2020年Brocade园区网解决方案课件.pptx

资源描述

《2020年Brocade园区网解决方案课件.pptx》由会员分享，可在线阅读，更多相关《2020年Brocade园区网解决方案课件.pptx（61页珍藏版）》请在三一办公上搜索。

1、Brocade 园区网解决方案技术汇报智能高效安全可靠的有线无线一体化,2016 BROCADE COMMUNICATIONS SYSTEMS,INC.,2016 BROCADE COMMUNICATIONS SYSTEMS,INC.,2,AGENDA(议程),实践+革新博科公司简介园区网发展趋势博科园区网有线无线一体化方案介绍产品对比分析我们的服务,2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,3,About Brocade(关于博科),公司成立,1995,第一代SAN交换机发布,1997,IPO,1999,第三代ASIC

2、-BLOOM发布,2001-2003,收购Foundry Networks进入以太网IP网络-路由&交换FN成立1996年，1999年上市,2008,2010,面向数据中心超融合以太网矩阵全球第一家推出,2011,Gen 5 Fiber Channel发布16Gbit/S,收购VYATTA虚拟路由器厂商进入NFV的L3虚拟化市场VYATTA厂商成立与2005年,2012,收购SteelApp虚拟负载均衡进入NFV的L4-L7层虚拟化市场SteelApp属于Riverbed,2015,我们的发展历程-,我们的收购历程-20年我们收购了12家公司,2016,Gen 6 Fiber Channel发

3、布32/128Gbit/S,2019年4月份收购RUCKUS无线厂商,2019,2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,4,About Brocade(关于博科)续,存储光纤交换机市场份额,数据中心交换机魔力象限统计,无线网络市场地位,虚拟化应用交付市场份额,SDN 全明星阵容助阵,交换,路由,有线,无线,SDN APPS,业界最开放的SDN解决方案,2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,5,教育行业EDU,制造行业Manufacturing

4、,金融行业Finance,互联网行业OTT,政府行业GOV,医疗行业Healthcare,运营商ISP,大型企业Enterprise,博科中国市场涉及到的行业领域,2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,6,博科公司关注的IP技术领域-我们提供哪些解决方案,超融合数据中心矩阵Hyper Converged DC Fabric,网络功能虚拟化L3-L7NFV-L3-L7,软件定义网络SDN-ODL,园区网Campus Networks,Storage Fabrics,我们园区网的主要服务对象是谁？一个特殊的社会团体,发展

5、过程：园区网发展多年来我们一直围绕关注解决哪些方面?,性能和容量,架构复杂性,弹性扩展,10G,40G,100G,横向与纵向虚拟化,2008年,2014年,关注点,解决方案,我们一直在干的和关注点在哪些地方,趋势与需求：围绕着园区网的发展，我们还有哪些地方需要提高和巩固加强？,用户接入管理-标准传统模式,核心设备功能过于集中,用户行为数据分析用户行为不可控(黑洞),用户恶意攻击行为,性能问题-CPU利用率,网络层攻击行为,趋势与需求：围绕着园区网的发展，我们还有哪些地方需要提高和巩固加强？,功能过于集中,用户行为不可控大数据分析,用户恶意攻击行为,痛点表现,解决方案,痛点主要表现：1、BASE

6、设备CPU高2、用户DHCP获取失败3、用户Radius认证失败4、带宽管理问题5、流量可视化分析问题6、BASE冗余问题7、BASE设备端口成本昂贵8、配置管理复杂性,痛点主要表现：1、用户行为不可控2、大数据分析数据来源2、用户流量分析不完善3、设备功能未发挥(汇聚)4、上行链路冗余问题5、网络故障定位时间过长,痛点主要表现：1、用户恶意网络攻击；2、用户行为分析与控制；,博科提供智能可视化园区网有线无线统一解决方案-流量可视化网络流量可视化-基于SDN-Brocade Visibility Manager解决方案,博科提供智能可视化园区网有线无线统一解决方案-流量可视化网络流量可视化-基

