Based on the award-winning EXTREMEWareฎ Layer 3
software, the Summit 300-48 provides 48 ports of 10/100 Ethernet
with four physical Gigabit Ethernet uplinks (four active and
four redundant). Every port delivers a vast array of EXTREMEWare
Layer 3 and Layer 2 features; ranging from OSPF routing and
advanced Quality of Service (QoS) classification to the latest
advancements in security. Years of development based on the
requirements of thousands of customers enables EXTREME- Ware to
deliver the most comprehensive Layer 3 advanced software
solution set at the edge while allowing easy expansion and
addition of services without major upgrades.
Once again, EXTREME Networks demonstrates why it is the
leader in Layer 3 switching for today's most demanding converged
networks.
SUMMIT 300-48 BENEFITS
Non-blocking wire-speed architecture ensures performance for the
most demanding wired and wireless applications. EXTREME's
Altitude access points support 802.11 a, b, and g, today's
fastest wireless LAN standards.
Redundant copper and fiber gigabit uplinks, dual-homed
configurations, and sub-second EAPS failover provide
missioncritical resiliency. The switch continuously monitors
"heartbeats" generated by the Altitude access points, ensuring
more continuous wireless user operation.
EXTREME Networks UAA provides a single wired/wireless
authentication infrastructure for consistent, policybased
security from the edge to the core. Wireless security includes
hardware-accelerated AES and RC4 encryption. EXTREME Networks
also offers rogue access point detection for defending the
wireless perimeter of a network.
The Summit 300-48 provides PoE to every port for voice, video,
wireless, or data devices.
As a member of EXTREME's comprehensive family of switches, the
Summit 300-48 can be centrally deployed, managed, and monitored
using EXTREME Networks EPICenterฎ management platform
or any SNMP-based products. In addition, EXTREME Networks offers
the RF Manager site survey tool for simplified wireless design
and its AccessAdapt utility for no-config installation of the
Altitude access points.
EXTRAORDINARY PERFORMANCE, POE, AND WIRELESS
With its non-blocking architecture the Summit 300-48 has a
17.6 Gbps switch fabric that enables all RJ-45 copper 10/100
ports to operate at line rate. Four hardware queues per 10/100
port provide granularity and guarantee low latency and low
jitter for time-sensitive voice and multi-media applications.
These applications also benefit from features such as DiffServ
and 802.1p which deliver varied levels of service and ensure
efficient bandwidth usage. The Gigabit Ethernet uplink
portsfour 1000BASE-T RJ-45 copper and four SFP GBICcan be
configured as 4 active and 4 redundant for fast Layer 1 failover.
These uplink ports provide the added flexibility of port
redundancy between copper and fiber ports, enabling backup links
to the active uplinks with sub-second (50 msec) failover
capability through EAPS.
The Summit 300-48 offers a number of features that improve
the performance of the network, such as RIP, OSPF, Network
Address Translation, QoS classification, dynamic VLANs, and
Access Control Lists (ACLs). For converged applications
involving voice or rich media, the switch provides multicast,
re-writing 802.1p tag prioritization, or prioritization using
Layer 2/3/4. Rate shaping can be used for optimum VoIP
performance.
The Summit 300-48 delivers advanced high availability
features traditionally reserved for carrier networks. Ethernet
Automatic Protection Switching (EAPS, RFC 3619) delivers
sub-second (less than 50 msec recovery) protection switching to
interconnected switches in an Ethernet ring topology. Similar to
the Spanning Tree Protocol (STP), EAPS offers the advantage of
converging in significantly less time than STP or even Rapid
Spanning Tree (802.1W) when a link breaks in the ring. EXTREME
Standby Routing Protocol (ESRP) can be implemented at both
Layers 2 and 3 and extends the Virtual Redundant Redundancy
Protocol's (VRRP) capabilities, adding Layer 2 resiliency and
loop prevention and Layer 3 default router redundancy. It can be
used as a STP substitute and can be scaled to protect thousands
of VLANs. Multiple instances of ESRP in the same VLAN allow
direct host attachment to standby switches. Equal Cost Multipath
(ECMP) adds network resiliency as multiple equal-cost routes can
be used concurrently to an end destination.
With software redundant port feature, a specified primary
port can be backed up by another port. Should the link go down
on the primary port, the redundant port will establish link and
become active. Thus multi-homed redundancy can be easily
designed without the implementing complexity of a protocol.
For PoE, the switch generates up to 15.4 watts of PoE for
devices such as VoIP phones, surveillance cameras, badge
readers, EXTREME's Altitude access points, and "fat" access
points sold by other vendors. Up to 480 watts of redundant PoE
are available by adding the hot-swappable optional PoE supply.
When used with Altitude access points, the Summit 300-48 ensures
wireless performance as each access point simultaneously
broadcasts both 802.11a and 802.11b/g. EXTREME Networks has also
implemented the SpectraLink Voice Protocol (SVP), a QoS standard
used by the leading wireless LAN handsets today for recognizing
and prioritizing voice packets. When enabled in tandem with the
Inter-Access Point Protocol (IAPP) which allows Layer 2 roaming
between AP's, Voice over Wireless LAN (VoWLAN) users can
productively communicate with customers, patients, emergency
personnel and employees anytime within a facility.
