Enterasys Product Overview 2012

A Siemens Enterprise Communications Company

“There is nothing more important than our customers”

Enterasys Product Overview Sameh Amin

Technical Account Manager

©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.

Agenda

Company Profile

Enterasys Security - Enabled Infrastructure

- Switches and routers

- Wireless

Enterasys NetSight (NMS)

Q&A

1222222211 2


Global Provider of Networking Solutions Enterasys. 28 Year Heritage of Products & Services Excellence

1983-1999

Multi-layer switching pioneer

Industry’s 1st switching embedded security

Open standards principal contributor

Significant technology patent portfolio

3

Enterprise Communications 2008-Present

Premier provider of enterprise communications solutions

(applications, networking, services, and voice)

$3 Billion (US) revenue and profitable

10,000 employees servicing more than 90% of Fortune 100

and 75% of Fortune 500 customers in 90 countries

#3 Global VoIP & #1 managed

services revenues

1999-Present

Wired & wireless enterprise networking

infrastructure and security solutions provider

1,000 employees servicing 5,000 enterprise

customers in 70 countries

Secure NetworksTM pioneer of automation,

visibility and control

Industry-best customer support

3


Enterasys Proof Points Mission critical solutions active in all major markets

5

Government

Healthcare Hospitality

Evolving IT Landscape

requires linking solutions to

capitalize on industry trends

Enterprises

Education

Manufacturing

©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved. 6

High performance

application delivery

Data center virtualization

Highly dynamic

access edge

Enterprise mobility, wired and

wireless access

VM VM

VM

VM

VM VM

Mobility/Access Edge Datacenters/Virtualization

Unpredictable user experience

Lack of agility for application delivery

Over provisioning of network resources

No unified optimization of data center and mobile user environments

Network Transformation Areas Enterasys view of key enterprise challenges


Enterasys OneFabric™ An architecture to address end to end networking

The industry's first fabric-based networking solution to extend visibility

and control from virtual servers to mobile devices delivering best-in-

class user experience, IT simplicity, and cost reduction.

7


OneFabric™ Solutions Modular and flexible approach to solving network challenges

8

One piece at a time. Evolve to a fabric-based network at your speed.

OneFabric Data Center OneFabric Edge OneFabric Security

OneFabric Control Center (Unified security and management)


Enterasys Access Edge Products Open and secure access edge for any wired or wireless client

9

Standalone/Stackable Switches – A4, B5, C5

Chassis Switches

K6, K10

Wireless AP’s

36xx-Series Industry’s only unified wired/wireless management

Industry leading performance

Industry’s only Lifetime Warranty

Cost optimized, embedded application

control technology

High performance, feature rich

Convergence ready – voice/video/data

Low cost standalone/stackables

High performance, port density

Industry’s best Lifetime Warranty

*Source: IDC


Enterasys Network Distribution Products Data aggregation requires resiliency & redundancy

10

K6, K10 Chassis

S-Standalone

[SSA]

S3, S4 Chassis

Embedded distribution-layer security

High density, cost-optimized chassis

Highly competitive Lifetime Warranty

High performance, small footprint

State-of-the-art embedded application

provisioning technology

Rich traffic control features

Highly redundant

architecture

Advanced POE support

10 year lifecycle design

*Source: IDC


Enterasys Network Core Products Extensible routing features connects large, distributed networks

11

UC

Controllers

Voice

Gateway

Load

Balancer

S-Series – S4, S8

Highest density chassis

40G/100G support

Rich routing feature set

Highly redundant design

*Source: IDC


Enterasys Network Data Center Products Application delivery requires fast connectivity, high bandwidth

12

UC

Controllers

Voice

Gateway

Load

Balancer

*Source: IDC

S-Series – SSA, S1, S4, S6, S8

High density chassis

40G/100G support

Virtualization optimized

Highly redundant design

Supports top-of-rack or end-

of-row


Enterprise Network Management Products One management suite that unites a multi-vendor infrastructure

