• Products
  • Switches
  • Routers
  • IP Multimedia
  • IP Storage
  • Security Products
  • Network Management
  • SOHO
  • Green Products
  • Other Products
• Solutions
  • Industry Solutions
  • Technology Solutions
• Success Stories
  • Education
  • Finance
  • Large Enterprise
  • E-Government
  • Others
• Technology
  • Comware Platform Overview
  • OAA
  • System Management
  • WAN
  • LAN
  • IPv4 & IPv6 Services
  • QoS
  • Security and VPN
  • IP Routing
  • IP Multicast
  • MPLS
  • Voice
  • Reliability
  • IRF
  • MIB

Features

Full wire-speed, multi-layer switching

l S5600 series switches offer L2/L3 wire-speed switching capacity. The product series offers 10GE uplink speed, satisfies the most demanding.

l The hardware supports L3 wire-speed switching, and is able to identify and process the traffic flows from L2-L4.

l With independent packet filters, all ports distinguish different flows and forward them with corresponding priority.

Innovative IRF technology

S5600 Series adopt an innovative technology, Intelligent Resilient Framework, so bandwidth can be expanded and upgraded smoothly. With IRF technology, S5600 series switches can be stacked up to 8 units, forming a distributed switching fabric with up to 96G stacking bandwidth between any two units. From the management and configuration perspective, the distributed switches act as one switching device and run as one logical entity, while from a performance perspective，each switch in the IRF framework can make local forwarding decision both layer2 and layer3, the unit in the fabric can backup each other. Most importantly, IRF can provide the features that users are pressing for: reliability, scalability and manageability.

l S5600 Series switches support RMON on IRF, customers can collect RMON history and statistics data of any units from any switch in the fabric.

l HGMP V2 on IRF function allows customers to collect the information about the connection relations of the devices in a network and candidate devices, consequently maintaining and managing the cluster topology.

l Peer fabric port detection function can decide whether a device can join a IRF fabric or not.

Excellent PoE (Power over Ethernet) Supply Function

S5600 series supply PoE function for endpoint devices, providing power over copper Ethernet cable to endpoint (Powered Device, such as IP phone, WLAN AP).

l S5600 series switches provide up to 48 simultaneous full-powered PoE ports at 15.4W for maximum powered-device support, such as IP telephony and wireless LAN deployments. As PSE (Power Sourcing Equipment) devices, all S5600 series Switches are 802.3af compliant PoE switches.

l With PoE and Voice VLAN technology, these innovative switches can provide the perfect solution for a converged voice and data network.

l S5600 series Switches supports PoE Profile, that means PoE policy configurations applicable to different user groups are stored in the corresponding PoE Profiles. When users connect a PD device to the port that currently has PoE Profile stored, the switch will automatically apply the PoE configuration defined in the corresponding port’s PoE Profile to the PD device.

Flexible security control policies

l The S5600 Series support 802.1x authentication to identify users who attempt to access the network. With the 802.1x client version checking function enabled on a switch, the switch checks the version and validity of the 802.1x client running on supplicant systems to prevent those that use earlier versions of 802.1x client or illegal clients from logging in.

l The S5600 Series support Centralized MAC address authentication, it controls accesses to a network through ports and MAC addresses. This kind of authentication requires no client software. When operating in centralized MAC address authentication mode, a switch begins to authenticate the user if it detects a new user MAC address. Further more, the S5600 Series can Perform 802.1x authentication and MAC address-based authentication simultaneously.

l The S5600 Series support The Guest VLAN function, this function enables supplicant systems that are not authenticated to access specific resources and thus perform the corresponding operations, such as obtaining 802.1x client, upgrading client, or obtaining other upgrading programs.

l The S5600 Series can also prevent unauthorized access to the network by binding any combination of MAC, IP and PORT.

l Secure Shell V2 (SSH V2) offers security information protection and powerful authentication function to safeguard the Ethernet switch from attacks such as IP address spoofing and plain text cipher interception.