Compared to other vendors' point solutions, the Summit 300-48
offers a low total cost of ownership because it is fully
integrated into EXTREME's family of edge, aggregation, and core
end-to-end solutions. EXTREMEWare Layer 2 and Layer 3 features
implemented in the Summit 300-48 are shared with all other
EXTREME platforms in the Summit product line as well as with
Aspen, Alpineฎ, and BlackDiamondฎ,
switches.
From a PoE/wireless perspective, the Summit 300-48 is
complementary to the 24 port Summit 300- 24, the Aspen PoE
blade, and the Alpine 3800 PoE blade. Each of these switches
supports EXTREME Networks UAA, providing a seamless
infrastructure for voice and data support on both wired and
wireless networks. EXTREME Networks EPICenter management
platform makes it easy to develop centralized configuration and
management policies throughout the network. The Summit 300-48
also uses the same command line interface (CLI) and the same
management commands as other EXTREME switches so training time
and expense are reduced as operational expertise can be shared
over an entire network solution.
INTELLIGENCE AT THE EDGE WHERE YOU NEED IT
ENTERPRISE networks need both Layer 2 and Layer 3 intelligent
services at the edge to ensure maximum network efficiency.
Intelligence supports critical functionality such as security to
prevent unauthorized access, high availability to ensure network
uptime, and common management to reduce expenses.
Security is a paramount concern in today's converged
networks. EXTREME Networks UAA provides consistent wired and
wireless security from the edge to the core. EXTREMEWare
supports multiple authentication options including 802.1x,
web-based login with SSL, and MAC address. With IEEE 802.1x
login, Network Managers can always control who is accessing and
connected to the network. Web-based network login offers the
freedom of authenticating through any HTTPcompliant web browser.
During the authentication process, SSL (Secure Sockets Layer)
encrypts logon information.
MAC Address Security prevents unauthorized port abuse from
rogue wireless access points or hubs/switches on edge ports.
Port abuse can be reduced using lockdown on a per port basis
and/or limiting of the number of MAC addresses learned by a
port. The lockdown feature and saving learned MAC addresses
between reboot can be used, for example, to help protect
dedicated ports for VoIP phones or printers from abuse. Limiting
the number of MAC addresses learned on a port also allows
enforcement of service level agreements in tenant or service
provider environments. MAC Address Security can also be used in
conjunction with a RADIUS server to allow devices such as bar
code readers that do not support 802.1x to enter the network
based on their MAC address.
Multiple Supplicant (client) enables clients to be
individually authenticated on the same port. This ensures that
all clients are authenticated to a wireless access point or hub.
Without this, a client could authenticate, leaving the port open
for additional clients to connect without authentication. Wire
speed Layer 2-4 ACLs enable port security without worrying about
the degrading performance and disrupting business applications
or reducing productivity. SSHv2 allows Network Managers to
securely and remotely configure the switch with less risk of
packet snooping or man-in-themiddle attacks. SSHv2, denial of
service protection, TACACS+ and RADIUS provide reliable and more
secure configuration traffic (encryption) and authentication.
As part of its UAA, EXTREME Networks has comprehensively
designed for wireless security. The Altitude access point offers
scalable, hardware-accelerated AES and RC4 encryption. EXTREME
also offers rogue access point detection for defending the
wireless perimeter of a network. Perimeter defense is monitored
and reported by EPICenter, which also offers a "oneclick"
command to disable the rogues. Optional directional antennas can
be used to focus the wireless beam into the ENTERPRISE's
facility. And finally, the Altitude is a "thin" access point,
reducing the physical theft of critical security parameters
because it loses its configuration as soon as it is unplugged.
