Filter
Top Products
Allied Telesis www.alliedtelesis.com
AlliedWare Plus
TM
| Operating System
Continued from previous page.
With three distinct modes, the CLI is very secure.
User exec mode allows users to view settings and
troubleshoot problems but does not allow any
changes to be made to the system. Privileged
execmode allows users to change system settings
and restart the device. Configuration changes are
only permitted in global configuration mode,
which reduces the risk of making accidental
configuration changes.
AlliedWare Plus Licensing Unlocks
New Features
With AlliedWare Plus, a single license password or
'key' is all that is necessary to activate a feature
bundle.This single key enables the bundled features
on all hardware of that particular product type.
License keys enable you to "unlock" additional
feature bundles that ship with the switches.
Policy-Based Quality of Service (QoS)
Comprehensive, low latency QoS features
operating at wire-speed provide flow-based traffic
management with full classification, prioritization,
traffic shaping and min/max bandwidth profiles.
The QoS features are ideal for service providers
wanting to ensure maximum availability of
premium voice, video and data services, and at the
same time manage customer service level
agreements. For enterprise customers, the QoS
features protect productivity by guaranteeing
performance of business-critical applications
(including VoIP services), and help to restore and
maintain responsiveness of enterprise applications
in the workplace.
Control Plane Prioritization
The Control Plane Prioritization (CPP) feature
allows you to allocate priorities to packet types, to
ensure minimum interruption to the flow of
control information through the network.
CPP stops the control plane from being flooded
by traffic in the event of a network storm or
Denial of Service (DoS) attack.This ensures
maximal performance and prevents network
outages. In addition, with CPP you can also limit
the amount of traffic that flows to the CPU to
ensure that performance of other services, such as
the CLI, are not affected should a network storm
or DoS attack occur.
Resiliency
Link Aggregation
Link aggregation allows a number of individual switch
ports to be combined, forming a single logical
connection of higher bandwidth.This provides a
higher performance link, and also provides
redundancy for a more reliable and robust network.
AlliedWare Plus supports IEEE standard 802.3ad link
aggregation, which can be configured manually,or
automated via the use of Link Aggregation Control
Protocol (LACP). LACP automatically detects
multiple links between two LACP enabled devices
and configures them to use their maximum possible
bandwidth by automatically combining the links.
VRRP - Virtual Router Redundancy Protocol
VRRP provides automatic backup in mission-critical
environments.This feature enables multiple routers
or switches to share a virtual IP address that serves
as the default LAN gateway. Should the master fail,
the other devices assume the virtual IP address.
LAN devices can continue to be configured with a
single default gateway address, and because VRRP is
a standards based protocol, full interoperability with
other VRRP-supported products is assured.
Ethernet Protection Switching Ring (EPSR)
EPSR allows several switches to form a protected ring
with sub 50ms failover.This feature is perfect for high
performance at the core of enterprise or provider
access networks.
MSTP - Multiple Spanning Tree Protocol
MSTP addresses the limitations in the existing
spanning tree protocols, Spanning Tree Protocol (STP)
and Rapid Spanning Tree Protocol (RSTP). MSTP is
similar to RSTP in that it provides loop resolution and
rapid convergence. However it also has the significant
extra advantage of making it possible to have different
forwarding paths for different multiple spanning tree
instances.This enables load balancing of network
traffic across redundant links.
Dual Software Images
Dual software images can be stored, providing
separate primary and secondary operating system
files that function as backup during upgrades.
Security
802.1x, RADIUS Authentication and Dynamic
VLAN Assignment
The IEEE 802.1x standard manages port-based
network access. It provides authentication to devices
attached to a LAN port by initiating a connection or
preventing access from that port if authentication fails.
Valuable for authenticating and controlling user traffic
to a protected network, 802.1x is also effective for
dynamically varying encryption keys. 802.1x attaches
the Extensible Authentication Protocol (EAP) to both
wired and wireless LAN media, and supports multiple
authentication methods, such as token cards,
Kerberos, certificates,and public key authentication.
802.1x uses the RADIUS (Remote Authentication
Dial In User Service) protocol to transfer
authentication and configuration information between
the switch and a shared RADIUS authentication
Server., which manages a database of users and
provides authentication and configuration information
to the client.
Dynamic VLAN assignment allows an 802.1x
supplicant to be placed into a specific VLAN based on
information returned from the RADIUS server during
authentication.This limits the network access of a
supplicant to a specific VLAN that is tied to their
authentication, and prevents supplicants from
connecting to VLANs for which they are not
authorized.A port's VLAN assignment is determined
by the first supplicant to be authenticated on the port.
SSHv2 and SCP
The Secure Shell (SSH) version 2 protocol
provides encrypted and strongly authenticated
remote login sessions. SSHv2 provides sessions
between a host running a Secure Shell server and
a machine with a Secure Shell client.
Secure Copy Protocol (SCP) is also supported.
SCP allows for secure file transfer to and from the
switch, protecting your network from unwanted
downloads and unauthorized file copying.
Access Control Lists (ACLs)
AlliedWare Plus delivers industry-standard Access
Control functionality through access control lists
(ACLs).ACLs filter network traffic to control
whether routed packets are forwarded or blocked
at the port interface.The switch examines each
packet to determine whether to forward or drop
the packet based on the criteria that is specified
within the ACL, such as source and destination
MAC or IP address, IP protocol, or TCP/UDP port.
This provides a powerful network security
mechanism to select the types of traffic to be
analyzed, forwarded, or influenced in some way, for
example to restrict routing updates or provide
traffic flow control.