High reliability

l The S5600 series support STP/RSTP and multi-VLAN based MSTP, greatly improving redundant back-up for links and fault tolerance capability, so that the network can run with high stability.

l The S5600 series switches support link-aggregation (include manual link aggregation and LACP), it is a simple and cost efficient way to expand the bandwidth of a switch port and balance the traffic among all the ports in a link aggregation. In addition, connection reliability is enhanced.

l The S5600 Series support the optional RPS (Redundant Power Supply), thus improving the fault tolerance capability and normal network operation duration. Power module of the S5600 Series is hot-swappable.

l The S5600 series support VRRP, and can build a VRRP back-up group with other L3 switches. They can build a redundant route topological structure when a fault occurs to guarantee communication continuity and reliability, keeping network status stable.

l S5600 supports ECMP (Equal Cost Multi-path Protocol) routing, which can be used for load balance and routing redundancy.

Abundant QoS policies

l The S5600 Series support L2~L4 complex flow classification based on source MAC address/destination MAC address/source IP address/destination IP address/ports/protocols.

l The S5600 Series support flexible queue scheduling algorithms, which can be set on the basis of port and queue at the same time. They support Strict Priority (SP), Weighted Round Robin (WRR) and SP+WRR; 8 priority queues and 2 drop precedence.

l The S5600 Series support Committed Access Rate (CAR) and limit the traffic speed in the 64Kbit/s granularity.

l The S5600 Series support RSPAN (Remote switched port analyzer), It breaks through the limitation that the mirrored port and the mirroring port have to be located in the same switch, and makes it possible that the mirrored and mirroring ports be located across several devices in the network, and greatly enhances the way that the network administrator can manage the switch.

l The S5600 Series can configure the Priority for Protocol Packets, each protocol packet has its own priority. Customers can modify the priority of the protocol packet with the help of relevant QoS commands.

l The S5600 Series support to configure the control policy over Telnet, configuring the source IP, destination IP, and source MAC to control over. Also specify whether the control action is permitting or denying access.

Diversified System Configuration and Management Modes

l The S5600 Series support Simple Network Management Protocol (SNMP) v1/v2/v3 and RMON (Remote Monitoring) v1/2/3/9 groups of MIBs. They can be managed by general network management platform such as OpenView, and H3C iMC network management system.

l The S5600 Series support Command Line Interface (CLI), Web based network management, modem dial-up and telnet which make the equipment management more convenient.

l The S5600 Series support HGMP V2 cluster management, After enabling HGMP V2, the network administrator can manage several member switches through one command switch and only the command switch need a public network IP address, it can save public IP address greatly and manage the network more efficiently.

l The S5600 Series support SNMP Agent logging, it means the network management operation logging function logs operations can perform remotely by administrators through SNMP.

Abundant System Maintenance and Debugging Methods

l The S5600 Series support System log, Hierarchical alarm management and alarm filtering, Detailed alarm/debug information output, Ping and Tracer, they also support remote maintenance via Telnet Modems and SSH.

l The S5600 Series support HWping, it is a new network diagnostic tool used to test the performance of protocols operating on network and It is an enhanced alternative to the ping command.

l The S5600 Series support DLDP (Device Link Detection Protocol), DLDP can detect the link status of the optical fiber cable or copper twisted pair. If DLDP finds a unidirectional link, it disables the related port automatically or informs users to disable it manually depending on specific configuration, to avoid potential network problems.

l The S5600 Series support Loopback detection on ports, after users enable loopback detection for Ethernet ports, the switch will monitor whether the ports have loopback on a regular basis; if the switch detects loopback for a particular port, and it will put that port under control.

The S5600 Series support VCT (Virtual Cable Test) which is convenient for troubleshooting. Customers can start the virtual cable test (VCT) to make the system test the cable connected to the current electrical Ethernet port. The test items include: whether short or open circuit exists in the Rx/Tx direction of the cable, and what is the length of the cable in normal status or the length from the port to the fault point of the cable.