370 likes | 544 Vues
Product and Technology Overview. May/2006.
E N D
Product and TechnologyOverview May/2006 This presentation may contain forward-looking statements, including statements about products, expenditures and resource allocation, customer development, and Company positioning, which reflect the Company’s current judgment on those issues. Because such statements deal with future events, they are subject to risks and uncertainties that could cause the actual results to differ materially. Furthermore, this presentation contains information concerning historical performance and results, which cannot be taken as a guarantee or even indication of future performance or results. In addition to the factors that may be discussed in this presentation, important factors which could cause actual results to differ materially are contained in the Company’s 10-Qs and 10-Ks which are on file with the Securities and Exchange Commission (<http://www.sec.gov>).
Key Enterprise Trends • Infrastructure • FE GE (with PoE) for connectivity • 10 Gig as interconnect • Wired Wireless transition • Convergence: IP Telephony is the start • LAN Security • Problem area is the “soft interior” • Dealing with Day-Zero attacks • New Data Center Technologies • Including Ethernet as interconnect for cluster computing • Managing Complexity
Biggest Deployment Concerns InformationWeek VoIP Study, February 2004(300 IT execs) Convergence Network Upgrades To address concerns about current network
Voice Quality Connections Voice Class Availability Lead to Cost-Effective Security Simple Management Key Requirements New Platforms New Technologies
Ethernet Switching Platforms The Extreme Portfolio Security Appliance Day-Zero attack mitigation @ 10Gig Wireless Mobility Switch Voice Class Scalable Wireless Voice Convergence Applications Open Converged Network
BlackDiamond 10K BlackDiamond 6800 Scalability Alpine Performance and Features Switching Products Q4 ‘03 BlackDiamond BD10K:10/100/1000, 10Gig, Large Table size, core applications BD8800: 10/100/1000, 10Gig, High Capacity PoE, Edge and Aggregation BD6800:High density 10/100, Gig, MPLS, Small Core and Aggregation applications BlackDiamond 8800 Q1 ‘05 Alpine 10/100/1000 + VDSL/ Wireless AccessT1/T3 WAN and Gig Uplinks, high density edge and aggregation applications Summit X450 Q2 ‘05 Summit Edge Q2 ‘05 Q3 ‘04 Summit 10/100/1000 + Wireless AccessGig to 10Gig uplinks ExtremeWare ExtremeWare XOS Feature Rich, High Performance ASICs
ExtremeWare XOSModular OS Enhances Availability • With modularity …. • Self-healing process restart • In service upgrades • Load new applications in service • Without modularity …. • Reboot entire OS to recover from process failure • Reboot entire OS to add patches • Reboot entire OS to add applications • XOS: shipping since Dec 03 • Available on BD 10K, 8800, and the Summit X450
Network Management Building the Network BlackDiamond 8800 BlackDiamond 10K Summit X450 BlackDiamond 6800 Summit 400 BlackDiamond8800 Alpine 3800 Summit48si EPICenter Summit 300 Summit 200
Scalability Performance and Features Summit Family Portrait Summit “i” series XOS platform Aggregation and Small Core Summit X450-24x/24t Summit48si 10Gbps Stacking Summit 400-24t Summit 400-24p 1Gbps Stacking * Summit 400-48t Summit 300-24/48 Summit 200-24/48 Edge Application Fast Ethernet Fast Ethernet PoE Gigabit Gigabit PoE Gigabit + 10G * Stacking not supported on 300-48
