Alcatel omniswitch 6800 family – Alcatel Carrier Internetworking Solutions 6800 User Manual

Alcatel OmniSwitch 6800 Family

A L C AT E L 5 >

Plus, the OS6800L switches provide even more security for your investment by being upgradeable and

stackable with other OS6800s. The low entry price allows you to improve your current network’s

performance and later, through a software license, allows you to upgrade to GigE.

Secure Networking

The OmniSwitch 6800 can support a distributed security

approach, enhance emerging security technologies, and help secure the LAN edge

using proactive and reactive strategies.

One proactive solution is to perform a host integrity check, which ensures attached

devices are running administrator defined credentials. A host integrity check solution

is significantly enhanced by the OS6800 because it can automatically move hosts

that pass inspection dynamically into their proper VLAN based on the user,

regardless of where they are physically, or move them into a protected environment

where they could maintain limited access to network resources for remediation.

Since every security threat cannot be anticipated, the enterprise also needs a

reactive security solution that can respond quickly and effectively. When the

group mobility feature in the OS6800 is combined with the Alcatel Quarantine

Engine (AQE) and supported intrusion detection systems (IDS), the network can

automatically detect attacks and take protective action such as writing a rule that

drops the device’s traffic, turning off the device’s connectivity to the network or

quarantine it to a protected environment.

High Availability

A high performance network means nothing if it’s not available for use. The

OmniSwitch 6800 virtual chassis minimizes downtime, reduces operational

complexity and cost, and increases availability for mission-critical applications.

A virtual chassis takes the best availability attributes of a modular chassis like

redundant management, fault tolerant backplane and link aggregation including

10 Gig that can be configured across physical switch boundaries. These attributes

remove single points of failure that other stackable switches do not address.

A cost effective, highly available, scalable, and re-configurable network can be

achieved when the virtual chassis benefits of the OS6800 are deployed in

conjunction with the OS6600 family.

AQE

3

4

TRAP

1

2

5

OmniSwitch 6800

Data Center

Switch

Critical Resources

Administrator

End Stations

OmniVista

IDP

Client Integrity

Agent

OmniSwitch 6800

Virtual Chassis

Virtual Chassis

Virtual Chassis

OmniSwitch 6600

OmniSwitch 6800

OmniSwitch 6800

1 Gig

10 Gig

1 Gig

10 Gig

40 Gig Core

Interconnect

(Stacking Links)

Link
Aggregation

Link

Aggregation

AQE Sequence of Events

Infected station attacks server (e.g.,
port scan)

IDP identifies the attack and source of
attack

IDP notifies OmniVista of type of attack and
source of attack

Trap or syslog event appears and network
administrator is offered predetermined
responses:

• Shut down faulty user port
• Create ACL on (port/VLAN/switch/

network)

• Move faulty MAC to quarantine VLAN

(network wide)

Response is activated in the network

1

2

3

4

5