A significant additional feature of Matrix N-Series is the capability to
supportMulti-UserAuthentication,thismeansthatmultipleusers/
devices can be connected to the same physical port, and that each one
can be authenticated individually using one of the multi-method options
(802.1x,MACorPWA).
Thevalueexistsintheabilitytoauthorizemultipleusers,eitherusing
dynamicpolicyorVLANassignmentforeachauthenticateduser.Inthe
caseofdynamicpolicy,thisiscalledMulti-UserPolicy.
Multi-user port capacities with the Matrix N-Series are determined on a
perport,perDFEandpermulti-slotsystembasis.DefaultPlatinumDFE
capacities are as follows:
Perport:8-128
Perblade(DFE):1024
Perchassis:1024
Itispossibletoincreasethesecapacitiesbypurchasingadditional
licences. The N-EOS-PPC license increases user port capacity on a per
DFEbasisfromthedefaultcapacityof8-128toamaximumof1024.
Whenpresent,theN-EOS-PUCupgradelicensesetsthechassiscapacity
at2048userspersystem,thisvaluecanbeoverriddenusingaCLI
commandsettingthemaximumof2048users/port.N-EOS-PPCand
N-EOS-PUCarenotavailableforGoldDFEsandareanoptionalpurchase
forPlatinumDFEs.DiamondDFEsincludeN-EOS-PPC.
Muti-user authentication and policy can provide significant benefits to
customers by extending security services to users and devices connected
to unmanaged devices, third party switches/routers, VPN concentrators or
wirelessLANaccesspointsattheedgeoftheirnetwork.Security,
priority and bandwidth control are enhanced while protecting existing
network investments.
Dynamic Flow-Based Packet Classification
Another unique feature that separates the Matrix N-Series from
allcompetitiveswitchesisthecapabilitytoprovideUser-Based
MultilayerPacketClassication/QoS.Withthewidearrayofnetwork
applications used on networks today, traditional Multilayer Packet
Classification by itself is not enough to guarantee the timely transport
ofbusiness-criticalapplications.IntheMatrixN-Series,User-
BasedMultilayerPacketClassicationallowstrafcclassication
not just by packet type, but also by the role of the user on the
networkandtheassignedpolicyofthatuser.WithUser-Based
Multilayer Packet Classification, packets can be classified based on
uniqueidentierslike“AllUsers,”“UserGroups,”and“Individual
User,”thusensuringamoregranularapproachtomanagingand
maintaining network confidentiality, integrity and availability.
Layer 2
• MAC Address
• EtherType (IP, IPX, AppleTalk, etc.)
Layer 3
• IP Address
• IP Protocol (TCP, UDP, etc.)
• To S
Layer 4
• TCP/UDP port (HTTP, SAP ,
Kazza, etc.)
SwitchPortVLANUserFlow
Deny
Priority/QoS
Rate Limit
Permit
Contain
Matrix N-Series
Access Control
Class of Service
User Based Multilayer Packet Classification/QoS
Integrated Services Design
IntegratedServicesDesignisakeydifferentiatorthatseparatesthe
MatrixN-SeriesDFEfromthecompetition.IntegratedServicesDesign
reduces the number and type of modules required to build typical wiring
closetcongurations,simplifyingtheoverallnetworkdesign.Inturn,this
signicantlyreducesthemaintenanceandsparingcostaseachDFEcan
perform all of these services unlike competitive offerings which have a
plethora of different line cards required in order to provide similar services.
Per DFE Integrated Services Design
Multilayer packet classification - enables the delivery of critical
applications to specific users via traffic awareness and control.
• User,PortandDeviceLevel(Layer2through4packetclassication)
• QoSmappingtopriorityqueues(802.1p&IPToS/DSCP)upto16
queues per port
• Multiplequeuingmechanisms(WFQ,WRR,etc.)
• GranularQoS/ratelimiting
• VLANtopolicymapping
Switching/VLAN services - provides high-performance connectivity,
aggregation, and rapid recovery services
• Extensiveindustrystandardscompliance(IEEEandIETF)
• Inboundandoutboundbandwidthratecontrolperow
• VLANservicessupport
−Linkaggregation(IEEE802.3ad)
−Multiplespanningtrees(IEEE802.1s)
−Rapidrecongurationofspanningtree(IEEE802.1w)
•Flowsetupthrottling
Enterasys Operating System (EOS) Feature Summary
Page 5
To Next Page
Loading...
Need help?
General