus 2 x 16GbE dedicated stacking ports, plus 1 x RPS14 power supply

FastIron CX 648S44×10/100/1000 Mbps ports plus four RJ45/SFP (1-GE) combo portsplus 2 x 16GbE dedicated stacking ports, plus 1 x RPS13 power supply

FastIron CX 648S-HPOE44×10/100/1000 Mbps PoE+ ports plus four RJ45/SFP (1-GE) combo ports plus 2 x 16GbE dedicated stacking ports, plus 1 x RPS14 power supply

-ADV

-ADV

-ADV

-ADV

FCX624S-F 24 x 100/1000 Mbps SFP ports plus 2 x 16GbE dedicated stacking ports

FCX624S-F24 x 100/1000 Mbps SFP ports plus 2 x 16GbE dedicated stacking ports. Ships with advance Layer 3 license.

-ADV


10

Scaling the Intelligent EdgeStacking Capable FastIron GS/LS/CX Models

Up to 8 Units Up to 8 Units

FastIron GS/LS PoE or non-PoE Models FastIron CX HPoE or non-HPoE Models

IronStack - Up to 40Gbps

Backpane- Up to 384 10/100/1000

PoE or non-PoE ports

IronStack - Up to 64Gbps

Backpane- Up to 384 10/100/1000

PoE+ or non-PoE+ ports

- Up to 16 10GbE ports


11

FastIron 10/100/1000 Performance Edge Switch

FastIron FESX62424 ports 10/100/1000 Mbps Ethernet with 4 combinationRJ45/SFP Gigabit Ethernet for copper or fiber uplink connectivity plus 2 ports of 10GbE uplinks

FastIron FESX64848 ports 10/100/1000 Mbps Ethernet with 4 combinationRJ45/SFP Gigabit Ethernet for copper or fiber uplink connectivity plus 2 ports of 10GbE uplinks

FastIron FESX624HF24 ports 100/1000 Mbps SFP with 4 combination RJ45/SFPGigabit Ethernet for copper or fiber uplink connectivity plus 2 ports of 10GbE uplinks

Base Models:• Built-in Redundant Power Supply• 1.5 RU• 256,000 IPv4 Route Entries• 32,000 IPv6 Route Entries• 16,000 MAC Addresses• Static Route

PREMIUM Upgrade:• RIP v1, v2• OSPF v1, v2• BGP4• IGMP, PIM, etc.

-PREM -PREM -PREM


12

Modular Power • Internal AC power supplies• Auto-sensing 110V/220V AC• Redundant, load sharing • Hot-swappable

Airflow • Front-to-back airflow• Variable-speed fan• Hot-swappable fan assembly

Performance• 488 Gbps forwarding throughput• 1.5 usec cut-through latency• 2 MB buffer for transient

congestion protection

Flexibility and Green Design • Low-power SFP+ ports• Only 7.3W per port• Cu-SFP+ (Twinax) option• 1 GbE SFP support

TurboIron 24X24-port 10 GbE/1 GbE SFP+/SFP with 4-port 10/100/1000 RJ45


13

TurboIron 1G/10G Top-of-Rack SwitchPOWER:• Load sharing, Hot-swappable• 176 W power consumption• 600 BTU/hr dissipationFEATURES:

• STP, RSTP, MSTP, PVST/PVST+, PVRST+

• Link aggregation• 802.3X Pause Frame• QoS, Jumbo, Rate limiting, Rate

Shaping• L2 Multicast• Port Mirroring• ACLs • sFlow

PERFORMANCE:• 488 Gbps throughput• 363 Mpps forwarding capacity• 1.5 uSec latency• 512 M Memory• 32 M Flash • 2000 Rate Limiters• 512 STP groups• 32,000 MAC forwarding• 4000 VLAN• 9000 Jumbo Frame• 128 Trunk Groups/8 Links

TurboIron TI-24X-ACTurboIron 24-port 10GbE/1GbE SFP+ with 1 AC power supply (RPS11) and Fan

10Gbps Optics:10G-SFPP-SR10GBASE-SR, SFP+ optic (LC), target range 300m over MMF

10G-SFPP-LR10GBASE-LR, SFP+ optic (LC), for up to 10km over SMF


14

Brocade FastIron SX800/SX1600

Advanced L2/L3 switching with scalable POE, wire-speed 10/100/1000 Mbps, 100/1000 Mbps Fiber, and 10-Gigabit Ethernet

FastIron SX 800 FastIron SX 1600

Common OS, Line Modules, Power Supplies with SuperX

Modular, High-Availability Enterprise Convergence Switches

Redundant System + POE Power, Management and Switch

• Full Layer 3 IPv4 Upgrade• 256,000 Routes FIB• 1 Million BGP Routes in RIB

PREMIUM

• Full Layer 3 IPv6 Upgrade• 64,000 Active Routes• RIPng, OSPFv3, BGP4+

PREMIUM6


15

Brocade FastIron SX Series SwitchesProduct Highlights

Industry’s highest PoE density in a chassis:– Ideal for aggregation and high-density wiring closet– Up to 384 10/100/1000 Class 3 PoE ports with

redundant PoE power supply

High-performance enterprise solution:– Features a 2-port 10 GbE management module– Up to 36 10 GbE ports– 24-port copper modules are PoE-upgradable– 10 GbE module supports LAN and WAN PHY

Complete VoIP software features:– Power management, including power priority– Dynamic Voice VLAN configuration– sFlow for detailed network traffic accounting– Support for 802.3af devices, including IP phones,

access points, and security cameras


16

Brocade BigIron RX Series Switches

Advanced Gigabit and 10-Gigabit Ethernet Densities– Up to 1,536 Gigabit or 512

10-Gigabit ports in a single chassis

High availability Hardware and Software architecture for core resiliency

Advanced Layer 2/3 feature set for the High Performance Core

Purpose-built for increasing efficiency– Best in class power efficiency

lowers Watts/Gbps– Consolidate network into fewer

devices

http://www.foundrynet.com/leadership/awards.html


17

Brocade BigIron RX Series Core Switch

RX-4- 16 10GbE Line-rate- 192 1GbE Line-rate- 400Gbps Data Switching

Capacity- 285Mpps L2/L3 Throughput

RX-8- 32 10GbE Line-rate- 384 1GbE Line-rate- 800Gbps Data Switching


RX-16- 64 10GbE Line-rate- 768 1GbE Line-rate- 1.6Tbps Data Switching Capacity- 1.14Bpps L2/L3 Throughput

