Transcript Aspen Readies Networks for Voice

Product and Technology
Overview
May/2006
This presentation may contain forward-looking statements, including statements about products, expenditures and resource allocation, customer
development, and Company positioning, which reflect the Company’s current judgment on those issues. Because such statements deal with future
events, they are subject to risks and uncertainties that could cause the actual results to differ materially. Furthermore, this presentation contains
information concerning historical performance and results, which cannot be taken as a guarantee or even indication of future performance or
results. In addition to the factors that may be discussed in this presentation, important factors which could cause actual results to differ materially
are contained in the Company’s 10-Qs and 10-Ks which are on file with the Securities and Exchange Commission (<http://www.sec.gov>).
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Key Enterprise Trends
Infrastructure
• FE  GE (with PoE) for connectivity
• 10 Gig as interconnect
Wired  Wireless transition
Convergence: IP Telephony is the start
LAN Security
• Problem area is the “soft interior”
• Dealing with Day-Zero attacks
New Data Center Technologies
• Including Ethernet as interconnect for cluster computing
Managing Complexity
page 2
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Convergence  Network Upgrades
To address concerns about current network
Biggest Deployment Concerns
page 3
InformationWeek VoIP Study, February 2004 (300 IT execs)
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Key Requirements
Voice Quality
Connections
Voice Class
Availability
New Platforms
Lead to
Cost-Effective
Security
Simple
Management
page 4
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
New
Technologies
Products, Architecture,
and Roadmap
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
The Extreme Portfolio
Security Appliance
Wireless Mobility Switch
Day-Zero attack mitigation @ 10Gig
Voice Class Scalable Wireless
Ethernet Switching Platforms
Voice Convergence Applications
page 6
Open Converged Network
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Switching Products
Scalability
BlackDiamond
BlackDiamond 10K
Q4 ‘03
BlackDiamond 6800
BD10K：10/100/1000, 10Gig,
Large Table size, core applications
BD8800: 10/100/1000, 10Gig, High Capacity
PoE, Edge and Aggregation
BD6800：High density 10/100, Gig, MPLS,
Small Core and Aggregation applications
BlackDiamond 8800
Q1 ‘05
Alpine
10/100/1000 + VDSL/ Wireless Access
T1/T3 WAN and Gig Uplinks, high density edge
and aggregation applications
Alpine
Q2 ‘05
Q3 ‘04
Summit X450
Q2 ‘05
Summit
10/100/1000 + Wireless Access
Gig to 10Gig uplinks
Summit Edge
page 7
Performance and Features
ExtremeWare
Feature
Rich, High Performance ASICs
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
ExtremeWare XOS
ExtremeWare XOS
Modular OS Enhances Availability
With modularity ….
• Self-healing process restart
• In service upgrades
• Load new applications in service
Without modularity ….
• Reboot entire OS to recover from
process failure
• Reboot entire OS to add patches
• Reboot entire OS to add
applications
XOS: shipping since Dec 03
page 8
Available on BD 10K, 8800,
and the Summit X450
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Building the Network
BlackDiamond
8800
BlackDiamond 10K
Summit X450
BlackDiamond 6800
Summit 400
BlackDiamond8800
Alpine 3800
Summit48si
page 9
EPICenter
Summit 300
Summit 200
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
The Summit Family
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Summit Family Portrait
XOS platform
Summit X450-24x/24t
Summit48si
Summit 400-24p
Summit 400-48t
Summit 300-24/48
Summit 200-24/48
10Gbps Stacking
1Gbps Stacking *
page 11
Fast Ethernet
Performance and Features
Fast Ethernet PoE
* Stacking not supported on 300-48
Gigabit
Gigabit PoE
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Gigabit + 10G
Edge Application
Summit 400-24t
Aggregation and Small Core
Scalability
Summit “i” series
Summit 200/300 Series Switches
For Convergence-ready 10/100 Edge Connectivity
PoE and Wireless Edge Switches
Summit 300: Powered plus
Wireless
• 24 or 48 ports, 2 to 4 Gigabit uplinks, fiber or copper
• Summit 200 feature set (stacking only on 300-24)
