The document discusses NETGEAR's switch portfolio positioning and how to educate customers. It covers Smart Managed switches for smaller networks, Stackable Smart and Fully Managed switches for medium enterprises, and Chassis switches for larger networks and campuses. The education focuses on addressing customer concerns around network performance, availability, management, and flexibility through NETGEAR's switching architectures and features. Chassis switches are positioned as providing higher performance, availability, and predictability compared to stacking architectures.
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Webinar NETGEAR - Switch ProSAFE per il disegno di rete nei livelli di core, distribuzione ed accesso
1. ProSAFE Switch Series
Come strutturare la rete nei livelli
CORE, DISTRIBUZIONE e ACCESSO
Andrea Rossi
Senior System Engineer
andrea.rossi@netgear.com
Formazione Online
5. Sure, would you
want something…
Solution on perceived value?
NETGEAR Switch Positioning
6. Multi Tier Networking
6
Access layer
End-stations and servers connect to the enterprise at the access layer. Access layer devices are usually commodity switching
platforms, and may or may not provide layer 3 switching services. The traditional focus at the access layer is minimizing "cost-per-
port": the amount of investment the enterprise must make for each provisioned Ethernet port. This layer is also called the desktop
layer because it focuses on connecting client nodes, such as workstations to the network.
Distribution layer
The distribution layer is the "smart" layer in the three-layer model. Routing, filtering, and QoS policies are managed at the
distribution layer. Distribution layer devices also often manage individual branch-office WAN connections. This layer is also called
the Workgroup layer.
Core layer
The core network provides high-speed, highly-redundant forwarding services to move packets between distribution-layer devices
in different regions of the network. Core switches and routers are usually the most powerful, in terms of raw forwarding power, in
the enterprise; core network devices manage the highest-speed connections, such as 10 Gigabit Ethernet.
8. NETGEAR Switch Positioning
Smart Managed Switches
Standalone Smart
+ 250-user or less networks
• Rackmount and Desktop
• Web Management only
• PoE/ PoE+ options
• Essential QoS, VLAN, Multicast,
Bandwidth management
• Essential L3 Static Routing
(no resiliency, no load-balancing)
• LIFETIME Warranty
• LIFETIME NBD / Technical Chat
Stackable Smart
+ 250-user or less networks
• S3300 series
• True Stacking technology
• 4 x 10G Ports Uplinks / Stacking
• Distributed link aggregation
across the stack
• Master redundancy (with couple
downtime during failover )
• Rackmount
• Web Management only
• PoE+ options
• Essential QoS, VLAN, Multicast,
Bandwidth management
• DHCP L2 Relay
• Essential L3 Static Routing
(no resiliency, no load-balancing)
• LIFETIME Warranty
• LIFETIME NBD / Technical Chat
Perfect fit for
SMB networks
9. NETGEAR Switch Positioning
Fully Managed Switches
Standalone Managed
+ Networks > 250 users
• M4100, M7100 series
• Telnet, SSH, CLI, Web GUI
• Advanced QoS, VLAN, Multicast,
Bandwidth management
• DHCP L2/L3 Relay
• Advanced L3 Static Routing
(resiliency, load-balancing)
• Scalable hardware
• Granular software
• LIFETIME Warranty / NBD / Chat
Stackable Managed
+ Networks > 250 users
• M5300, M7300 series
• Full Mesh Stacking technology
• 4 x 10G ports Uplinks / Stacking
• Distributed link aggregation across
the stack
• Master redundancy with hitless,
non-stop forwarding failover
• Telnet, SSH, CLI, Web GUI
• Advanced QoS, VLAN, Multicast,
Bandwidth management
• DHCP L2/L3 Relay
• Advanced L3 Static Routing
(resiliency, load-balancing)
• Full Layer 3 (Dynamic Routing)
• IPv6 to IPv4 tunnelling
• Scalable hardware
• Granular software
• LIFETIME Warranty / NBD / Chat
Smart
Stand-
alone
S3300
Stackable
Best fit for Medium Enterprise
and Campus networks
10. NETGEAR Switch Positioning
Chassis Switching
Managed Chassis Switch
+ Networks > 250 users
• M6100 series
• 480G Distributed Fabric