RX-32- 128 10GbE Line-rate- 1536 1GbE Line-rate- 3.2Tbps Data Switching Capacity- 2.3Bpps L2/L3 Throughput


18

BigIron RX-32 Highlights

Switch Fabric• Eight 3-Stage Clos Switch

Fabric Modules

Interface Module• 32 Half slot I/O Module

Slots• Same 16x10GE, 4x10GE,

24x1GE and 48x1GE as entire BigIron RX Series

Management Modules• 512 MB SDRAM Base• Upgradeable to 2 GB

SDRAM• PowerPC processor• 1:1 redundancy• Same System Software

for Entire BigIron RX Series

Modular Cooling System

• Front to Back Airflow

Integrated Cable Management

• Top, Bottom and Side

M + N Power Supply Redundancy


19

Brocade BigIron RX Series Core Switch Modular, scalable, resilient system architecture

– Complete hardware redundancy– Hitless Layer 2 and Layer 3 failover– Hitless Software upgrade

Enables high availability network architectures for VoIP, video conferencing, and mission critical Data– Sub-second L-2 convergence: MRP, VSRP, RSTP– Fast Re-route for SONET-like 50ms resiliency

Powerful security with line rate traffic monitoring and filtering– High performance L2/L3/L4 Inbound ACL support – Line rate sFlow monitoring with port mirroring for optimal security

Meeting tomorrows needs today– Over 2 Billion Packets per Second for room to grow– 40/100 GE ready design compatible with today’s hardware


20

RX System Architecture

CLOS SWITCH FABRIC

CPU

GIGController

CPUSystemController

Management Module

Interface Module1 x 10GbE

1 x 10GbE

A Tower = 1 PP + 1 TMEach Tower has a 12Giglink multiplexed to the SFM

512MBDRAM

10/100/1000

1 Gig

Tower1 Tower2

1 x 10GbE

1 x 10GbE

12Gig Multiplexedto the SFM


21

BigIron RX-series - The Specs

RX-series Model BigIron RX-4 BigIron RX-8

BigIron RX-16 BigIron RX-32

Data switching capacity

Packet forwarding capacity

400 Gbps

285 Mpps

800 Gbps

570 Mpps

1.6 Tbps

1.14 Bpps

3.2 Tbps

2.3 Bpps

I/O Modules Common Line Modules : 16x10GbE (up to 10Km SFP+); 4x10GbE (up to 80Km XFP); 48x1GE (mini-RJ21); 24x1GE (up to 150km SFP) and 24x1GE Copper

Height Chassis (4 RU high)

Chassis (7 RU high)

Chassis (14 RU high)

Chassis (33 RU high)

Max Power Draw 1217W 2417W 4905W 11,353W

Software RIB Route Capacity

Up to 1M RoutesUp to 4M Routes (with MR2)

HW FIB Route Capacity per interface module

Up to 512K Routes

IPv6 Management and Protocols

YES; RIP NG, OSPFv3, ISIS, BGPv6


22

BROCADE CARRIER ETHERNET

SERVICEPROVIDER


23

Brocade NetIron MLX Series Core Routers

MLX-4- 16 10GbE Line-rate- 80 1GbE Line-rate- 960Gbps Fabric Switching

Capacity- 400Gbps Data Switching


MLX-8- 32 10GbE Line-rate- 160 1GbE Line-rate- 1.92Tbps Fabric Switching

Capacity- 800Gbps Data Switching



Capacity- 1.6Tbps Data Switching Capacity- 960Mpps L2/L3 Throughput


Capacity- 3.2Tbps Data Switching Capacity- 1.92Bpps L2/L3 Throughput


24

Brocade NetIron MLX Series Core RoutersSneak Preview

MLX-4- 32 10GbE Line-rate- 192 1GbE Line-rate- 400Gbps Data Switching

Capacity

MLX-8- 64 10GbE Line-rate- 384 1GbE Line-rate- 1.6Tbps Data Switching Capacity



- High Capacity Switch Fabric Modules- 48-port 1G RJ-21 Line Modules-8-port 10G Line Modules- 2-port 100G Full-Slot Line Modules

Double Capacity in 2010


25

NetIron MLX Series Highlights

Scalable, high-capacity core routers: – 3.2 Tbps capacity in a single chassis– Redundant hardware and non-stop software design– Power-efficient design– Collapse multiple network layers

Advanced services:– Multi-services (IPv4, IPv6 and MPLS)– Advanced Virtualization with Multi-VRF

Cost-effective and Industry’s Highest port density per rack:– 128 x 10 GbE ports, – 64 x 1 GbE ports– 40/100 GbE ready


26

Brocade NetIron MLX Series Core Router

1:1 Redundant Management Modules

N+1 Switch Fabric Element Redundancy

Modular CoolingSystem

Half-slot Modules for Graceful Growth & Lower Sparing Cost

N+1 / N+N Power Supply Redundancy (AC & DC)


27


Rich mix of broadband services– IPv4 Routing: IPv4, IP over MPLS– Full IPv6 routing for unicast & multicast today– MPLS-TE– MPLS L2 VPNs: VLL, VPLS– MPLS L3 VPNs: BGP/MPLS (RFC 2547bis)

State-of-the-art CLOS fabric design

Hardware-based forwarding for all services

Multiple concurrent services over the same interfaces

High-availability design for non-stop operation– Hardware redundancy: 1:1 management, N+1 fabric, N+1 power, N+1 fans– Hitless management failover with protocol graceful restart– Hitless software upgrades


28


Advanced Metro Ethernet switching– 802.1Q, Q-in-Q, RSTP, 802.1s, PVST, VSRP, MRP

Full IPv4 and IPv6 unicast/multicast routing protocol support Designed for NEBS Level 3 compliance Extensive OAM capabilities incl. MAC ping, traceroute Enables high availability services

– Sub-second L-2 convergence: MRP, VSRP, RSTP– Fast Re-route for SONET-like 50ms resiliency


