Extreme Manufacturing Solutions Operations Performance Analytics (OPA) Business alignment - Over time, the proliferation of devices has created unnecessary complexity. Control Center delivers centralized visibility and granular control of network resources. One click can equal a thousand actions when you manage your network. Control Center can even manage beyond Extreme Networks switching, routing, and wireless hardware to deliver standards-based control of other vendors’ network equipment. Pairing assets with intelligent sensors to gather, analyze, and communicate data is driving enormous new efficiencies in manufacturing and business operations. Just as in the consumer markets, where the first generation of personal fitness monitors and smart home devices leverage data sets to influence and shape events in the physical world, so too are operational efficiencies borne by the Internet of Things (IoT) generating high returns in manufacturing. According to McKinsey, “business-to-business applications will account for nearly 70 percent of the value … from IoT in the next ten years.” The firm estimates that of the nearly $11 trillion a year in economic value generated globally, ‘nearly $5 trillion [will] be generated almost exclusively in B2B settings, including factories… such as those in manufacturing, agriculture, and even healthcare environments; work sites across mining, oil and gas, and construction; and, finally, offices.’ More informed decision-making and optimized operations across the extended supply chain are only some of the benefits. Wireless sensors, whether measuring hydrogen levels in the soil or temperature variables on the production line, are eliminating blind spots in traditional manufacturing processes and delivering a constant flow of data that optimize workflows. And while manufacturers have leveraged data in discrete applications for Manufacturing Execution Systems (MES) and Enterprise Manufacturing Intelligence (EMI) systems for years, the growth of sensors, real-time dashboards, cloud-applications, and mobile technologies are delivering new degrees of actionable intelligence to the precise location at the precise time it can be optimally leveraged. Yet this goal of seamlessly moving data across plant and business functions, and applying analytical tools to enable new insights, requires a new degree of visibility into the performance of manufacturing applications, networks, and systems. Traditionally monitoring tools used in factory environments are often isolated, closed, proprietary, and offer only a keyhole view of IT system performance.

1. Multi-Rate1,2.5,5,10GigabitEdgePoE++
Multi-RateSpineLeafDesign(10,25,40,50,100Gigabit)
X440-G2 (L3 - Value 1G to 10G)
PoE
Fiber
DC
Policy
 SummitStack-V (WITHOUT any
additional license required).
 Upgradeable 10GbE (PN 16542 or 16543).
 Policy built-in (simplicity with multi-auth).
EXOS 21.1 or
higher
Value with Automation
First Extreme
Switch to support
Cloud Value
X460-G2 (Advanced L3 1-40G) Multirate Option
PoE
Fiber
DC
Policy
Fit The Swiss Army Knife of Switches
Half Duplex
½ & ½
3 Models
This is where: 10G on
existing copper Cat5e
and Cat6 extend the
life of the installed
cable plant. Great for
1:N Convergence.
X620 (1OG Copper or Fiber)
Speed Next Gen Edge
Lowered TCO via
Limited Lifetime Warrantee
Wallplate AP
AP + Camera
Outdoor Wave 2
Multi-Gigabit
Wireless
High Density
-pack or Wedge
Facebook
ExtremeSupport
XoS
Platform
Config L2/L3
Analytics
Any OS
Any Bare Metal Switch
Policy
Disaggregated Switch
CAPEX or OPEX (you choose)?
Reduced Risk (just witness or take action)
Time is the critical Factor with XYZ Account Services...
Infrastructure
Businessmodel
Ownership
Considerations
Management
Location
 32 x 100Gb
 64 x 50Gb
 128 x 25Gb
 128 x 10Gb
 32 x 40Gb
96 x 10GbE Ports
(via4x10Gb breakout)
8 x 10/25/40/
50/100G
10G
Next Gen: Spine Leaf
X670 & X770 - Hyper Ethernet
Common Features
 Data Center Bridging (DCB) features
 Low ~600 nsec chipset latency in cut through mode.
 Same PSUs and Fans as X670s (Front to back or Back to
Front) AC or DC.
X670-G2 -72X (10GbE Spine Leaf) 72 10GbE
X670-48x-4q (10GbE Spine Leaf) 48 10GbE & 4 QSFP+
QSFP+
40G DAC
Extreme Feature Packs
Core
Edge
AVB
OpenFlow
Advance
Edge
1588 PTP
MPLS
Direct Attach
Optics License
Extreme Switches
include the license
they normally need.
Like any other
software platform
you have an
upgrade path.