• Greater inter-module throughput & performance
• Distributed link aggregation across the chassis
• Supervisor redundancy with hitless, non-stop
forwarding failover
• Passive backplane reliability and predictability
advantages over typical stacking architectures
• Telnet, SSH, CLI, Web GUI
• Advanced QoS, VLAN, Multicast, Bandwidth
management
• DHCP L2/L3 Relay
• Advanced L3 Static Routing
(resiliency, load-balancing)
• Full Layer 3 (Dynamic Routing)
• Policy Based Routing for tailored load-balancing
and failover capabilities
• IPv6 to IPv4 tunnelling
• Scalable hardware and granular software
• LIFETIME Warranty / NBD / Chat
Smart
S3300
Stackable
Stand-
alone
M4100, M7100
Standalone
M5300, M7300
Stackable
Best fit for Medium Enterprise
and Campus networks
11. DISCOVER the problems:
Increasing %
of
IT resources
distracted
by legacy
maintenance
needs
Network
Management
Network
Flexibility
3-tier networks are complex, costly and hard
to maintain; even harder to upgrade
Disparate network management tools make for
an inefficient network management experience
Network
Availability
Downtimes on a segment of the network lead
to difficult operations restart for VMs and SAN,
RDP or TSE applications, databases etc…
Network
Performance
Uneven wired and wireless user experience
Rising traffic levels posing congestion
challenges
12. DEVELOPMENT: Value for the customer
Simplified management with policy
enforcement spanning security and access
privileges across multiple device types and
use needs
Simpler two-tier network architectures with
more density, more intelligence at the edge
and less burden for the core layer
Ensure
consistent
quality of
service for
evolving user
and growing
bandwidth
intensive
application
needs
Stop spiralling
IT footprint
and costs
Network reliance and importance requires
downtime must be minimised or eliminated,
whether planned or unexpected
Investment protection through architectures
that can both scale and support growing
bandwidth demands
Consistent
Management
Consistent
Flexibility
Consistent
Performance
Consistent
Availability
13. Performance
+ How much traffic in your network today? And in future?
• Northbound / Southbound
• Westbound / Eastbound
+ Where are bottlenecks? Costs to applications, services?
+ Do you measure performance today? (sFlow)
North
South
West East
West
East
14. Education on Performance
+ All about 1G or 10G speeds between
switches
+ Standalone Smart or Managed offer 1G
uplinks only
+ Stackable Smart or Managed usually
offer 10G uplinks
+ But what about Stacking backplane
then? Still couple 10G
so blocking when 10G uplinks
+ Chassis offers 8 x 10G
access to the backplane
per slot
northbound/southbound and westbound/eastbound traffic
is WIRE-SPEED on 1G blades even when 4 x 10G
uplinks on each
15. Network availability
+ How do you backup your network today?
• Spanning Tree (too complex? slow convergence time? Does it even work?)
• Stacking, Distributed link aggregations, active-active server topologies?
+ What happens when parts of your network are down?
+ What is the cost of downtime today? And tomorrow?
+ How critical is the network uptime? Single points of failure?
16. Education on Availability
+ All about how to get rid of
Spanning Tree ‘backup’
+ Spanning Tree is slow and too
complex for midsize networks
+ Stacking allows for distributed
link aggregations hence
providing load-balancing AND
redundancy / failover capabilities
+ Stacking is all about how FAST the recovery must be
+ Stackable Smart Managed can offer ‘reduced’ downtimes
+ Stackable Fully Managed can offer NSF sub-second failovers’
+ Chassis Switches will allow for Non-Stop-Forwarding in any
situation with added predictability over stack (fixed architecture)
and more efficient N+1 power redundancy
17. Network management
+ Do you know about problems before users come to you?
• Network map, monitoring, reporting, top-10s metrics and bandwidth utilization
+ Any centralized administration (TACACS, Radius users)
+ Can you automate configuration backup / restore, FW upgrade?
+ Is your network predictable? What is the cost when not?