PoE and Wireless Edge Switches • 24 or 48 ports, 2 to 4 Gigabit uplinks, fiber or copper • Summit 200 feature set (stacking only on 300-24) • 802.3af Power over Ethernet and redundant PSUs • Altitude 300 – dual-radio: concurrent 802.11a and 802.11b/g operation; integrated and detachable antenna versions and rated for plenum; Wi-Fi CERTIFIED™ for 802.11a/b/g and Wi-Fi Protected Access (WPA) • SVP and IAPP protocol support • Direct connect and remote connect (on 300-48 only) Secure and Reliable Edge Switches • 24 or 48 ports, 2 Gigabit uplinks, fiber or copper • Line rate non-blocking fabric • Complete security includes multiple supplicant user authentication, secure protocols, • Convergence ready with voice-grade link redundancy support, low latency and jitter, 4 QoS queues • Management simplicity with UniStack stacking Summit 200/300 Series SwitchesFor Convergence-ready 10/100 Edge Connectivity Summit 300: Powered plus Wireless Q3 ‘04 Q3 ‘03 Summit 200: Edge Access with Full Security
Line Rate Gigabit Access • 24 or 48 10/100/1000 ports with 4 fiber uplinks • Optional dual 10-Gigabit uplinks on Summit 400-48t Convergence from the Ground Up Management Simplicity Summit 400-24t/48t: Gigabit to Desktop • 8 QoS queues, L2,3,4 traffic classification • Low latency and jitter stacked or standalone • Voice-grade link redundancy with EAPS • UniStack stacking single point of management for up to 8 switches • Integrated wired and wireless management Summit 400-24p: Universal Access Powered and Wireless • Flexible Gigabit or legacy 10/100 connectivity • Non-Powered, or Powered with 15.4W per port • Wireless features in conjunction with A300 Summit 400-24p: Power over Gigabit High performance UniStack Stacking; Summit 400-48t adds 10-Gigabit uplinks Summit 400 Series SwitchesFor Gigabit Access, Powered or Non-Powered LAN Q2 ‘05 Q2 ‘05
State of the Art Availability • Modular ExtremeWare XOS operating system • ECC memory, redundant OS and config images • External redundant PSU Comprehensive Security • Multiple supplicant user authentication • sFlow continuous traffic monitoring • Trusted Computing Group host integrity checking High Performance Multi-Gigabit Switch • 24 Gigabit ports, fiber or copper, including 4 convenient dual-personality copper/fiber ports • Optional dual 10-Gigabit uplinks Advanced Protocols for Core Deployment External Redundant PSU connector • Full routing support with OSPF, PIM, ESRP, VRRP, EAPS, BGP • IPv6 software forwarding Redundant 10-Gigabit option Summit X450 Series SwitchesFor Gigabit Aggregation and Small Network Core Q2 ‘05 Copper Gigabit Q2 ‘05 Or Fiber Gigabit
Summit Roadmap • Summit 200-100FX – November 2005 (for Fed Market) • Next generation Summit 400s with XOS • Several options of Gigabit (with, without power) with 10 Gig uplinks • New capabilities • XOS on all models (including on PoE edge switch) • Redundant AC or DC power options • IPv6 hardware support • Support for policy based routing, centralized ACLs, Universal Port Manager, and CLEAR-Flow • Summer 2006
Scalability Performance and Features The Family Portrait BlackDiamond 10K Core BlackDiamond 6800 BlackDiamond 8800 Alpine 3800 Aggregation Edge Fast Ethernet + Gig Uplink High Density FE + Gig and 10Gig Gigabit + 10G
