2020年Brocade园区网解决方案.pptx

1、 2016 BROCADE COMMUNICATIONS SYSTEMS,INC.2016 BROCADE COMMUNICATIONS SYSTEMS,INC.2 2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY3公司成立公司成立第一代第一代SANSAN交换机发布交换机发布IPOIPO第三代第三代ASIC-BLOOMASIC-BLOOM发布发布收购收购VYATTAVYATTA虚拟路由器厂商虚拟路由器厂商进入NFV的L3虚拟化市场VYATTA厂商成立与2005年收购收购SteelAppSteelApp虚拟负载均衡虚拟负载均衡进入

2、NFV的L4-L7层虚拟化市场SteelApp属于Riverbed 2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY4交换交换路由路由有线有线无线无线SDN APPSSDN APPS 2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY5 2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY6痛点主要表现：痛点主要表现：1、BASE设备CPU高2、用户DHCP获取失败3、用户Radius认证失败4、带宽管理

3、问题5、流量可视化分析问题6、BASE冗余问题7、BASE设备端口成本昂贵8、配置管理复杂性痛点主要表现痛点主要表现：1、用户行为不可控2、大数据分析数据来源2、用户流量分析不完善3、设备功能未发挥(汇聚汇聚)4、上行链路冗余问题5、网络故障定位时间过长痛点主要表现：痛点主要表现：1、用户恶意网络攻击；2、用户行为分析与控制；用户终结用户终结一卡通一卡通用户终结用户终结一卡通一卡通汇聚交换机汇聚交换机汇聚交换机汇聚交换机汇聚交换机汇聚交换机汇聚交换机汇聚交换机内层防火墙内层防火墙内层防火墙内层防火墙外层防火墙外层防火墙外层防火墙外层防火墙DMZDMZ交换机交换机DMZDMZ交换机交换机接入交换

4、机接入交换机接入交换机接入交换机接入交换机接入交换机接入交换机接入交换机北向北向APIAPI接口接口OPENFLOWOPENFLOW业务流量镜像业务流量镜像南向接口南向接口从链路、应用层、用户、网段以及应用系统等各种维度检测网络从链路、应用层、用户、网段以及应用系统等各种维度检测网络 支持多种应用系统关键指标，主要包括连接建立时间、应用响应时间、访问量、在线用户数、并发支持多种应用系统关键指标，主要包括连接建立时间、应用响应时间、访问量、在线用户数、并发/新建会话数、吞吐量等新建会话数、吞吐量等 FloodFlood攻击检测攻击检测 支持ARP/DHCP/广播，以及自定义流量的Flood攻击检

5、测。并自动向SDN交换机下发OpenFlow规则，可对攻击流进行阻止、甚至清洗。Flood攻击检测 Flood流量报表 告警日志Tool Tool 3 3(IDS)(IDS)Tool Tool 4 4(CEM)(CEM)Tool Tool 5 5(CEMCEM)Tool 7(Recorder)Tool 1(VOIP)Tool 1(VOIP)入站端口入站端口出站端口出站端口仅仅特定流量被送往各个工具，这大幅仅仅特定流量被送往各个工具，这大幅降低了出站流量，显著提高工具利用率降低了出站流量，显著提高工具利用率SDNSDN设备是入站设备是入站/出站流量中转分配站出站流量中转分配站流表操作允许随时增加

6、和删除，对实际操作十分有方便。流表操作允许随时增加和删除，对实际操作十分有方便。结合出站流表过滤规则，能更进一步定位流量。结合出站流表过滤规则，能更进一步定位流量。VOIPIDSCEMWEB匹配流表匹配流表匹配流表匹配流表可配置的硬件过滤可配置的硬件过滤可自定义规则可自定义规则4-74-7层流量过滤层流量过滤Tool Tool 2 2(VOIP)(VOIP)负载均衡过滤+复制SDNSDN智能设备智能设备后端后端系统系统前端前端网络网络应用性能分析应用性能分析大数据分析平台大数据分析平台信息安全监测信息安全监测VLAN100 192.168.1.xBrocade Brocade switchsw

7、itchAP1AP1AP2AP2VLAN200/172.16.1.y802.1Q Trunk(VLAN 100,200)STA11.AP1在VLAN 100，子网为192.168.1.0/24，网关地址为192.168.1.254；AP2在VLAN200，子网为 172.16.1.1/24，网关地址为 172.16.1.2542.用户均通过DHCP获得IP，网关同时做DHCP 服务器，3.当STA1上网后，获得192.168.1.X的IP地址 如192.168.1.100，可以正常上网4.当已经获取192.168.1.100地址的用户从VLAN100的AP1漫游到VLAN200的AP2时，AP

