The function and application of intelligent switch

When the intelligent switch gradually to the edge of the network process, has been facing the user's various questions: whether the smart switch for the edge is overqualified, whether it can solve the network congestion problem, whether to support VoIP, can replace the firewall. In fact, the intelligent switch can be, there is no.

The concept of intelligent switch has been given a lot of mythological colors, as if all network problems will be solved. Many users have lost interest in the various concepts introduced by the manufacturers after they have experienced the ups and downs of the COM era. For a wide variety of questions about smart switches, here are the answers.

Is it necessary to deploy the smart switch on the edge of the network? Is it a overqualified?

With the deepening of enterprise network application, all kinds of traffic in the network occupy a large amount of bandwidth, which brings a great burden to the backbone, and these kinds of traffic are not all the key business traffic. For example, the common FTP download traffic in the enterprise network is not the key traffic, downloading a file or program for a few minutes at a time will not have much impact on the user, and if VoIP traffic or IP video traffic is delayed for even a few seconds, users will feel very uncomfortable; some other traffic like email, Its importance is between the above two. Faced with such a rich application, if the edge of the network does not distinguish between the important level of transmission, in the backbone will cause traffic congestion.

Moreover, the network edge also needs to restrict the broadcast traffic, cannot let all client's broadcast traffic all spread to the backbone, otherwise will form the serious broadcast storm.

This is the need to deploy smart switches at the edge of the network, and as the price of smart switches declines, smart switches are no longer luxury goods, only about 30% to 40% more expensive than traditional two-tier switches, and the investment is worthwhile in terms of performance improvement.

After deploying the smart switch, is the congestion problem that previously plagued the network resolved?

Although intelligent switches can classify traffic at the edge of the network to different priority levels, and can limit the broadcast traffic, but the intelligent switch is not a panacea, for different network congestion, to carefully analyze, to get the correct solution. For example, for an HTTP server, if there is congestion within the network segment, it is necessary to analyze whether the traffic is caused by the broadcast storm or by the large number of accesses. If it is caused by broadcast storms or other levels of traffic, of course you can solve the problem by properly configuring the smart switch, and if it is due to the sheer number of HTTP visitors, it is not easy to handle the problem through traffic priority, and you need to upgrade the server to meet more requests for access.

Do smart switches support VoIP applications?

Intelligent Switch Support QoS is a good message for VoIP applications, because VoIP applications are sensitive to data latency, and in previous traditional Ethernet, such applications are often lost packets, delays, packet loss or packet latency will seriously affect the session quality of LAN telephony. Intelligent switches can identify VoIP traffic based on IP address, physical port, protocol, and then use the 802.1P protocol to assign priority to all VoIP traffic. This ensures that VoIP traffic can pass through the LAN architecture without interruption, even in the high load network usage state.

What kind of network security does the smart switch support? Can it replace the firewall?

The problem of network security has become one of the most popular focuses in today's network. Intelligent switch with a lot of security enhancements, far more than the traditional two-tier ordinary switches, the edge of the network to enable intelligent switch, is conducive to the edge of the network to start the network security deployment and prevention, the instability factor in the embryonic phase.

First, the smart switch uses ACLs (access control lists) to enhance security, and access control lists were previously used only at the core router and are now extended to smart switches. In the network, ACLs can not only allow network managers to develop network policies, for individual users or specific data flow to allow or deny control, can also be used to enhance the network security shield.

In addition, security enhancements include virtual private network VLANs, which can limit the access to the various VLANs, and the Ip/mac address binding can restrict access to illegal users, and the Terminal access control system (tacacs+) verifies that access control for a large number of network devices can be centrally coordinated, 802.1X access authentication mechanism, extended tree enhanced protection, and port isolation are all security enhancement functions.

Although the intelligent switch has a certain security function, but it is not a dedicated security device, and the switch chip can not be used for a lot of processing time to do security enhancements, the main purpose is to transfer data, so in the network it belongs to security enhancements, and can not completely replace the dedicated firewall. In some small enterprises, temporarily do not have the budget to buy a firewall, you can temporarily use it to do a certain amount of security prevention work.