Open Application Architecture
H3C’s Open Application Architecture (OAA) allows the switch to install high-performance OAP modules that implement specialized functions such as firewall , IPS or load balancing in addition to the usual traffic forwarding functions. Installing OAP modules allows customers to use the switch as a multi-service device without the need to purchase separate hardware and software systems, such as firewalls.
High density of 10GE ports
The switch has a high density of 10GE ports for forwarding traffic and allows you to flexibly increase the number of 10GE ports. It features 48/24 auto-sensing 10/1GE SFP+ ports, two built-in QSFP28 or QSFP+ ports, and two expansion slots that support up to 11 different interface modules with GE, 10GE, 25GE, 40GE, 100GE, and multi-Gigabit ports. Using QSFP+/SFP+ splitter cables, a QSFP+ port can be split into four 10GE SFP+ ports operating at line speed. In total, one switch can have up to 72 10GE ports.
Built-in access controller
H3C S6520X-HI switches support functionality of wireless local networks WLAN by installing a package of access controller functions on the main control module, which allows you to service both wired and wireless network segments within one device. The integrated access controller provides a low-cost WLAN solution that saves investment and increases traffic forwarding capacity, providing a truly unified solution for wired and wireless campus networks. One switch supports a maximum of 256 access points.
H3C IRF2 Intelligent Resiliency Architecture Technology
H3C IRF2 Intelligent Resiliency Architecture Technology allows you to virtualize multiple S6520X-HI switches into one virtual switch, providing the following benefits:
Scalability – IRF 2 technology makes it easy to add additional devices to an IRF 2 system. It provides a single point of control, allowing switches to be easily plugged in and turned on, and supports automatic software updates to synchronize the software on the host device with newly connected devices in the system. This technology offers added flexibility and reduced total cost of ownership by allowing new switches to be added to the fabric without changing the network topology as the organization grows.
High availability – proprietary hot standby technology of H3C routers ensures backup and copying of all information in the control plane and data plane, as well as uninterrupted Layer 3 data transfer using IRF 2 switch fabric. Additionally, it eliminates critical nodes whose failure could lead to system failure and ensures uninterrupted service delivery.
Reservation and balancing load – Distributed link aggregation technology supports load sharing and mutual redundancy for multiple backbone links, which increases the level of redundancy in the network and promotes more efficient use of link resources.
n
Flexibility and fault tolerance—IRF links between devices within an IRF system use standard GE ports instead of dedicated ports. This allows customers to distribute channel capacity between backbone interfaces, interfaces to downstream systems, and connections in the IRF system according to their own needs. Additionally, the S6520X-HI IRF can span a single rack, multiple racks, or even multiple campuses.
A Wide Range of Advanced Features
The switches offer a wide range of features and capabilities, including the following:
Modular architecture hardware and < strong>software ware – the switches use a modular hardware architecture with the ability to hot-swappable and redundant various modules, including power supplies and fan modules. The switch software is also built on a modular basis, which allows you to install and remove individual modules as needed. Calibrated physical architecture and optimized software processes significantly reduce overall packet processing latency.
Software–defined networks< strong>(SDN)is an innovative network architecture that separates the network control plane from the data forwarding plane, typically through Openflow. SDN greatly simplifies network management without the complexity and overhead of maintenance, provides flexible traffic management, and offers an excellent platform for network applications and innovative solutions.
Technology virtual extensible < strong>local networks (VXLAN) – technology for encapsulating MAC addresses in UDP frames that provide Layer 2 connectivity between remote sites using an IP network. Using VXLAN, it is possible to work with virtual machines over long distances and data mobility; This technology is typically used in data centers and at the access layer of campus networks serving multiple companies (tenants). H3C’s VXLAN implementation supports automatic VXLAN tunnel creation using EVPN.
Virtual private networks Ethernet (EVPN) – virtual LAN technology layer 2 networks, providing connectivity between remote entities over an IP network at both layer 2 and layer 3. EVPN uses MP-BGP in the control plane and VXLAN in the data plane. EVPN provides the following benefits: Automated configuration; Separation of the control plane from the data plane; Integrated Routing and Bridging (IRB).
Update software software without interruption work (ISSU) and operation functions, non-disruptive administration and maintenance (OAM) – ensures uninterrupted operation and optimization of Ethernet management and maintenance mechanisms.
Comprehensive security policies
The switches support authentication, authorization, and accounting (AAA) functions, including authentication via RADIUS, as well as dynamic and static binding of user identities such as user account, IP address, MAC address, VLAN, and port number .
When using a switch with the H3C IMC management system, you can manage and monitor active users in real time and take immediate action if violations are detected.
Switches offer the ability to assign a large number of ACLs for incoming and outgoing traffic, as well as VLAN-based ACLs. This simplifies configuration and saves ACL resources.
MACsec
MACsec is an ideal link-layer protocol for security on each individual hop for Ethernet networks, which are typically not secure. It provides the following features:
Data Encryption – Encrypting data over the Ethernet link provides protection against security threats such as eavesdropping.
Replay protection – prevents packets from being intercepted and subsequently modified during transmission to protect the network from unauthorized access.
Tampering protection – prevents packet modification to ensure data integrity.
MACsec supports the following deployment options:
Client-centric – protects the data link between the client and its access device.
Device-centric – protects the data link between two adjacent devices.
The switch can interface with the H3C iNode client and core switches such as the S10500 and S7500E to implement a comprehensive MACsec solution.
High Availability
In addition to host- and link-level security, the switches provide the following high-availability hardware features:
Redundancy of power supplies according to the 1+1 scheme and redundancy of fan modules according to the 1+1 scheme.
Hot-swappable interface modules.
Automatic monitoring of power supply status and fan modules, as well as alarm generation mechanisms.
Automatic adjustment of fan speed depending on temperature changes.
Self-defense mechanisms that are triggered when overcurrent, overvoltage or temperature is detected.
Wide control options
The switches implement a variety of management functions, making them very easy to manage. The switches offer the following device management features:
Multiple management interfaces, including a console port, an Ethernet port for out-of-band management, and a USB port.
< p style="font-weight: 400;">Supports configuration and management via command line interface (CLI) or web interfaces of general purpose systems such as the H3C IMC Intelligent Management Center.
Supports various access methods, including SNMPv1/v2c/v3, Telnet and the more secure SSH 2.0 and SSL.
Using functions OAM for enhanced system management capabilities.
FTP support for system updates.
Intelligent Management Center (SmartMC)
SmartMC is H3C’s latest, innovative solution that helps small and medium-sized businesses manage their business challenges. network management using a free, easy-to-use web-based tool. SmartMC is an on-switch management tool available in management switches and other access network switches.
SmartMC has the following advantages:
Smart Operation: Once the switch is powered on and the SmartMC function is activated, the topology is automatically built and displayed to the user in a rich web GUI to check the current status.
< p style="font-weight: 400;">Centralized management: All management operations can be performed through the management switch, including centralized configuration backup and software versioning for increased efficiency.