8、会发出一个l2uf的报文，这个报文目的MAC是ff:ff:ff:ff:ff:ff，源MAC是终端的MAC地址，这可以通过SDN交换机上的流表将这条l2uf信息复制一份到后端SDN APP上5.此时SDN APP可以通过判断源IP地址属于192.168.1.X网段的方式，将其VLAN ID由VLAN 200改为VLAN 100，并转发到对应的上行端口，这样来自192.168.1.100的上行方向的报文就能正常发送到对应的GW6.同时，SDN APP可以根据收到的l2uf，判断此时该终端位于哪颗AP之下，从而下发流表将下行方向的流量修改对应的VLAN ID，并转发到对应该AP的端口Gateway

9、with VLAN terminationDHCP ServerInternetPOE SwitchPOE SwitchVLAN100GW1/VLAN 100:192.168.1.254GW2/VLAN 200:172.16.1.254VLAN200 2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY27Brocade Enterprise-Campus Network Solutions 2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY28Campus Fabri

10、c SolutionBrocade Distributed ChassisBrocade ICX 7750 480 Gbps Backplane High-Speed Campus RingAccessBrocade ICX 7450Brocade ICX 7250AccessBrocade ICX 7450Aggregation/CoreAccessAggregation/CoreBrocade ICX 7250Brocade ICX 7750Brocade ICX 7750Brocade ICX 7450Brocade ICX 7750Aggregation/CoreBrocade ICX

11、 7750 Benefits Simpler:Collapsed access/aggregation/core layer Automated:Single point of management across network layers Lower cost:A fraction of the cost of traditional chassis deployments Highly scalable:Add switches where and when capacity is neededBrocade ICX 7750Brocade ICX 7750Brocade Campus

12、ICX PortfolioPortfolio breadth for network needs 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY29Price/PerformanceFunction and ScalabilityMixed StackingSwitch Port ExtenderICX 7250Entry-level+ICX 6430/6450Entry-level+ICX 6610High-PerformanceICX 7750Aggregation/CoreICX 7450 MidmarketSwitch

13、 Port ExtenderRedundant PowerSuppliesRedundantFans6 x QSFP+交换容量交换容量包转发率包转发率1、提供48个1/10G光纤接口和6个40G光纤接口；2、可扩展6个40G光纤接口；3、40G接口可一分四个10G接口；4、支持软件定义网络SDN功能特性；5、支持12台物理设备虚拟化集群技术，虚拟化集群带宽支持480G；6、支持横向和纵向虚拟化集群技术；7、支持丰富的路由协议；8、虚拟化堆叠提供模块化机箱设备的可靠性和冗余性；9、虚拟化堆叠之后具备主控引擎、备份引擎、板卡角色分配；10、虚拟化堆叠提供跨机箱跨板卡的端口聚合能力。Brocade

14、ICX 7750 Switches High-performance distributed chassis system 48-port SFP+10 GbE 6+6-port QSFP+/40 GbE 48-port RJ-45 10 GbE 6+6-port QSFP+(six optional)Quad-core 1.5 GHz CPU 8 GB system memory,2 G Flash,USB storage Optional 640 GbE QSFP Redundant power supplies and fans with front-to-back or back-to

15、-front airflow High-performance,inter-processor stacking ports 2640 GbE ports QSFP+3240 GbE with optional moduleKey Highlights and Differentiators Unprecedented port density:10410 GbE/3240 GbE per unit or 4810 GbE with up to 1240 GbE uplinks/stacking ports Market-leading stacking scalability up to 1

16、2 units Longer stacking distance:10 GbE/40 GbE(up to 80 km)Chassis performance(5.76 Tbps aggregated stacking bandwidth)Hitless failover within the device and the stack SDN with hybrid mode OpenFlow 1.3 Full IPv4 and IPv6 routing support,includes BGP and VRF Extended operating temp(up to 50C)Common C

17、riteria and FIPs certification Brocade ICX 7750-48FBrocade ICX 7750-48CBrocade ICX 7750-26QAll Brocade ICX 7750 ModelsICX 7750 SeriesCHASSIS ARCHITECTURE IN A STACKABLE ENCLOSURE32ICX7750-48C 6-ports QSFP+,48-Ports RJ-45 10GE+6 ports QSFP+(optional)ICX7750-48F 6-ports QSFP+,48-Ports SFP+10GE+6 ports

