Date post: | 15-Dec-2014 |
Category: |
Documents |
Upload: | infotechme |
View: | 2,249 times |
Download: | 1 times |
A Siemens Enterprise Communications Company
“There is nothing more important than our customers”
Enterasys Product Overview Sameh Amin
Technical Account Manager
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Agenda
Company Profile
Enterasys Security - Enabled Infrastructure
- Switches and routers
- Wireless
Enterasys NetSight (NMS)
Q&A
1222222211 2
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Global Provider of Networking Solutions Enterasys. 28 Year Heritage of Products & Services Excellence
1983-1999
Multi-layer switching pioneer
Industry’s 1st switching embedded security
Open standards principal contributor
Significant technology patent portfolio
3
Enterprise Communications 2008-Present
Premier provider of enterprise communications solutions
(applications, networking, services, and voice)
$3 Billion (US) revenue and profitable
10,000 employees servicing more than 90% of Fortune 100
and 75% of Fortune 500 customers in 90 countries
#3 Global VoIP & #1 managed
services revenues
1999-Present
Wired & wireless enterprise networking
infrastructure and security solutions provider
1,000 employees servicing 5,000 enterprise
customers in 70 countries
Secure NetworksTM pioneer of automation,
visibility and control
Industry-best customer support
3
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Enterasys Proof Points Mission critical solutions active in all major markets
5
Government
Healthcare Hospitality
Evolving IT Landscape
requires linking solutions to
capitalize on industry trends
Enterprises
Education
Manufacturing
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved. 6
High performance
application delivery
Data center virtualization
Highly dynamic
access edge
Enterprise mobility, wired and
wireless access
VM VM
VM
VM
VM VM
Mobility/Access Edge Datacenters/Virtualization
Unpredictable user experience
Lack of agility for application delivery
Over provisioning of network resources
No unified optimization of data center and mobile user environments
Network Transformation Areas Enterasys view of key enterprise challenges
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Enterasys OneFabric™ An architecture to address end to end networking
The industry's first fabric-based networking solution to extend visibility
and control from virtual servers to mobile devices delivering best-in-
class user experience, IT simplicity, and cost reduction.
7
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
OneFabric™ Solutions Modular and flexible approach to solving network challenges
8
One piece at a time. Evolve to a fabric-based network at your speed.
OneFabric Data Center OneFabric Edge OneFabric Security
OneFabric Control Center (Unified security and management)
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Enterasys Access Edge Products Open and secure access edge for any wired or wireless client
9
Standalone/Stackable Switches – A4, B5, C5
Chassis Switches
K6, K10
Wireless AP’s
36xx-Series Industry’s only unified wired/wireless management
Industry leading performance
Industry’s only Lifetime Warranty
Cost optimized, embedded application
control technology
High performance, feature rich
Convergence ready – voice/video/data
Low cost standalone/stackables
High performance, port density
Industry’s best Lifetime Warranty
*Source: IDC
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Enterasys Network Distribution Products Data aggregation requires resiliency & redundancy
10
K6, K10 Chassis
S-Standalone
[SSA]
S3, S4 Chassis
Embedded distribution-layer security
High density, cost-optimized chassis
Highly competitive Lifetime Warranty
High performance, small footprint
State-of-the-art embedded application
provisioning technology