29

NetIron MLX Series Power of Performance

512K IPv4 routes or 120k IPv6 routes in hardware FIB (Line Modules)

2M IPv4 BGP routes in RIB (Manangement Modules)

256 BGP peers

4,000 VLL & VPLS instances; 256K VPLS MACs

1M MAC addresses


30

Brocade NetIron CER Series RoutersProduct highlights Leading high-capacity routers

– Scalable routing in compact form factor– Scalable to full Internet routing table: 512K routes– Dense BGP applications: 128 peers– Wire-speed performance: 88 to 136 Gbps– Deep packet buffers

Advanced functionality– MEF 9, 14, 21 certification– Virtualization through multi-VRF and MPLS– Full IPv4 unicast and multicast capabilities– Advanced QoS capabilities– Ingress and egress ACL

Optimum flexibility– 24- and 48-port copper and fiber models– All models are field-upgradable to 2-port 10 GbE

High availability– NEBS level 3 certification– Hot-swappable, redundant, load-sharing AC/DC

power supplies– N+1 redundant, replaceable cooling system

SP/DC/Campus Edge


31

Feature NetIron CES NetIron CER NetIron MLX NetIron XMR

IPv4 FIB 32K 512K 512K 1M

IPv4 RIB 256K 4M+ 2M 10M

IPv6 FIB 8K 128K 112K 240K

BGP peers 64 128 512 2000

Multicast cache 2500 4K 16K 16K

ACL Ingress 8K 16K * 64K 64K

ACL Egress 4K 8K * 12K 12K

VRF 16 128 256 2K

LSP (I+E) 128 1K 5K 10K

LSP (LSR) 1K 4K 10K 20K

VLL 512 1536 8K 48K

VPLS 128 1K 4K 16K

Brocade NetIron CER

* Not tested and subjected to change


32

BROCADE APPLICATIONSWITCH - SERVERIRON

DATACENTER

COMPANY CONFIDENTIAL© 2009 Brocade Communications Systems, Inc. All Rights Reserved.

33

Basic Deployment Scenario

ADCs enable virtual server farms OnDemand server farm and application scalability High Availability applications with failure detection and automatic failover Load balancing for best service response time and application performance Robust server farm and application security from most attacks Server resource conservation by offloading connection management, SSL handshake Maximized server utilization and better return on investment (ROI)

Web Apps Email Business Applications

Application Delivery Infrastructure

ServerIron ADC

BigIron RX


34

DoS and SYN Attack MitigationPartnering with McAfee Firewall Enterprise

Firewall Operational Issues Scaling firewall bandwidth without

replacing existing firewalls Firewalls can be “melted down” by L2-3

Denial-of-Service attacks Firewall service needs to be 24x7 to

insure communications

ServerIron FWLB Solution ServerIron FWLB transparently supports

firewall clusters Provides high-speed DoS protection to

prevent firewall meltdown Can offload NAT processing from firewalls Ensures that firewalls can be scaled

inexpensively, securely, with maximum performance

Supports McAfee, CheckPoint, Cisco, Juniper, and other firewall clustering systems


35

Web Application FirewallPartnering with Imperva SecureSphere

Automated Operations Dynamic Profiling models user interactions with

applications and adapts as applications change over time, eliminating manual tuning

Accuracy Security events are correlated across security layers

(Dynamic Profile, IPS, and so on) and over time to identify attacks without false positives

Acceleration and Performance ServerIron uses load balancing, SSL offloading and

HTTP multiplexing to accelerate end users and Web traffic. Transparent inspection technology from Imperva delivers gigabit throughput and sub-millisecond latency

Scalability Hierarchical management enables large enterprises

and ASPs to efficiently manage hundreds of applications and many thousands of users

User Awareness Imperva user tracking technology ensures an audit

trail that links security violations to specific Web application user names without making any changes to protected applications


36

Transparent Cache Switching (TCS)Partnering with Blue Coat ProxySG

Load Balancing Cache Servers Cache Servers use a different paradigm

than regular servers Client requests must be diverted from real

servers to cache servers In case all cache servers are down, client

requests must go to real servers Scaling to multiple cache servers is not

transparent to clients

ServerIron TCS with ProxySG ServerIron ports can be configured as

TCS ports Client requests are diverted to cache

servers for content Client requests are load balanced among

cache servers TCS supports HTTP, FTP, and other

protocols Client requests go directly to real servers

if cache servers are all down


37

SYN-GuardIndustry’s Most Comprehensive High-Speed DoS Protection

Most scalable high speed DoS protection at up to 120M Syn/Second

TCP syn packet seen by SI, which sends TCP SYN ACK back to client (with special sequence number)

If no corresponding client ack seen, SI simply drops the original connection request

If client ack seen for original connection request, connection is then made to appropriate server

Hardware based implementation in SI guarantees high-speed with no CPU overhead

Prevents Server Session Table meltdown when under attack

Must be used in non-DSR mode


38

SYN-DefenseThe ONLY DoS Solution for Direct Server Return (DSR) Config

Many customers use DSR mode so that return traffic from Server does not go back through ADC

SYN-Guard security feature only available if ADC sees return traffic

Using Syn-Defense, ServerIron can provide DoS attack security, even in DSR mode

ServerIron sees original TCP syn from hacker and forwards to appropriate server

TCP SYN ACK sent by server back to client (not seen by SI)

SI waits to see client return the ACK to server. If not seen in specified interval, SI resets the TCP connection on Server (freeing Server session state table space and overhead)


39

Advanced SSL Acceleration and Offload

ServerIron supports two optional SSL acceleration capabilities– Integrated SSL on WSM– Separate SSL module

SSL is terminated on the ServerIron, and client traffic is delivered to server via a single TCP connection– Server no longer must process SSL

and TCP connection management is reduced

Multiple SSL modules supported for added scalability & performance– Up to 34,000 SSL transactions/sec– Up to 2Gig Bulk SSL throughput

SSL Proxy mode allows ServerIron to re-establish SSL connection to server for added security

Support for multiple ciphers allows added flexibility


40

Web Application Firewall Enhanced Security

Advanced, high-speed Web Application Firewall available at no charge in ServerIron

Allow /Deny/Log incoming HTTP requests based on configurable security policies

Hides back-end application specific error information that could be used to launch additional attacks