13

UC

Controllers

Voice

Gateway

Unified wired/wireless and 3rd party management

Centralized Voice and UC quality of service control

Social and mobile management interface

Network Access Control, BYOD, guest services

Load

Balancer

OneFabric

Control Center

(NetSight)



Enterasys Security-Enabled Infrastructure

Switches & Routers


A/B/C-Series

Enterprise-class fixed L2/L3 stackable

switching solutions

- Flexible configurations

- 10/100, 10/100/1000, SFPs, 10GbE

- Power-over-Ethernet (PoE)

- Both 802.3af & 802.3at compliant

- High availability

- Closed loop stacking

- Redundant power supplies (optional)

- High port density and Stacking Bandwidth

- Up to 8 switches in a single Stack

- Up to 384 end-user ports, 16 10GE uplink ports per

stack

- Up to 128Gbps stacking Bandwidth (C5)

- Low Total-cost-of-Ownership (TCO)

- Manage entire stack as a single switch

- Update entire stack through a single switch

- Enterasys Lifetime Warranty Price Per Port

Fun

ctio

nalit

y a

nd

Pe

rfo

rma

nce

B Series

C Series

A Series

A Platform for Every Business Need

15


B5 & C5 Overview

High performance

- 24& 48 port Gigabit Ethernet switch models with 10GE uplinks

- SFP+ included in C5 to provide option of 1GE or 10GE on same uplink

Support for 802.3at high-power PoE

- Support power-hungry devices such as Pan/Tilt/Zoom (PTZ) IP

surveillance cameras, IP videophones, non-Enterasys 802.11n access

points and virtual desktops

- An industry-leading 30W per port on a 48 port switch

Leading automation capabilities

- Automation of converged voice/video/data deployments

- Enterasys automation translates into customers saving half a year’s

work hours per administrator in time efficiency

Lowest Total Cost of Ownership

- Industry’s best lifetime warranty includes services such as software

upgrades as part of baseline offering

- Customers can save upwards of $1 million in service contract fees

over the life of a network

16 16


Enterasys A4 Switch Overview

Next generation 10/100 switch family

- Model diversity: 24/48 port 10/100 switches, 802.3af PoE and non-PoE, fiber models

- Much more than a SOHO switch: supports more MAC addresses, VLANs, etc. than

consumer-grade switches (i.e. Linksys, D-Link, etc.)

Role-based access and security controls

- Decreases IT management OPEX with customers saving half a year’s work hours per administrator in time efficiency

Static and RIP v1/v2 routing

Includes a 24 port model with a quiet design ideal for conference rooms, classrooms, etc.

17


High Availability Stacking

Start small with 24 ports – grow up to 384 ports in a single managed entity!

High-capacity virtual switch

- Integrated stacking w/ up to 8 switches / stack

- Dedicated stacking ports (B- & C-Series)

- Any switch combination (PoE, non-PoE, 10/100,

10/100/1000, 10GE) within a family (A, B, C) in a

stack

- Exception: B5/C5 do not stack with previous generation

switches

Simplified management

- Single IP address mgmt (CLI, Web, NMS)

- Redundant stack management with a primary and up to 7 standby managers

- Software upgrades automatically applied to all switches

18

A-Series: RJ45 stack

ports on front of switch

B&C-Series: stack

ports on back of switch


Standalone D2 & G3 Overview

D2

- 12 port 10/100/1000 standalone switch in

small form factor package

- Quiet design for conference rooms &

classrooms

- 2 SFP “combo” ports

- External power brick

- Mounting Options

- Wall mount

- Under-table mount

- Rack mount

- Wall mountable lockbox

- Enterasys policy Support

G3

- High-density10/100/1000 - 10Gb

switching

- Expandable up to 96 ports

- Flexible connection types with PoE:

10/100, 10/100/1000, SFP, 10GbE

- Traffic prioritization and rate limiting

- Enterasys policy support

- IPv4 and optional IPv6 routing

19


Dynamic Automation & Control

Enterasys role-based access

- Network resources securely allocated based

upon user access privileges

Align the network infrastructure with

business needs

- Control guest users

- Enforce regulatory mandates

Enforce desired network behavior across

switches, routers and APs

- Including dynamic policing of user access,

network security, and application

prioritization

“One click” enforcement of policies for

QoS, bandwidth and other parameters

- No more tedious device-by-device ACL

tweaking for every move/add/change

20

Management automation drives down

operational costs and increase uptime

20


Authentication & Security Support

22

Role-based access control

- Profiles per user port

- Up to 8 users/port on C5

- Up to 4 users/port on B5

- L2 / L3 / L4 rules

- Ingress (bandwidth) rate limiting

- Dynamic VLAN assignment

- Traffic prioritization

- Hybrid Policy Mode

Authentication & authorization

- Multiple types per switch

- Single type per user port

- IEEE 802.1X

- MAC authentication

- Port web authentication (PWA)

- Multi-user RFC-3580 VLAN authorization


K-Series Overview

Visibility & Control

- Granular visibility into individual user activity via

flow-based switching

- Increased security with role-based access &

prioritization by user, device and application

Reliability/Availability

- Advanced bandwidth management & allocation

for demanding access/edge devices

OpEx/CapEx Savings

- Drives down cost of network administration with

automated service provisioning & policy

- Competitively priced solution with superior

feature set provides the best value in the

modular switching market

Flexible, modular switches

with premium features,

optimized for edge

deployments

24


K-Series Models

2 Cost effective modular chassis

- Single Fabric and Control Plane

Module

- “Half slot” I/O modules

Maximum density:

- K10

- 10 slot (7U) chassis

- Up to 216 1Gb edge ports and 8 10Gb

uplinks

- K6

- 6 slot (5U) chassis

- Up to 144 1Gb edge ports and 4 10Gb

uplinks

- Hot-swappable I/O modules, power

supplies and fan trays

25


K-Series Fabrics

Fabric modules

- K10 Fabric cards

- 440 Gb fabric with four 1Gb/10Gb SFP+

uplink ports

- Local Management interface

- K6 Fabric cards

- 280 Gb fabric with four 1Gb/10Gb SFP+

uplink ports

- Local Management interface

26


All Backed by the included Lifetime Warranty

Provides industry-leading cost of ownership

Lifetime = Available until sales discontinuation + 5

years

- Advanced hardware replacement

- Feature upgrades

- Maintenance updates

- 8 x 5 Telephone Support

- Knowledge Base Access

Software

- Both major and minor firmware releases (a major

differentiator from most competitors)

With the Enterasys Lifetime Warranty, a customer

with a 150 switch install can save $900,000 in fees

over the life of their equipment - all of which can be

added to their bottom line!

27


Industry’s Most Comprehensive Wired Warranty

Gray denotes area of Enterasys competitive advantage. 1 Warranty coverage for premium licenses is limited to 1 year, except for Advanced Routing and IPV6 Routing licenses for the B5/C5 and

previous generations, which have lifetime coverage. 2 Major software updates are not covered for the E55xx/G, E48xxG, E45xx/G, E42xx/G (former 3Com switches); major software updates

and phone support are only covered for the 1st year on 3500 and 5400 series premium license purchases 3 90 Days TAC support and NBD Delivery only available on Cat3750-X, 3650-X and 2960-S 4 For geographic exceptions to Parts Replacement Time terms, see the notes section below.