Available I/O Modules 3 BD8810 per standard 7’ rack Performance without compromise • 48 port 10/100/1000BASE-T PoE – Universal jack for IP Telephones, WAPs, Gigabit PCs • 48 port 10/100/1000BASE-T • 24 port 1000BASE-X (mini GBIC) • 4 port 10GBASE-X (XENPAK) • 432 ports 10/100/1000BASE-T • Powered by only internal power supplies: • Up to 432 class 1 or 2 devices • Up to 333 class 3 devices • 224 ports 1000BASE-X (mini GBIC) (208 ports with 2 MSMs) • 36 ports 10GBASE-X (XENPAK) (32 ports with 2 MSMs) • Every Gig and 10 Gig port non-blocking • 48 gig/slot backplane capacity • 384 Gbps local switching per I/O module • 570 Mpps switch throughput • 8 Gig fiber uplink ports per MSM BlackDiamond8810 For high-density IP Telephony edge, medium core and server connectivity • Redundant System Design • Non-stop Operating System • Network Resiliency Protocols • High density non-blocking Gigabit and 10 Gigabit ports • High density PoE support using internal supplies • Low latency and jitter for voice support • Integrated wired and wireless networking • User and Host Integrity • Threat Detection and Response • Hardened Infrastructure Voice Class Availability Q1 ‘05 High Performance Connectivity Comprehensive Security
BlackDiamond 8810 Roadmap • System • 6 Slot Chassis – September 2005 • DC Power Option – November 2005 • Blades refresh in mid 2006 • Ongoing cost reductions • New capabilities • New Capabilities • IPv6 in hardware • Centralized ACLs • CLEAR-Flow • Policy Based Routing • Universal Port Manager
8 slots with up to 60 Gbps I/O per slot 2 Systems/rack (42” or 24RU) MSM Redundancy Fabric and control 6 Power Supplies in N+1 configuration 3 minimum for fully populated chassis Common supply across new Extreme platforms Designed to NEBS Level 3 Front to back Air cooling Passive backplane Non-Stop Switching In-Service Maintenance Self-Healing ECC memory Carrier Class Chassis Design
MSM Blades • Two fully redundant MSM blades per system • MSM module hosts main CPU • Dual core 750 MHz CPU on each MSM • Two MSM module types – MSM-1, MSM-1XL • MSM-1 for Enterprise • Supports up to 128,000 entries for MAC, IP, ACL, and statistics • Core license includes OSPF, PIM • MSM-1XL for Metro SP and Large Enterprise • Supports up to 256,000 entries for MAC, IP, ACL, and statistics • Advanced Core license includes IS-IS, BGP-4, MPLS • Metro and Large Enterprise target
I/O Blades • 60 Port 10/100/1000 Ethernet Copper – Khatanga G60T • 60 Port Ethernet Fiber: Mini-GBIC (SFP) – Rhine G60X • 6 Port 10 Gigabit Ethernet (Xenpak) – Santiam 10G6X • 2 ports of 10 Gigabit Ethernet (Xenpak), Santiam 10G2X • 20 ports of Gigabit Ethernet Fiber – Rhine G20X
BlackDiamond 12K • BD 10K features “and more” in a 10 U Chassis • Multi-level resiliency • Redundant Hardware: 1+1 redundancy instead of load sharing • Modular OS • Network level protection – EAPS • BD 10K CLEAR-Flow and L3 Virtual Switching technology • Advanced Traffic Management • Quality of Service and Hierarchical Queuing enable SLAs for E-Line and E-LAN services • Line rate multicast supports IPTV • Service and Quality mapping to VMANs/VLANS offers deployment flexibility • Global Scalability • VMANs, Private VLANs, etc. • MPLS – L2 and L3
BD12K Shelf Hardware Hitless Chassis Design 1+1 Redundant MSMs (Hot/Standby) Passive Backplane 10 RU 20G per I/O Slot Non-Blocking 4 I/O Slots GbE Tributaries 10GbE Trunks 4GNSS Fabric N + 3 SSI Redundant PSUs Same PSU as BD 10k & 8808 ExtremeWare XOS
BD12K Line Cards • GM-20XTR: 20 port 1000BASE-X SFP / 1000T RJ-45 with rate limiting • GM-20T: 20 port 10/100/1000BASE-T RJ-45 • XM-2XR: 2 port 10G XENPAK with rate limiting • MSM-5R: Hierarchical rate limiting • 1 MSM Supports full 80G capacity of the switch
10 Gig XENPAK • 10GBASE-SR • 28m to 300m on new multimode fiber • 10GBASE-LR • Up to 10Km on single mode fiber • 10GBASE-ER • Up to 40Km on single mode fiber • 10GBASE-ZR • Up to 80Km on single mode fiber – Q2 ’05 • 10GBASE-LW • 9.953Gbps (OC192) WAN PHY – Q4 ’05 • 10GBASE-LRM • Up to 10Km single mode, 300m multimode – Q4 ’05? • 10GBASE-CX4 • Up to 15m on Infiniband cable – no plans to productize • 10GBASE-LX4 • Up to 10Km single mode, 300m multimode – can hit Q3 ’05