Prevents a range of web application attacks, including:– Cookie and Parameter Tampering– Cross-Site Scripting– Buffer Overflows– Internal web page access

Allows cloaking to be used to replace 4xx/5xx error responses with configured responses


41

Securing Enterprise ApplicationsDelivering Performance and Scalability

Application Deployment Problems Scaling Application Performance Securing Applications from DoS

and other attacks Delivering Application &

Infrastructure High Availability Offloading Server SSL and HTTP

processingServerIron Solution Increased Application

Performance for multiple servers Industry’s highest speed DoS

Defense at over 7Mpps Active-Active & Hot Standby HA Integrated & Upgradeable SSL &

HTTP offload solutions Application Health Checks Chassis & Stackable solutions

with redundant power

ServerIron

ADX 8000

ServerIron

ADX 4000 HA Pair

ServerIron

350 HA Pair + SSL

Layer

2-3

I

N

F

R

A

S

T

R

U

C

T

U

R

E

Intranet

Internet


42

ServerIron

DNS

Datacenter

Datacenter

Datacenter

ServerIron GSLB Solution• GSLB controller works with local ServerIron to load balance global datacenter traffic• Incorporates site health, load, user proximity, and service response for user site selection• Provides transparent site failover in case of disaster or service outage• Supports route health injection using OSPF/BGP when DNS cannot easily be employed

Global DC Deployment Issues

• Handling site failures transparently

• Providing best site selection per user

• Leveraging both DNS and non-DNS solutions for multi-site redundancy

• Providing disaster recovery and non-stop operation

Using Global Sever Load BalancingMulti-Site Redundancy and Enhanced Performance


43

Unified Communications (UC) Ensuring High Availability, Security, and Responsiveness

Unified Communications Issues

End User Response times need to be predictably low

High Availability is required for these business critical services

Communications must be secured

Investment protection & flexibility is important to address future growth

A/V Conf Server

IIS Server

Telephony Conf Server

Web Conf Server

Focus

IM Conf Server

Active Directory

SQL Server Backend

ServerIron HA Pair

UC Users

ServerIron UC Solutions Industry’s most scalable, high speed L4-7 switching ensures users with rapid response times ServerIron HA configuration prevents any loss of communication service Denial-of-Service at wire-speed fully secures UC services Brocade and Microsoft have certified ServerIron with MS Unified Communications Services


44

Mirrored TrafficTrunk

Network Traffic

Web IDS email IDS

GenericIDS

Issues with Scaling IDS• For high bandwidth environments

IDS systems are extremely expensive

• Even the highest performing IDS systems cannot effectively handle all of the traffic

• IDS systems typically focus on specific types of application traffic

• Some mechanism must be provided to categorize & segment the traffic

ServerIron IDS Load Balancing Solution• ServerIron can support multiple Gig and 10 Gig mirrored trunks from network devices• Traffic is then categorized and segmented by application type in real-time• Segmented traffic is then load balanced across multiple IDS systems that handle only that

application type• Ideal for legal intercept and high bandwidth SP and Enterprise environments

Intrusion Detection System (IDS) SolutionsHighly Scalable Traffic Classification


45

Message Reputation and Email Servers Providing SPAM Mitigation and Load Balancing Services

Effective SPAM Mitigation Message Reputation Service is

costly and difficult to scale Multiple servers are often needed to

deal with the high volume of email and SPAM

Some mechanism to quickly discard known SPAM from even getting to complex reputation servers should be provide

ServerIron IP Black List Support ServerIron can import IP Black Lists

from a number of trusted sites ServerIron IP Black List support

eliminates up to 30% of SPAM This allows reputation servers to

focus on more complex SPAM mitigation

IP Black List

ServerIron

Email Servers

Message Reputation

SPAM Servers

Internet

IP Black List Sites


46

Enhanced GUI Management and Monitoring

ContentManipulation

Policy Management

SSL Key and Certificate

Management

Dashboard for Real-Time

Health Monitoring

System Traffic Monitoring with Live Charts and

Graphs


47

Web GUI Additions

High Availability – All 3 HA modes


48

Web GUI Additions

Health Checks – L4/7 Health Checks, Port Profiles, Port Policies, Element Health Checks, Match Lists


49

Web GUI DEMO

http://10.45.2.4/Home


50

IronView Network ManagerNetwork Management for ServerIron L4-7 Products

• ServerIron discovery and topology management

• Configuration and image deployment

• Thumbnail status and alarm views• Configuration backup• Security policy management• SSL certificate management

IronView Provides


51

Introducing ServerIron ADXTechnology and Business Drivers

Scalable Architecture—combines the leading processing performance with the highest density…the only way to support advanced ADC features and data center growth

Investment Protection—modular, easily upgradeable line cards, management cards, acceleration cards, and switch fabrics ensure ongoing value


52

ServerIron ADX 1000Industry’s highest-performing, 10 Gigabit-capable 1U ADC

CPSL4 = 1Mil L7 = 75KConcurr = 8 MilThroughputL4= 4.5G L7 = 9G16x1Gig ports SSL Bulk 1G SSL TPS 12K

SI-1016-2-SSL

CPSL4 = 2Mil L7 = 150KConcurr = 16 MilThroughputL4= 9G L7 = 9G16x1Gig ports SSL Bulk 2G SSL TPS 24K

SI-1016-4-SSL

CPSL4 = 2Mil L7 = 150KConcurr = 16 MilThroughputL4= 9G L7 = 9G16x1Gig ports2x10GbE ports SSL Bulk 2G SSL TPS 24K

SI-1216-4-SSL


53

App Switch Module (ASM)• Up to two ASMs• Each ASM with eight

cores• 16 total cores• 2 GB memory per core

Two line card slots• 12 x 1 Gb line card• 4 x 10 Gb line card

Hot-swap fan tray

• Front-serviceable power• Redundant AC/DC option

Switch Fabric Module (SFM)• Modular• Scalable

Management Module (MM)• Dual-core management• FAT-compatible USB• Ethernet and DB9 mgmt• Future upgradable

options

ServerIron ADX 4000The industry’s only highly scalable 4U platform

• Single SSL exp card • Single ASM• 12 Gig ports• 17.5 Gig L4 & L7 throughput• 4Mil L4 CPS• 300K L7 TPS• 32 Mil concurent connections• 30M Syn Cookie• SSL Bulk 4G SSL TPS 48K

