HP 伺服器方案 Extreme / D-Link 高階網路設備 客戶網路服務方案 VOIP(電話節費) IPPBX 方案
Extreme Sentriant NG 中文Report軟體
客戶網路服務方案
高階網路設備方案(Extreme)
端點安全防護解決方案(Extreme)
內部網路安全方案(Extreme)
SSL VPN 遠端安全存取方案(Juniper)
安全服務系統方案(Juniper)
模組化高階整合式安全系統(Juniper)
入侵偵測與防禦方案(Juniper)
整合式網路安全閘道方案(Juniper)
應用程式加速解決方案(Juniper)

Extreme Networks
服務導向架構網路的最佳選擇
Extreme XOS 提昇企業核心系統整合之應變能力

眾所周知, IT與業務流程能否亦步亦趨、緊密相隨,影響企業競爭力甚鉅;值此時刻,若不想矮人一截的企業,應當設法擺脫傳統資訊應用架構的束縛!企業希望透過 SOA,轉型成能迅速回應市場變遷的隨需應變( on demand)環境;因為 SOA 提供可互通、可調適、標準化且具有彈性的應用程式架構,並與商業流程緊密相連,使得企業能夠快速因應市場需求進而產生巨大的規模效率。

如何讓企業網路支援 SOA

在全球企業資訊系統走向服務導向架構的同時,企業網路支援服務導向架構的需求已成為服務的一部份。 Extreme Networks 在 2003年就發表了全世界第一款使用模組化網路作業系統 XOS 的交換器。模組化作業系統相較於傳統作業系統的優勢在於大幅增加了系統的可靠度,對於網路傳輸是 Application Awareness (可識別網路應用 ),支援 XML管理介面,讓網路與應用服務系統緊密結合,並同時內建使用者認證、自我防禦及虛擬網路安全資源等多種安全機制。 Extreme Networks 新一代核心交換器皆採 XOS 作業系統,提供完整核心網路所需的一切功能,確保企業網路基礎建置投資。

Extreme Networks 提供一種新的線上資源「 Widget Central」,可透過下載 widgets,可以在企業用戶間或是以使用者社群( Community)的方式去分享彼此的網路增強工具以滿足企業建構 SOA的各種需求。經由這些 Widget工具可以 滿足企業在 網路建置部署( deployment)、網路監測( monitoring)、網路操作( operation)和網路運作最佳化( optimization)方面的需求。 D eployment 的 widgets 能協助客戶,很快地設定某些網路安全政策或是聚合式網路( converged network)所需的 QoS政策;操作類的 widgets使客戶可以針對網路事件做出自動反應,例如將新的 VoIP話機連上網路時可以自動偵測是何種話機;運作最佳化的 widgets則可協助用戶調整出最佳的網路效能;監測類的 widgets則可以提供網路使用狀態的資訊。所有的 widgets都可免費下載及依照特殊需求而再做修改,同時,經由用戶社群參與的精神,將會在 Extreme Networks產品用戶之間加以強化與共享。

Adobe Systems

同時跨足企業及電信應用設備供應, Extreme承諾客戶可以單一網路同時整合資料、語音及影像的傳輸服務,不論使用者是使用何種應用與服務。且具下列功能特色:

高語音品質的連接效能

  • 設備效能可達全線速 (Wire-Speed) QoS、 ACL 及 Jumbo Frame,不論啟動任何功能均保證傳輸效能。
  • 超低 Latency 及 Jiffer 讓 VoIP 語音品質完美呈現。
  • 硬體 IPv6 處理能力,包含 RIPng 及 OSPFv3 路由能力。

完全不停頓的運作穩定度

  • 支援 Hitless Failover 及 Hitless Upgrade 的核心網路交換器,系統不因任何單點故障或維運需求而停頓。
  • 模組化網路作業系統,具備監控模組,自動對停頓的軟體模組重新啟動,而不影響其他功能運作。
  • 支援電信等級標準 EAPS,線路中斷可於 50ms( 0.05秒)內回覆,不影響任何線上服務。