HP Cisco Juniper Brocade

EOS +5 Years

Partially

included2 90 days 90 Days

90 Days

Service Contract

Required

Within 20 Days

90 Days

90 Days

90 Days

EOS +5 Years

Included1

Included

Included

Next Business

Day Shipment4

“As long as you

own the product”

Included

Next Business

Replacement

EOS +5 Years EOS +5 Years

Extreme

Advanced

Exchange 10 Days

90 Days

EOS +5 Years EOS +5 Years

Avaya

90 Days

90 Days

EOS +5 Years 1

2

3

4

5

Included

90 days3

Next Business

Replacement3

Included

Included

Next Business

Day Shipment Next Business

Day Delivery

Included

Next Business

Day Shipment

Partially

included2

1 2 3 4 5 Duration Firmware

Upgrades Bug Fixes Technical

Support Advanced

Replacements

Included

28


S-Series®

A family of high performance enterprise Ethernet switching and routing solutions

- Terabit-class performance

- Granular visibility and control over users, services, and applications

- Enables automation of key technologies

Virtualization

Cloud computing

Unified Communications

Key Benefits

- Real world operational cost savings

- Industry leading port density/flexibility for any network

- Virtualization, cloud & convergence ready

- Premium features at no additional cost

29


S-Series Key Features

Edge to Core connectivity

- Chassis and modules optimized for multi tier

network deployments

Highest performance in its class

- 1.28Tbps, 960Mpps load sharing I/O fabric pair

Full compliment of front panel connectivity

- Future proofed backplane to >6 Tbps capacity

Support for future 40/100 Gigabit

Ethernet

- Will support 40 Gbps Ethernet with today’s design,

support for 100 Gbps in future hardware releases

Small form-factor and low power

- Uses less rack space, power and cooling than competitive products

Self healing resiliency

- Passive chassis backplane, Resilient and redundant data and management paths

- Redundant/hot swappable power supplies and fan trays

- Multiple host CPUs and distributed applications, multiple local firmware images

- Distributed management and service applications

30


Foundation – Policy, driven by CoreFlow2

Role

s

IT Admin Employee Guest

Serv

ices

Corporate

Productivity

Applications

Internet &

VPN

Access

Only

Admin.