Rich traffic control features
Highly redundant
architecture
Advanced POE support
10 year lifecycle design
*Source: IDC
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Enterasys Network Core Products Extensible routing features connects large, distributed networks
11
UC
Controllers
Voice
Gateway
Load
Balancer
S-Series – S4, S8
Highest density chassis
40G/100G support
Rich routing feature set
Highly redundant design
*Source: IDC
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Enterasys Network Data Center Products Application delivery requires fast connectivity, high bandwidth
12
UC
Controllers
Voice
Gateway
Load
Balancer
*Source: IDC
S-Series – SSA, S1, S4, S6, S8
High density chassis
40G/100G support
Virtualization optimized
Highly redundant design
Supports top-of-rack or end-
of-row
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Enterprise Network Management Products One management suite that unites a multi-vendor infrastructure
13
UC
Controllers
Voice
Gateway
Unified wired/wireless and 3rd party management
Centralized Voice and UC quality of service control
Social and mobile management interface
Network Access Control, BYOD, guest services
Load
Balancer
OneFabric
Control Center
(NetSight)
A Siemens Enterprise Communications Company
“There is nothing more important than our customers”
Enterasys Security-Enabled Infrastructure
Switches & Routers
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
A/B/C-Series
Enterprise-class fixed L2/L3 stackable
switching solutions
- Flexible configurations
- 10/100, 10/100/1000, SFPs, 10GbE
- Power-over-Ethernet (PoE)
- Both 802.3af & 802.3at compliant
- High availability
- Closed loop stacking
- Redundant power supplies (optional)
- High port density and Stacking Bandwidth
- Up to 8 switches in a single Stack
- Up to 384 end-user ports, 16 10GE uplink ports per
stack
- Up to 128Gbps stacking Bandwidth (C5)
- Low Total-cost-of-Ownership (TCO)
- Manage entire stack as a single switch
- Update entire stack through a single switch
- Enterasys Lifetime Warranty Price Per Port
Fun
ctio
nalit
y a
nd
Pe
rfo
rma
nce
B Series
C Series
A Series
A Platform for Every Business Need
15
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
B5 & C5 Overview
High performance
- 24& 48 port Gigabit Ethernet switch models with 10GE uplinks
- SFP+ included in C5 to provide option of 1GE or 10GE on same uplink
Support for 802.3at high-power PoE
- Support power-hungry devices such as Pan/Tilt/Zoom (PTZ) IP
surveillance cameras, IP videophones, non-Enterasys 802.11n access
points and virtual desktops
- An industry-leading 30W per port on a 48 port switch
Leading automation capabilities
- Automation of converged voice/video/data deployments
- Enterasys automation translates into customers saving half a year’s
work hours per administrator in time efficiency
Lowest Total Cost of Ownership
- Industry’s best lifetime warranty includes services such as software
upgrades as part of baseline offering
- Customers can save upwards of $1 million in service contract fees
over the life of a network
16 16
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Enterasys A4 Switch Overview
Next generation 10/100 switch family
- Model diversity: 24/48 port 10/100 switches, 802.3af PoE and non-PoE, fiber models
- Much more than a SOHO switch: supports more MAC addresses, VLANs, etc. than
consumer-grade switches (i.e. Linksys, D-Link, etc.)
Role-based access and security controls
- Decreases IT management OPEX with customers saving half a year’s work hours per administrator in time efficiency
Static and RIP v1/v2 routing
Includes a 24 port model with a quiet design ideal for conference rooms, classrooms, etc.
17
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
High Availability Stacking
Start small with 24 ports – grow up to 384 ports in a single managed entity!