18、 QSFP+(optional)ICX7750-26Q 26 ports QSFP+6 ports QSFP+(optional)Redundant PowerSuppliesRedundantFans6 x QSFP+32x 10GE COPPER32x 10GE FIBRE26 x QSFP+6 x QSFP+6 x QSFP+2014 Brocade Communications Systems,Inc.CONFIDENTIALFor Internal Use OnlyICX 7750-26Q Competitor Products33 2014 Brocade Communicatio

19、ns Systems,Inc.CONFIDENTIALFor Internal Use OnlyICX 7750-48C Competitor Products34Cisco Nexus 3132Q ICX 6680Arista 7050QCisco Nexus 3064-TJuniper QFX5100-48TExtreme X650-24TDell N40642014 Brocade Communications Systems,Inc.CONFIDENTIALFor Internal Use OnlyArista 7050-T-64ICX 7750-48F Competitor Prod

20、uctsCisco Nexus 3132Q ICX 6680Arista 7050QCisco Nexus 3064-XJuniper QFX5100-48SArista 7050-S-64HP 5820AF-24Dell N4064-F2014 Brocade Communications Systems,Inc.CONFIDENTIALFor Internal Use OnlyBROCADE ICX7750-48FBROCADE ICX7750-48FCISCO C4500X-32FCISCO C4500X-32FCISCO C6880-XCISCO C6880-X关键参数指标关键参数指标

21、ICX7750ICX7750C4500X-32FC4500X-32FC6880-XC6880-X整机万兆端口数963280/每个槽位16个整机交换容量1.92Tbps800Gbps2Tbps设计转发能力1.6Tbps设计转发能力整机包转发率1.44Bpps250Mpps300 Mpps堆叠虚拟化带宽480G80G160G堆叠数量12/虚拟化机箱2/VSS技术2/VSS技术MAC表容量294K55K128K冗余度电源风扇冗余电源风扇冗余电源风扇冗余Brocade ICX 7450 SwitchesEnterprise stackable switch delivers premium capab

22、ilities and ultimate flexibility372 modular slots240 GbE for stacking/uplinksor 810 GbE for uplinksDual modular power supplies AC/DCDual modular fan traysModular slot for uplinksUp to 12 units per stack(dual 40 GbE stack connections)24/481 GbE PoE+ports or481 GbE SFP fiber portsMACsec,EEE High PoE/P

23、oH support(8 ports,up to 95 W per port)Ultimate flexibility and future-proofing Five models supporting 24/48 PoE+and 48-port SFP Unique 3-slot design maximizes expandability Flexible uplinks/stacking options:40 GbE,10 GbE,10GBASE-T,and 1 GbE modules PoE+and new 60 W/95 W PoH high-wattage support MAC

24、sec encryption and EEE High-capacity AC/DC power options(up to 1,000 W)Reversible front-to-back or back-to-front airflow OpenFlow 1.3 Campus Fabric technology(Switch Port Extender)Advanced scalability and performance Stackable up to 12 units per stack(576 ports)960 Gbps aggregated stacking bandwidth

25、 Full Layer 3 feature capability,including BGP,VRF sFlow for granular network traffic accounting Up to 1210 GbE uplinks(fiber or copper)Optimum high availabilityRedundant,hot-swappable power supplies and fansHitless stacking failoverRedundant uplinks 1、提供48个1G光纤接口和4个万兆光口和2个40G光口；2、支持软件定义网络SDN功能特性；3、

26、支持12台物理设备虚拟化集群技术，虚拟化集群带宽支持320G；4、支持横向和纵向虚拟化集群技术；5、支持丰富的路由协议；6、虚拟化堆叠提供模块化机箱设备的可靠性和冗余性；7、虚拟化堆叠之后具备主控引擎、备份引擎、板卡角色分配；8、虚拟化堆叠提供跨机箱跨板卡的端口聚合能力。ICX 7450 Competitive landscapeWho are our main competition?ICX 7450 is a mid-market access/aggregation switch whose main competitors are Cisco 3650 Juniper EX4300 H

27、P ProCurve 3800 ICX 7450s competitive advantages:Max switches in a stack:12 Flexible uplinks/stacking options:40G,10G,10GBase-T and 1G modules PoH on 8 ports Full IPv4/IPv6 Unicast&multicast routing features MACSec*SDN*Switch Port Extender*2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY39*

