ProCurve Networking by HP
The ProCurve Networking
Adaptive EDGE ArchitectureTM
Introduction ............................................................................................................... 2
The Changing Enterprise Network .................................................................................. 2
The Evolution of Ethernet Networks ............................................................................... 3
Meeting the Need – ProCurve Networking Adaptive EDGE Architecture ................................ 4
Control to the Edge .................................................................................................. 7
Command from the Center ........................................................................................ 7
Getting from Here to There........................................................................................ 8
The ProCurve Networking Adaptive EDGE Architecture Is Real Today ................................ 11
Industry Approaches.................................................................................................. 12
For more information ................................................................................................. 14
To gain competitive advantage, business decision-makers are looking for new ways to
create communication efficiencies in their enterprise networks and at the same time
maximize network investments to achieve real business value. Today’s CIOs must
focus on business value rather than on technology for technology’s sake. As such,
they need to simplify their infrastructures by developing inclusive networks based on
one pervasive technology (Ethernet). They need those networks to deliver robust,
integrated functionality in the areas of security, mobility, and convergence. They need
the networks to be flexible, reliable, and cost effective. And they need them to last as
a next-generation network.
New applications can make users more efficient, but also make networks more
complex if not deployed appropriately. Decisions about network access, traffic
prioritization, traffic flows and bandwidth optimization can no longer be centralized. As
new applications become pervasive, more functionality must move to the edge of the
network to effectively support users while making efficient use of the network
resources. The edge of the network is not a destination; it’s where the user connects.
It’s where users must be authorized to access applications and resources to
accomplish their jobs, but no more. The edge is like a set of intelligent keyed
doorways that lead the user to the appropriate zones of information and services that
they need to achieve their business goals and objectives. Doors can be opened and
closed as the needs of the business change. The keys to the doors can be handed out
to the appropriate users only -- protecting private information from prying eyes. The
edge of the network creates the right doorway to connect users to the information,
services and applications they need.
This paper introduces an innovative network architecture from ProCurve Networking
by HP the ProCurve Networking Adaptive EDGE Architecture™ based on open
industry standards. It makes possible a network that can change or adapt to meet
changing network needs. The network enabled by the Adaptive EDGE Architecture will
be a transparent network that just works – as safely, dependably, and simply as an
electric utility – whenever and wherever it’s needed.
The Changing Enterprise Network
Three major and interdependent forces are driving the transformation of the
enterprise network: the Internet, communications, and an increasingly mobile
workforce. Because of the Internet, the traditional enterprise network will become
more like a public network – requiring new levels and types of security. Convergence
of data, voice, video and other digital technologies will mean the convergence of the
separate enterprise networks that formerly hosted those data types – resulting in a
single multi-service network that must support a broad range of applications. High-
bandwidth wireless access and other mobile technologies are meeting crucial needs of
the increasingly mobile, 24/7 workforce – and turning the network into an anytime,
anywhere resource that must support secure mobility and access.
As the network becomes more public, more converged, and more mobile, companies
need to understand and support new security methods, new applications, and new
connection management solutions for a mobile workforce.
That’s because traditional solutions don’t provide the level and type of protection,
detection, and response that businesses need to safeguard their assets. Businesses
need more effective ways to respond to the changing business environment, and to
the growing numbers and types of users. Traditional solutions are based on one-
dimensional architectures that address only one area of network design at a time,
such as voice, video or data. Design rules and product features for voice, video and
data were sufficient to supply quality of service (QoS) for these applications, but were
too rigid and insufficient to address mobility or security at the same time.
These new and emerging requirements need solutions that are based on a
fundamental, multi-dimensional architecture that addresses the complexity and
flexibility required to handle all solution areas at the same time (See Figure 1).
Key business issues Network implications
The enterprise network is becoming Security becomes pervasive at every point of
increasing public with an ever increasing access and must provide the right network
range of users. resources to achieve a business result.
The network is becoming a universal resource Users need access from many different
for a broad range of needs. locations and secure mobility of the work force
must be support inside and outside the office.
The enterprise data network is becoming the A multitude of applications from traditional
“one” network. data to VoIP to virtual presence applications
must be easily deployable and co-exist on a
single, converged network.
The Evolution of Ethernet Networks
This new network will probably not come from a revolutionary, new technology but
from the evolution of a known technology – Ethernet. For most of its life, Ethernet has
existed primarily to move data in the form of transactions and files. Until recently, its
evolution was driven by the need to move data faster (10Mbps to 100Mbps to Gigabit
to 10 Gigabit) and without interference (switching). In the process, Ethernet has
become a truly pervasive network technology in business, education and government
around the world for building increasingly cost effective and robust local area
networks. While this rate of change seems remarkable in retrospect, the future –
driven by security, convergence and mobility requirements – holds even more
remarkable potential for change.