7、于SDN-Brocade Visibility Manager解决方案,用户终结一卡通,用户终结一卡通,汇聚交换机,汇聚交换机,汇聚交换机,汇聚交换机,内层防火墙,内层防火墙,外层防火墙,外层防火墙,DMZ交换机,DMZ交换机,接入交换机,接入交换机,接入交换机,接入交换机,SDN应用流控分析管理平台流量清洗平台,SDN控制器流表与拓扑管理,北向API接口,OPENFLOW,业务流量镜像,南向接口,Brocade SDN控制器,南向接口OPENFLOW方式流表下发,ICX SDN智能交换机MGT-IP：218.197.116.99/25telnet:admin/password,MGT-IP：

8、218.197.116.96/25http:/MGT-IP:9001admim/admin,Brocade 流量分析平台,MGT-IP：218.197.116.97/25https:/MGT-IP:8089Administrator/password,第三方流量可视化平台,MGT-IP：218.197.116.98/25https:/MGT-IP:8089Administrator/password,北向接口REST API-流表下发申请,北向接口REST API-流表下发申请,通过SFLOW采集数据发送到博科流量分析平台,通过流量镜像采集数据发送到流量可视化平台,鉴湖校区园区网络,互联网/园

9、区网,控制器北向接口REST API访问路径http:/218.197.116.96:8181/restconf/modules,防火墙A,防火墙B,前端探针,博科提供智能可视化园区网有线无线统一解决方案-流量可视化网络流量可视化-基于SDN-Brocade Visibility Manager解决方案,网络可视化-多维度检测和观察网络,从链路、应用层、用户、网段以及应用系统等各种维度检测网络,应用可视化,支持多种应用系统关键指标，主要包括连接建立时间、应用响应时间、访问量、在线用户数、并发/新建会话数、吞吐量等,应用统计分析,应用排名,Session分析,网络层安全防护,Flood攻击检测支

10、持ARP/DHCP/广播，以及自定义流量的Flood攻击检测。并自动向SDN交换机下发OpenFlow规则，可对攻击流进行阻止、甚至清洗。,网络安全,Flood攻击检测Flood流量报表告警日志,ARP攻击防护,DNS攻击防护,DHCP攻击防护,Tool 3(IDS),Tool 4(CEM),Tool 5(CEM),Tool 7(Recorder),Tool 1(VOIP),入站端口,出站端口,仅仅特定流量被送往各个工具，这大幅降低了出站流量，显著提高工具利用率,SDN设备是入站/出站流量中转分配站流表操作允许随时增加和删除，对实际操作十分有方便。结合出站流表过滤规则，能更进一步定位流量。,可

11、配置的硬件过滤可自定义规则4-7层流量过滤,Tool 2(VOIP),负载均衡,过滤+复制,SDN智能设备,后端系统,前端网络,博科提供智能可视化园区网有线无线统一解决方案-网络智能分流精细化管理流量-基于SDN-Packet broker Flow Mapping,VLAN100 192.168.1.x,Brocade switch,AP1,AP2,VLAN200/172.16.1.y,802.1Q Trunk(VLAN 100,200),STA1,AP1在VLAN 100，子网为192.168.1.0/24，网关地址为192.168.1.254；AP2在VLAN200，子网为 172.16

12、.1.1/24，网关地址为 172.16.1.254用户均通过DHCP获得IP，网关同时做DHCP 服务器，当STA1上网后，获得192.168.1.X的IP地址如192.168.1.100，可以正常上网当已经获取192.168.1.100地址的用户从VLAN100的AP1漫游到VLAN200的AP2时，AP会发出一个l2uf的报文，这个报文目的MAC是ff:ff:ff:ff:ff:ff，源MAC是终端的MAC地址，这可以通过SDN交换机上的流表将这条l2uf信息复制一份到后端SDN APP上此时SDN APP可以通过判断源IP地址属于192.168.1.X网段的方式，将其VLAN ID由V

13、LAN 200改为VLAN 100，并转发到对应的上行端口，这样来自192.168.1.100的上行方向的报文就能正常发送到对应的GW同时，SDN APP可以根据收到的l2uf，判断此时该终端位于哪颗AP之下，从而下发流表将下行方向的流量修改对应的VLAN ID，并转发到对应该AP的端口,Gateway with VLAN terminationDHCP Server,Internet,POE Switch,POE Switch,VLAN100,GW1/VLAN 100:192.168.1.254,GW2/VLAN 200:172.16.1.254,VLAN200,我们认为下一代智能SDN园区

