Today’s offices make ever-increasing use of online resources and
applications. When the network is down, productivity falls. Network
managers need to provide reliable, secure, fast networks that
keep businesses running smoothly today and into the future. This
dependence on network availability is moving IT managers to
review their current facilities to decide whether there are sufficient
capabilities to meet their needs and when to upgrade.
Choosing the right solution can be difficult when there are so many
different requirements that must be satisfied:
Bandwidth
Resilience
Application support
Management system
Security
Future proofing
Allied Telesis have been delivering innovation in this area for some
time. This document describes our Enterprise Network Solution,
using Allied Telesis products to provide a modular, scalable, and
flexible solution suitable for small to large enterprise businesses.
The technologies featured in this solution include:
Switch stacking with link-aggregation for resilience.
Layer 3 core switching.
Network Access Control (NAC) for security.
Quality of Service (QoS) for Voice over IP (VoIP) and video
streaming.
Building an optimum network
Determining the best design and implementation of your network
ensures optimal reliability, availability, scalability, security, and
performance for your enterprise.
A number of factors must be considered when deciding upon a
network design:
Bandwidth- the network must provide sufficient throughput now
and for a number of years to come. The exact speed of edge ports and uplinks should match the requirements of
current and foreseeable future applications.
Allied Telesis solutions have options that cover 10/100 or 10/100/1000 at the edge with Gbit, (multiple Gbit) or 10Gbit uplinks on the backbone. The core switch needs sufficient capacity to aggregate all of these connections from
the closest edge and provide for resilient server connectivity.
Resilience - down time immediately impacts on productivity, so
resilience is also vital.
The Allied Telesis solution uses split link-aggregation technology
in which links from core stacked switches to the edge switches
are connected to separate units but grouped together to act as
a single link achieving both resilience and improved bandwidth
availability.
Other resilience options are available if the design topology
and scale demand it. Ethernet Protected Switched Ring (EPSR)
provides fast failover for ring topology for the core. RSTP or
MSTP can be used as a fall-back technology or for integration
with existing legacy equipment. Here too, the use of stacked
switches means that uplinks can be connected to different units
in the stack.
Recovery times are another important factor. The failure of a
This document aims to help you build different bandwidth solutions
with similar resilience, QoS, and security features, ensuring that all
stacked unit can be quickly resolved by simply exchanging the
failed unit with a new one of the same stack ID.
your current network needs are met with future expansion and
new applications catered for.
Application Support - networks are now becoming more than
just a means for moving data from server to PC. Converged
networks are now becoming the norm with VoIP becoming
the telephony system of choice. Multimedia services are also
being added and applications are shifting larger files with more
graphical content. Network managers want to install equipment
that can support PC applications and IP telephony. Power over
Ethernet (PoE) options at the edge are available for all solutions.
Some may want to have dedicated PoE ports, some will want
to be able to plug any device anywhere. In order to support
all the necessary applications QoS is essential to ensure that
voice and multimedia pass through the network without loss
or delay. QoS also allows critical applications to be prioritized
above Internet access and other background functions. Many
standards-based VoIP systems now require LLDP-MED protocol
for auto-configuration of IP handsets. Support for this is
available on all PoE edge switches.
Management - a resilient network is only as good as the
management system that informs you that a failure has
occurred and the network has healed itself. The network
manager is then able to action the repair before the failure can
affect the network availability. The network management system
performs the following tasks:
Mapping and monitoring of network devices.
Monitoring of all resilient functions - PSU, Links, stacks etc.
Alerting of important failures by e-mail, paging etc.
Collection of statistics to allow reporting on key devices and
links.
Security - as the dependence on the network and PCs grow, so
do the risks of attack, either malicious or from viruses being
unknowingly brought in.
The Allied Telesis solution offers security for both the network
itself, via 802.1x or Network Access Control (NAC) and
Microsoft's Network Access Protection (NAP) compliance, and
also for the management of the network devices themselves
which can also be protected with centralised authentication.
Future Proofing - maximise the longevity of your IT investments
in a world of ever-changing protocols and constantly evolving
security dangers.
The Allied Telesis solution allows for future network growth,
both in total ports supported and in the uplink speeds that
can be used. For example, allowing your current Gigabit uplink
system to be increased to10Gbps in the future. The features
within the key switches also allow for flexible configuration to
accommodate the bandwidth and QoS requirements of future
applications. Core L3 switches are also already capable of IPv6
in hardware.
Training - Allied Telesis can provide scheduled or bespoke group-
based training on the equipment and configuration required
within the solution.
Other documents you may be interested in:
Solutions: Find out how Allied Telesis products and industr y-leading
A set of advanced technologies enable Allied Telesis switches to
deliver high value solutions to your network. An overview of each
of these technologies is provided - explaining what it does and how
it adds value to your business.
Switch stacking - VCStack
Switch stacking - known as VCStackTM on the AlliedWare Plus
products, performs the following functions:
Combines a number of switches to form a single managed
‘virtual’ chassis, reducing complexity on the management
platform, as seen in Figure 1.
TM
Provides backup of management and configurations. If one unit
fails, another will take over management. Configuration files are
saved on at least two units.
Simplifies configuration and increases resilience - all functionality
is available across the stack, such as link aggregation, VLANs, etc.
Reduces failure recovery time by simply setting the stack ID
of the replacement and hot-swapping in place of the failed
unit. As the configurations are held on another unit, no further
reconfiguration is required.
Connects switches together in the stack using a high bandwidth
connection without losing front ports for connectivity to users,
servers, and uplinks.
One of the perennial problems of Spanning Tree Protocol for resilience is the fact that some links in the system remain blocked when the
system is in normal operation, only becoming active when there is a failure. With bandwidth demands increasing on the network, split linkaggregation lets the network make use of the full bandwidth of all the links in the network but still offer failover capabilities quicker than
STP/RSTP. Switch stacking with functionality common across the stack is the key to deploying this technology.
| VCStack + Link aggregation
x900-12XT/S
8000GS/48
Stack
CORE
8000GS/48
Stack
ACCESS
As shown in Figure 2, links from ports on different switches in the core stack are connected to por ts on different switches in the edge
stacks. This is a simple deployment to understand and configure. If either a unit or link fails then the remaining link is used to continue
network operations and both core and edge stacks can still be managed so the fault can be diagnosed and quickly corrected.
Another benefit of this approach is that if the core switch has L3 configurations then there is no need for further resilience protocols such
as VRRP, since there is always a L2 link back to the core which will be acting as the gateway for the subnets attached.