High-capacity virtual switch
- Integrated stacking w/ up to 8 switches / stack
- Dedicated stacking ports (B- & C-Series)
- Any switch combination (PoE, non-PoE, 10/100,
10/100/1000, 10GE) within a family (A, B, C) in a
stack
- Exception: B5/C5 do not stack with previous generation
switches
Simplified management
- Single IP address mgmt (CLI, Web, NMS)
- Redundant stack management with a primary and up to 7 standby managers
- Software upgrades automatically applied to all switches
18
A-Series: RJ45 stack
ports on front of switch
B&C-Series: stack
ports on back of switch
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Standalone D2 & G3 Overview
D2
- 12 port 10/100/1000 standalone switch in
small form factor package
- Quiet design for conference rooms &
classrooms
- 2 SFP “combo” ports
- External power brick
- Mounting Options
- Wall mount
- Under-table mount
- Rack mount
- Wall mountable lockbox
- Enterasys policy Support
G3
- High-density10/100/1000 - 10Gb
switching
- Expandable up to 96 ports
- Flexible connection types with PoE:
10/100, 10/100/1000, SFP, 10GbE
- Traffic prioritization and rate limiting
- Enterasys policy support
- IPv4 and optional IPv6 routing
19
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Dynamic Automation & Control
Enterasys role-based access
- Network resources securely allocated based
upon user access privileges
Align the network infrastructure with
business needs
- Control guest users
- Enforce regulatory mandates
Enforce desired network behavior across
switches, routers and APs
- Including dynamic policing of user access,
network security, and application
prioritization
“One click” enforcement of policies for
QoS, bandwidth and other parameters
- No more tedious device-by-device ACL
tweaking for every move/add/change
20
Management automation drives down
operational costs and increase uptime
20
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Authentication & Security Support
22
Role-based access control
- Profiles per user port
- Up to 8 users/port on C5
- Up to 4 users/port on B5
- L2 / L3 / L4 rules
- Ingress (bandwidth) rate limiting
- Dynamic VLAN assignment
- Traffic prioritization
- Hybrid Policy Mode
Authentication & authorization
- Multiple types per switch
- Single type per user port
- IEEE 802.1X
- MAC authentication
- Port web authentication (PWA)
- Multi-user RFC-3580 VLAN authorization
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
K-Series Overview
Visibility & Control
- Granular visibility into individual user activity via
flow-based switching
- Increased security with role-based access &
prioritization by user, device and application
Reliability/Availability
- Advanced bandwidth management & allocation
for demanding access/edge devices
OpEx/CapEx Savings
- Drives down cost of network administration with
automated service provisioning & policy
- Competitively priced solution with superior
feature set provides the best value in the
modular switching market
Flexible, modular switches
with premium features,
optimized for edge
deployments
24
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
K-Series Models
2 Cost effective modular chassis
- Single Fabric and Control Plane
Module
- “Half slot” I/O modules
Maximum density:
- K10
- 10 slot (7U) chassis
- Up to 216 1Gb edge ports and 8 10Gb
uplinks
- K6
- 6 slot (5U) chassis
- Up to 144 1Gb edge ports and 4 10Gb
uplinks
- Hot-swappable I/O modules, power
supplies and fan trays
25
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
K-Series Fabrics
Fabric modules
- K10 Fabric cards
- 440 Gb fabric with four 1Gb/10Gb SFP+
uplink ports
- Local Management interface
- K6 Fabric cards
- 280 Gb fabric with four 1Gb/10Gb SFP+
uplink ports
- Local Management interface
26
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
All Backed by the included Lifetime Warranty
Provides industry-leading cost of ownership
Lifetime = Available until sales discontinuation + 5
years
- Advanced hardware replacement
- Feature upgrades
- Maintenance updates
- 8 x 5 Telephone Support
- Knowledge Base Access
Software
- Both major and minor firmware releases (a major
differentiator from most competitors)
With the Enterasys Lifetime Warranty, a customer
with a 150 switch install can save $900,000 in fees
over the life of their equipment - all of which can be
added to their bottom line!
27
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Industry’s Most Comprehensive Wired Warranty
Gray denotes area of Enterasys competitive advantage. 1 Warranty coverage for premium licenses is limited to 1 year, except for Advanced Routing and IPV6 Routing licenses for the B5/C5 and
previous generations, which have lifetime coverage. 2 Major software updates are not covered for the E55xx/G, E48xxG, E45xx/G, E42xx/G (former 3Com switches); major software updates
and phone support are only covered for the 1st year on 3500 and 5400 series premium license purchases 3 90 Days TAC support and NBD Delivery only available on Cat3750-X, 3650-X and 2960-S 4 For geographic exceptions to Parts Replacement Time terms, see the notes section below.