14、网解决方案方向和原则？,混合模式传统模式到SDN方式过渡,智能人工化到自动化过渡,开放封闭模式向开放式转换,数据如何充分利用用户数据,寻找问题和痛点,现有的传统方式,SDN新思路新方式,选择适合自己的解决方案及场景,解决办法,2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,27,Brocade Enterprise-Campus Network Solutions,2016 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,28,Campus Fabric Solutio

15、n,Brocade Distributed Chassis,Brocade ICX 7750 480 Gbps Backplane High-Speed Campus Ring,Access,Brocade ICX 7450,Brocade ICX 7250,Access,Brocade ICX 7450,Aggregation/Core,Access,Aggregation/Core,Brocade ICX 7250,Brocade ICX 7750,Brocade ICX 7750,Brocade ICX 7450,Brocade ICX 7750,Aggregation/Core,Bro

16、cade ICX 7750,BenefitsSimpler:Collapsed access/aggregation/core layerAutomated:Single point of management across network layersLower cost:A fraction of the cost of traditional chassis deploymentsHighly scalable:Add switches where and when capacity is needed,Brocade ICX 7750,Brocade ICX 7750,博科园区网交换矩

17、阵解决方案-支持横向与纵向的深度扩展与虚拟化,Brocade Campus ICX Portfolio,Portfolio breadth for network needs,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,29,ICX 7250Entry-level+,ICX 6430/6450Entry-level+,ICX 6610High-Performance,ICX 7750Aggregation/Core,Switch Port Extender,交换容量,包转发率,1、提供48个1/10G光纤接口和6个40G光

18、纤接口；2、可扩展6个40G光纤接口；3、40G接口可一分四个10G接口；4、支持软件定义网络SDN功能特性；5、支持12台物理设备虚拟化集群技术，虚拟化集群带宽支持480G；6、支持横向和纵向虚拟化集群技术；7、支持丰富的路由协议；8、虚拟化堆叠提供模块化机箱设备的可靠性和冗余性；9、虚拟化堆叠之后具备主控引擎、备份引擎、板卡角色分配；10、虚拟化堆叠提供跨机箱跨板卡的端口聚合能力。,园区网-核心交换机ICX7750-高密度万兆,Brocade ICX 7750 Switches,High-performance distributed chassis system,48-port SFP+

19、10 GbE6+6-port QSFP+/40 GbE,48-port RJ-45 10 GbE6+6-port QSFP+(six optional),Quad-core 1.5 GHz CPU 8 GB system memory,2 G Flash,USB storage Optional 640 GbE QSFPRedundant power supplies and fans with front-to-back or back-to-front airflowHigh-performance,inter-processor stacking ports,2640 GbE ports

20、 QSFP+3240 GbE with optional module,Key Highlights and DifferentiatorsUnprecedented port density:10410 GbE/3240 GbE per unit or 4810 GbE with up to 1240 GbE uplinks/stacking portsMarket-leading stacking scalability up to 12 units Longer stacking distance:10 GbE/40 GbE(up to 80 km)Chassis performance

21、(5.76 Tbps aggregated stacking bandwidth)Hitless failover within the device and the stackSDN with hybrid mode OpenFlow 1.3 Full IPv4 and IPv6 routing support,includes BGP and VRFExtended operating temp(up to 50C)Common Criteria and FIPs certification,Brocade ICX 7750-48F,Brocade ICX 7750-48C,Brocade

22、 ICX 7750-26Q,All Brocade ICX 7750 Models,园区网-核心交换机ICX7750-高密度万兆,ICX 7750 Series,CHASSIS ARCHITECTURE IN A STACKABLE ENCLOSURE,32,ICX7750-48C6-ports QSFP+,48-Ports RJ-45 10GE+6 ports QSFP+(optional),ICX7750-48F6-ports QSFP+,48-Ports SFP+10GE+6 ports QSFP+(optional),ICX7750-26Q26 ports QSFP+6 ports Q

23、SFP+(optional),Redundant PowerSupplies,RedundantFans,6 x QSFP+,32x 10GE COPPER,32x 10GE FIBRE,26 x QSFP+,6 x QSFP+,6 x QSFP+,2014 Brocade Communications Systems,Inc.CONFIDENTIALFor Internal Use Only,ICX 7750-26Q Competitor Products,33,2014 Brocade Communications Systems,Inc.CONFIDENTIALFor Internal