QSPF28
100G DAC
Thin & Crunchy
XoS Platform with one track of software.
Speed with Features (Simple).
Metro Functionality like ATM or SONET
Flexible Horizontal or Vertical stacking
Purposed for Broadcom
(ASICs)
So What, Who cares?
Deliver XYZ Account, the
value of HP with the feature
function of Cisco.
XYZ Account Business Value
WhyExtreme?
Summit
Summit
Policy delivers automation..
Thick & Chewy
Know and control
the who, what, when, where and the user
experience across your XYZ Account
Network.
Control with insight...
WhyEnterasys?
XYZ Account Strategic Asset
Custom ASICs
S & K Series
Chantry
Motorola
Air
Defense
So What, Who cares?
Flow Based Switching
Simplicity w Policy
Wired and Wireless
100% insourced support
Today you get both
Control
So What, Who cares?
Fit
Speed
Unique
Value
Unique
Control
Summit G2
Yesterday - Cabletron Changed the game w Structured wiring
(remember Vampire taps, Coax ethernet ect.)
Today - Extreme Delivers Structured networking
Policy
Summit
Who?
Where?
When?
Whatdevice?
How?
QuarantineRemediate
Allow
Authentication
NAC Server
Summit
Netsite
Advanced
NAC Client
Joe Smith
XYZ Account
Access
Controlled
Subnet
Enforcement
Point
Network
Access
Control
This is where
if X + Y, then Z...
 LLDP-MED
 CDPv2
 ELRP
 ZTP
If user
matches a
defined
attribute
value
ACL
QoS
Then place
user into a
defined ROLE
A port is what it is because?This is where you easily Identify
the impact and Source of
Interference Problems.
Detailed Forensic Analysis
 Device, Threats, Associations,
Traffic, Signal and Location
Trends
 Record of Wireless Issues
Network Trend Analysis
 Historical Analysis of
Intermittent Wireless
Problems
 Performance Trends a
Spectrum Analysis for
Interference Detection
 Real-time Spectrograms
 Proactive Detection of
Application Impacting
Interference
Visualize RF Coverage
 Real-time RF Visualizations
 Proactive Monitoring and
Alerting of Coverage Problem
ADSP for faster Root Cause Forensic
Analysis for SECURITY & COMPLIANCE.
Event
Sequence
Classify
Interference
Sources
Side-by-side
Comparative
Analysis
Air Defense
Application
Experience
FullContext
App
App
Analytics
App
Stop the
finger-pointing
Application Network Response.
Flow or Bit
Bucket
Collector
3 million Flows
Sensors
X460 IPFix 4000 Flows
(2048 ingress, 2048 egress)
Sensor PV-FC-180, S or K Series (Core
Flow 2/ 1 Million Flows)
Flow-based Access Points
From the controller (8K Flows
per AP or C35 is 24K Flows)
Flows
Why not do this in the
network?
10110111011101110 101101110111011101
6 million Flows
Business Value
Context BW IP HTTP:// Apps
Platform Automation Control Experience Solution Framework
Is your network faster today than
it was 3 years ago? Going forward
it should deliver more, faster,
different
X430-G2 (L2 - 1G to 10G)
PoE
Distribute content
from a single source
to hundreds of displays
Ethernet as a Utility
(PoE)
Injectors
Up to 75
Watts
XYZ AccountXYZ Account
XYZ Account Network services delivering Converged Plant
wide Ethernet Architectures for manufacturing and
industrial environments
 Physical Security - limit physical access to authorized
personnel: areas, control panels, devices, cabling, and
control room - escort and track visitors.
 End-point Hardening - patch management, antivirus
software as well as removal of unused applications,
protocols, and services (IP or MAC-based Access
Control).
 Device Hardening - change management and
restrictive access (IEEE802.1x Access Control, RADIUS
and TACACS+).
Hardened Ethernet
4- 1G SFP
8- 10/100/1000 RJ-45
POE+
12 Port Switch
240 Watt PoE Budget
All Ports Active Simultaneously
-20 to + 70°C temperature range
Fan-less Free Air Convection
XYZ Account Network services delivering Converged Plant
wide Ethernet Architectures for manufacturing and
industrial environments
 Physical Security - limit physical access to authorized
personnel: areas, control panels, devices, cabling, and
control room - escort and track visitors.
 End-point Hardening - patch management, antivirus
software as well as removal of unused applications,
protocols, and services (IP or MAC-based Access
Control).
 Device Hardening - change management and
restrictive access (IEEE802.1x Access Control, RADIUS
and TACACS+).