完整有效的內部網路防禦機制

  • User-based 802.1X 與 Web介面的認證機制支援。
  • 可整合 Extreme Sentriant 系列安全產品,提供端點安全檢測及異常行為監測與隔離的機制。
  • 網路自我防禦機制,效能不受 DoS 攻擊影響。
  • 硬體 sFlow分析及全線速 ACL 支援。

簡單有效的管理機制

  • 可透過 EPI Center 單一管理平台,可結合有線無線網路管理,並與語音系統結合。
  • Universal Port 管理功能,依設備自動指派 VLAN/QoS/ACL等設定。
  • 支援 XML 介面,可使用外部程式控制交換器行為。
  • 結合 Security Appliance 動態防禦異常行為或節點。

網路架構從核心到存取端 10G及 IPv6 完整應用的解決方案

誰提供全世界最大網路展 INTEROP Show 會場網路?誰提供世足賽 FIFA全方位轉播、語音及賽事報導網路?如何應付來自網路的各種攻擊並確保網路服務絕不中斷? Extreme Networks 提供自核心端到存取端完整網路基礎建設解決方案。 Extreme 不以以往的成就自滿於今年七月發表新一代 SummitX 系列交換器,不論你需要的是一般 Data存取、 Voice 網路基礎建設、 Wireless、 IPv6、 10G、認證機制、安全政策檢驗或加密機制, Extreme 是將所有應用上的需求一併設計於新一代的交換核心 XOS 內,確保現在網路設備上的投資可以滿足未來應用上的需求。

完整的 10G及 IPv6 支援能力

在大量的高速傳輸應用增加的同時,可以看到的是 10G 乙太網路的必要性。 SummitX/BD8800系列同時支援 XENPAK 及 XFP 兩種 10G擴充模組,且所有 10G埠均可達 Wire-Speed 高傳輸效能。完全滿足客戶端在 Video-On-Demand、 E-learning 及 High Performance Cluster Computing 應用。 Extreme 領先業界推出全系列完整 10G Solution,從核心端到終端介接一應俱全。

Extreme SummitX 系列採用 ASIC硬體可直接援 IPv6, SummitX 以最大效能 Wire-Speed 傳輸 IPv6 封包,同時處理 IPv6 的 ACL。此外作業系統核心 XOS 亦支援 IPv6 的路由協定及 Tunnel 功能,含 RIPng、 OSPFv3,並支援 Dual Stack及 6to4 機制以互通 IPv4 及 IPv6。 Extreme Networks 是目前唯一能提供 10G及 IPv6 路由功能自核心到存取端完整解決方案應用需求的設備廠商。

Extreme BlackDiamond 及 Summit X 系列交換器皆支援 10G埠連接擴充功能

Universal Port 一個埠同時滿足多種類設備連結

傳統網路只能傳輸資料,為擴充現有網路能同時能應用在語音、影像、無線及監控等等設備存取, Extreme 提出了 Universal Port 的觀念。簡單的說,就是一個網路埠要能同時滿足語音、影像、電腦等多種不同設備介接及各種應用,例如自動偵測 POE 電源供應量,自動分派 QoS VLAN 等 Policy。 Extreme 已成功展示了與 Avaya 結合的 VoIP應用,網路可動態因應 VoIP 應用,將所需的頻寬 QoS 設定及對應的安全規則 VLAN、 ACL 甚至 PoE Budget 執行於設備對應的埠上。

完整 NAC (Network Access Control) 支援機制

身為具自我防禦攻擊功能的網路設備,支援多種網路安全機制,光最為重要的使用者認證機制就支援 802.1X 標準、 Web-Login及 MAC Authentication 三種,可應付各種網路主機、作業系統及 IP 設備 ( IP Phone、 Wireless AP 及 Camera 等 )。針對 endpoint 端安全檢測機制,可結合 Sentriant AG 提供 endpoint 端多達百種以上檢測功能,針對無法符合安全政策之主機,可動態將所屬網路埠切換到隔離區的 VLAN 作阻隔,而不讓內部其他網路有被感染或入侵的機會。

Extreme 全系列的交換器皆支援 DHCP/IP Source lockdown 功能,能限定所有用戶節點,無法自設 IP 上網,僅能透過 DHCP 取得 IP,並將 IP 及 MAC 自動設定於交換器上,完全避免 IP衝突及管理等相關問題。另外交換器上還有 Gratuitous ARP Protection及 ARP Validation機制,可以阻隔 netcut、 Man-in-Middle等來自網路的偽冒攻擊。