Basic• Single SSL exp card • Dual ASM• 12 Gig ports + 4x10Gig• 35G Gig L4 & L7 throughput• 8 Mil L4 CPS• 600K L7 TPS• 64 Mil concurent connections• 60M Syn Cookie• SSL Bulk 8G SSL TPS 96K

Full


54

ServerIron ADX 10000 ChassisHighest-performance, highest-density cores and line cards

App Switch Module (ASM)• Up to four ASMs• Each ASM with eight

cores• 32 total cores• 2 GB memory per core

Hot-swap fan tray

Front-serviceable power• AC or DC option• 2 + 2 redundancy

Management Module (MM)• Dual-core management• Redundant mgmt option• FAT-compatible USB• Ethernet and DB9 mgmt• Future upgradable options

Four line cards per chassis• 12 x 1 Gb line card• 4 x 10 Gb line card

Switch Fabric Module (SFM)• Modular• Scalable

• Dual ASM• Single SSL exp. module• 8x10Gig• 35G Gig L4 & L7 throughput• 16 Application Cores• 8 Mil L4 CPS• 600K L7 TPS• 64 Mil concurent connections• 60M Syn Cookie• SSL Bulk 8G SSL TPS 96K

Half Load• Quad ASM• Dual SSL exp. module • 16x10Gig ports• 70G Gig L4 & L7 throughput• 32 Application Cores• 16M L4 CPS• 1.2M L7 TPS• 128 Mil concurent connections• 120M Syn Cookie• Dual mgmt• SSL Bulk 13.5G SSL TPS 192K

Full Load


55

ServerIron ADX SeriesASM, Management Module, SFM and Line Cards

ASM8 Application Switching Module• 4 dual core

Barrel Processors, for 8 application cores

Management Module• Dual Core• Space for

specialized hardware

4 x 10 GbLine Card

12 x 1 GbLine Card

RJ-45

Switch FabricModule

12 x 1 GbLine Card

SFP

SSL&

Compression


56

Application Switch Module (ASM8)State of the Art Technology and Performance Upgradability

ASM Switch Fabric PAX

AXP AXP

4 Dual Core CPU’s8 App Cores (BPs)

2GB Mem/coreL4-7 Processing

~Up to 4M TPS~Up to 17.5G thruput Packet

Acceleration Processor (PAX)• Counter Sync• Server Selection

H/W Assist

App Acceleration Processor (AXP)• One AXP per 4 App Cores• Provides Syn-cookie & DDoS H/W support• TCP Options Processing• Checksum Processing• Outbound packet processing• Room for future app acceleration functions

AC1

AC2

AC3

AC4

AC5

AC6

AC7

AC8

1 App Core = 1 BP


57

BROCADE WIRELESSSOLUTION

CAMPUSLAN


58

Brocade Mobility Enterprise Wireless LAN

Access Points Mobility Controllers Wireless IDS

Mobility 7131

Mobility 5181

Mobility RFS7000

Mobility RFS6000

AirDefense Enterprise

LiveRFAdvanced Forensics

Advanced Troubleshooting Spectrum Analysis

Mobility 300


59

Introducing Brocade’s New Mobility Enterprise WLAN Switch and AP Product Set

WIRELESS SWITCHES ACCESS POINTS

Large-Very Large Enterprises

Mobility RFS7000

Supports 256 dependent and 1024 adaptive AP’s

Medium-Large Enterprises and

Branch Offices

Mobility RFS6000

Supports 48 dependent and 256 adaptive AP’s 3G WAN Backhaul Expansion Slot

Mobility 300 (Dual-radio a/b/g)• Dependent AP• Internal/External Antenna

Versions

Mobility 7131

(Single/dual-radio a/b/g/n)• Adaptive AP • Remote Site Survivability• Resilient, Self Forming Mesh• Internal/External Antenna Versions• Integrated Firewall, RADIUS

Mobility 5181 (Dual-radio a/b/g)• Outdoor AP• Supports mesh• Adaptive AP• Integrated Firewall


60

AirDefense Security For Brocade MobilityINDUSTRY-LEADING WLAN SECURITY PORTFOLIO

Rogue Detection & Elimination

24x7 Wireless Intrusion Detection

Automated Prevention

Policy Compliance (PCI, HIPAA, SOX)

Wireless Troubleshooting

Forensic Analysis

Location Tracking

Enterprise-class Scalability

LiveRF Advanced Forensics

AdvancedTroubleshooting

Spectrum Analysis

AIRDEFENSE PRODUCT OPTIONS

Wireless IDSSV-1250-P-1 (Appliance Model 1250)SV-3650-P-1 (Appliance Model 3650) SV-4250-P-1 (Appliance Model 4250) BKSV-1250-P-1 (Backup Appliance Model 1250)BKSV-3650-P-1 (Backup Appliance Model 3650) BKSV-4250-P-1 (Backup Appliance Model 4250) AD-SNFL-P-1 (WIPS license for 1 sensor) AD-ATSN-P-1 (Adv Troubleshooting license) AD-CMC-P-1 (Centralized Mgmt Console license) AD-EPSN-P-1 (Encryption Prot., WEP Cloaking license) AD-FESN-P-1 (Adv Forensic Analysis license) AD-SASN-P-1 (Spectrum Analysis) AD-TRSN-P-1 (Access Point Tracker license) MB-SW2G-P-1 (Mobile WLAN analyzer sw license)

IDS


61

Brocade Mobility RFS7000Product highlights Scalable, robust wireless infrastructure

– A converged platform to deliver multimedia applications (data, voice, video), wireless networking, and value-added mobility services such as secure guest access and locationing for Multi-RF networks.