Ethernet is now moving into both new geographic domains, such as metropolitan area
networks and mobile wireless connectivity, as well as new classes of converged
applications. These new applications and technologies bring with them new traffic
types that include:
• voice (VoIP or IP telephony) focused on small packet transport with low packet loss and
• video distribution and teleconferencing and other presence applications with sustained
throughput and multicast requirements for large packets
• storage (Network Attached Storage and block-mode iSCSI) requiring high burst data rates
and low latency
• inter-process communication (emerging Remote Direct Memory Access over Ethernet
standard) requiring efficient and reliable low latency message and data transfer to support
clustering and grid computing
• trusted traffic (and its opposite, unwanted traffic) authenticated and encrypted end-to-end
Ethernet/IP networks, both public and private, will ultimately span the planet and
transport all types of digital traffic in support of every conceivable digital application.
This will transition Ethernet/IP from being “a” network to Ethernet/IP being the “one”
network. This evolution will mean Ethernet/IP everywhere for everything digital.
It will also mean something else: the end-game of network evolution is that
Ethernet/IP networks become utility-like, transparent networks. The transparent
network is one that works much as utility companies do today. When you plug an
appliance into an electric socket, you assume the electricity will be there without even
thinking about it – and it is. Moreover, you can plug any standard appliance – food
processor, lamp, clock – into the wall socket and it will work, regardless of its
function. You don’t have to worry about accessing the electricity. You don’t have to
configure your appliance for the electric current. And when you bring home new
appliances that weren’t invented a few years ago, you know you can just plug them
into the wall socket, as well. Electricity is a transparent utility, one that you don’t
notice until, as in a blackout, it’s not there.
The utility-like transparent network will be much like the electric utility. You won’t
need to think about it or manually configure devices for it. Nor will you have to
reconfigure the network for new applications or services. The network itself won’t be
nearly as important as what it makes possible: converged data services with access
from any device, any time, anywhere, to any resource on the network that you are
allowed to use. It will have a high degree of reliability – often characterized as “five-
nines” or 99.999 percent uptime. Applications will run the same way from anywhere;
for example, a video-conferencing application will run as effectively over a wireless
connection at the airport as it does from the office. And putting a new application into
service won’t inadvertently cause other applications to break.
Meeting the Need – ProCurve Networking Adaptive
To enable the utility-like, transparent network, ProCurve Networking has developed
the ProCurve Networking Adaptive EDGE Architecture. It is an architecture that, unlike
traditional network design, can change or “adapt” to meet changing network needs
(See Figure 2).
Figure 1 A new, unified approach
• Network functionality
A unified holistic approach must migrate to the
to secure, mobile, edge where users
multi-service networks connect
• Network functionality
Security must be cost effective
• Network functionality
Secure, mobile, must support all current
networks and future traffic types
The Adaptive EDGE Architecture, like any architecture, is an approach or philosophy to
network design, rather than a product or set of products. The products and solutions
that participate in the transparent network must be based on a new, unified approach
to secure, mobile, multi-service networks. They must be designed and engineered
with right functionality built-in from their inception, and with the capability to expand
that functionality as needed, eliminating much of the need to bolt-on additional
products to achieve new functionality in the future. ProCurve Networking products are
designed to meet these requirements.
The Adaptive EDGE Architecture is a strategy for solution design that contrasts to the
traditional design in which all intelligence is located at the core (see Figure 3).
Figure 2 Traditional Core Network
Traditional core network
curve for core Wireless
switches is not
• Many decision Switches Clients
functions SHOULD Core
NOT or in some Routing
cases CANNOT be Clients Switches
deferred to the Core
driven by manual
change processes Edge
This new strategy is built on two key principles: to maintain complete command of the
network in a centralized manner, and to push out control – and intelligence – to the
network edge where users connect. ProCurve Networking solutions deliver on these
principles, making it possible to shift the network infrastructure from being network-
centric to user-centric (see Figure 4).
