Technical Specifications - Extreme Networks Summit X250e-24p Datasheet

Technical Specifications

ExtremeXOS 12.3 Supported
Protocols
Switching
• RFC 3619 Ethernet Automatic Protection
Switching (EAPS) and EAPSv2
• IEEE 802.1D – 1998 Spanning Tree Protocol
(STP)
• IEEE 802.1D – 2004 Spanning Tree Protocol
(STP and RSTP)
• IEEE 802.1w – 2001 Rapid Reconfiguration for
STP, RSTP
• IEEE 802.1Q – 2003 (formerly IEEE 802.1s)
Multiple Instances of STP, MSTP
• EMISTP, Extreme Multiple Instances of
Spanning Tree Protocol
• PVST+, Per VLAN STP (802.1Q interoperable)
• Draft-ietf-bridge-rstpmib-03.txt – Definitions of
Managed Objects for Bridges with Rapid
Spanning Tree Protocol
• Extreme Standby Router Protocol
• IEEE 802.1Q – 1998 Virtual Bridged Local Area
Networks
• IEEE 802.3ad Static load sharing configuration
and LACP based dynamic configuration
• Software Redundant Ports
• IEEE 802.1AB – LLDP Link Layer Discovery
Protocol
• LLDP Media Endpoint Discovery (LLDP-MED),
ANSI/TIA-1057, draft 08
• Extreme Discovery Protocol (EDP)
• Extreme Loop Recovery Protocol (ELRP)
• Extreme Link State Monitoring (ELSM)
• IEEE 802.1ag L2 Ping and traceroute,
Connectivity Fault Management
Management and Traffic Analysis
• RFC 2030 SNTP, Simple Network Time Protocol v4
• RFC 854 Telnet client and server
• RFC 783 TFTP Protocol (revision 2)
• RFC 951, 1542 BootP
• RFC 2131 BOOTP/DHCP relay agent and DHCP
server
• RFC 1591 DNS (client operation)
• RFC 1155 Structure of Mgmt Information
(SMIv1)
• RFC 1157 SNMPv1
• RFC 1212, RFC 1213, RFC 1215 MIB-II,
Ethernet-Like MIB & TRAPs
• RFC 1573 Evolution of Interface
• RFC 1650 Ethernet-Like MIB (update of RFC
1213 for SNMPv2)
• RFC 1901, 1905 – 1908 SNMP v2c, SMIv2 and
Revised MIB-II
• RFC 2576 Coexistence between SNMP Version
1, Version 2 and Version 3
• RFC 2578 – 2580 SMIv2 (update to RFC 1902
– 1903)
• RFC 3410 – 3415 SNMPv3, user based
security, encryption and authentication
• RFC 3826 – The Advanced Encryption Standard
(AES) Cipher Algorithm in the SNMP User-based
Security Model
• RFC 1757 RMON 4 groups: Stats, History,
Alarms and Events
• RFC 2021 RMON2 (probe configuration)
• RFC 2613 SMON MIB
• RFC 2925 Ping/Traceroute MIB
• RFC 2668 802.3 MAU MIB
• draft-ietf-hubmib-mau-mib-v3-02.txt
• RFC 1643 Ethernet MIB
• RFC 1493 Bridge MIB
• RFC 2096 IPv4 Forwarding Table MIB
© 2009 Extreme Networks, Inc. All rights reserved.