XFP • State of the Industry: • XENPAK shipments are about 30x to 50x that of XFP today. • Most XFP today is shipping for OC192 or 10GFC application. • Only SR and LR is shipping today. ER to ship in 3-6 months. ZR may be possible in mid-2006. • Extreme targeting first deployments in early 2006 GBICs • 100FX/1000X dual-speed SFP – Q3 ‘05 • 100FX 1310nm standard - Single Mode 10km, Multimode 2km • 1000X Single Mode 10km, Multimode 500m • May require multimode line conditioning patch cable for 1G
Security Appliance Day-Zero Attack Mitigation @ 10G
Extreme Sentriant™ • Rapid threat detection • Creates decoys in unused IP space • Active Deception • Mimics basic TCP, UDP and ICMP responses • Pin-point Defense • Deployment Modes: • Stand-alone: On any network, based on broadcast traffic inspection • Integrated: On BD10K network, based on CLEAR-Flow mirrored traffic inspection • 4 x 10/100/1000 ports, 1Gbps aggregate throughput • 32 concurrent VLANs • 2RU, 19” W x 17” D, front-port network form factor Q3 ‘05
Suspicious activity Signature updates complete Start attacking Finish mitigation Mission complete Mission complete Day Zero Attack Mitigation • Behavior based anomaly detection • Automatic threat containment in seconds • Highly scalable threat mitigation with CLEAR-Flow integration Attack Traffic Virus spread Clean-up the hosts Signature Based Act after Virus spread, Once infected, then time/$$$ consumed Suspicious activity starts Anomaly detection, threat containment Behavior Based Detect and Block the rapid propagation threat before spread Time
Permit Non-Cloak Deny QoS Cloak ACL Rules Sentriant Rules CLEAR-Flow Policy Rules Rule triggered ? Policy triggered ? Dynamic ACL Mirror Multi-Gigabit Network Trap Trap Syslog Syslog CLI Security @ 10Gig with CLEAR-Flow • CLEAR-Flow integration enables • Selective Mirroring by pre-processing the traffic in hardware • Scales up to 160Gbps of traffic pre-processing, faster anomaly detection • Sentriant feeds back the result to Core Switch for • Further investigation, Throttling, Shutdown, or any scripted command in XOS CLEAR-Flow Mirrored Data Multi-Gigabit Core Switch XML
Sentriant CLEAR-Flow inspects all traffic Agilent NetworkTester ATTACKER 10 GbE 10 x 1 GbE 10 GbE Agilent N2X Background Traffic Generator Extreme BlackDiamond 10K Extreme BlackDiamond 10K Agilent NetworkTester TARGET Sentriant™ Testing & Verification • Test #1 - IOMetrix Testing Results • BD10k, CLEAR-Flow, Sentriant™ • 10Gbps background traffic • Detected & Throttled: • 9 DoS attacks • Detected & Cloaked: • 1 “Live” virus – Sasser. • Test #2 - Internal Lab Testing Results • BD10K, CLEAR-Flow, Sentriant™, universal1.pol (Also BD8810, S450). • 20 Gbps UDP (Constant load). • 5 Gbps TCP Http Get Sessions (Constant load). • Detected & Cloaked: • Worms: Sasser, Welchia, Blaster, MyDoom • Hacks: IP Spoof, MAC Spoof, SYN Flood, Ping Flood, Ping Sweep • DoS’s: TCP Xmas, Null, Syn/Fin, All Flags
Summit WMWireless Mobility Delivering the Voice Grade Wireless Network
Data-Grade Roaming Small to Mid-sized Networks Single Access Support Voice-grade Roaming Large Networks Multiple Access Types Altitude 350-2 Summit WM1000 Functionality Summit WM100 Altitude 300 Access Point Wireless-enabledSummit and Alpine Extreme Networks Wireless Solutions Q3 ‘05 Q3 ‘03
Key Features at a Glance Automatic RF Management End-to-End QoS over the Air and Wired Voice Grade L3 Roaming Managing Access, not Access Points