Hardened Ethernet
4- 1G SFP
8- 10/100/1000 RJ-45
POE+
12 Port Switch
240 Watt PoE Budget
All Ports Active Simultaneously
-20 to + 70°C temperature range
Fan-less Free Air Convection
Old School Manufacturing Net (MAP)
Token bus was standardized by IEEE
standard 802.4. It was mainly used for
industrial applications.
 Token bus was used by General
Motors for their Manufacturing
Automation Protocol (MAP).
 This is an application of the
concepts used in token ring networks.
The main difference is that the
endpoints of the bus do not meet to
form a physical ring.
 The IEEE 802.4 Working Group is
disbanded and the standard has
been withdrawn by the IEEE.
Old School Manufacturing Net (MAP)
Token bus was standardized by IEEE
standard 802.4. It was mainly used for
industrial applications.
 Token bus was used by General
Motors for their Manufacturing
Automation Protocol (MAP).
 This is an application of the
concepts used in token ring networks.
The main difference is that the
endpoints of the bus do not meet to
form a physical ring.
 The IEEE 802.4 Working Group is
disbanded and the standard has
been withdrawn by the IEEE.
Networking Technologies in Manufacturing
The US market is dominated by the CIP
networks where Ethernet/IP is overtaking
Device Net in terms of market shares.
Runners-up are PROFIBUS and Ether CAT
 Fieldbuses most widely used type of
network with 66% of the market.
Industrial Ethernet networks - 34%
 Machine-to-machine (M2M) — essential
for smart factories and the largest
value driver for manufacturers.
 Embracing the Internet of Everything
to Capture Your Share of $14.4 Trillion,
Cisco white paper, February 2013.
– HMS Industrial Networks
Networking Technologies in Manufacturing
The US market is dominated by the CIP
networks where Ethernet/IP is overtaking
Device Net in terms of market shares.
Runners-up are PROFIBUS and Ether CAT
 Fieldbuses most widely used type of
network with 66% of the market.
Industrial Ethernet networks - 34%
 Machine-to-machine (M2M) — essential
for smart factories and the largest
value driver for manufacturers.
 Embracing the Internet of Everything
to Capture Your Share of $14.4 Trillion,
Cisco white paper, February 2013.
– HMS Industrial Networks
Automation on the Factory Floor
This is where, Proximity + Identity + Time = Contextual Insight. This deployment acts
as the technology enabler for the convergence of industrial and enterprise networks.
 KPIs - By gaining timely access to key performance indicators (KPIs) make business
decisions from real time information.
 Ethernet-to-the-Factory, provide users with the foundation for success to deploy
the latest technology.
 Recognize - There are cultural and technical challenges to network convergence.
Automation on the Factory Floor
This is where, Proximity + Identity + Time = Contextual Insight. This deployment acts
as the technology enabler for the convergence of industrial and enterprise networks.
 KPIs - By gaining timely access to key performance indicators (KPIs) make business
decisions from real time information.
 Ethernet-to-the-Factory, provide users with the foundation for success to deploy
the latest technology.
 Recognize - There are cultural and technical challenges to network convergence.
SCADA / PLCs (Plant Floor Challenges)
Where is SCADA used? When you move from a 3 tier
network - Device / Control / Info network – to
converged network – there are many variables
 When moving to a plant-wide Ethernet network,
more considerations (ie. Isolate or Segment
traffic – security, QOS Contain traffic in one
area).
 Sustaining Availability (keep the automation
and control systems operational) and Integrity -
protects data and systems from intentional or
accidental alteration.
 Customer Examples include Water and
Wastewater, Power, Oil and Gas, Research
facilities, Transportation, Security systems, Siren
systems, Irrigation, Communication control
SCADA / PLCs (Plant Floor Challenges)
Where is SCADA used? When you move from a 3 tier
network - Device / Control / Info network – to
converged network – there are many variables
 When moving to a plant-wide Ethernet network,
more considerations (ie. Isolate or Segment
traffic – security, QOS Contain traffic in one
area).
 Sustaining Availability (keep the automation
and control systems operational) and Integrity -
protects data and systems from intentional or
accidental alteration.
 Customer Examples include Water and
Wastewater, Power, Oil and Gas, Research
facilities, Transportation, Security systems, Siren
systems, Irrigation, Communication control
Manufacturing Technology Vendors
Adoption of standards-based technologies that eliminate
the need to support separate, closed, factory floor-
networks plus delivers an increase in plant flexibility and
accelerate moves, adds, and changes
 Schneider Electric, ABB, Legrand, Omron, Siemens,
Eaton, Cisco/Rockwell.