• 802.3af Power over Ethernet and redundant PSUs
• Altitude 300 – dual-radio: concurrent 802.11a and
802.11b/g operation; integrated and detachable
antenna versions and rated for plenum; Wi-Fi
CERTIFIED™ for 802.11a/b/g and Wi-Fi Protected
Access (WPA)
Q3 ‘04
• SVP and IAPP protocol support
• Direct connect and remote connect (on 300-48 only)
Secure and Reliable Edge Switches
Q3 ‘03
• 24 or 48 ports, 2 Gigabit uplinks, fiber or copper
• Line rate non-blocking fabric
• Complete security includes multiple supplicant
user authentication, secure protocols,
• Convergence ready with voice-grade link
page 12
redundancy support, low latency and jitter, 4 QoS
queues
Summit 200: Edge Access
with Full Security
• Management simplicity with UniStack stacking
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Summit 400 Series Switches
For Gigabit Access, Powered or Non-Powered LAN
Line Rate Gigabit Access
Q2 ‘05
• 24 or 48 10/100/1000 ports with 4 fiber uplinks
• Optional dual 10-Gigabit uplinks on Summit 400-48t
Convergence from the Ground Up
• 8 QoS queues, L2,3,4 traffic classification
• Low latency and jitter stacked or standalone
Summit 400-24t/48t: Gigabit to Desktop
• Voice-grade link redundancy with EAPS
Management Simplicity
• UniStack stacking single point of management
for up to 8 switches
• Integrated wired and wireless management
Summit 400-24p: Universal Access
Powered and Wireless
• Flexible Gigabit or legacy 10/100 connectivity
• Non-Powered, or Powered with 15.4W per port
• Wireless features in conjunction with A300
Q2 ‘05
Summit 400-24p: Power over Gigabit
page 13
High performance UniStack Stacking; Summit
400-48t adds 10-Gigabit uplinks
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Summit X450 Series Switches
For Gigabit Aggregation and Small Network Core
Copper Gigabit
Q2 ‘05
State of the Art Availability
• Modular ExtremeWare XOS operating system
• ECC memory, redundant OS and config images
• External redundant PSU
Comprehensive Security
• Multiple supplicant user authentication
Q2 ‘05
Or Fiber Gigabit
• sFlow continuous traffic monitoring
• Trusted Computing Group host integrity checking
High Performance Multi-Gigabit Switch
• 24 Gigabit ports, fiber or copper, including 4
convenient dual-personality copper/fiber ports
• Optional dual 10-Gigabit uplinks
Advanced Protocols for Core Deployment
• Full routing support with OSPF, PIM, ESRP,
VRRP, EAPS, BGP
External Redundant
PSU connector
• IPv6 software forwarding
page 14
Redundant 10-Gigabit
option
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Summit Roadmap
Summit 200-100FX – November 2005 (for Fed Market)
Next generation Summit 400s with XOS
• Several options of Gigabit (with, without power) with 10 Gig uplinks
• New capabilities
XOS on all models (including on PoE edge switch)
Redundant AC or DC power options
IPv6 hardware support
Support for policy based routing, centralized ACLs, Universal Port
Manager, and CLEAR-Flow
• Summer 2006
page 15
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
The BlackDiamond Family
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
The Family Portrait
Scalability
BlackDiamond 10K
Core
BlackDiamond 6800
Alpine 3800
Aggregation
BlackDiamond 8800
Edge
Performance and Features
page 17
Fast Ethernet + Gig Uplink
High Density FE + Gig and 10Gig
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Gigabit + 10G
BlackDiamond 8810
For high-density IP Telephony edge, medium core and server connectivity
Voice Class Availability
Q1 ‘05
• Redundant System Design
• Non-stop Operating System
• Network Resiliency Protocols
High Performance Connectivity
• High density non-blocking Gigabit and
10 Gigabit ports
• High density PoE support using internal
supplies
3Performance
BD8810 per without
standardcompromise
7’ rack
page 18
• 432
ports 10/100/1000BASE-T
• Every
Gig and
Gig port nonAvailable
I/O 10
Modules
blocking
• Powered
by only internal power supplies:
• 48 port
10/100/1000BASE-T PoE – Universal
• 48Upgig/slot
backplane
capacity
to 432 class
1 or 2 devices
jack for•IP
Telephones,
WAPs,
Gigabit PCs
•10/100/1000BASE-T
Up Gbps
to 333 class
devices per I/O
• 384
local3switching
• 48 port
224module
ports
1000BASE-X
(mini GBIC) (208 ports
• 24• port
1000BASE-X
(mini GBIC)
with570
2 MSMs)
Mpps switch throughput
• 4 port• 10GBASE-X
(XENPAK)
• 36• ports
(XENPAK)
(32 ports