Advanced features– Wireless VoWLAN with unmatched QoS,

prioritization, SIP CAC functionality. – Support for VoIP protocols and handsets

Ease of management– Simple management for wireless– Deploy, configure, and monitor all controllers and

APs from a single consoleRobust Gap-free security

– Integrated wired/ wireless solutions for IDS/IPS, wireless firewall, identity and location-based access policies

– IPSec VPN Gateway, AAA Radius Server, Secure Guest Access, MAC-based authentication

– Geofencing, NAC support with Microsoft and Symantec

– FIPS 140-2 and CC EAL4 model

Campus Access

256 AP300;1024AAP 5181;1024 AAP 7131;Cluster up to 12Units.

SPEC


62

Brocade Mobility RFS6000Product highlights Scalable, robust wireless infrastructure

– An architecture that is purpose-built to deliver high availability and scalability

– Secure reliable voice, data, and video delivery– Enterprise class delivers the best in class

performance, security, scalability and manageability required to meet the needs of demanding mission critical business applications

Advanced features– QoS, prioritization, SIP CAC functionality. – Support for VoIP protocols and handsets

Ease of management– Simple management for wireless– Deploy, configure, and monitor all controllers and APs

from a single consoleRobust Gap-free security

– Integrated wired/ wireless solutions for IDS/IPS, wireless firewall, identity and location-based access policies

– IPSec VPN Gateway, AAA Radius Server, Secure Guest Access, MAC-based authentication

– Geofencing, NAC support with Microsoft and Symantec

Campus Access

48 AP300256 AAP 5181;256 AAP 7131;Cluster up to 12Units.

SPEC


63

Brocade Mobility 7131 Product highlights

Scalable resilient wireless infrastructure– SiStationltaneous service to Stationltiple

802.11a/b/g/n– Adaptive Switch assisted Mesh– Mesh networking for data backhaul

Advanced features– Best solution for 802.11n with PoE+ support– 802.11h WW operation dynamic freq selection– Virtual AP: wireless VLANs, separate broadcast

domains– Wireless mobility at Layer 2 or Layer 3– WiFi Multimedia extensions for QoS

Ease of management– Zero-configuration setup using plug-and-play

architecture – WLAN Manager: deploy, configure, and monitor all

controllers and APs from single consoleRobust security

– Integrated Wireless IPS, rogue AP protection, wireless firewall, and guest access

– WIPS sensor for Air Defense– 802.1x supplicant: auth to Radius server

Campus Access


64

Brocade Mobility 5181Product highlights Scalable resilient wireless infrastructure

– Simultaneous service to Multiple 802.11a/b/g– Adaptive Switch assisted Mesh– Mesh networking for data backhaul

Advanced features– 802.11h WW operation dynamic freq selection– Virtual AP: wireless VLANs, separate broadcast






– WIPS sensor for Air Defense– 802.1x supplicant: auth to Radius server

Campus Access


65

Brocade Mobility 300 Product highlights Scalable resilient wireless infrastructure

– Delivers IEEE 802.11a/b/g connectivity– Dual-radio 802.11a and 802.11g design

Advanced features– 802.11h WW operation dynamic freq selection– Virtual AP: wireless VLANs, separate broadcast






– WIPS sensor for Air Defense– 802.1x supplicant: auth to Radius serverCampus Access


66

Brocade Mobility Key Differentiators

Maximum Flexibility Dependent, Independent & Adaptive AP deployment – Scales easily from

Enterprise Branch office to Large Campuses Mesh and Point to point deployments indoors and outdoors

Unmatched Reliability: SmartRF with Mesh Controller Clustering Maximum survivability (WWAN backhaul support in controllers)

Enhanced Wireless Security: Maximum security: L2 and L3 Stateful Firewall – WLAN traffic is L2 FIPS 140-2 and CC EAL4 certification 24x7 Wireless IDS/IPS with over 200+ WLAN signatures

Wired/Wireless Integration PoE+ (for 802.11n), Power management, Security, Auto-discovery


67

Enterprise WLAN Competitive Landscape

Cisco– Market leader with 50%+ revenue share of market (CY08)– Uses WLAN sales as ‘trojan horse’ for broader account

penetration– WLAN Product Offering: 2/3/5XXX Series Controllers and

AiroNet Series APs

Aruba– Start-up with sole focus on WLAN controllers and access points– Motorola gained share over Aruba during CY2008*– WLAN Product Offering: Aruba 2/3/6000 Controllers and Aruba

65/75/105/120 APs

* Per Wireless LAN and WiFi Mesh Equipment and Phones, Infonetics Research, March, 2009


68

Competitive: Reliability REQUIREMENT Brocade CISCO ARUBA

Accurate RF Planning

Wireless Mesh Redundancy

QoS and Network Segmentation over Mesh Links

Smart Clustering with Cost Effective Redundancy

AP Load Balancing

SMART RF

24x7 Monitoring

Remote Site Survivability

Advanced Troubleshooting

Spectrum Analysis

Excellent

Average

Good

Poor

Non ExistentEnsuring users have uninterrupted access to applications in enterprise & extreme environments


69

Competitive: SecurityREQUIREMENT Brocade CISCO ARUBA

Authentication and Encryption

24x7 WIPS

Simultaneous Full Time AP and Sensor Operation

Rogue Device Elimination

Wireless Firewall

Reporting & Compliance

Legacy Protection

GeoFencing

NAC

Integrated Security Services

Brocade provides the most comprehensive WLAN security offering in the industry

Excellent

Average

Good

Poor

Non Existent


70

DATACENTER

BROCADE NMS - IRONVIEW


71

The Need for Intelligent Management

The Complexity of Network Management grows faster as the Network grows– Configuration gets complex– More VLANs, subnets, IPv6, etc– More Events, Alerts– Network Troubleshooting

becomes more difficult– Require granular traffic analysis – Network wide security threats

increase Intelligent Management

– NMS with the capability to scale as the Network grows

– Intelligent features that saves time and enhance productivity

– Network wide traffic monitoring and analysis tools

– Closed loop security

# of Network Elements

Complexity of Network Management


72

Brocade IronView Network ManagerValue proposition

Unified Management

Simplify Network Management

Increase Network Availability

Robust Security

• Layers 2-3• Layers 4-7• MPLS• Wireless• Northbound Interface

• Easy to use• L2-3 Topology• Group Configuration• Change Management• Reporting

• MAC Filter Manager• ACL Manager• IronShield 360

• Event Manager• Traffic Analyzer• sFlow Collector• Performance Monitor


73

Brocade IronView Network ManagerOnly unified network manager for wired, wireless, and MPLS