Applications

Rule

s

Allo

w H

TT

P

Allo

w H

TT

PS

Allo

w IP

Sec

Allo

w S

AP

Rate

Lim

it

Allo

w P

ing

Allo

w T

eln

et

Allo

w E

mail

Allo

w T

FT

P

Allo

w S

NM

P

Allo

w O

racle

Deny

Bcast

Roles

correspond

to specific

user types

on the

network

Services

group

Rules and

apply to

Roles

Rules

allow,

deny, rate

limit or

contain

specific

traffic type

MU

A &

P L

ogic

802.1X

PWA

MAC

RA

DIU

S A

uth

ority

Dynamic

admin rule

DFE

802.1X credentials

PWA credentials

802.1X login

Filter ID: policy sales

SMAC = Anita

SMAC = Bob PWA login

SMAC = Phone

MAC traffic

MAC credentials

Filter ID: policy phone

Port X

Filter ID: credit

Policy

sales

Policy

credit

Policy

Phone

Enterasys Switch

First policy-based network

management in the industry

– Enforces policies at the edge

– Shipped > 10 million policy-

capable switch ports and access

points

– Succcesfully deployed at

thousands of customer sites

– Enforcement of policies for QoS,

bandwidth, VLAN, Access

Control up to Layer 4 today

From port to end-system/

user based policies

– First in the industry – released

in 2004

– Scalable for today’s data center

with thousands of end-systems

and tens of thousands of rules

per system 32


Enterasys Benefits

Granular Application Control

Categorization • Switch Port • VLAN • User • Flows

Individual Users

Access Control • Deny

• Allow

• Contain

• Class of Service • Priority / QoS

• Rate Limit

• Rate Shaping

Policy Creation

• Policies assigned to services • Devices

• Users

• Applications

• Prioritization

• Granular control

• Embedded security

Critical Topology • OSPF Routing

• STP

• RIP

Business Applications • VOIP

• SAP/Oracle App’s

Best Effort • HTTP

• Email

• FTP

Unauthorized • Possible Worm

• Kazaa

Policy Defined Networks

33


Automated VoIP Provisioning & Dynamic Mobility

An Enterasys intelligent network infrastructure provides

- Advanced identification and authentication for IP phones and users

connected through the phones

- Role-based access and prioritization for phones, users and applications

- Dynamic mobility enables touch-less relocation of phones and users

- Pinpoint threat identification & mitigation to the device

- Supports Multiple VoIP vendors – no vendor lock-in

Automatic phone and user provisioning

The network dynamically re-applies the VoIP

client and user connectivity policies as they move

IP phone and user are

automatically provisioned

IP phone and

laptop plug into

the network

Dynamic mobility

34


Network

Infrastructure

QoS/Security via Policy QoS/Security via VLAN’s

With VLAN Policy, the

Policy Enforcement

Point (PEP) is at the

VLAN Egress Point.

(Typically on a router.)

With Enterasys

Policy, the L2-L4

Policy Enforcement

Point (PEP) is at the

user’s network

access point.

Comparing Solutions

Enterasys implementation of traffic control for security and QoS

versus other equipment manufacturers

37


Mu

lti Use

r A

uth

en

tica

tion

an

d P

olic

y

802.1X

PWA

MAC

Dynamic

admin rule

802.1X credentials

PWA credentials

802.1X login

Filter ID policy sales

SMAC = Anita

SMAC = Bob PWA login

SMAC = Phone MAC traffic

MAC credentials

Filter ID policy phone

Dynamic

admin rule

Dynamic

Admin rule

Port X

Filter ID policy credit

Policy sales

Policy credit

Policy Phone

Inherent advantage, from 2 up to 1024 devices per port and 9000 per system

- Supported by B/C/G/D and S Series (partially dependant on licenses)

Different authentication methods and policies on a single physical interface

- 802.1x, PWA (Web), MAC authentication, Default role, Kerberos (with NAC Appliance) ....

Differentiate with Policy enabled switches multi-user/multi-method authentication

Enterasys Switch

Au

the

ntic

atio

n S

erv

er/A

D

40


Differentiating with Enterasys

Enterasys The Competition

Business-oriented

based on users and applications

Technology-oriented

based on ACLs, ports and VLANs

Easy to administer with point-n-click GUI Hard to administer through CLI

Embraces user mobility with IP-to-ID mapping

and real-time location services

Manual reconfiguration for every

move/add/change

Protection & priority

within and between VLANs

Protection & priority

only between VLANs

Unified policy definition

across wired & wireless

Separate policy definition

for wired & wireless

Automatic policy distribution

across the entire network

Manual policy distribution

box-by-box

Distributed policy enforcement

anywhere and everywhere end-to-end

Centralized policy enforcement

Triggers automated responses Requires manual responses

Granular visibility and control over individual

user, application and device flows

Restricted to ports and VLANs

Policy Advantages

41



Enterasys Security-Enabled Infrastructure

Wireless


Outdoor IP Network

IP Network

Public Mobile Network

IP Network

WDS

LAN

HiPath PBX

HiPath MobileConnect

Wireless Controller • Redundant High Availability

Controllers Support • Centralized WLAN services and

policy management • Virtualized control & data

planes

Unified Management • Multi-controller management • Wireless IPS, Location, RF maps • Unified role-based access: seamless

across wired and wireless infrastructure

Wireless Access Points • Multi-SSID (16 per AP) with individual suppression • WPA, WPA2, WEP encryption & authentication support • Load balancing and auto-failover • Dynamic Frequency Selection, Radio Management and

Airtime Fairness • FCC and ETSI Dynamic Frequency Selection allows

use of the complete 5 GHz

Mobile Clients • 802.11n devices • Fast Secure Roaming • Superior voice quality

43

Wireless Portfolio: We got IT covered!