24、Use Only,ICX 7750-48C Competitor Products,34,Cisco Nexus 3132Q,ICX 6680,Arista 7050Q,Cisco Nexus 3064-T,Juniper QFX5100-48T,Extreme X650-24T,Dell N4064,2014 Brocade Communications Systems,Inc.CONFIDENTIALFor Internal Use Only,Arista 7050-T-64,ICX 7750-48F Competitor Products,Cisco Nexus 3132Q,ICX 66

25、80,Arista 7050Q,Cisco Nexus 3064-X,Juniper QFX5100-48S,Arista 7050-S-64,HP 5820AF-24,Dell N4064-F,2014 Brocade Communications Systems,Inc.CONFIDENTIALFor Internal Use Only,园区网-核心交换机ICX7750-竞争分析,BROCADE ICX7750-48F,CISCO C4500X-32F,CISCO C6880-X,Brocade ICX 7450 Switches,Enterprise stackable switch d

26、elivers premium capabilities and ultimate flexibility,37,2 modular slots240 GbE for stacking/uplinksor 810 GbE for uplinks,Dual modular power supplies AC/DC,Dual modular fan trays,Modular slot for uplinks,Up to 12 units per stack(dual 40 GbE stack connections),24/481 GbE PoE+ports or481 GbE SFP fibe

27、r portsMACsec,EEE,High PoE/PoH support(8 ports,up to 95 W per port),Ultimate flexibility and future-proofingFive models supporting 24/48 PoE+and 48-port SFPUnique 3-slot design maximizes expandabilityFlexible uplinks/stacking options:40 GbE,10 GbE,10GBASE-T,and 1 GbE modules PoE+and new 60 W/95 W Po

28、H high-wattage supportMACsec encryption and EEEHigh-capacity AC/DC power options(up to 1,000 W)Reversible front-to-back or back-to-front airflowOpenFlow 1.3Campus Fabric technology(Switch Port Extender)Advanced scalability and performanceStackable up to 12 units per stack(576 ports)960 Gbps aggregat

29、ed stacking bandwidth Full Layer 3 feature capability,including BGP,VRFsFlow for granular network traffic accountingUp to 1210 GbE uplinks(fiber or copper)Optimum high availabilityRedundant,hot-swappable power supplies and fansHitless stacking failoverRedundant uplinks,园区网-功能区核心汇聚交换机ICX7450-高密度千兆,园区

30、网-功能区核心汇聚交换机ICX7450-高密度千兆,1、提供48个1G光纤接口和4个万兆光口和2个40G光口；2、支持软件定义网络SDN功能特性；3、支持12台物理设备虚拟化集群技术，虚拟化集群带宽支持320G；4、支持横向和纵向虚拟化集群技术；5、支持丰富的路由协议；6、虚拟化堆叠提供模块化机箱设备的可靠性和冗余性；7、虚拟化堆叠之后具备主控引擎、备份引擎、板卡角色分配；8、虚拟化堆叠提供跨机箱跨板卡的端口聚合能力。,ICX 7450 Competitive landscape,Who are our main competition?,ICX 7450 is a mid-market ac

31、cess/aggregation switch whose main competitors areCisco 3650Juniper EX4300HP ProCurve 3800ICX 7450s competitive advantages:Max switches in a stack:12Flexible uplinks/stacking options:40G,10G,10GBase-T and 1G modulesPoH on 8 ports Full IPv4/IPv6 Unicast&multicast routing featuresMACSec*SDN*Switch Por

32、t Extender*,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,39,*-In a future release,Port Attributes,Max 10GE data ports,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,40,*-In a future release,Stacking,*-In a future release,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ON

33、LY,41,Power,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,42,Performance,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,43,Features and Scalability,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,44,Features and Scalability,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INT

34、ERNAL USE ONLY,45,园区网-功能区核心汇聚交换机ICX7450-竞争分析,BROCADE ICX7450-48F,CISCO WS-C3850-24XS,Introducing the Brocade ICX 7250,Entry-Level Stackable Delivers Highest 10G Scalability&Future Proof Functionality,Ultimate Price:Performance Access Switch 5 models with 24/48 port PoE+&non-PoE configurationsFull Po