Figure 3 An Intelligent EDGE network
An Intelligent EDGE network
• Every EDGE Intelligent
device adds EDGE
• EDGE devices are
• A simple high- Clients Switches
interconnect is Interconnect
• Event & identity Access Points EDGE
driven dynamic Network
automated Wireless Internet
from the Center
The Adaptive EDGE Architecture approach of distributed– or scaled-out– intelligence is
more cost effective for organizations than vertically scaled – i.e., traditional, core-
centric – network designs. In this respect, distributed intelligence has followed an
evolutionary path similar to that of distributed computing (see Figure 5). Originally,
centralized computing ruled the computing world much as “traditional core”
networking architectures predominate today.
Figure 4 Industry trends – a familiar evolution
Industry trends - a familiar evolution…
Central Server Distributed
Computing Computing Computing
Traditional Hybrid Next
Core Network Generation
Mini-computers and servers gradually moved intelligence and functionality closer to
the end-user -- similar to the “hybrid” network design in which the traditional core
remains but is augmented by intelligent switches that bring intelligence to the edge.
And finally, the advent of distributed, PC-based computing moved nearly all of the
computing power, intelligence and functionality closer to the individual’s desktop,
similar to the migration of intelligence to the network edge in network design.
Control to the Edge
By definition, it is the network edge where users and applications connect, where
network traffic enters and exits the network, and where the network must determine
how that traffic should be handled. The edge is where security policies must be
enforced, where the user connects after being authenticated at a central command
resource. Without control to the edge, decisions about security and traffic must be
deferred to the network core, impacting core performance and scalability while at the
same time requiring more bandwidth in all parts of the network driving up cost and
complexity. In addition, this opens the network to security attacks between where
access is physically attained and where authorization is granted.
With the Adaptive EDGE Architecture’s control to the edge approach, access decisions
can be made automatically. Known users attempting to access the network, regardless
of where they are connecting from, are identified and given access to the same VLANs
and network services they have always had. Unknown users are denied all but the
most basic access – guest services or a “virtual lobby” – or perhaps none at all.
Command from the Center
One of the basic principles of command from the center is to provide controlled access
to critical network components based on an individual user’s business needs, thereby
protecting secure data and applications not needed by that user. The ProCurve
Networking strategy enables enterprises to protect their digital assets with what
amounts to a lightweight operating system that provides robust and dynamic access
control based on factors including the user, the device they are using, the application,
time, the system or network peripheral function, and performance. As a result, an
organization is able to preserve its network integrity while increasing productivity and
efficiency. With potential threats to security coming from any number of directions, it
is essential that network access be easily controlled from the center but enforced at
the edge, where it can most effectively protect network assets.
Effective network management from the center of the network becomes ever more
critical as the edge takes over the processing of access requests and the network
begins to accommodate increasing traffic. Command from the center makes this easy
by enabling the network to adapt itself to each user’s unique needs. At the network
center, security and other user-specific parameters can be set, stored in a database,
and then pushed out to the edge, where users connect. These parameters are
triggered by user authentication at the network edge, giving an organization more
control without added complexity.
In networking terminology, control to the edge places selected layer 2, 3, 4 and higher
functions in edge switches. These switches control access and traffic flows to ensure
the increasing set of applications can function correctly and concurrently without
interference. ProCurve Networking Adaptive EDGE networks support both centralized
cores and distributed cores with equal facility because either interior core
configuration can enforce the key decisions made at the edge. Ultimately, the
ProCurve EDGE Architecture will enable highly available meshed networks, a grid of
functionally uniform switching devices, to scale out to virtually unlimited dimensions
and performance thanks to the distributed decision making of control to the edge.
Getting from Here to There
Organizations have options in how they incorporate the ProCurve Networking Adaptive
Edge Architecture principles into their network (see Figure 6). The choice they make
depends on the infrastructure they have in place now, the functionality they wish to
add, and the timing of the investments they wish to make to achieve that
Figure 5 Migrating Customers from Today to Tomorrow
Upgrading the Interconnect
Traditional the Edge Interconnect Fabric
Design Traditional Core +
+ Intelligent Edge
Traditional Core Intelligent Edge
Tradition Edge Benefits • 25-30% lower cost
• Easy, incremental versus traditional
Benefits upgrade • Very high
• Familiar • Security, mobility availability and
• In-place & convergence resiliency
Migration Drivers Migration Drivers • Lower complexity
• Security • Performance • Highly scalable
• N ew application • Reduced • Secure, mobile &
support complexity multi-service
• EDGE performance • High availability
Migrating Customers from Today to Tomorrow
The first step is adopting the intelligent edge switches and other intelligent edge
devices that are the foundation of the Adaptive EDGE Architecture. Organizations gain
the benefit of being able to push control to the edge, while extending their existing
investment in core devices. Most organizations with existing networks will find that an
upgrade at the network edge gives them an appropriate balance between functionality
and investment and is a major step forward in creating a next-generation network.