Enterprise-class Capability • Full 802.11n functionality 3X3 MIMO w/ 802.3af PoE • Wall, ceiling, drop ceiling and plenum (UL 2043) mounting • Local policy enforcement, traffic forwarding and rate limiting • 802.11an: 228 Mbps (channel bonded) • 802.11bgn: 190 Mbps (channel bonded) • Combined: 418 Mbps (concurrent dual radio, channel

bonded)


Intelligent, Semi-Autonomous Access Points

Engineered for Performance – Ethernet Port Processing

Green AP and 3x3 MIMO Operation on single 802.3af

Simultaneous Support for Local Bridging and Tunnel Data Paths

Security, QoS, Encryption, RF Control Performed on the AP

Indoor and Outdoor Solutions; Customer Installable Antennas

Wireless IDS and Wireless IPS on the Same AP

Comprehensive Lifetime Warranty

Dynamic and Static Mesh on the Same AP

Industry Leading Access Points

Real-time, over-the-air packet capture (RealCapture)


Wireless Access Points

3605

Entry Level 2x3 MIMO

3610 and 3620

High End 3x3 MIMO

3630 and 3640

High End Standalone

802.11n Indoor

2605

Entry Level a/b/g

2610 and 2620

High End a/b/g

802.11a/b/g Indoor

3660

IP67/NEMA4

11n 3x3 MIMO

2650 and 2660

IP65/NEMA4

a/b/g

Outdoor


Feature Rich, Enterprise-Grade Wireless Out-of-the-Box!

High Availability & Double Capacity for the Same Price

Advanced Security and Role Based Access Controls

Multimedia QoS Enabled – Voice and Video

Comprehensive Guest Portal and NAC Support

Industry Leading Controllers

Fast Roaming; Intra and Inter-Controller Roaming


Wireless Controllers

16-48 APs Supported

96 APs in H/A

2 GigE Interfaces

1 GigE Mgmt

Interface

1024 Users

ETS Lifetime

Warranty

C25

50-250 APs

Supported

500 APs in H/A

4 GigE Interfaces

1 GigE Mgmt

Interface

4096 Users

ETS Lifetime

Warranty

C4110 C5110

150-525 APs

Supported

1050 AP in H/A

2 10Gig LC

Interfaces

1 GigE Mgmt

Interface

8192 Users

ETS Lifetime

Warranty

Virtualized gateway

VMware ESXi 4.1

8-240 APs

Supported

480 APs in H/A

2 GigE Interfaces

1 GigE Mgmt

Interface

4096 Users

V2110

47


Device Identification for Smartphone and Tablets

Automated Guest Registration and Policy Assignment

Dynamic Policy Assignment Based on Device Ownership

Bring Your Own Device for Employees and Guests

Assessment, Remediation and Quarantine Services

Powered by Enterasys NAC

Authentication Gateway Services


BYOD – Secure The Infrastructure

49 49

Control Devices On Your Network, Protect the Infrastructure

Granular Assignment of Topology, QoS and Security Rules

Single SSID For Efficient Provisioning, Security, and RF Operation

Who You Are, Where You Are, What Device You Have

User A User B

Single SSID

Authentication

Gateway

Wireless

Controller Firewall

Internet

LAN

Corporate

Resource

User A connects with company owned device User A connects with personal mobile device User A is provisioned for access with

company device

User A has been

provisioned for access

with personal mobile

device

User B connects with a company owned

mobile device User B can access corporate data with

the corporate mobile device Ready For Today

Future Proof For Tomorrow



Enterasys NetSight Centralized Visibility and Control


At the Center of Intelligent Networking

“5% of network staff’s time goes to maintaining the network vs. 60% with their last network vendor” Wardlaw Claims, an independent insurance adjuster

“5,000 user network maintained with just 2 network engineers” Securities America, independent securities broker

“4,000 user network spread across 29 remote locations maintained with just 3 network engineers” Town of Enfield, Connecticut

Maximum ROI - Manage More with Less

“Enterasys’ unified application-level

security and access policy

enforcement, coupled with a single

management console across

wired/wireless/voice/data products

provides differentiation and can

contribute to a lower TCO.”