SUMMIT 300-48 FEATURE SET SUMMARY
| |
|
RFC 1643 Ethernet
MIB |
| |
|
RFC 1493 Bridge
MIB |
| |
RFC 1812
Requirements for IP Version 4 Routers |
|
|
RFC 2737 Entity
MIB, Version 2 |
| |
RFC 1519 CIDR |
|
|
RFC 2674 802.1p /
802.1Q MIBs |
| |
RFC 1256 IPv4 ICMP
Router Discovery (IRDP) |
|
|
RFC 1354 IPv4
Forwarding Table MIB |
| |
RFC 1122 Host
Requirements |
|
|
RFC 2233 Interface
MIB |
| |
RFC 768 UDP |
|
|
RFC 1724 RIPv2 MIB |
| |
RFC 791 IP |
|
|
RFC 1850 OSPFv2
MIB |
| |
RFC 792 ICMP |
|
|
RFC 2787 VRRP MIB |
| |
RFC 793 TCP |
|
|
RFC 2925 Ping /
Traceroute / NSLOOKUP MIB Draft-ietf |
| |
RFC 826 ARP |
|
|
ietf-bridge-rstpmib-03.txt (Definitions of Managed Objects |
| |
RFC 894 IP over
Ethernet |
|
|
for Bridges with
RSTP) draft-ietf-bridge-8021x-01.txt |
| |
RFC 1027 Proxy ARP |
|
|
(IEEE8021-PAE MIB) |
| |
RFC 2338 VRRP |
|
|
IEEE 802.1x 2001
MIB |
| |
RFC 3619 Ethernet
Automatic Protection Switching (EAPS) |
|
|
EXTREME extensions
to 802.1x-MIB |
| |
IEEE 802.1D - 1998 Spanning
Tree Protocol (STP) |
|
|
Secure Shell (SSHv2) clients
and servers |
| |
IEEE 802.1w 2001 Rapid
Reconfiguration for STP, RSTP |
|
|
Secure Copy
(SCPv2) client and server |
| |
IEEE 802.1Q - 1998
Virtual Bridged Local Area Networks |
|
|
Secure FTP (SFTP)
server |
| |
EMISTP, EXTREME
Multiple Instances of Spanning Tree |
|
|
Configuration
logging |
| |
Protocol
compatibility mode (one domain per port) |
|
|
Multiple Images,
Multiple Configs |
| |
PVST+, Per VLAN
STP (802.1Q interoperable) |
|
|
BSD System Logging
Protocol (SYSLOG), with Multiple |
| |
compatibility mode (one domain
/ VLAN per port) |
|
|
Syslog Servers |
| |
EXTREME Standby
Router Protocol (ESRP) |
|
|
Local Messages
(critical messages stored across reboots) |
| |
Static Unicast Routes |
|
|
EXTREMEWare vendor
MIBs (includes ACL, MAC FDB, IP |
| |
Loop detection / protection
via Layer 2 LBdetect and ELRP |
|
|
FDB, MAC Address
Security, Software Redundant Port, |
| |
Software Redundant
Ports |
|
|
DoS-Protect MIB,
QoS policy, Cable Diagnostics, VLAN |
| |
server attached |
|
|
config. |
| |
IEEE 802.1v: VLAN
classification by Protocol and Port |
|
|
http://www.EXTREMEnetworks.com/zervices/documentation |
| |
Port-based VLANs
|
|
|
|
| |
MAC-based VLANs |
|
| |
|
|
|
Routing protocol
MD5 authentication |
| |
|
Secure Shell
(SSHv2),Secure Copy (SCPv2) and SFTP |
| |
IEEE 802.1D -1998
(802.1p) Packet Priority |
|
|
with
encryption/authentication |
| |
RFC 2474 DiffServ
Precedence, including 4 (8 on S400) |
|
|
SNMPv3 user based
security, with |
| |
queues/port |
|
|
encryption/authentication (see above) |
| |
RFC 2598 DiffServ
Expedited Forwarding (EF) |
|
|
RFC 1492 TACACS+ |
| |
RFC 2597 DiffServ
Assured Forwarding (AF) |
|
|
RFC 2138 RADIUS
Authentication |
| |
RFC 2475 DiffServ Core and
Edge Router Functions |
|
|
RFC 2139 RADIUS
Accounting |
| |
Ingress Rate
Limiting |
|
|
RADIUS Per-command
Authentication |
| |
Layer 1-4, Layer 7
(user NAME) Policy-Based Mapping |
|
|
Access Profiles on
All Routing Protocols |
| |
Policy-Based
Mapping/Overwriting of DiffServ code points, |
|
|
Access Profiles on
All Management Methods |
| |
.1p priority |
|
|
Network Login
(web-based DHCP / HTTP/ RADIUS |
| |
Network Login/802.1x and DLCS
(Dynamic Link Context |
|
|
mechanism) |
| |
System, WINS
snooping) based integration with |
|
|
RFC 2246 TLS 1.0 +
SSL v2/v3 encryption for web-based |
| |
EPICenter Policy Manager for
dynamic user/device |
|
|
Network Login |
| |
based policies |
|
|
IEEE 802.1x 2001
Port-Based Network Access Control |
| |
|
|
for Network Login |
| |
|
Multiple
supplicants for Network Login (web-based
|
| |
RFC 1058 RIP v1 |
|
|
and 802.1x modes) |
| |
RFC 2453 RIP v2 |
|
|
MAC Address Security
Lockdown, Limit and Trusted OID |
| |
|
|
IP Address
Security with DHCP Option 82, DHCP Enforce / |
|
(2 Active Interfaces, router priority 0) |
|
|
Duplicate IP
Protection via ARP Learning Disable |
| |
RFC 2328 OSPF v2 (including
MD5 authentication) |
|
|
Network Address
Translation (NAT) |
| |
RFC 1587 OSPF NSSA Option |
|
|
Layer 2/3/4/7
Access Control Lists (ACLs) |
| |
RFC 1765 OSPF Database
Overflow |
|
|
|
| |
RFC 2370 OSPF Opaque LSA
Option |
|
|
| |
|
|
RFC 2267 Network
Ingress Filtering |
| |
|
RPF (Unicast
Reverse Path Forwarding) Control via ACLs |
| |
|
