Switch technology development product market positioning

Intelligent core: QoS and security　

The development of enterprise networks is facing new challenges. The most obvious change is that when users select a network solution, it is very different from the past. They no longer simply put forward requirements from the network technology aspect, but will first consider network construction to solve

Network is required. In the past, users paid more attention to technical features, and now they are more focused on real network applications. In addition, users are also very concerned about how to effectively guarantee investment income when selecting solutions and products.

Intelligent Enterprise Networks are essential for meeting user needs. At present, the LAN coverage is far from comparable in the past, and more applications are showing an explosive growth trend. Therefore, problems that only need to be concerned in the WAN are becoming increasingly apparent in the LAN, this is why the enterprise network needs intelligence. In particular, bandwidth management ensures smooth transmission from the edge to the core.

Intelligent Enterprise Network includes a lot of content, among which QoS and Security Exchange are important. QoS is very important for converged networks and key applications. The development of broadband applications also promotes QoS requirements. Many people have misunderstandings about broadband, so they think that there is only 10 MB of port. However, if traffic is not controlled in the network device, only one 10g port does not play a role. If the network can be used for VOD, when a large number of video streams are transmitted from the core layer, if reasonable management is not performed, when data at a rate of 100 Mbit/s or higher is routed to the port of 10 Mbit/s, video playback may be "Mosaic" or even unable to proceed.

QoS is not a new technology. Currently, the QoS System in Ethernet Switching has been used for many reference in the concept of QoS in ATM. It is not easy to implement a complete QoS system. We need to combine hardware and software technologies to achieve this through dedicated chips (ASIC), and cooperate with corresponding switches and operating systems.

The difficulty is that 80% of security risks come from within the enterprise network. Therefore, the underlying security of switches is critical. This is different from the previous security at the network application layer, such as firewalls, because the security at the upper layer is even better. If the network infrastructure has vulnerabilities, the problem still cannot be solved. Measures that can be taken in terms of basic security include access and system management. At present, although there is a draft 802.1x Standard for access, it is far from enough. Further measures need to be taken in system structure management. In summary, Security Exchange includes system security and access security.

System Security mainly refers to implementing security mechanisms in the overall architecture from the core to the edge of the network, including: 1) secure network management, that is, network management information is encrypted and controlled through specific technologies. 2) security exchange across the network system, including extended root segment protection for each switch subnet, from the core to the edge switch, implement multi-layer and multi-means ACLs, load intrusion detection, CIDR Block firewalls, Intranet VPN, and other methods on the core layer.

Access Security refers to the security access mechanism when various types of terminals access the exchange system, including: 1) well-known 802.1x access verification; (2) RADIUS/TACACS + support; 3) MAC address check; 4) various types of virtual network technologies, such as dedicated virtual network for port isolation, 802.1Q, and dynamic virtual network.

Top selling points: manageable and Comprehensive Functions　

In the Ethernet switch market, there are two main concepts of switching: layer-3 switching and gigabit switching.

Currently, the largest sales volume in the market is Layer 2 switches, and the most important growth space is Layer 3 switches. There is a relationship between quantity and value. L2 switches are getting cheaper, so although the sales volume is very large, the growth rate of their total value is gradually slowing down. The value-added layer-3 switches are relatively high.

In addition, network management is very important for vswitches. It can be said that today's network management approach is like managing a city's traffic. It is not just about every car, but about checking the status of the entire transportation system, control the traffic of the entire network. Network management is more important to prevent accidents. Its biggest role is to monitor and prevent accidents. Therefore, it is almost unnecessary to define and discuss vswitch network management.

In terms of the overall market positioning of the product, the switch at the core layer of the enterprise network is not only a data exchange, but also an integrated business platform, it is a collection of high-density Gigabit switching, 10 Ge 10-ge switching, voice switching, LAN/WAN/MAN integration, secure switching, Content Switching, scalability, and high availability, to meet the demand for continuous growth of intelligent multi-layer switching in the backbone/distribution, server integration, and service supplier environments. Layer-3 switching, backboard bandwidth, switching rate, redundancy, and other basic performance should not be the focus of this level of product discussion, because these are the default.

When a vswitch is integrated with Application Intelligence, QoS mechanisms, and security functions, the customer can avoid sacrificing network performance, more effective use of your network to provide more services, such as multicast and Enterprise Resource Planning ERP applications.

Mid-end products need to focus on the exchange performance and functions to meet the high-performance switching, complete security, and initial data/Voice integration needs of the majority of mid-end users. This type of product enables users to deploy intelligent network services using the simplicity of traditional LAN switching, and the second to fourth-layer functions, such as IP routing, QoS, speed limit, and Access Control List ACL) the multicast service is extended to the edge, with a full set of gigabit Interface Converter GBIC) devices providing Gigabit Ethernet connections.

The market for low-end switches is the largest, generally using fixed ports. In fact, such vswitches can also be divided into high-end and low-end. Among them, the advantages of the mid-to-high-end products are the Intelligent Service Quality QoS, speed limit, and Access Control List ACL in the wiring room, provides a powerful path to upgrade to Gigabit Ethernet on multiple media, allowing you to manage and configure the second-to-fourth-layer services.