Intelligent Resilient Framework 2 (IRF2)
H3C S5560S-EI switch series is pre-built with Intelligent Resilient Framework 2 (IRF2). IRF2 provides the following benefits:
High scalability: With IRF2, plug-n-play device aggregation can be achieved by adding one or more switches into the IRF2 stack and enabling IRF2 stacking on the new device. New devices can be managed with a single IP, and upgraded at the same time to reduce network expansion cost.
High reliability: The IRF2 patented 1:N backup technology allows each slave device in the IRF2 stack to serve as the backup of the master, creating control and data link redundancy, as well as uninterrupted layer-3 forwarding. This improves the reliability, avoids unplanned business downtime and serves to improve overall performance. When the master device fails, traffic remains uninterrupted.
Load balancing: IRF2 supports cross-device link aggregation, upstream and downstream can be connected to more than one physical link, which creates another layer of network redundancy and boosts the network resource utilization.
Availability: H3C Implements IRF2 through standard Forty Gigabit Ethernet (40GE) or Ten Gigabit Ethernet (10GE) ports which allocates bandwidth for business and application access and reasonably splits local traffic and upstream traffic. IRF2 rules not only able to obeyed within and across the rack, but also across the LAN.
Intelligent Resilient Framework 3.1 (IRF 3.1)
Intelligent Resilient Framework 3.1 technology (IRF 3.1) is implemented based on IEEE 802.1BR. It integrates lower-layer devices (PEXs) such as access devices with a higher-layer IRF fabric (parent fabric) to provide high-density, low-cost connectivity at the access layer. You can manage and configure the PEXs from the parent fabric as if they were interface modules on the parent fabric.
IRF 3.1 brings the following benefits:
Single point of management—An IRF 3.1 system is accessible at a single IP address on the network. You can use this IP address to log in through any network port to configure and manage all the devices in the system.
Unified security policy—The whole IRF 3.1 system enforces the same security policy, avoiding the policy conflicts that typically occur when the network devices are configured one by one.
Simplified network topology—IRF 3.1 combines the access and distribution layers, streamlining the conventional three-layer network model to two layers and making cabling easier.
Simplified service deployments—An IRF 3.1 system is a single node for IP services, routing protocols, VLANs, and other services. You can deploy services on it in the same way you work with a single device. This significantly reduces service deployment complexities and the risks of inadvertent deployment errors when numerous devices are involved.
Easy scalability and maintenance—IRF 3.1 enables plug-and-play of PEXs without network topology changes and automatically pushes configuration and software from the parent fabric to the PEXs. IRF 3.1 also reduces the numerous points of failure into one, improving the efficiency in troubleshooting.
Smart Management Center (SmartMC)
SmartMC is H3C’s latest offering and innovation that helps small and middle size enterprise network to address management issue and is free of charge, easy to use web management tool. SmartMC is embedded network management tool into the switch, it includes commander switches and other access switches.
SmartMC delivers the following benefits:
Intelligent operation: once the switch is powered on and SmartMC function is enabled, topology will be created automatically and user can go enhanced web GUI to check the latest status.
Centralized management: all management can be achieved via commander switch such as centralized configuration backup, and software version management, increasing working efficiency.
One key device replacement: in case of one switch failure, the new added same type switch can download the same configuration and work as old switch immediately
Software-defined networking (SDN) is an innovative network architecture that separates the control plane from the forwarding plane, typically by using OpenFlow. SDN significantly simplifies network management, reduces maintenance complexity and cost, enables flexible traffic management, and offers a good platform for core network and application innovations.
The switch supports large flow tables and provides data plane functionality of SDN. You can use the switch in conjunction with the H3C SDN controller to set up a large-scale Layer 2 network and quickly add users to the network.
Comprehensive security control policies
Endpoint Admission Defense (EAD), in conjunction with the backend system, integrates endpoint security (including anti-virus and patching) and network security (including network access control and access right control) into an interactive security system. By checking, isolating, repairing, managing, and monitoring the endpoints, this system turns reactive single-point defense to proactive, all-round defense, and dispersed management to centralized policy management. This system enhances the overall network protection against numerous security threats and improves the responsiveness to new threats.
The switch supports unified MAC address authentication, 802.1x authentication, and portal authentication; dynamic or static binding of user identifiers such as user account, IP address, MAC address, VLAN, and port number; and dynamic application of user profiles or policies (such as VLAN, QoS, and ACL) on users. Using the switch in conjunction with H3C IMC, you can manage and monitor online users in real time and take prompt action on illegitimate behaviors.
The switch offers a large number of inbound and outbound ACLs and VLAN-based ACL assignment.
The switch supports Unicast Reverse Path Forwarding (uRPF), which protects a network against source spoofing attacks, preventing DoS and DDoS attacks.
The switch supports 1+1 power module redundancy and 1+1 fan tray redundancy. You can select AC or DC power modules for the switch as needed. The switch automatically monitors power module and fan tray status and adjusts fan speed based on the change in temperature. When a power or temperature event occurs, the switch generates alarms.
In addition to hardware redundancy, the switch provides a variety of node and link redundancy and protection mechanisms, including:
Ethernet link aggregation, including LACP.
Spanning tree protocols, including STP, RSTP and MSTP.
Smart Link, which protects faster link switchover for dual uplink network.
Rapid Ring Protection Protocol (RRPP).
IRF 2 ring topology in conjunction with multichassis link aggregation.
Abundant QoS features
The switch offers abundant QoS features, including:
Packet filtering based on packet header fields from Layer 2 through Layer 4, including source MAC, destination MAC, source IP, destination IP, TCP/UDP port number, protocol type, and VLAN.
Flexible queuing and scheduling algorithms configured on a per-port or per-queue basis, including strict priority (SP), weighted round robin (WRR), and SP+WRR.
Committed access rate (CAR) with the minimum granularity at 8 kbps.
Port mirroring in both outbound and inbound directions for network monitoring and troubleshooting.
Outstanding management capacity
The switch provides a variety of management features and is easy to manage. It offers the following device management features:
Provides multiple management interfaces, including the console port, micro USB port, and out-of-band management Ethernet port.
Supports configuration and management from CLI or a general-purpose Web-based manager, including H3C IMC Intelligent Management Center and OpenView.
Supports multiple access methods, including SNMPv1/v2c/v3, Telnet, and more secure SSH 2.0.
To help customers gain visibility into network application traffic, the switch provides a variety of traffic monitoring and analytic tools, including local port mirroring and Layer 2 remote port mirroring. With these tools, customers can specify multiple monitor ports and collect network traffic data to evaluate network health status, create traffic analysis reports, perform traffic engineering, and optimize resource allocation.