To further optimize their network, organizations can augment their current core
technology with, or migrate that core technology to, fabric interconnect technology
designed specifically to optimize the impact of intelligence edge devices (See Figure
7.). Fabric devices simplify the interconnection of intelligent EDGE switches and
provide additional options for designing, migrating, and deploying high-performance
Flexibility and choice are hallmarks of the Adaptive EDGE Architecture. Organizations
can choose where and when to implement the key principles of the Adaptive EDGE
Architecture. They can choose how much to invest and what incremental steps to take
in creating a next-generation network. There is no single, right choice to implementing
an Adaptive EDGE Architected network; the right choice for any organization depends
on its needs, abilities and investment strategy.
Figure 6 The Future of the Intelligent EDGE
The Future of the Intelligent EDGE
• Every port holds Intelligent EDGE
an application with Virtual per Port
• Each port
incorporates a rich
set of network Clients
• Robust support Clients
control of network Wireless
The ProCurve Networking Adaptive EDGE Architecture focuses on:
• Implementation of intelligent edge devices for control to the edge based on industry
standards including features for access security, traffic prioritization, traffic routing,
bandwidth control, and virus protection. Over time these devices will deliver sophisticated
packet processing applications that can be “ignited” at the port as required by demands of
users, devices and applications in real time
• Implementation of software solutions for command from the center to maintain network
infrastructure health and to automate the configuration of intelligent edge decisions based on
user, device and application needs
• Choice and flexibility in interconnecting the edge with the use of industry-standard routing
and switch meshing with robust multi-path and path failover for high availability and resiliency
• Delivering the best business value by optimizing return on investment and reducing
complexity, as well as by providing security, unmatched reliability backed by a lifetime
warranty, and the flexibility and choice that come with industry-standard implementations --
all at an affordable price.
The ProCurve Networking Adaptive EDGE Architecture
Is Real Today
Figure 7 Delivering the Adaptive EDGE Architecture
Delivering the Adaptive EDGE Architecture
AEA Based Solutions
Security Solutions Secure Mobility Solutions Convergence Solutions
Edge Devices Interconnect Command
Intelligent EDGE Edge Intelligent EDGE Switches Center
Portal Routers Switches Switches
7000dl Series 6400 Series Manager Plus
Secure R outer 10 GbE Stackable Device Management
Platform with Stateful 4100 Series 5300 Series 6 CX4 + 2 Flex
Firewall and add-on 10/ 100/ 1000 6 X2 + 2 Flex
10/ 100/ 1000
VPN support Chassis, 4&8 Slot
Chassis, 4&8 Slot
2800 Series 3400 Series
Wireless Gig Stackables Stackable 24/ 48 Gig
9300 Series 9400 Series Access Management
10/ 100/ 1000 & Gig & 10GbE
10 GbE Uplinks (2)
10GbE Chassis Chassis 8 Slot
W i-Fi Access 2600 Series 4, 8 & 16 Slot
10/ 100 Stackables
PoE Available Interconnect Fabric
700 Series Gig/ 10GbE
Secure W ireless 8 & 16 Slot
Coming in Late 2005
The Adaptive EDGE Architecture is a network design approach that will ultimately
deliver utility-like transparent networks. But it is not just a vision; organizations can
begin the development of these networks today with a broad range of products and
solutions that are already available (see Figure 8). These products and solutions
enable organizations to do the following:
• Create a long-lasting physical network infrastructure.
• Build the intelligent edge with products like the 5300 and 3400 series.
• Provide access anywhere across the site with secure wireless products like the new Access
Control Module for the 5300 series switches and ProCurve wireless access points.
• Connect securely to other sites and the Internet while providing secure remote user access
with the ProCurve 7000 series edge portal secure routers.
• Interconnect the edge with products including the new 9400 series core routing switch with
high density 10GE (and, soon through a new class of interconnect product called interconnect
• Manage and configure the physical network with ProCurve Manager Plus to keep the
• Control network access with Identity Driven Manager to ensure users get appropriate access
to resources by dynamically configuring the intelligent based on business needs.
To solve specific business needs, organizations can turn to Adaptive EDGE
Architecture-based solutions in security, mobility, and convergence as they need
them. ProCurve Networking by HP will be there to help organizations to build the
next-generation networks that will support their business needs well into the future.
Networking equipment vendors have attempted two different tactics to address
customer concerns for new network architectures without addressing the root issues.