- Gartner

51


Unified Network Management Suite

53

- End system and network

inventory

- Device, Alarm and Topology

Management

- Performance reporting

- Netflow Analysis

- Security incident response

- AAA and RADIUS services

- Network Access Control

- Guest access

- Policy Management

Manage and protect wired/wireless networks

with a single solution


NetSight Overview

Role-based network

control

Enforce AUP

Prioritize traffic

Configuration & change

management

Capacity planning

What-if analysis

Mobile toolset

Control

Discovery & topology

mapping

Dashboards

Status, inventory,

performance & audit

reporting

Diagnostics &

troubleshooting

NetFlow analysis

Alarm management

Visibility

Granular access control

Flexible assessment

Compliance enforcement

Guest & Remediation

portals

End-system registration

User & end-system

tracking

Automated incident

response

Security

54


NetSight Console – Configuration and Control

Full wired & wireless management

Device discovery, grouping and classification

In-depth network topology maps

Unified network management including switches,

routers, wireless controllers and access points,

and more

Powerful, configurable FlexViews

Robust troubleshooting and analysis

Device and port configuration / management

Event and alarm management

Default policy control for network attached

devices

Powerful searches by name, MAC / IP address,

physical location and other variables

55 55


Wireless Management Software

Centralized configuration with

flexible templates

Automated provisioning

End-to-end integrated topology

Policy and inventory integration

NMS Wireless Manager

Advanced Wireless IPS

Location Services

Live RF Heatmaps

Interference Analysis

Real Time Forensics

Compliance Reporting

Wireless Advanced Services

56


OneView Reporting

Customizable/Extensible

reports

Pre-defined and ad-hoc

Interactive tables and charts

Multiple report types

- Dashboard

- TopN summary

- Wireless details

- Real-time diagnostics

- Wireless inventory

- Ad-hoc

- Administrative reports

- Web-based FlexViews

57


OneView – Flow Collection

59


OneView – Flow Collection

Reports Tab

60


Device Details Menu

Detailed device information

- Right click pull down menu available from

- Console

- OneView

- PortView

- Device View

61


Mobile Management

Any time, anywhere wired and wireless network visibility

and control

Optimized for personal mobile devices including iPad®,

iPhone® & Android®

Centralized NMS views are easily available just like all

your favorite smart phone or tablet apps

- Network Access Control end-system view and system location

and tracking

- Wireless dashboards and detailed views of Controllers & APs

- NMS Compass

- Event logs

62

SEARCH LOCATE REPORT ANALYZE


NetSight Policy Management

Industry leading policy based network management

Align the wired/wireless network infrastructure with business needs

- Control guest users

- Enforce regulatory mandates

- Implement acceptable use rules

Enforce desired network behavior across switches, routers and APs

- Including dynamic policing of user access, network security, and application prioritization

“One click” enforcement of policies for QoS, bandwidth and other

parameters

- No tedious device-by-device ACL modifications for every move/add/change

63 63


NetSight Policy Management (Cont.)

Easy to use wizards

Complete wired/wireless support

Network planning

- Passive policies for what-if scenarios prior

to enforcing

- Utilize Wireshark captures for before &

after comparisons to test new policies

before deployment

Reporting

- Policy audit reports in OneView

- Policy hit reports showing resulting traffic

control

Role-based access

- Roles, Services, Rules

64


Example: Policy Manager Enforcement of Acceptable Use Policy

Roles

correspond to

specific user

groups on the

network

Services group

Rules and apply

to Roles

Rules allow,

deny, rate limit

or contain

specific traffic

types

IT Admin Employee Guest

Ro

les

Se

rvic

es

Corporate

Productivity

Applications

Internet &

VPN Access

Only

Admin.