HP Cisco Juniper Brocade
EOS +5 Years
Partially
included2 90 days 90 Days
90 Days
Service Contract
Required
Within 20 Days
90 Days
90 Days
90 Days
EOS +5 Years
Included1
Included
Included
Next Business
Day Shipment4
“As long as you
own the product”
Included
Next Business
Replacement
EOS +5 Years EOS +5 Years
Extreme
Advanced
Exchange 10 Days
90 Days
EOS +5 Years EOS +5 Years
Avaya
90 Days
90 Days
EOS +5 Years 1
2
3
4
5
Included
90 days3
Next Business
Replacement3
Included
Included
Next Business
Day Shipment Next Business
Day Delivery
Included
Next Business
Day Shipment
Partially
included2
1 2 3 4 5 Duration Firmware
Upgrades Bug Fixes Technical
Support Advanced
Replacements
Included
28
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
S-Series®
A family of high performance enterprise Ethernet switching and routing solutions
- Terabit-class performance
- Granular visibility and control over users, services, and applications
- Enables automation of key technologies
Virtualization
Cloud computing
Unified Communications
Key Benefits
- Real world operational cost savings
- Industry leading port density/flexibility for any network
- Virtualization, cloud & convergence ready
- Premium features at no additional cost
29
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
S-Series Key Features
Edge to Core connectivity
- Chassis and modules optimized for multi tier
network deployments
Highest performance in its class
- 1.28Tbps, 960Mpps load sharing I/O fabric pair
Full compliment of front panel connectivity
- Future proofed backplane to >6 Tbps capacity
Support for future 40/100 Gigabit
Ethernet
- Will support 40 Gbps Ethernet with today’s design,
support for 100 Gbps in future hardware releases
Small form-factor and low power
- Uses less rack space, power and cooling than competitive products
Self healing resiliency
- Passive chassis backplane, Resilient and redundant data and management paths
- Redundant/hot swappable power supplies and fan trays
- Multiple host CPUs and distributed applications, multiple local firmware images
- Distributed management and service applications
30
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Foundation – Policy, driven by CoreFlow2
Role
s
IT Admin Employee Guest
Serv
ices
Corporate
Productivity
Applications
Internet &
VPN
Access
Only
Admin.
Applications
Rule
s
Allo
w H
TT
P
Allo
w H
TT
PS
Allo
w IP
Sec
Allo
w S
AP
Rate
Lim
it
Allo
w P
ing
Allo
w T
eln
et
Allo
w E
Allo
w T
FT
P
Allo
w S
NM
P
Allo
w O
racle
Deny
Bcast
Roles
correspond
to specific
user types
on the
network
Services
group
Rules and
apply to
Roles
Rules
allow,
deny, rate
limit or
contain
specific
traffic type
MU
A &
P L
ogic
802.1X
PWA
MAC
RA
DIU
S A
uth
ority
Dynamic
admin rule
DFE
802.1X credentials
PWA credentials
802.1X login
Filter ID: policy sales
SMAC = Anita
SMAC = Bob PWA login
SMAC = Phone
MAC traffic
MAC credentials
Filter ID: policy phone
Port X
Filter ID: credit
Policy
sales
Policy
credit
Policy
Phone
Enterasys Switch
First policy-based network
management in the industry
– Enforces policies at the edge
– Shipped > 10 million policy-
capable switch ports and access
points
– Succcesfully deployed at
thousands of customer sites
– Enforcement of policies for QoS,
bandwidth, VLAN, Access
Control up to Layer 4 today
From port to end-system/
user based policies
– First in the industry – released
in 2004
– Scalable for today’s data center
with thousands of end-systems
and tens of thousands of rules
per system 32
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Enterasys Benefits
Granular Application Control
Categorization • Switch Port • VLAN • User • Flows
Individual Users
Access Control • Deny
• Allow
• Contain
• Class of Service • Priority / QoS
• Rate Limit
• Rate Shaping
Policy Creation
• Policies assigned to services • Devices
• Users
• Applications
• Prioritization
• Granular control
• Embedded security
Critical Topology • OSPF Routing
• STP
• RIP
Business Applications • VOIP
• SAP/Oracle App’s
Best Effort • HTTP
• FTP
Unauthorized • Possible Worm
• Kazaa
Policy Defined Networks
33
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Automated VoIP Provisioning & Dynamic Mobility
An Enterasys intelligent network infrastructure provides
- Advanced identification and authentication for IP phones and users
connected through the phones
- Role-based access and prioritization for phones, users and applications
- Dynamic mobility enables touch-less relocation of phones and users
- Pinpoint threat identification & mitigation to the device
- Supports Multiple VoIP vendors – no vendor lock-in
Automatic phone and user provisioning
The network dynamically re-applies the VoIP
client and user connectivity policies as they move
IP phone and user are
automatically provisioned
IP phone and
laptop plug into
the network
Dynamic mobility
34
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Network
Infrastructure
QoS/Security via Policy QoS/Security via VLAN’s
With VLAN Policy, the
Policy Enforcement
Point (PEP) is at the
VLAN Egress Point.