The first is to develop a rigid set of design rules and product requirements to “enforce”
a one-dimensional network design. For example, design rules and product features are
sufficient to supply quality of service (QoS) for voice applications, but commonly are
too rigid and largely inadequate to address mobility or security at the same time.
These one-dimensional approaches are limited in reach, create additional network
complexity, and restrict an enterprise’s ability to choose best-in-class products and
ultimately act as a lock-in for a vendor’s proprietary architecture.
Another strategy for addressing these advanced applications is to take so-called “high-
end” or “core” products and reposition them into relatively focused roles at the edge of
the customer’s network. These high-end products are costly to buy and support,
overly complex due to the dramatically different role they were designed to play and
fundamentally inappropriate to address the access level roles at the edge of the
Today’s enterprise networks require solutions based on a unified, holistic architecture
that provides reduced complexity, security, reliability and flexibility. ProCurve
Networking edge products are designed from the ground up to play this unique role.
There are no other products in the industry that can match their performance,
flexibility, features and affordability at the edge of the network.
Creating solutions that reduce complexities and are easy to use is a core component
of the ProCurve strategy. Quality is never compromised. With industry-leading
simplicity, customers deploying ProCurve solutions do not require custom network
designs and expensive consulting contracts.
Also, with ProCurve solutions, network managers can work smarter because they have
greater visibility at the network edge, and can focus their attention on deploying next-
generation applications more quickly.
ProCurve networking solutions have several layers of built-in security. The company
has heavily invested in ensuring ProCurve products comply with the newest and most
stringent standards. In fact, ProCurve leads the establishment of many of these
standards, such as 802.1X.
Based on the Adaptive EDGE Architecture, ProCurve security solutions enable the
creation of intelligence throughout the enterprise network to the edge where the user
connects. This approach enables enterprises to mitigate risks more effectively as they
protect their digital assets. Furthermore, it allows cost-effective partitioning of the
network to create zones of similar users with similar access needs.
ProCurve Networking solutions are highly reliable. The reliability is based on the
legendary ProCurve quality customers have come to expect, and includes fault-
tolerant designs, high levels of integration, hot-swappable components, and a free
With a highly reliable infrastructure, enterprises can avoid costly and potentially
detrimental downtime, improve internal performance, and enhance external service
ProCurve provides customers with maximum flexibility. ProCurve enables
interoperability by supporting and driving open industry standard and addressing
customers’ business needs with an integrated approach to secure, mobile and
The Adaptive EDGE Architecture provides a guide for building a foundation for today’s
and tomorrow’s applications that simplifies convergence deployments, and as a result,
makes communications more efficient for users. ProCurve recognizes that security,
mobility and convergence are interdependent forces, and ProCurve takes it a step
further by helping customers to address these network forces simultaneously.
Being a holistic, non-proprietary architecture that does not require expensive service
agreements, ProCurve eliminates the cycle of continual network redesigns to keep up
with changing business needs and emerging applications.
And since the architecture is based on industry standards, customers can be confident
their infrastructure will grow across all areas of their business, including client devices,
As a company, ProCurve has built its business on interoperability, and supports cross-
compatible, open industry standards to protect its customers’ investments. ProCurve
is committed to continuously updating their products as new standards become final
and available to implement. This strategy is focused on the customer’s future,
enabling easy network scalability for increased performance and functionality.
The ProCurve Networking Adaptive EDGE Architecture is designed to meet the needs
of the next-generation network, today and tomorrow.
The future of enterprise networking is clear. Companies must deploy infrastructures to
support converged, mobile, highly secure networks. These three needs are all related,
interactive and interdependent. As a result, enterprises should adopt a three-
dimensional architecture that fully integrates and leverages each focus area.
Next generation networks cannot be effectively deployed without having critical
functionality at the edge of the network. In short, control to the edge is the only way
to offer full support for today and tomorrow’s applications while ensuring secure,
appropriate and mobile access. Command from the center is required to automate the
configuration of edge intelligence to deliver the appropriate business-oriented behavior
of the network to support the applications.
The ProCurve Networking Adaptive EDGE Architecture recognizes the necessary
migration of functionality to the network edge and gives customers a cost-effective,
easy-to-manage solution to achieve command from the center with control to the
edge. ProCurve Networking Adaptive EDGE Architecture enables companies to
preserve networking investments while readying their networks for the future to
support business needs and priorities. With ProCurve Networking Adaptive EDGE
Architecture, a company’s network can truly become an anywhere, anytime resource.