Applications

Ru

les

De

ny

Bro

ad

ca

st

Allo

w H

TTP

Allo

w S

NM

P

Allo

w P

ing

Allo

w T

FTP

Allo

w T

eln

et

Allo

w O

racle

Allo

w S

AP

Allo

w M

S E

xch

an

ge

Ra

te L

imit

IM

Allo

w IP

Se

c

Allo

w H

TTP

S

66


NetSight Inventory Management

Advanced network configuration and change

management for wired/wireless infrastructure

Greatly simplify the deployment and management

of Enterasys & third party infrastructure devices

- Schedule firmware and BootP updates

- Archive, compare and restore configuration data for

one or multiple devices

- Track FRU moves, adds and changes

- Scales to manage the most complex networks

Comprehensively manage network inventory

- Accelerate capacity planning

- Record the swapping of hardware modules during

network reconfigurations and troubleshooting

Simplify complex tasks with powerful wizards

67 67


NAC

69

Ensure health and compliance

both prior to and after allowing

access - Agent and agent-less assessment

- Integration with other security technologies

Provide appropriate access (to

assets and QoS) based on

organizational role, authenticated

identity and security posture - MAC, IP, Hostname, Kerberos, Web, 802.1x -

based authentication

- Policy, VLAN or ACL enforcement

Support guest access, sponsored

access and end-system / user

tracking - IP to ID mapping: track username, IP, MAC,

location, etc.

Automatically contain detected

threats - Quarantine role

- Assisted remediation

- Automatic remediation

MAC Address

IP Address Tracking

First/last seen Hostname

Phone#

Operating System

Asset ID Username

Access Point /SSID

Switch/port

Current Location

Switch/port

Location

State Health

Applied

Policy


NAC Management – Administrator

User-friendly workflows

Customize assessment

configurations

Customize guest access &

remediation portals

Configure robust notifications &

integration

Configure end system access

control with simple rules for

- Authentication type

- Device

- Identity/user role

- Location

- Time of day

- Assessment results

70


NAC Management – Helpdesk

Automatic end system inventory and

control

- Connected port

- Assigned role

- User identity

- Last assessment

- Security status

- Overall 45 attributes per end system

NAC Reporting

- Risk Level

- Highest Risk End Systems

- Newest End Systems

- Most Frequent Vulnerabilities

- End Systems by Vulnerability

Mobile Access

71


Integrated Solution – Virtual Datacenter Management

Automation & control

- Dynamic configuration of the

vSwitch and physical infrastructure

for each VM

Visibility

- Integrated tracking of VM and its

applications along with centralized

view of virtual and physical

network infrastructure

Vendor agnostic

- Integrates with popular server

virtualization products from Citrix,

Microsoft and VMware

VM

Management

vSphere (vCenter, ESX Server)

XenCenter, Microsoft Hyper-V (basic support)

Enterasys NMS

Pre-provision network

connectivity & VLANs

Report on VM location,

switch port status and

assigned connectivity profile

Assign network

connectivity profile to VM

Synchronize VM asset

information

72


Integrated Solution – Automating Unified Communications Management

Automates normally labor intensive database updates for

Inventory and location service

Location-based configuration of end-devices

Detection of non-compliant and compromised end-devices

Authentication and authorization

73

Device phone number

(e.g. 43254)

Device Type and SW version

(e.g. OpenStage 80:V1 R4.14.0)

DLS IP Infrastructure

Enterasys NMS NAC Manager: Endsystem View


NetSight Summary

74

Reduces administrative burden with centralized

command, control and automated security on

heterogeneous networks

Reduces network cost of ownership and operations

- Manage via the management console or mobile device

- Manage inventory and capacity planning

- Configure and manage the entire network from a single location

- Monitor the information most important to your business

- Provide local network control to local personnel without involving

the help desk

Streamlines workflows through integration with other

technologies

Supports multi-vendor networks for a complete

solution

74


Servicing Global Customers for Nearly 30 Years 75% of Fortune 500 Companies Trust Enterasys

ENERGY MANUFACTURING

EDUCATION

TELECOM

PUBLIC SECTOR

FINANCIAL

TRANSPORTATION

RETAIL

HEALTHCARE

75


Thank You!


Date post:	15-Dec-2014
Category:	Documents
Upload:	infotechme
View:	2,249 times
Download:	1 times

Enterasys Product Overview 2012

Documents