Security

Event Management Policy Management Configuration

TopologyMPLS Provisioning


74

AggregationFI-ES Series

Scalable to over 10,000 devices

Manage the Full Brocade IP Product PortfolioIncluding support for third-party devices

FI-WS Series

FI-LS Series

FI-GS Series

FI-CX Series

NI-XMR Series

Core

Access

NI-MLX Series

BI-RX Series

FI-SX Series

FI-ESX Series

NI-CES Series

IPM Series

SI-ADX Series

TI-24X

Third Party


75

Unified ManagementMPLS Manager Easy-to-use, intuitive GUI Support for VLL, Local VLL, VPLS, Local

VPLS, and VCIP pools Status, configuration, statistics, topology,

and end-point settings NetIron MLX, XMR, and CES support

Wireless Manager Centralized management of wireless

switches and Access Points (APs) across the network

RF monitoring to detect rogue APs

ServerIron Manager Physical and virtual IP management Gobal Server Load Balancing (GSLB) Support for new ServerIron ADX

Application Delivery Controllers

Northbound Interface Integration with third-party Network

Management Systems (NMSs) Inventory information for Brocade and

third-party devices Java or Perl scripting interface


76

Simplified Network ManagementEase of Use Intuitive Web-based tools to reduce

management time and OpEx Access from anywhere within the network Dashboard with at-a-glance summary

asset and event information

Device Configuration Manager Automatically deploy device

configurations Execute CLI commands across groups of

switches

Change Manager View, retrieve, and restore configurations Manual or scheduled backups Pre/post-change snapshots Roll back configuration changes

Topology Manager Integrated topology discovery L2, VLAN, IP, STP/RSTP, MRP, and MPLS Background maps support Device search capabilities


77

Increased Network AvailabilityEvent Manager SNMP, Syslog, Snort, and partner events SNMP Trap forwarding Reporting, analysis, monitoring, and

remediation Easier to meet Service Level Agreements

(SLAs) Closed-loop remediation through

integration with Device Configuration Manager

Traffic Analyzer sFlow reporting, accounting, and

presentation Gain visibility into network activity Custom report generator Trending and analysis for troubleshooting

Performance Monitor Monitor essential network performance

information Advanced graphing tool Brocade and third-party device support Export graphs as images or CSV files


78

Robust Security

MAC Filter Manager Importing, configuration, and deployment

of MAC filters across devices Wired and wireless device support

Access Control List (ACL) Manager Rapidly configure and deploy ACLs Replicate ACLs to groups of switches Supports predefined service ACLs ACL customization support

Brocade IronShield 360 sFlow collection and conversion to PCAP Integration with Snort and other open

source Intrusion Detection Solutions (IDSs)

Identify accidental or malicious activity


79

Brocade INM BenefitsFEATURE BENEFIT

Intuitive GUI Ease of use

INM Dashboard At-a-glance asset and event summary information

AoR (Area of Responsibility) support Delegate management tasks

Device Configuration Manager Automate repetitive tasks to reduce OpEx

Performance Monitor Understand network performance characteristics

Proactive event notifications with closed-loop remediation Meet SLAs

Support more than 10,000 devices Manage large environments from a single console

Northbound InterfaceIntegration with third-party Network Management Systems (NMS) and Operational Support Systems (OSS)

Wireless Manager Centrally manage wireless resources across an entire campus

Change ManagerSchedule switch configuration backups with the capacity to roll back configuration changes

ServerIron Manager Integrated management of application delivery controllers

MPLS Manager Intuitive interface to manage MPLS settings across the WAN

Topology Manager Physical and virtual topology maps for L2, VLANs, IP, and MPLS

Report Manager Asset reports with detailed information of all managed devices

IronShield 360 Closed-Loop Security Full intrusion detection and prevention

Traffic Analyzer with sFlow collector Gain visibility into network activity, even at the edge


80

Operating System SupportINM Server Windows 2003 Server SP2, XP Professional SP3, and 2008 Server Red Hat Enterprise Linux Release 4 AS, ES,WS and Desktop; Red Hat

Enterprise Linux Release 5 Advanced Platform, Base Server and Desktop Sun Solaris 9 and 10 SPARC VMware Workstation 6.5.2 for Windows:

‒ Guest OS: Windows 2008 Enterprise Server 64-bit

VMware Workstation 6.5.2 for Red Hat Enterprise Linux 5:‒ Guest OS: Red Hat Enterprise Linux 5 64-bit

Microsoft Hyper-V Manager 6.0.6001.18016‒ Windows 2008 Enterprise Server 64-bit

INM Client Windows 2003 Server SP2, XP Professional SP3, Vista Business, and 2008

Server Red Hat Enterprise Linux 5 Advanced Platform, Base Server, and Desktop Sun Solaris 10 SPARC


81

Server and Client System RequirementsINM Server Windows Linux Solaris

CPU and Memory

1 to 200 Devices

3.0 GHz Pentium 43 GB RAMSun UltraSPARC T1 (or similar

UltraSPARC processor), 3 GB RAM

201 to 1000 Devices

Multicore Xeon Processor 3000 sequence or above (or

similar AMD processor), 4 GB RAM

Sun UltraSPARC T2 (or similar UltraSPARC processor), 4 GB RAM

1001+ Devices

Dual (or more) Xeon 5000 sequence or above (or similar AMD processor), 4+ GB RAM

Sun UltraSPARC T2+ (or similar UltraSPARC processor), 4+ GB

RAM

HDD 200 GB

INM Client Windows Linux Solaris

Web Browser

Internet Explorer

IE 7 and 8 N/A

Mozilla Firefox 3.0.x

Java Runtime Environment (JRE) 1.6.0_13


82

Licensing Options

License Type Part Number Details

INM Base License • IVIEW-NT

• IVIEW-LINUX

• IVIEW-SOL

• INM base license for each OS versions

Concurrent User License

• IVIEW-LIC

• IVIEW-20-LIC

• Five additional concurrent user license

• 20 additional concurrent user license

MPLS License • IVIEW-MPLS-LIC

• IVIEW-MPLS25-LIC

• IVIEW-MPLS40-LIC

• License for 10 MPLS-configured devices



INM MPLS Bundle • IVIEW-NT-MPLS

• IVIEW-LINUX-MPLS

• IVIEW-SOL-MPLS

• INM base with license for 10 MPLS-configured devices for each OS version


83

Event Management – Automated Alerts & Countermeasures

Use of SNMP Collector + Trap Forwarding + INM Event Manager

Configure customized email alerts based on SNMP MIBs

Very flexible – email alerts can be generated on any MIB based event– High CPU– High Temperature– Fan Failure