Adobe Systems

Go Green 企業節能三主張

在全球能源持續緊縮、價格飛漲的今日,企業在採購設備的同時也應該考慮到其使用的能源及後續維護設備的總成本支出。在一項由第三方公證單位 Tolly的測試報告中, Extreme設備只需其它廠牌設備一半到三分之一的電量即可提供同等埠數運作。 Extreme設備符合環保規範,並且提出支援企業節能 Go Green三大主張:

  1. 採用低耗電量的網路交換器設備 - 在 RFP 上訂定耗電量的需求,或直接做產品規格的比較選用節能產品。
  2. 採用節能式網路設計架構 - 將傳統三層式 (core、 aggragation、 edge) 架構改成二層式架構,可以直接減少中間層設備的能源消耗與設備本身成本。
  3. 採用具節約效果之 POE 供電式交換器 - POE 是經由一般雙絞線供電,可推動各種不同的網路設備,如 IP電話、網路攝影機、無線 AP 等具節能效果之 POE 交換器可於下班時間自動停止供電之節能效果,可節省達 50-75% 的耗電量。

總結

Extreme Networks 是乙太網路交換器領導品牌,同時跨足企業及電信應用設備供應。我們的願景在承諾客戶可以單一網路同時整合資料、語音及影像的傳輸服務,並同時兼顧高效能、  高可靠度、安全性及易於管理。

BlackDiamond 系列路由器產品規格對照表

型號

BlackDiamond 8806

BlackDiamond 8810

BlackDiamond 8810

Max 1000Base-X SFP Ports

248

440

440

Max 10/100/1000Base-TX Ports

240

432

432

10 Gigabit Ethernet Ports

20

36

36

Power Over Ethernet

Yes

Yes

Yes

Switch Fabric Bandwidth

800G

800G

800G

IPv6 Hardware

Yes

Yes

Yes

Queue per Port

8

8

8

L2 Mac Table

64000

128000

128000

IPv4 routes HW

25000

25000

25000

IPv6 routes HW

6000

6000

6000

VLAN

4096

4096

4096

ACL

2048

2048

2048

Virtual Switch

No

No

No

MPLS (Hardware)

No

No

No

Hierarchial QoS

No

No

No

Summit 系列路由器產品規格對照表 (1)

型號

Summit X150-24t

Summit X150-48t

Summit X150-24p

Summit X350-24t

Summit X350-48t

Max Gigabit Ethernet Ports

24 10/100 ,2 Gigabit Combo

48 10/100 ,2 Gigabit Combo

24 10/100 PoE ,2 Gigabit Combo

24 10/100/1000 ,4 mini-GBIC (only 24 active)

48 10/100/1000 ,4 mini-GBIC (only 24 active)

10 Gigabit Ethernet Ports

2 Optional (XEN/XFP plug-in card)

2 Optional (XEN/XFP plug-in card)

Power Over Ethernet

No

No

Yes

No

No

Switch Fabric Bandwidth

8.8 Gbps

13.6 Gbps

8.8 Gbps

88 Gbps

176 Gbps

Packet-Per-Second Forwarding Rate

6.5 Million

10.1 Million

6.5 Million

65.5 Million

101.2 Million

IPv6 Hardware

Yes

Yes

Yes

Yes

Yes

Queue per Port

8

8

8

8

8

Access Control Lists

1024 per switch

1024 per switch

1024 per switch

1024 per switch

1024 per switch

L2 Mac Table

8K

8K

8K

8K

8K

VLAN

4096

4096

4096

4096

4096

Redundant Power Supplies

Yes/External

Yes/External

Yes/External

Yes/External

Yes/External

Summit 系列路由器產品規格對照表 (2)