8 Gig10GBASE-X
fiber uplink
ports per
MSMwith
2 MSMs)
• Low latency and jitter for voice support
• Integrated wired and wireless
networking
Comprehensive Security
• User and Host Integrity
• Threat Detection and Response
• Hardened Infrastructure
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
BlackDiamond 8810 Roadmap
System
• 6 Slot Chassis – September 2005
• DC Power Option – November 2005
• Blades refresh in mid 2006
Ongoing cost reductions
New capabilities
New Capabilities
• IPv6 in hardware
• Centralized ACLs
• CLEAR-Flow
• Policy Based Routing
• Universal Port Manager
page 19
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
BlackDiamond 10K
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Carrier Class Chassis Design
8 slots with up to 60 Gbps I/O per slot
2 Systems/rack (42” or 24RU)
MSM Redundancy
•
Fabric and control
6 Power Supplies in N+1 configuration
•
•
3 minimum for fully populated chassis
Common supply across new Extreme platforms
Designed to NEBS Level 3
•
•
Front to back Air cooling
Passive backplane
Non-Stop Switching
In-Service Maintenance
Self-Healing ECC memory
page 21
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
MSM Blades
Two fully redundant MSM blades per system
MSM module hosts main CPU
• Dual core 750 MHz CPU on each MSM
Two MSM module types – MSM-1, MSM-1XL
MSM-1 for Enterprise
• Supports up to 128,000 entries for MAC, IP, ACL,
and statistics
• Core license includes OSPF, PIM
MSM-1XL for Metro SP and Large Enterprise
• Supports up to 256,000 entries for MAC, IP, ACL,
and statistics
page 22
• Advanced Core license includes IS-IS, BGP-4, MPLS
• Metro and Large Enterprise target
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
I/O Blades
60 Port 10/100/1000 Ethernet Copper – Khatanga G60T
60 Port Ethernet Fiber: Mini-GBIC (SFP) – Rhine G60X
6 Port 10 Gigabit Ethernet (Xenpak) – Santiam 10G6X
2 ports of 10 Gigabit Ethernet (Xenpak), Santiam 10G2X
20 ports of Gigabit Ethernet Fiber – Rhine G20X
page 23
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
BlackDiamond 12K
BD 10K features “and more” in a 10 U Chassis
Multi-level resiliency
• Redundant Hardware: 1+1 redundancy instead of load sharing
• Modular OS
• Network level protection – EAPS
BD 10K CLEAR-Flow and L3 Virtual Switching technology
Advanced Traffic Management
• Quality of Service and Hierarchical Queuing enable SLAs for E-Line
and E-LAN services
• Line rate multicast supports IPTV
• Service and Quality mapping to VMANs/VLANS offers deployment
flexibility
page 24
Global Scalability
• VMANs, Private VLANs, etc.
• MPLS – L2 and L3
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
BD12K Shelf Hardware
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
SFP
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
Hitless Chassis Design
MS M5 - X L
MS M5 - X L
MSM (Slot B)
10 RU
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
Xenpak
RJ 4 5
I/O Blade (Slot 3)
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
Fan Tray
MSM (Slot A)
1+1 Redundant MSMs
(Hot/Standby)
Passive Backplane
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
I/O Blade (Slot 4)
Xenpak
20G per I/O Slot
Non-Blocking
4 I/O Slots
GbE Tributaries
10GbE Trunks
4GNSS Fabric
page 25
N + 3 SSI Redundant PSUs
Same PSU as BD 10k & 8808
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
ExtremeWare XOS
BD12K Line Cards
S FP
RJ 4 5
S FP
S FP
S FP
S FP
S FP
S FP
S FP
S FP
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
S FP
RJ 4 5
S FP
S FP
S FP
S FP
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
S FP
RJ 4 5
S FP
S FP
S FP
RJ 4 5
RJ 4 5
RJ 4 5
S FP
RJ 4 5
S FP
RJ 4 5
• GM-20XTR: 20 port 1000BASE-X SFP / 1000T RJ-45 with rate limiting
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
RJ 4 5
• GM-20T: 20 port 10/100/1000BASE-T RJ-45
Xenpak
Xenpak
• XM-2XR: 2 port 10G XENPAK with rate limiting
MS M5 - X L
• MSM-5R: Hierarchical rate limiting
page 26
• 1 MSM Supports full 80G capacity of the switch
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
10 Gig XENPAK
10GBASE-SR
• 28m to 300m on new multimode fiber
10GBASE-LR
• Up to 10Km on single mode fiber
10GBASE-ER
• Up to 40Km on single mode fiber
10GBASE-ZR
• Up to 80Km on single mode fiber – Q2 ’05
10GBASE-LW
• 9.953Gbps (OC192) WAN PHY – Q4 ’05
10GBASE-LRM
• Up to 10Km single mode, 300m multimode – Q4 ’05?