(Typically on a router.)
With Enterasys
Policy, the L2-L4
Policy Enforcement
Point (PEP) is at the
user’s network
access point.
Comparing Solutions
Enterasys implementation of traffic control for security and QoS
versus other equipment manufacturers
37
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Mu
lti Use
r A
uth
en
tica
tion
an
d P
olic
y
802.1X
PWA
MAC
Dynamic
admin rule
802.1X credentials
PWA credentials
802.1X login
Filter ID policy sales
SMAC = Anita
SMAC = Bob PWA login
SMAC = Phone MAC traffic
MAC credentials
Filter ID policy phone
Dynamic
admin rule
Dynamic
Admin rule
Port X
Filter ID policy credit
Policy sales
Policy credit
Policy Phone
Inherent advantage, from 2 up to 1024 devices per port and 9000 per system
- Supported by B/C/G/D and S Series (partially dependant on licenses)
Different authentication methods and policies on a single physical interface
- 802.1x, PWA (Web), MAC authentication, Default role, Kerberos (with NAC Appliance) ....
Differentiate with Policy enabled switches multi-user/multi-method authentication
Enterasys Switch
Au
the
ntic
atio
n S
erv
er/A
D
40
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Differentiating with Enterasys
Enterasys The Competition
Business-oriented
based on users and applications
Technology-oriented
based on ACLs, ports and VLANs
Easy to administer with point-n-click GUI Hard to administer through CLI
Embraces user mobility with IP-to-ID mapping
and real-time location services
Manual reconfiguration for every
move/add/change
Protection & priority
within and between VLANs
Protection & priority
only between VLANs
Unified policy definition
across wired & wireless
Separate policy definition
for wired & wireless
Automatic policy distribution
across the entire network
Manual policy distribution
box-by-box
Distributed policy enforcement
anywhere and everywhere end-to-end
Centralized policy enforcement
Triggers automated responses Requires manual responses
Granular visibility and control over individual
user, application and device flows
Restricted to ports and VLANs
Policy Advantages
41
A Siemens Enterprise Communications Company
“There is nothing more important than our customers”
Enterasys Security-Enabled Infrastructure
Wireless
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved. 43
Outdoor IP Network
IP Network
Public Mobile Network
IP Network
WDS
LAN
HiPath PBX
HiPath MobileConnect
Wireless Controller • Redundant High Availability
Controllers Support • Centralized WLAN services and
policy management • Virtualized control & data
planes
Unified Management • Multi-controller management • Wireless IPS, Location, RF maps • Unified role-based access: seamless
across wired and wireless infrastructure
Wireless Access Points • Multi-SSID (16 per AP) with individual suppression • WPA, WPA2, WEP encryption & authentication support • Load balancing and auto-failover • Dynamic Frequency Selection, Radio Management and
Airtime Fairness • FCC and ETSI Dynamic Frequency Selection allows
use of the complete 5 GHz
Mobile Clients • 802.11n devices • Fast Secure Roaming • Superior voice quality
43
Wireless Portfolio: We got IT covered!