型號

Summit X250e-24t

Summit X250e-48t

Summit X250e-24p

Summit X250e-48p

Max Gigabit Ethernet Ports

24 10/100 ,2 Gigabit Combo

48 10/100 ,2 Gigabit Combo

24 10/100 PoE ,2 Gigabit Combo

48 10/100 PoE ,2 Gigabit Combo

Power Over Ethernet

No

No

Yes

Yes

Form Factor/Footprint

Gigabit/Unistack

Gigabit/Unistack

Gigabit/Unistack

Gigabit/Unistack

Switch Fabric Bandwidth

48.8 Gbps

97.6 Gbps

48.8 Gbps

97.6 Gbps

Packet-Per-Second Forwarding Rate

36.3 Million

39.9 Million

36.3 Million

39.9 Million

IPv6 Hardware

Yes

Yes

Yes

Yes

Queue per Port

8

8

8

8

Access Control Lists

1024 per switch

1024 per switch

1024 per switch

1024 per switch

L2 Mac Table

8K

8K

8K

8K

IPv4 Host Address

2048

2048

2048

2048

IPv4 LPM Entries

512

512

512

512

IPv6 Host Address

1024

1024

1024

1024

IPv6 LPM Entries

256

256

256

256

VLAN

4096

4096

4096

4096

Redundant Power Supplies

Yes/External

Yes/External

Yes/External

Yes/External

圖示型號
Summit X650系列
The SummitR X650 series switch is a purpose-built Top-of-Rack switch designed for emerging 10 Gigabit Ethernet-enabled servers deployed in enterprise data centers.
Summit X650 helps optimize new server deployments while providing a seamless migration path from existing Gigabit Ethernet-based servers to 10 Gigabit Ethernet-based high-performance servers, to start the transition to the new virtualized environment.
購買
Summit X650 Data SheetX650 Data Sheet
Summit X650 Product BriefX650 Product Brief
Summit X450a系列
SummitR X450a is based on the revolutionary ExtremeXOSR operating system from Extreme NetworksR.
ExtremeXOS is a highly resilient, modular operating system that provides continuous uptime, manageability and operational efficiency.
Each Summit X450a switch offers the same high-performance, non-blocking hardware technology used on Extreme Networks BlackDiamondR 8800 series, in the Extreme Networks tradition of simplifying network deployments through the use of common hardware and software throughout the network. A highly flexible and scalable Summit X450a is an ideal aggregation switch for traditional small core enterprise networks and an excellent first level aggregation device for DSLAMs at a local central office before traffic is passed on to Extreme Networks BlackDiamond 12804R core switch at the Point of Presence (POP) where traffic is managed and connected to service networks.

購買
Summit X450a Data SheetX450a Data Sheet
Summit X450a Product BriefX450a Product Brief
Summit X450e系列
SummitR X450e is based on Extreme NetworksR highly resilient, modular ExtremeXOSR core-class operating system with features designed to improve uptime, manageability and operational efficiency.
Summit X450e provides high availability and performance with its advanced traffic management capabilities which enable the large scale rollout of converged networks that support devices such as IP telephones, wireless APs and other devices that require power from a LAN connection.
With low-latency line-rate performance, Summit X450e supports the 802.3af standards-based PoE on every port. Summit X450e supports hardware-based routing for both IPv4 and IPv6 to help provide investment protection by allowing the rollout of IPv6 in your network now or in the future.
The highly flexible Summit X450e switch provides high-density gigabit plus optional 10 Gigabit Ethernet ports in a compact 1RU format, supporting a wide range of Layer 2 to Layer 4 functionalities on every port.
Optional redundant power supplies are provided with each switch to protect against power anomalies, enabling a continuously operational network.

購買
Summit X450e Data SheetX450e Data Sheet
Summit X450e Product BriefX450e Product Brief
Summit X250e系列
SummitR X250e series switches are based on the revolutionary ExtremeXOSR core-class operating system from Extreme NetworksR.
ExtremeXOS is a highly resilient, modular operating system that can provide continuous uptime, manageability and operational efficiency at an affordable price. Summit X250e provides high availability and performance with its advanced traffic management capabilities to support large scale rollouts of converged networks that support devices such as IP telephones, wireless APs and other devices that require power from a LAN connection as well as the regular computing devices such as desktop and laptop computers.
Summit X250e-24p and Summit X250-48p support the 802.3af standards-based Power over Ethernet (PoE) on every port with its PoE models.
Modular ExtremeXOS operating system IPv4/IPv6 hardware based routing and ACL Resiliency to support convergence Performance to support converged services Security features to support converged LAN Convergence Grade High-Speed Stacking – SummitStack?
購買
Summit X250e Data SheetX250e Data Sheet
Summit X250e Product BriefX250e Product Brief
圖示型號
Sentriant NG Network IP Security系列
Defends against threats without interfering with network traffic
Delivers fast detection with a network of virtual decoys creating an early warning system that fires an alert when a virtual target is contacted
Isolates attackers and prevents them from communicating with the remainder of the network, allowing mission-critical data to continue to flow normally
Complements existing perimeter security and host-based security solutions
Operates effectively with all vendor switches but can scale to handle your multi-gigabits of traffic and reduce acquisition cost for security coverage, when integrated with ExtremeXOSR CLEAR-Flow enabled switches