 Schneider Electric/Invensys is Extreme s biggest
customer in this vertical
 Extreme provides switches to Schneider for their
internal networks, and they bundle our switches for
them to OEM in their PLC (Programmable Logic
Controller) offerings to sell through distribution to their
integrators
Manufacturing Technology Vendors
Adoption of standards-based technologies that eliminate
the need to support separate, closed, factory floor-
networks plus delivers an increase in plant flexibility and
accelerate moves, adds, and changes
 Schneider Electric, ABB, Legrand, Omron, Siemens,
Eaton, Cisco/Rockwell.
 Schneider Electric/Invensys is Extreme s biggest
customer in this vertical
 Extreme provides switches to Schneider for their
internal networks, and they bundle our switches for
them to OEM in their PLC (Programmable Logic
Controller) offerings to sell through distribution to their
integrators
This is where, XYZ Account can segmenting plant floor networks from company wide
networks by using built-in VRs as an Industrial Demilitarized Zone (IDMZ) to separate
the network level between the Industrial and Enterprise Zones.
 Extreme automated security policy for helping secure manufacturing assets.
 IAM for defense-in-depth security approach that addresses internal security
threats with support for both wired and wireless access methods.
 Availability with 50 ms failover through Ethernet Rings with QoS buckets needs
to be applied as a service Ethernet like a MUX
Industrial Demilitarized Zone (IDMZ)
B
D E
C
A
B
D E
C
A
X
Spanning Tree Root Node
Or EAPS Master
FAILURE
B
D E
C
A
B
D E
C
A
B
D E
C
A
Spanning Tree Re-
Convergence Messages
 Complex & Slow
 Exponentially worse as more
nodes added
Recovered
Network
Healthy
Network
EAPS Re-
Convergence Messages
 Deterministic & Fast
 Simple scaling as more nodes
added
Failure
Re-convergence
Recovery
EAPS:
Simpler,
faster
Ethernet Rings
(without STP) SONET like
Ethernet Bus
Looks like
DMZ
VOIP
Guest
WiFi
VoIP
DMZ
WiFi
Guest
Guest
WiFi
VoIP
Guest
WiFi
VoIP
WiFi
VoIP
IP or MAC
IP or MAC
IP or MAC
IP or MAC
This is where, XYZ Account can segmenting plant floor networks from company wide
networks by using built-in VRs as an Industrial Demilitarized Zone (IDMZ) to separate
the network level between the Industrial and Enterprise Zones.
 Extreme automated security policy for helping secure manufacturing assets.
 IAM for defense-in-depth security approach that addresses internal security
threats with support for both wired and wireless access methods.
 Availability with 50 ms failover through Ethernet Rings with QoS buckets needs
to be applied as a service Ethernet like a MUX
Industrial Demilitarized Zone (IDMZ)
B
D E
C
A
B
D E
C
A
X
Spanning Tree Root Node
Or EAPS Master
FAILURE
B
D E
C
A
B
D E
C
A
B
D E
C
A
Spanning Tree Re-
Convergence Messages
 Complex & Slow
 Exponentially worse as more
nodes added
Recovered
Network
Healthy
Network
EAPS Re-
Convergence Messages
 Deterministic & Fast
 Simple scaling as more nodes
added
Failure
Re-convergence
Recovery
EAPS:
Simpler,
faster
Ethernet Rings
(without STP) SONET like
Ethernet Bus
Looks like
DMZ
VOIP
Guest
WiFi
VoIP
DMZ
WiFi
Guest
Guest
WiFi
VoIP
Guest
WiFi
VoIP
WiFi
VoIP
IP or MAC
IP or MAC
IP or MAC
IP or MAC
Multi-discipline Industrial Network Convergence.
Ethernet with ATM like QoS delivers toll-
quality voice even under adverse congestion
conditions...
 low latency (.1ms),
 low jitter (.01ms)
 zero packet loss
Disparate V Single Technology
Vertically To Horizontally
VoiceVideo
Sensor
PlantSiteNetwork
I/ONetwork
SafetyNetwork
DriveNetwork
Switching & Routing
Enhanced Services
Performance w features turned on.
L2 SONET Like convergence
Multi-discipline Industrial Network Convergence.
