Riverstone Networks 9000 User Manual

Distributed intelligence

Unlike other switches on the market, Alcatel OmniSwitch are unique in that they are able to provide

Smart Continuous Switching by using a design where most processes are distributed and handled on the

network interfaces themselves, relegating the CMM to a coordination role. A bottleneck is avoided by not

using a centralized control plane architecture where the CMM – the key management module – is

responsible for all processing. The distributed design allows key processes such as Spanning Tree to

maintain a fully operational state, even during a sub-second CMM failover.

Multi-layer security

With networks under constant attack from the outside world and even from within the company, a

network needs to provide easy access to users and resources, yet possess extensive security features that

can be managed across a global enterprise. The OS9000s provide multi-layer security with a range of

security features that can be implemented in the wiring closet, the core, and throughout the network.

These include:

• User authentication

• Virtual local area networks (VLANs)

• Quarantine VLANs

• Access control lists (ACLs)

• Restricts user ports from sending control traffic (BPDU, RIP, OSPF, BGP)

• Prevents IP source address spoofing

• Authenticated switch access

• Encryption for secure management (SSHv2 / HTTPs / SNMPv3)

• Denial of service protection

Multi-layer security enables the building of sophisticated hardware and software-based solutions that can

be integrated with policy-based management and other technologies such as smart cards, PKI, and

biometrics for enhanced security implementations. For secure management there are many features

integrated into the architecture including authenticated user access, SNMPv3 and SSL for encrypted

sessions, and partitioned management for multi-tiered access and granular network administration.

Advanced network policies for secure & converged networks

Advanced network policies ensure that users and applications get the priority and performance they need

with ease of use management that extends across the enterprise. The OS9000s feature state-of-the-art

ASIC-based technology for intelligent, wire-speed everything including switching, routing, ACLs, QoS,

traffic redirection and load balancing.

The OS9000s provide application aware switching for layers 2, 3, and 4 and the most advanced

classification, prioritization, and queuing schemes in the industry. It also supports industry classification

standards including 802.1Q/p, TOS, and DiffServ, and is enhanced with complementary features such

as extensive QoS mappings and re-tagging of prioritization. And, the OS9000s don’t require additional

hardware or specialized software to operate at wire-speed – from the first packet!

> 6 A L C AT E L