Enterprise-class Capability • Full 802.11n functionality 3X3 MIMO w/ 802.3af PoE • Wall, ceiling, drop ceiling and plenum (UL 2043) mounting • Local policy enforcement, traffic forwarding and rate limiting • 802.11an: 228 Mbps (channel bonded) • 802.11bgn: 190 Mbps (channel bonded) • Combined: 418 Mbps (concurrent dual radio, channel
bonded)
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved. 44
Intelligent, Semi-Autonomous Access Points
Engineered for Performance – Ethernet Port Processing
Green AP and 3x3 MIMO Operation on single 802.3af
Simultaneous Support for Local Bridging and Tunnel Data Paths
Security, QoS, Encryption, RF Control Performed on the AP
Indoor and Outdoor Solutions; Customer Installable Antennas
Wireless IDS and Wireless IPS on the Same AP
Comprehensive Lifetime Warranty
Dynamic and Static Mesh on the Same AP
Industry Leading Access Points
Real-time, over-the-air packet capture (RealCapture)
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Wireless Access Points
3605
Entry Level 2x3 MIMO
3610 and 3620
High End 3x3 MIMO
3630 and 3640
High End Standalone
802.11n Indoor
2605
Entry Level a/b/g
2610 and 2620
High End a/b/g
802.11a/b/g Indoor
3660
IP67/NEMA4
11n 3x3 MIMO
2650 and 2660
IP65/NEMA4
a/b/g
Outdoor
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved. 46
Feature Rich, Enterprise-Grade Wireless Out-of-the-Box!
High Availability & Double Capacity for the Same Price
Advanced Security and Role Based Access Controls
Multimedia QoS Enabled – Voice and Video
Comprehensive Guest Portal and NAC Support
Industry Leading Controllers
Fast Roaming; Intra and Inter-Controller Roaming
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Wireless Controllers
16-48 APs Supported
96 APs in H/A
2 GigE Interfaces
1 GigE Mgmt
Interface
1024 Users
ETS Lifetime
Warranty
C25
50-250 APs
Supported
500 APs in H/A
4 GigE Interfaces
1 GigE Mgmt
Interface
4096 Users
ETS Lifetime
Warranty
C4110 C5110
150-525 APs
Supported
1050 AP in H/A
2 10Gig LC
Interfaces
1 GigE Mgmt
Interface
8192 Users
ETS Lifetime
Warranty
Virtualized gateway
VMware ESXi 4.1
8-240 APs
Supported
480 APs in H/A
2 GigE Interfaces
1 GigE Mgmt
Interface
4096 Users
V2110
47
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved. 48
Device Identification for Smartphone and Tablets
Automated Guest Registration and Policy Assignment
Dynamic Policy Assignment Based on Device Ownership
Bring Your Own Device for Employees and Guests
Assessment, Remediation and Quarantine Services
Powered by Enterasys NAC
Authentication Gateway Services
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
BYOD – Secure The Infrastructure
49 49
Control Devices On Your Network, Protect the Infrastructure
Granular Assignment of Topology, QoS and Security Rules
Single SSID For Efficient Provisioning, Security, and RF Operation
Who You Are, Where You Are, What Device You Have
User A User B
Single SSID
Authentication
Gateway
Wireless
Controller Firewall
Internet
LAN
Corporate
Resource
User A connects with company owned device User A connects with personal mobile device User A is provisioned for access with
company device
User A has been
provisioned for access
with personal mobile
device
User B connects with a company owned
mobile device User B can access corporate data with
the corporate mobile device Ready For Today
Future Proof For Tomorrow
A Siemens Enterprise Communications Company
“There is nothing more important than our customers”
Enterasys NetSight Centralized Visibility and Control
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
At the Center of Intelligent Networking
“5% of network staff’s time goes to maintaining the network vs. 60% with their last network vendor” Wardlaw Claims, an independent insurance adjuster
“5,000 user network maintained with just 2 network engineers” Securities America, independent securities broker
“4,000 user network spread across 29 remote locations maintained with just 3 network engineers” Town of Enfield, Connecticut
Maximum ROI - Manage More with Less
“Enterasys’ unified application-level
security and access policy
enforcement, coupled with a single
management console across
wired/wireless/voice/data products
provides differentiation and can
contribute to a lower TCO.”