Ethernet with ATM like QoS delivers toll-
quality voice even under adverse congestion
conditions...
 low latency (.1ms),
 low jitter (.01ms)
 zero packet loss
Disparate V Single Technology
Vertically To Horizontally
VoiceVideo
Sensor
PlantSiteNetwork
I/ONetwork
SafetyNetwork
DriveNetwork
Switching & Routing
Enhanced Services
Performance w features turned on.
L2 SONET Like convergence
Implementing CIP Sync time synchronization on Ethernet/IP utilizing 1EEE 1588
precision time protocol (PTP): Transparent Clock and Boundary Clock Embedded
switch technology - Transparent Clock - Ring and Linear topologies
 Real-time updates and alerts & Schedule/event triggers
 Interactive venue maps & Point of interest filters
 Wayfinding or Guest location discovery
1588 precision time protocol (PTP):
BEACONS
WI-FI
GPS
Implementing CIP Sync time synchronization on Ethernet/IP utilizing 1EEE 1588
precision time protocol (PTP): Transparent Clock and Boundary Clock Embedded
switch technology - Transparent Clock - Ring and Linear topologies
 Real-time updates and alerts & Schedule/event triggers
 Interactive venue maps & Point of interest filters
 Wayfinding or Guest location discovery
1588 precision time protocol (PTP):
BEACONS
WI-FI
GPS
In a plant, it is not just about data...
Extreme becomes an enabler with open secure
Infrastructure with integrated control and
information. Industrial Networks Needs
 Better asset utilization - lean initiatives
(training, support, and inventory)Capture &
Record every application flow network-wide
>100M Sessions (Quickly Identify Network vs.
Application Performance Problems).
 One Common network through converged
Extreme technologies (information sharing,
common design).
 Mobility - Measure and Trend Application
Behavior to maximize investments and
minimize risks
Status
updates from
the cloud
Everything
has a URL
Cameras
Energy Control
Sensors
Zero Config
Mobility
Automated
alerts
In a plant, it is not just about data...
Extreme becomes an enabler with open secure
Infrastructure with integrated control and
information. Industrial Networks Needs
 Better asset utilization - lean initiatives
(training, support, and inventory)Capture &
Record every application flow network-wide
>100M Sessions (Quickly Identify Network vs.
Application Performance Problems).
 One Common network through converged
Extreme technologies (information sharing,
common design).
 Mobility - Measure and Trend Application
Behavior to maximize investments and
minimize risks
Status
updates from
the cloud
Everything
has a URL
Cameras
Energy Control
Sensors
Zero Config
Mobility
Automated
alerts
XYZ Account Network services delivering Converged Plant
wide Ethernet Architectures for manufacturing and
industrial environments
 Physical Security - limit physical access to authorized
personnel: areas, control panels, devices, cabling, and
control room - escort and track visitors.
 End-point Hardening - patch management, antivirus
software as well as removal of unused applications,
protocols, and services (IP or MAC-based Access
Control).
 Device Hardening - change management and
restrictive access (IEEE802.1x Access Control, RADIUS
and TACACS+).
Hardened Ethernet
4- 1G SFP
8- 10/100/1000 RJ-45
POE+
12 Port Switch
240 Watt PoE Budget
All Ports Active Simultaneously
-20 to + 70°C temperature range
Fan-less Free Air Convection
Old School Manufacturing Net (MAP)
Token bus was standardized by IEEE
standard 802.4. It was mainly used for
industrial applications.
 Token bus was used by General
Motors for their Manufacturing
Automation Protocol (MAP).
 This is an application of the
concepts used in token ring networks.
The main difference is that the
endpoints of the bus do not meet to
form a physical ring.
 The IEEE 802.4 Working Group is
disbanded and the standard has
been withdrawn by the IEEE.
Networking Technologies in Manufacturing
The US market is dominated by the CIP
networks where Ethernet/IP is overtaking
Device Net in terms of market shares.
Runners-up are PROFIBUS and Ether CAT
 Fieldbuses most widely used type of
network with 66% of the market.
Industrial Ethernet networks - 34%
 Machine-to-machine (M2M) — essential
for smart factories and the largest
value driver for manufacturers.
 Embracing the Internet of Everything
to Capture Your Share of $14.4 Trillion,
Cisco white paper, February 2013.
– HMS Industrial Networks
Automation on the Factory Floor
This is where, Proximity + Identity + Time = Contextual Insight. This deployment acts
as the technology enabler for the convergence of industrial and enterprise networks.
 KPIs - By gaining timely access to key performance indicators (KPIs) make business
decisions from real time information.
