Enterasys ANG-1000 Manual de usuario descargar pdf (Pagina 5)

A signiﬁcant additional feature of the N-Series is the capability to

supportMulti-UserAuthentication,thismeansthatmultipleusers/

devices can be connected to the same physical port, and that each one

can be authenticated individually using one of the multi-method options

(802.1x,MAC,orPWA).

Thevalueexistsintheabilitytoauthorizemultipleusers,eitherusing

dynamicpolicyorVLANassignmentforeachauthenticateduser.Inthe

caseofdynamicpolicy,thisiscalledMulti-UserPolicy.

Multi-userportcapacitieswiththeN-Seriesaredeterminedonaper

port,perDFE,andpermulti-slotsystembasis.DefaultPlatinumDFE

capacities are as follows:

Perport:8-128

Perblade(DFE):1024

Perchassis:1024

Itispossibletoincreasethesecapacitiesbypurchasingadditional

licences. The N-EOS-PPC license increases user port capacity on a per

DFEbasisfromthedefaultcapacityof8-128toamaximumof1024.

Whenpresent,theN-EOS-PUCupgradelicensesetsthechassiscapacity

at2048userspersystem,thisvaluecanbeoverriddenusingaCLI

commandsettingthemaximumof2048users/port.N-EOS-PPCand

N-EOS-PUCarenotavailableforGoldDFEsandareanoptionalpurchase

forPlatinumDFEs.DiamondDFEsincludeN-EOS-PPC.

Muti-userauthenticationandpolicycanprovidesignicantbenetsto

customersbyextendingsecurityservicestousersanddevicesconnected

to unmanaged devices, third party switches/routers, VPN concentrators,

orwirelessLANaccesspointsattheedgeoftheirnetwork.Security,

priority,andbandwidthcontrolareenhancedwhileprotectingexisting

network investments.

Dynamic, Flow-Based Packet Classiﬁcation

Another unique feature that separates the N-Series from all competitive

switchesisthecapabilitytoprovideUser-BasedMulti-layerPacket

Classication/QoS.Withthewidearrayofnetworkapplicationsusedon

networkstoday,traditionalMulti-layerPacketClassicationbyitselfisnot

enough to guarantee the timely transport of business-critical applications.

IntheN-Series,User-BasedMulti-layerPacketClassicationallows

trafﬁc classiﬁcation not just by packet type, but also by the role of the

useronthenetworkandtheassignedpolicyofthatuser.WithUser-

BasedMulti-layerPacketClassication,packetscanbeclassied

basedonuniqueidentierslike“AllUsers”,“UserGroups”,and

“IndividualUser”,thusensuringamoregranularapproachtomanaging

and maintaining network conﬁdentiality, integrity, and availability.

Layer 2

• MAC Address

• EtherType (IP, IPX, AppleTalk, etc.)

Layer 3

• IP Address

• IP Protocol (TCP, UDP, etc.)

• ToS

Layer 4

• TCP/UDP port (HTTP, SAP,

Kazza, etc.)

SwitchPortVLANUserFlow

Deny

Priority/QoS

Rate Limit

Permit

Contain

N-Series

Access Control

Class of Service

User-Based Multi-layer Packet Classification/QoS

Integrated Services Design

IntegratedServicesDesignisakeydifferentiatorthatseparatesthe

N-SeriesDFEfromthecompetition.IntegratedServicesDesignreduces

the number and type of modules required to build typical wiring closet

congurations,simplifyingtheoverallnetworkdesign.Inturn,this

signicantlyreducesthemaintenanceandsparingcostaseachDFEcan

perform all of these services unlike competitive offerings which have a

plethora of different line cards required in order to provide similar services.

Per DFE Integrated Services Design

Multi-layer packet classiﬁcation - enables the delivery of critical

applications to speciﬁc users via trafﬁc awareness and control

• User,Port,andDeviceLevel(Layer2through4packetclassication)

• QoSmappingtopriorityqueues(802.1p&IPToS/DSCP)upto16

queues per port

• Multiplequeuingmechanisms(WFQ,WRR,etc.)

• GranularQoS/ratelimiting

• VLAN-to-policymapping

Switching/VLAN services - provides high-performance connectivity,

aggregation, and rapid recovery services

• Extensiveindustrystandardscompliance(IEEEandIETF)

• Inboundandoutboundbandwidthratecontrolperow

• VLANservicessupport

 −Linkaggregation(IEEE802.3ad),32trunksperN-Serieswithno

limittothenumberofportspertrunk;trunkscanspanDFEs

 −Multiplespanningtrees(IEEE802.1s)

 −Rapidrecongurationofspanningtree(IEEE802.1w)

•Flowsetupthrottling

Feature Summary

Page 5

1 2 3 4 5 6 7 8 9 10 11 12

Comentarios a estos manuales

Sin comentarios

Enterasys ANG-1000 Manual de usuario Pagina 5

Comentarios a estos manuales

Relacionado con productos y manuales para Gateways / Controladores Enterasys ANG-1000