- Gartner
51
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Unified Network Management Suite
53
- End system and network
inventory
- Device, Alarm and Topology
Management
- Performance reporting
- Netflow Analysis
- Security incident response
- AAA and RADIUS services
- Network Access Control
- Guest access
- Policy Management
Manage and protect wired/wireless networks
with a single solution
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
NetSight Overview
Role-based network
control
Enforce AUP
Prioritize traffic
Configuration & change
management
Capacity planning
What-if analysis
Mobile toolset
Control
Discovery & topology
mapping
Dashboards
Status, inventory,
performance & audit
reporting
Diagnostics &
troubleshooting
NetFlow analysis
Alarm management
Visibility
Granular access control
Flexible assessment
Compliance enforcement
Guest & Remediation
portals
End-system registration
User & end-system
tracking
Automated incident
response
Security
54
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
NetSight Console – Configuration and Control
Full wired & wireless management
Device discovery, grouping and classification
In-depth network topology maps
Unified network management including switches,
routers, wireless controllers and access points,
and more
Powerful, configurable FlexViews
Robust troubleshooting and analysis
Device and port configuration / management
Event and alarm management
Default policy control for network attached
devices
Powerful searches by name, MAC / IP address,
physical location and other variables
55 55
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Wireless Management Software
Centralized configuration with
flexible templates
Automated provisioning
End-to-end integrated topology
Policy and inventory integration
NMS Wireless Manager
Advanced Wireless IPS
Location Services
Live RF Heatmaps
Interference Analysis
Real Time Forensics
Compliance Reporting
Wireless Advanced Services
56
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
OneView Reporting
Customizable/Extensible
reports
Pre-defined and ad-hoc
Interactive tables and charts
Multiple report types
- Dashboard
- TopN summary
- Wireless details
- Real-time diagnostics
- Wireless inventory
- Ad-hoc
- Administrative reports
- Web-based FlexViews
57
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
OneView – Flow Collection
59
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
OneView – Flow Collection
Reports Tab
60
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Device Details Menu
Detailed device information
- Right click pull down menu available from
- Console
- OneView
- PortView
- Device View
61
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Mobile Management
Any time, anywhere wired and wireless network visibility
and control
Optimized for personal mobile devices including iPad®,
iPhone® & Android®
Centralized NMS views are easily available just like all
your favorite smart phone or tablet apps
- Network Access Control end-system view and system location
and tracking
- Wireless dashboards and detailed views of Controllers & APs
- NMS Compass
- Event logs
62
SEARCH LOCATE REPORT ANALYZE
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
NetSight Policy Management
Industry leading policy based network management
Align the wired/wireless network infrastructure with business needs
- Control guest users
- Enforce regulatory mandates
- Implement acceptable use rules
Enforce desired network behavior across switches, routers and APs
- Including dynamic policing of user access, network security, and application prioritization
“One click” enforcement of policies for QoS, bandwidth and other
parameters
- No tedious device-by-device ACL modifications for every move/add/change
63 63
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
NetSight Policy Management (Cont.)
Easy to use wizards
Complete wired/wireless support
Network planning
- Passive policies for what-if scenarios prior
to enforcing
- Utilize Wireshark captures for before &
after comparisons to test new policies
before deployment
Reporting
- Policy audit reports in OneView
- Policy hit reports showing resulting traffic
control
Role-based access
- Roles, Services, Rules
64
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Example: Policy Manager Enforcement of Acceptable Use Policy
Roles
correspond to
specific user
groups on the
network
Services group
Rules and apply
to Roles
Rules allow,
deny, rate limit
or contain
specific traffic
types
IT Admin Employee Guest
Ro
les
Se
rvic
es
Corporate
Productivity
Applications
Internet &
VPN Access
Only
Admin.