10GBASE-CX4
• Up to 15m on Infiniband cable – no plans to productize
10GBASE-LX4
• Up to 10Km single mode, 300m multimode – can hit Q3 ’05
page 27
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
XFP
State of the Industry:
• XENPAK shipments are about 30x to 50x that of XFP today.
• Most XFP today is shipping for OC192 or 10GFC application.
• Only SR and LR is shipping today. ER to ship in 3-6 months. ZR may
be possible in mid-2006.
Extreme targeting first deployments in early 2006
GBICs
100FX/1000X dual-speed SFP – Q3 ‘05
• 100FX 1310nm standard - Single Mode 10km, Multimode 2km
• 1000X Single Mode 10km, Multimode 500m
• May require multimode line conditioning patch cable for 1G
page 28
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Security Appliance
Day-Zero Attack Mitigation @ 10G
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Extreme Sentriant™
Rapid threat detection
• Creates decoys in unused IP space
Active Deception
Q3 ‘05
• Mimics basic TCP, UDP and ICMP responses
Pin-point Defense
Deployment Modes:
• Stand-alone: On any network, based on broadcast traffic inspection
• Integrated: On BD10K network, based on CLEAR-Flow mirrored
traffic inspection
4 x 10/100/1000 ports, 1Gbps aggregate throughput
32 concurrent VLANs
2RU, 19” W x 17” D, front-port network form factor
page 30
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Day Zero Attack Mitigation
Behavior based anomaly detection
Automatic threat containment in seconds
Behavior Based
Signature Based
Highly scalable threat mitigation with CLEAR-Flow integration
Attack
Traffic
Suspicious activity
Start attacking
Signature updates complete
Finish mitigation
Virus spread
Clean-up the hosts
Mission complete
Act after Virus spread, Once infected, then time/$$$ consumed
Suspicious activity starts
Anomaly detection, threat containment
page 31
Mission complete
Detect and Block the rapid propagation threat before spread
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Time
Security @ 10Gig with CLEAR-Flow
CLEAR-Flow integration enables
• Selective Mirroring by pre-processing the traffic in hardware
Scales up to 160Gbps of traffic pre-processing, faster anomaly detection
• Sentriant feeds back the result to Core Switch for
Further investigation, Throttling, Shutdown, or any scripted command in XOS
CLEAR-Flow
Non-Cloak
Mirrored Data
Mirror
XML
Trap
Syslog
CLI
page 32
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Rule triggered ?
QoS
Sentriant Rules
Deny
Policy triggered ?
CLEAR-Flow Policy Rules
ACL Rules
Multi-Gigabit Core Switch
Multi-Gigabit Network
Permit
Cloak
Dynamic ACL
Trap
Syslog
Sentriant™ Testing & Verification
Test #1 - IOMetrix Testing Results
• BD10k, CLEAR-Flow, Sentriant™
• 10Gbps background traffic
• Detected & Throttled:
Sentriant
CLEAR-Flow inspects all
traffic
10
GbE
10 x 1
GbE
10
GbE
9 DoS attacks
Agilent N2X
Background Traffic
Generator
• Detected & Cloaked:
1 “Live” virus – Sasser.
Extreme
BlackDiamond
10K
Agilent
NetworkTester
ATTACKER
Extreme
BlackDiamond
10K
Test #2 - Internal Lab Testing Results
• BD10K, CLEAR-Flow, Sentriant™, universal1.pol (Also BD8810, S450).
• 20 Gbps UDP (Constant load).
• 5 Gbps TCP Http Get Sessions (Constant load).
• Detected & Cloaked:
Worms: Sasser, Welchia, Blaster, MyDoom
Hacks: IP Spoof, MAC Spoof, SYN Flood, Ping Flood, Ping Sweep
DoS’s: TCP Xmas, Null, Syn/Fin, All Flags
page 33
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Agilent
NetworkTester
TARGET
Summit WM
Wireless Mobility
Delivering the Voice Grade Wireless Network
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Extreme Networks Wireless Solutions
Q3 ‘05
Functionality
Altitude
350-2
Summit WM1000
Voice-grade Roaming
Large Networks
Multiple Access Types
Summit WM100
Altitude 300 Access Point
Data-Grade Roaming
Small to Mid-sized
Networks
Single Access Support
page 35
Q3 ‘03
Wireless-enabled
Summit and Alpine
© 2005 Extreme Networks, Inc. All Rights Reserved
Extreme Networks, Inc. Company Confidential
Key Features at a Glance
Automatic RF Management
End-to-End QoS over the Air and Wired
page 36
Voice Grade L3 Roaming © 2005 Extreme Networks, Inc.Managing
Access, not Access Points
All Rights Reserved
Extreme Networks, Inc. Company Confidential