NMS300 screenshots
18. Education on Management
+ Management costs are OPEX
+ Solid management platform helps
+ Centralization administration brings
automation capabilities for configuration
and ongoing management tasks
+ Smart Managed Switches offer Web GUI administration, SNMP
monitoring (no -set) and no RADIUS user/admin management
+ Fully Managed Switches add Telnet/SSH automation, RADIUS,
TACACS, SNMP-set programming, sFlow performance analysis
+ Both Smart and Fully Managed stacking architectures are
disruptive for network monitoring when master ‘changes’ –
a new MAC address indicates a new stack to NMS system
+ Chassis switches remain monitored (no MAC address change)
when failover / failback operations
Things to explain
19. Network flexibility
+ Can you easily update your network or make changes?
• How many switches total to manage, can you still upgrade / configure them
+ Can you implement new network functions or security
enforcements?
•Access control, AAA (Radius, NPS / LDAP), MAC addresses authentication
•Network load balancing, routing policies, network redundancy
+ If you can’t, what does it cost
20. Education on Flexibility - architecture
+ In general, the less switches the better
+ Less management interfaces, less
configuration, more standardization
+ Smart Managed, or Fully Managed
stacking architectures a good idea for
reducing the number of logical units to
install and manage
+ Chassis switches even simpler to install (faster than stacks)
+ With stacks or chassis, distributed link aggregation a plus for
redundancy and load balancing using LACP
+ Smart Managed switches offer L2 hashing LACP so no load
balancing when L3 routing on switches (all packets have same
MAC destination = routing interface). Only one default hash
+ Fully Managed and Chassis switches will offer L3 / L4 hashing
LACP capabilities for universal load-balancing (7 hash methods)
21. Education on Flexibility - VLAN routing
+ Traditional flat networks which places all
the traffic in a single broadcast domain,
can easily overload switch links
+ Instead, VLANs send traffic only where
it needs to do with inter-VLAN routing
+ Stackable Smart Managed switches
support 15 routed VLANs
+ Smart Managed switches support static routing, with only one
route towards a final destination
+ Stackable Fully Managed switches support hundreds of routes,
static or dynamic, in both cases with redundant routes and lower
priority routes for load-balancing
+ Chassis switches will offer policy based routing for multiple paths
which can detect network reachable state in order to direct traffic
(ideal for branches with several VPN connections)
22. Education on Flexibility - VLAN security
+ Cross-VLAN broadcast traffic is
prevented, but L3 routing allows hosts
in different VLANs to communicate
+ Access Control Lists (ACLs) restrict
inter-VLAN access based on policies at
L2, L3 or L4 with possible rate limiting
+ Standard ACLs filter on the source when
Extended ACLs also look at destination
+ ACLs can be applied at Ingress (traffic coming to the switch from
a port or VLAN) and at Egress (traffic going from the switch to a
port or a VLAN)
+ Stackable Smart Managed switches offer 100 Extended ACLs
up to 50 rules each, at Ingress only and without rate-limiting
+ Stackable Managed switches and Chassis offer 100 Extended
ACLs up to 1K rules each at Ingress / Egress and rate-limiting
23. Education on Flexibility - Access Control
+ Policy enforcement spanning security
and access privileges across multiple
device types and use needs now a must
+ Radius authentication can also be
based on LDAP / domain using MS NPS
+ 802.1x MAC Address Authentication
Bypass (MAB) is interesting for 802.1x
unaware devices
+ Smart Managed switches support 802.1x Radius
+ Fully Managed switches offer 802.1x Radius with added MAB
timeout letting non-802.1x devices bypass the traditional 802.1x
process altogether if they have their MAC address registered
+ Chassis switches offer tiered-authentication with 802.1x Radius,
MAB authentication after timeout, and then ultimately captive
portal authentication for guests for instance
25. And if M6100
effectively can be the
solution, conclude that
our Chassis is better
than Stacking…
+ High Speed Fabric
•4 times interconnect speed
•1G blades line-rate to the fabric
•10G blades 3:1 oversubscription
•Equivalent stacking topology
would involve 8 x 10G stacking
ports for each switch
Performance
+ Modular and Redundant
•Everlasting passive backplane
•Highly reliable fabric-based design
•Control and management planes failover
•Centralized Power Management & N+1 PSUs
Availability
+ Stable Behaviour, Including Failover
•Supervisor handles control and management
•Secondary supervisor stand-by mode
•Hitless failover can be anticipated
•Hitless failback on demand
Predictability