28、-In a future releaseBrocade ICX 7450-48PCisco 3650-48PJuniperEX4300-48PHP ProCurve3800-48PMax fixed data ports48x10/100/1000 RJ-45 or 48x1G F48x10/100/1000 RJ-45 48x10/100/1000 RJ-45 48x10/100/1000 RJ-45 Uplinks 1G or 10G4x1G SFP and/or 4x10C and/or 4x10F 4x1/10G SFP/SFP+4x1/10G SFP/SFP+4x1/10G SFP/

29、SFP+Uplinks 40G1-2x40 QSFPNoNoNoPoE/PoE+Full PoE+,30WFull PoE+,30WFull PoE+,30W PoE+on 36 ports,30WuPoE/PoHPoH on first 8 ports;up to 95WNoNoNoMACSec/EEEYes*HW readyYesNoPort AttributesMax 10GE data ports 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY40*-In a future releaseBrocade ICX 745

30、0-48PCisco 3650-48PJuniperEX4300-48PHP ProCurve3800-48PMax switches in stack12 switches9 switches10 switches10 in ring or 5 full meshStacking Bandwidth160GStackwise 160GVirtual Chassis 320GMeshed stacking 80G/link;336G/moduleStacking ports40G and 10G*10G10G and 40G(4x40G fixed rear stacking ports)10

31、GStacking distance40G up to 10km*40G up to 100mUp to 3m10G up to 10km40G up to 150mUp to 3mStacking*-In a future release 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY41Brocade ICX 7450-48PCisco 3650-48PJuniperEX4300-48PHP ProCurve3800-48PAirflowFront to Back;Back to FrontSide/Back to Fro

32、ntFront to Back(PoE models support only front to back airflow)Side to sidePSU Options250WAC,1000WAC,510WDC250WAC,640WAC,640WDC,1025WAC350WAC,715WAC,1100WAC,550WDC400WAC,1000WACAvailable POE power1500W1550W900W1080WRedundant PSYesYesYesYesPower consumption111.96W107.4W175W*186W*Redundant FanYesYesYes

33、NoPower 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY42Performance 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY43Brocade ICX 7450-48PCisco 3650-48PJuniperEX4300-48PHP ProCurve3800-48PSwitching B/W336G176G496G176GForwarding B/W250Mpps130.95 Mpps369 Mpps130.9 MppsBrocade ICX 7

34、450-48PCisco 3650-48PJuniperEX4300-48PHP ProCurve3800-48PMax IPv4 routes16000240003200010000Max MACs32000320006400065500Licensing schemeNon-node locked licenseNode LockedNode LockedNode LockedsFlowYesNoYesYesJumbo Frame9216 bytes9198 bytes9216 bytes9216 bytesMax VLANs4094409440942048Max ARP 64000240

35、006400025000Features and Scalability 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY44Brocade ICX 7450-48PCisco 3650-48PJuniperEX4300-48PHP ProCurve3800-48PMax QoS Queues88128Max STP/MSTP instances128/16NA/64NA/64NA/NAMax trunk groups12412811224Max IPv6 routes3000NA180003000Max Ingress/Egr

36、ess ACLs3071/100NA/NA3500/10003072/0Max L2 Mcast groups8192409680002038Features and Scalability 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY45BROCADE ICX7450-48FBROCADE ICX7450-48FCISCO WS-C3850-24XSCISCO WS-C3850-24XS关键参数指标关键参数指标ICX7450ICX7450C3850-24XSC3850-24XS整机固定千兆端口数4824整机扩展插槽31扩展

37、接口类型和数量万兆接口12个40G接口2个万兆接口8个40接口2个整机交换容量336Gbps2个40G+48个1G+4个10G208Gbps2个40G+24个1G整机包转发率250Mpps150Mpps堆叠虚拟化带宽320G480G堆叠数量124MAC表容量32K32K冗余度电源风扇冗余电源风扇冗余Introducing the Brocade ICX 7250Entry-Level Stackable Delivers Highest 10G Scalability&Future Proof Functionality Ultimate Price:Performance Access Sw

38、itch 5 models with 24/48 port PoE+&non-PoE configurationsFull PoE on all portsFull PoE+on all ports with EPSRedundant system power with EPS High Performance Scalability Configurable 8x10GE uplink/stacking portsUp to 80 GB stacking bandwidth Up to 12 unit stackingHitless stacking failover Future Proo