• RFC 2737 Entity MIB v2
• RFC 2233 Interface MIB
• RFC 3621 PoE-MIB (PoE switches only)
• Secure Shell (SSH-2) client and server
• Secure Copy (SCP-2) client and server
• Secure FTP (SFTP) server
• sFlow version 5
• Configuration logging
• Multiple Images, Multiple Configs
• RFC 3164 BSD Syslog Protocol with Multiple
Syslog Servers
– 999 Local Messages (criticals stored across
reboots)
• Extreme Networks vendor MIBs (includes FDB,
PoE, CPU, Memory MIBs)
• XML APIs over Telnet/SSH and HTTP/HTTPS
• Web-based device management interface –
ExtremeXOS ScreenPlay
• IP Route Compression
• Stacking – SummitStack (Summit products with
SummitStack feature only)
™ (ESRP)
Security, Switch and Network Protection
• Secure Shell (SSH-2), Secure Copy (SCP-2) and
SFTP client/server with encryption/authentica-
tion (requires export controlled encryption
module)
• SNMPv3 user based security, with encryption/
authentication (see above)
• RFC 1492 TACACS+
• RFC 2138 RADIUS Authentication
• RFC 2139 RADIUS Accounting
• RFC 3579 RADIUS EAP support for 802.1x
• RADIUS Per-command Authentication
• Access Profiles on All Routing Protocols
• Access Policies for Telnet/SSH-2/SCP-2
• Network Login – 802.1x, Web and MAC-based
mechanisms
• IEEE 802.1x – 2001 Port-Based Network Access
Control for Network Login
• Multiple supplicants with multiple VLANs for
Network Login (all modes)
• Fallback to local authentication database (MAC
and Web-based methods)
• Guest VLAN for 802.1x
• RFC 1866 HTML – Used for web-based Network
Login and ScreenPlay
• SSL/TLS transport – used for web-based
Network Login and ExtremeXOS ScreenPlay,
(requires export controlled encryption module)
• MAC Security – Lockdown and Limit
• IP Security – RFC 3046 DHCP Option 82 with
port and VLAN ID
• IP Security – Trusted DHCP Server
• Layer 2/3/4 Access Control Lists (ACLs)
• RFC 2267 Network Ingress Filtering
• RPF (Unicast Reverse Path Forwarding) Control
via ACLs
• Wire-speed ACLs
• Rate Limiting / Shaping by ACLs
• IP Broadcast Forwarding Control
• ICMP and IP-Option Response Control
• SYN attack protection
• CPU DoS Protection with traffic rate-limiting to
management CPU
• Robust against common Network Attacks:
– CERT (http://www.cert.org)
– CA-2003-04: "SQL Slammer"
– CA-2002-36: "SSHredder"
– CA-2002-03: SNMP vulnerabilities
– CA-98-13: tcp-denial-of-service
– CA-98.01: smurf
– CA-97.28:Teardrop_Land -Teardrop and "LAND"
attack
Extreme Networks Data Sheet
– CA-96.26: ping
– CA-96.21: tcp_syn_flooding
– CA-96.01: UDP_service_denial
– CA-95.01: IP_Spoofing_Attacks_and_Hijacked_
Terminal_Connections
– IP Options Attack
• Host Attacks
– Teardrop, boink, opentear, jolt2, newtear,
nestea, syndrop, smurf, fraggle, papasmurf,
synk4, raped, winfreeze, ping –f, ping of death,
pepsi5, Latierra, Winnuke, Simping, Sping,
Ascend, Stream, Land, Octopus
Security, Router Protection – Requires Edge
License or above
• IP Security – DHCP enforcement via Disable
ARP Learning
• IP Security – Gratuitous ARP Protection
• IP Security – DHCP Secured ARP/ARP
Validation
• Routing protocol MD5 authentication
(see above)
IPv4 Host Requirements
• RFC 1122 Host Requirements
• RFC 768 UDP
• RFC 791 IP
• RFC 792 ICMP
• RFC 793 TCP
• RFC 826 ARP
• RFC 894 IP over Ethernet
• RFC 1027 Proxy ARP
• RFC 2068 HTTP server
• IGMP v1/v2/v3 Snooping with Configurable
Router Registration Forwarding
• IGMP Filters
• PIM Snooping
• Static IGMP Membership
• Multicast VLAN Registration (MVR)
IPv4 Router Requirements – Requires Layer 3
Edge License or above
• RFC 1812 Requirements for IP Version 4
Routers
• RFC 1519 CIDR
• RFC 1256 IPv4 ICMP Router Discovery (IRDP)
• Static Unicast Routes
• Static Multicast Routes
• RFC 1058 RIP v1
• RFC 2453 RIP v2
• Static ECMP
• RFC 1112 IGMP v1
• RFC 2236 IGMP v2
• RFC 3376 IGMP v3
• RFC 2933 IGMP MIB
• RFC 2096 IPv4 Forwarding Table MIB
• RFC 1724 RIPv2 MIB
IPv4 Router Requirements – Requires Advanced
Edge License or above
• RFC 2338 VRRP
• RFC 2787 VRRP MIB
• RFC 2328 OSPF v2 (Edge-mode)
• OSPF ECMP
• OSPF MD5 Authentication
• RFC 1587 OSPF NSSA Option
• RFC 1765 OSPF Database Overflow
• RFC 2370 OSPF Opaque LSA Option
• RFC 3623 OSPF Graceful Restart
• RFC 1850 OSPFv2 MIB
• RFC 2362 PIM-SM (Edge-mode)
• RFC 2934 PIM MIB
• RFC 3569, draft-ietf-ssm-arch-06.txt PIM-SSM
PIM Source Specific Multicast
• draft-ietf-pim-mib-v2-o1.txt
Summit X250e Series—Page 7