INM can also generate CLI reports or send CLI commands to fix the issue

INM Server

Corp Net

Corp Net

SNMPCPU Utilization

Enable STP

Loop

SNMPCPU Utilization

CPU above 70%?Trap

Send email alertHigh CPU from switch

Disable Loop

Add greater Productivity – Get instant customized email alerts. INM can also generate reports and even fix your network


84

Security – IronShield 360 Snort + sFlow

Closed Loop Security Automatic threat detection and

remediation Complementary IDS/IPS Solution that

is extremely cost effective Use each Foundry switch as a

network monitor INM + SNORT for signature analysis

with automatic alerts & remediation

INM Server

Corp Net

Corp Net

10.55.1.124

sFlow

sFlow

Network Attacks


85

MPLS Manager – VLL Manager

Configure & Edit VLLDisplay VLL View

and Statistics VLL View

– VCID– Name– Status – Conflict– Endpoints


86

MPLS Manager – VPLS ManagerConfigure & Edit VPLSDisplays VPLS View

and StatisticsVPLS View &

Topology – Details tab shows textual

status of VPLS Settings & Status

– Endpoint Settings– Topology status is updated via

polling & traps– Dotted line indicates peer is

down– Solid line indicates peer is up


87

Non-Brocade Device SupportIP discovery Topology map supportMIB IIICMP Ping health checkFDP, CDP, LLDPSupport any non-Brocade

device with standard MIB support


88

Performance Manager

Performance Manager (Enhanced SNMP Collector)

Support for non-Brocade devices

Display real time status of SNMP MIB values

CPU Utilization

Temperature

Fan status

etc

Up to 5 values can be plotted


89

NEXT GENERATION TECHNOLOGY UPDATE

DATACENTER


90

Data Center Market Dynamics

Key trends

Global competition

Recession

Data center consolidation

New technology

- Intel Xeon 5500 + Server 10 GbE

- Server virtualization

- FCoE

High availability

Price/performance value

Converged Enhanced Ethernet (CEE)

10, 40, and 100 GbE

Low latency

Solutions needed

Resulting needs

24 x 7 uptime

ROI

More storage

More bandwidth


91

Storage Arrays

Tape Libraries

NAS

8 Gbps DCX 4S / 48000 / 5300 / 5100

Agg

rega

tion

Acc

ess

10 GbE L4-7 ServerIron

10 GbE L2-3 BigIron RX

GbE ToRCES

WAN

Cor

e 10 GbE L2L3 BigIron RX

SAN

8 Gbps DCX Backbones

Serv

ers

10 GbE L2-3 BigIron RX

10 GbE ToR FCoE/CEE 8000

10 GbE MoRFastIron SX

Brocade Data Center NetworksHigh-level architecture 1 GbE

8 Gbps FC

10 Gbps CEE

10 GbE

4 Gbps FC

1/10 GbE ToR TurboIron

GbE ToRFastIron

http://images.google.com/imgres?imgurl=http://clairegiordano.org/blog/wp-content/uploads/2009/02/netapp-logo-new-small.jpg&imgrefurl=http://clairegiordano.org/blog/?m=200902&usg=__RmvQj9oUjnDN_7UNT50rPfoZ9nc=&h=198&w=175&sz=7&hl=en&start=2&um=1&tbnid=0H6svFvmDxcpMM:&tbnh=104&tbnw=92&prev=/images?q=netapp+logo&hl=en&rlz=1Q1GGLD_enUS319US319&sa=X&um=1


92

Aggregation

Core

Access

Next-Generation Data Center LAN

BigIron RX

BigIron RX

FastIron CX24/48x1 GbE server 4x10 GbE uplink

TurboIron 24X24x10 GbE Server/uplink

NetIron CES24/48x1 GbE2x10 GbE uplink

100 GbE

WAN

Tape Libraries

SAN

Storage Arrays

DCX 16 Gbps

DCX 16 Gbps

10 GbE

TRILL

Calisto

Brocade 8000


93

40G / 100G Ethernet Standard

Higher Speed Ethernet being defined in IEEE P802.3ba project

Standard intended to define MAC and physical layer for 40G and 100G Ethernet speeds

Standard expected to be ratified in mid-2010

Brocade is actively investing in development of these technologies

Brocade BigIron is 40G / 100G ready

BigIron RX will be industry most cost-effective 100G chassis!


94

100 GE and 40 GE Reach Options

PHY 40 Gbps support 100 Gbps support

At least 1m over a backplane 40GBASE-KR4

At least 10m over copper cable 40GBASE-CR4 100GBASE-CR10

At least 100m over MMF (ribbon cable)

40GBASE-SR4 100GBASE-SR10

At least 10km over SMF 40GBASE-LR4 100GBASE-LR4

At least 40km over SMF 100GBASE-ER4

Brocade Confidential - Under NDA


95

Brocade’s Current Plans for 40G & 100G

40G Module:– Targeted for DC access and

aggregation layers– Inherits current capabilities of

RX modules– Requires hSFM– Backward compatible with

existing modules– QSFP optics

• Initial optics focus on short-reach

– Target Availability:• H1, 2011

100G Module:– Targeted for SP backbones

and DC backbones– Inherits current capabilities of

RX modules– Requires hSFM– Backward compatible with

existing modules– CFP optics

• Permits longer reach from day 1 (at least 10 km)

– Target Availability:• H2, 2010

Preliminary Info: Subject to Change without Notice

Brocade Proprietary and Confidential


96

Summary of Industry Trends

Increase scalabilityIncrease bandwidthReduce costReduce complexityRemain committed to open standardsRemain green

Foundry Networks Inc.

New


97

Our Value Proposition

Industry leading performance

Compelling TCO advantages

Superior quality products

Delivered and supported by world-class global supply chain and global service organization


98

THANK YOU

DATACENTER

Documents

IP Product Suites - Q12010