39、f FunctionalityL3:RIPv1/v2,OSPFv2,GRE,VRRP,VRRP-EL3:IPv6 and multicast routing*sFlow for granular network traffic visibility 802.3at PoE+on all ports Switch Port Extender*EEEOpenFlow 1.3*Advanced External Power Supply(EPS)Redundant power for up to 16 ICX 7250 SwitchesAdditional PoE power budget for

40、up to 8 switchesConfigurable 8x10G for uplinks/stackingUp to 12 units per stack(40G&80G stacking BW)24/48x 1G PoE+&non-PoE configurationEEE,OpenFlow 1.3&Switch Port Extender readyNew External Power Supply(EPS)Power supply redundancy for up to 16 switchesUp to 3000W external PoE budget EPS for redund

41、ant system power and additional 750W PoE budget*Future feature enhancement 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLYICX 7250 Competitive landscapeWho are our main competition?ICX 7250 is an entry-level access switch whose main competitors are Cisco 2960-X Juniper EX3300 HP 2920 ICX 7

42、250s competitive advantages:Max switches in a stack:12 8x10G uplink/stacking ports Full IPv4 Unicast routing features Full IPv6 and multicast routing features*SDN*Switch Port Extender*-In 8.0.40(End of 2015)2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY48Port AttributesMax 10GE data ports

43、 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY49Brocade ICX 7250-48PCisco 2960-X-FPD-LJuniperEX3300-48PHP 2920-48G-PoE+740WMax 1GE fixed ports48484848Max Uplinks 1G/10G8 x 1/10G2 x 1/10G4 x 1/10G4 x 1G(Fixed)+4x10G(Optional)PoE/PoE+24 ports PoE+,48 PoE 24 ports PoE+,48 PoE 24 ports PoE+,

44、48 PoE24 ports PoE+,48 PoEMACsecNoNoNoNoEEEYesYesYesYesStacking*-In 8.0.40(End of 2015)2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY50Brocade ICX 7250-48PCisco 2960-X-FPD-LJuniperEX3300-48PHP 2920-48G-PoE+740WMax 1GE fixed ports48484848Max Uplinks 1G/10G8 x 1/10G2 x 1/10G4 x 1/10G4 x 1G(

45、Fixed)+4x10G(Optional)PoE/PoE+24 ports PoE+,48 PoE 24 ports PoE+,48 PoE 24 ports PoE+,48 PoE24 ports PoE+,48 PoEMACsecNoNoNoNoEEEYesYesYesYesBrocade ICX 7250-48PCisco 2960-X-FPD-LJuniperEX3300-48PHP 2920-48G -PoE+740WMax switches in stack128104Stacking Bandwidth80G80G80G80GStacking ports4x10G2x20G4x

46、10G2x20GStacking distance10km3m80km3mStacking moduleIncludedOptionalIncludedOptionalSwitchport ExtenderYes*NoNoNoPower 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY51Brocade ICX 7250-48PCisco 2960-X-FPD-LJuniperEX3300-48PHP 2920-48G -PoE+740WAirflowSide-to-BackFront and sides to backFron

47、t-to-back;Back to front(on the 48T-BF model only)Front-to-backPSU OptionsFixed 880WACFixed 1025WACModular 900WACModular 575WAC&1050WACMax available PoE power without EPS780W740W740W740WRPSYesYesYesYesEPSYes+power injection of up to 750WNoNoYes+power injection of up to 370WMax Power consumption85W67W

48、91W116WPerformance 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY52Brocade ICX 7250-48PCisco 2960-X-FPD-LJuniperEX3300-48PHP 2920-48G -PoE+740WSwitching B/W256Gbps216Gbps176Gbps176GbpsForwarding B/W190.4Mpps130.9Mpps130 Mpps130.9MppsBrocade ICX 7250-48PCisco 2960-X-FPD-LJuniperEX3300-48PH

49、P 2920-48G-PoE+740WUSB StorageYesYesYesYesMax IPv4 routes1200016 static80002048Max MACs16000160001600016000LicensingSame as ICX 7450 with non node-locked license+additional10G POD licenses Lan Base(No Layer 3)Base+Extended+Advanced license for Layer 3 and IPv6.No LicenseMax VLANs409410244094256Packe

50、t Buffer Size4M4MNA11.25MBJumbo Frame9216 bytes9216 bytes9216 bytes9220 bytesQoS Queues8888Features and Scalability 2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY53Brocade ICX 7250-48PCisco 2960-X-FPD-LJuniperEX3300-48PHP 2920-48G-PoE+740WMax MSTP instances16656416Max Trunk Groups12824325