Protect Your Network From Viruses/Worms: Zotob, Sasser, Welchia, SQL Slammer, Blaster MyDoom and others
Denial of Service (DoS): IP Spoofing, MAC Spoofing, Smurf, Ping of Death, Ping Sweep, Ping Flood, Port Sweep, SYN Flood, TCP Xmas, Syn/Fin, Null, All Flags
Day-Zero, Multi-Vector, Blended attacks, Polymorphic viruses
Targeted attacks on IP Telephony assets devices
Detect Threats Early and Slow Down Attacks
Create a network of virtual decoys in the unused IP address space as an early warning system that alerts you when a virtual target is contacted
Mimic basic responses to TCP, UDP, and ICMP requests, and make it difficult for a hacker to determine which devices are real and which are not—allowing valid machines to hide among virtual decoys
Mitigate Threats Precisely
Isolate the source of attacks and prevent them from communicating with the remainder of the network
CLEAR-Flow technology in ExtremeXOS switches detects and mirrors just the threatening traffic to Sentriant NG300, allowing higher line-rates of inspection and mitigation
Voice-Class Availability
Detect and actively defend against threats without interfering with network traffic
Sentriant NG300 is not an inline device, therefore cannot be a bandwidth bottleneck or point of failure
購買
Sentriant NG 300 Data SheetNG300 Data Sheet
Sentriant NG 300 Product BriefNG300 Product Brief
Sentriant NG 300 User MenuNG300 User Menu
Sentriant AG Network IP Security系列
Whether they know it or not, most organizations have experienced the pain and financial impact of network compromises due to insecure endpoint devices connecting from within their own network.

Preventing these security incidents requires more than shutting off ports or limiting physical access within a building.

Effective access control requires a pro-active approach to ensuring that all endpoint devices are properly secured and free of threats before they are granted access to internal network resources.

Sentriant AG200 meets this need by providing a complete Network Access Control (NAC) platform that works with a variety of network infrastructures, across all access types (wired, wireless, VPN), and with a wide range of endpoint devices.

Sentriant AG200 automatically tests each endpoint and verifies that its security level meets the organization's security requirements before allowing access to the network.

A non-compliant device can be placed in quarantine with restricted access until it can be repaired through several remediation options before being granted full access.

Advanced Endpoint Integrity Testing for Policy Compliant Access
Sentriant AG200 prevents harmful endpoint devices from connecting to the internal network in a repeatable manner necessary to achieve ongoing policy compliance.


Hundreds of up-to-date security checks
Fast testing in only seconds
Support for both Windows and Mac endpoints
Multiple testing options including a completely agent-less solution
Flexible Deployment Modes for Infrastructure Compatibility
Unlike solutions that only function in specific network environments, Sentriant AG200 works with any IP infrastructure without forcing expensive network upgrades or changes.


Single-server or Multi-server deployment
Multiple enforcement methods for quarantine (802.1X, DHCP, Inline)
Works with existing authentication schemes (Active Directory, LDAP, RADIUS)
Enterprise-Class Management and Administration for Low Operational Complexity
Sentriant AG200 can easily be integrated with existing IT systems and operations and provides complete visibility over the entire NAC process.


Centralized, web-based management interface
Multi-user, role-based administrative access
Standard and custom reports
Rich APIs for IT system integration


購買
Sentriant AG 200 Data SheetAG200 Data Sheet
Sentriant AG 200 Product BriefAG200 Product Brief