35、E on all portsFull PoE+on all ports with EPSRedundant system power with EPSHigh Performance Scalability Configurable 8x10GE uplink/stacking portsUp to 80 GB stacking bandwidth Up to 12 unit stackingHitless stacking failoverFuture Proof FunctionalityL3:RIPv1/v2,OSPFv2,GRE,VRRP,VRRP-EL3:IPv6 and multi

36、cast routing*sFlow for granular network traffic visibility 802.3at PoE+on all ports Switch Port Extender*EEEOpenFlow 1.3*Advanced External Power Supply(EPS)Redundant power for up to 16 ICX 7250 SwitchesAdditional PoE power budget for up to 8 switches,Configurable 8x10G for uplinks/stacking,Up to 12

37、units per stack(40G&80G stacking BW),24/48x 1G PoE+&non-PoE configurationEEE,OpenFlow 1.3&Switch Port Extender ready,New External Power Supply(EPS)Power supply redundancy for up to 16 switchesUp to 3000W external PoE budget,EPS for redundant system power and additional 750W PoE budget,*Future featur

38、e enhancement,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,ICX 7250 Competitive landscape,Who are our main competition?,ICX 7250 is an entry-level access switch whose main competitors areCisco 2960-XJuniper EX3300HP 2920ICX 7250s competitive advantages:Max switches in a stack:128x10G up

39、link/stacking portsFull IPv4 Unicast routing featuresFull IPv6 and multicast routing features*SDN*Switch Port Extender*,*-In 8.0.40(End of 2015),2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,48,Port Attributes,Max 10GE data ports,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,

40、49,Stacking,*-In 8.0.40(End of 2015),2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,50,Power,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,51,Performance,2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,52,Features and Scalability,2015 BROCADE COMMUNICATIONS SYSTEMS,I

41、NC.INTERNAL USE ONLY,53,Features and Scalability,*-In 8.0.40(End of 2015),2015 BROCADE COMMUNICATIONS SYSTEMS,INC.INTERNAL USE ONLY,54,Brocade ICX 6430&6450 Switches,Enterprise-class stackable switching at an entry-level price,Unique and cost-effective Ethernet stacking40 Gbps of stacking bandwidth

42、with 10 GbE ports(full duplex)Hitless stacking controller failover384 ports per stack(Brocade ICX 6450)Flexible model configurationsDual-purpose uplink/stacking ports24/4810/100/1 GbE+41 GbE SFP uplinks/stacking 24/4810/100/1 GbE+41 GbE/10 GbE SFP+uplinks/stackingPoE/PoE+and non-PoE models Includes

43、fanless model:Brocade ICX 6430-24Advanced featuresRPS/EPSredundant power and extended PoE powersFlow for granular traffic accounting(Brocade ICX 6450)Layer 2 and Basic Layer 3 FeaturesCommon CLI and feature parity with Brocade FastIron WS Base software includes IPv4 static routing(Brocade ICX 6450)P

44、remium license for Layer 3OSPF,RIP,VRRP(Brocade ICX 6450),园区网-功能区接入交换机ICX6X50-高密度千兆,1、提供24/48个千兆电口(同时工作28/52个接口)；2、提供2个千兆接口和2个万兆接口，其中两个千兆接口可升级到万兆(非复用)；3、全功能三层路由能力；,园区网-功能区接入交换机ICX6X50-高密度千兆,Cisco Catalyst 2960X Cisco Catalyst 2960S,BROCADE ICX64X0,园区网-功能区接入交换机ICX6X50-竞争分析,接入层交换机竞争策略最核心最需要去关注的问题：1、上行

45、接口支持多少个千兆或者多少个万兆2、上行接口与下行接口是否存在复用的问题3、堆叠数量，基本上不超过4台4、MAC地址表容量：16K,58,Competitive BattleCard,Cisco Campus Access Products,59,Competitive BattleCard,Cisco Campus Aggregation/Core Products,Industrial Strength Mobility Solutions,“Simply Better Wireless”Carrier-grade Wi-FiComplete Enterprise feature-setEasier to deploy and manage,The“Effortless Network”ScalableOpenAutomated,2015 Brocade Communications Systems,Inc.CONFIDENTIALFor Internal Use Only,60,Distributed Chassis:Consolidated ManagementShared ServicesScale-out Growth,Thank you,2016 BROCADE COMMUNICATIONS SYSTEMS,INC.,

展开阅读全文