Applications
Ru
les
De
ny
Bro
ad
ca
st
Allo
w H
TTP
Allo
w S
NM
P
Allo
w P
ing
Allo
w T
FTP
Allo
w T
eln
et
Allo
w O
racle
Allo
w S
AP
Allo
w M
S E
xch
an
ge
Ra
te L
imit
IM
Allo
w IP
Se
c
Allo
w H
TTP
S
66
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
NetSight Inventory Management
Advanced network configuration and change
management for wired/wireless infrastructure
Greatly simplify the deployment and management
of Enterasys & third party infrastructure devices
- Schedule firmware and BootP updates
- Archive, compare and restore configuration data for
one or multiple devices
- Track FRU moves, adds and changes
- Scales to manage the most complex networks
Comprehensively manage network inventory
- Accelerate capacity planning
- Record the swapping of hardware modules during
network reconfigurations and troubleshooting
Simplify complex tasks with powerful wizards
67 67
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
NAC
69
Ensure health and compliance
both prior to and after allowing
access - Agent and agent-less assessment
- Integration with other security technologies
Provide appropriate access (to
assets and QoS) based on
organizational role, authenticated
identity and security posture - MAC, IP, Hostname, Kerberos, Web, 802.1x -
based authentication
- Policy, VLAN or ACL enforcement
Support guest access, sponsored
access and end-system / user
tracking - IP to ID mapping: track username, IP, MAC,
location, etc.
Automatically contain detected
threats - Quarantine role
- Assisted remediation
- Automatic remediation
MAC Address
IP Address Tracking
First/last seen Hostname
Phone#
Operating System
Asset ID Username
Access Point /SSID
Switch/port
Current Location
Switch/port
Location
State Health
Applied
Policy
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
NAC Management – Administrator
User-friendly workflows
Customize assessment
configurations
Customize guest access &
remediation portals
Configure robust notifications &
integration
Configure end system access
control with simple rules for
- Authentication type
- Device
- Identity/user role
- Location
- Time of day
- Assessment results
70
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
NAC Management – Helpdesk
Automatic end system inventory and
control
- Connected port
- Assigned role
- User identity
- Last assessment
- Security status
- Overall 45 attributes per end system
NAC Reporting
- Risk Level
- Highest Risk End Systems
- Newest End Systems
- Most Frequent Vulnerabilities
- End Systems by Vulnerability
Mobile Access
71
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Integrated Solution – Virtual Datacenter Management
Automation & control
- Dynamic configuration of the
vSwitch and physical infrastructure
for each VM
Visibility
- Integrated tracking of VM and its
applications along with centralized
view of virtual and physical
network infrastructure
Vendor agnostic
- Integrates with popular server
virtualization products from Citrix,
Microsoft and VMware
VM
Management
vSphere (vCenter, ESX Server)
XenCenter, Microsoft Hyper-V (basic support)
Enterasys NMS
Pre-provision network
connectivity & VLANs
Report on VM location,
switch port status and
assigned connectivity profile
Assign network
connectivity profile to VM
Synchronize VM asset
information
72
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Integrated Solution – Automating Unified Communications Management
Automates normally labor intensive database updates for
Inventory and location service
Location-based configuration of end-devices
Detection of non-compliant and compromised end-devices
Authentication and authorization
73
Device phone number
(e.g. 43254)
Device Type and SW version
(e.g. OpenStage 80:V1 R4.14.0)
DLS IP Infrastructure
Enterasys NMS NAC Manager: Endsystem View
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
NetSight Summary
74
Reduces administrative burden with centralized
command, control and automated security on
heterogeneous networks
Reduces network cost of ownership and operations
- Manage via the management console or mobile device
- Manage inventory and capacity planning
- Configure and manage the entire network from a single location
- Monitor the information most important to your business
- Provide local network control to local personnel without involving
the help desk
Streamlines workflows through integration with other
technologies
Supports multi-vendor networks for a complete
solution
74
©2012 Enterasys Networks, Inc., A Siemens Enterprise Communications Company – All rights reserved.
Servicing Global Customers for Nearly 30 Years 75% of Fortune 500 Companies Trust Enterasys
ENERGY MANUFACTURING
EDUCATION
TELECOM
PUBLIC SECTOR
FINANCIAL
TRANSPORTATION
RETAIL
HEALTHCARE
75
A Siemens Enterprise Communications Company
Thank You!
“There is nothing more important than our customers”