 Ethernet-to-the-Factory, provide users with the foundation for success to deploy
the latest technology.
 Recognize - There are cultural and technical challenges to network convergence.
SCADA / PLCs (Plant Floor Challenges)
Where is SCADA used? When you move from a 3 tier
network - Device / Control / Info network – to
converged network – there are many variables
 When moving to a plant-wide Ethernet network,
more considerations (ie. Isolate or Segment
traffic – security, QOS Contain traffic in one
area).
 Sustaining Availability (keep the automation
and control systems operational) and Integrity -
protects data and systems from intentional or
accidental alteration.
 Customer Examples include Water and
Wastewater, Power, Oil and Gas, Research
facilities, Transportation, Security systems, Siren
systems, Irrigation, Communication control
Manufacturing Technology Vendors
Adoption of standards-based technologies that eliminate
the need to support separate, closed, factory floor-
networks plus delivers an increase in plant flexibility and
accelerate moves, adds, and changes
 Schneider Electric, ABB, Legrand, Omron, Siemens,
Eaton, Cisco/Rockwell.
 Schneider Electric/Invensys is Extreme s biggest
customer in this vertical
 Extreme provides switches to Schneider for their
internal networks, and they bundle our switches for
them to OEM in their PLC (Programmable Logic
Controller) offerings to sell through distribution to their
integrators
This is where, XYZ Account can segmenting plant floor networks from company wide
networks by using built-in VRs as an Industrial Demilitarized Zone (IDMZ) to separate
the network level between the Industrial and Enterprise Zones.
 Extreme automated security policy for helping secure manufacturing assets.
 IAM for defense-in-depth security approach that addresses internal security
threats with support for both wired and wireless access methods.
 Availability with 50 ms failover through Ethernet Rings with QoS buckets needs
to be applied as a service Ethernet like a MUX
Industrial Demilitarized Zone (IDMZ)
B
D E
C
A
B
D E
C
A
X
Spanning Tree Root Node
Or EAPS Master
FAILURE
B
D E
C
A
B
D E
C
A
B
D E
C
A
Spanning Tree Re-
Convergence Messages
 Complex & Slow
 Exponentially worse as more
nodes added
Recovered
Network
Healthy
Network
EAPS Re-
Convergence Messages
 Deterministic & Fast
 Simple scaling as more nodes
added
Failure
Re-convergence
Recovery
EAPS:
Simpler,
faster
Ethernet Rings
(without STP) SONET like
Ethernet Bus
Looks like
DMZ
VOIP
Guest
WiFi
VoIP
DMZ
WiFi
Guest
Guest
WiFi
VoIP
Guest
WiFi
VoIP
WiFi
VoIP
IP or MAC
IP or MAC
IP or MAC
IP or MAC
Multi-discipline Industrial Network Convergence.
Ethernet with ATM like QoS delivers toll-
quality voice even under adverse congestion
conditions...
 low latency (.1ms),
 low jitter (.01ms)
 zero packet loss
Disparate V Single Technology
Vertically To Horizontally
VoiceVideo
Sensor
PlantSiteNetwork
I/ONetwork
SafetyNetwork
DriveNetwork
Switching & Routing
Enhanced Services
Performance w features turned on.
L2 SONET Like convergence
Implementing CIP Sync time synchronization on Ethernet/IP utilizing 1EEE 1588
precision time protocol (PTP): Transparent Clock and Boundary Clock Embedded
switch technology - Transparent Clock - Ring and Linear topologies
 Real-time updates and alerts & Schedule/event triggers
 Interactive venue maps & Point of interest filters
 Wayfinding or Guest location discovery
1588 precision time protocol (PTP):
BEACONS
WI-FI
GPS
In a plant, it is not just about data...
Extreme becomes an enabler with open secure
Infrastructure with integrated control and
information. Industrial Networks Needs
 Better asset utilization - lean initiatives
(training, support, and inventory)Capture &
Record every application flow network-wide
>100M Sessions (Quickly Identify Network vs.
Application Performance Problems).
 One Common network through converged
Extreme technologies (information sharing,
common design).
 Mobility - Measure and Trend Application
Behavior to maximize investments and
minimize risks
Status
updates from
the cloud
Everything
has a URL
Cameras
Energy Control
Sensors
Zero Config
Mobility
Automated
alerts

2. Heading
XYZ Account 2016 DesignExtremeEdgePoE
ExtremeCore10G
2016 Design
1G 2.5G/5G 10G 40G
Jeff Green
2016
Rev. 1
Florida
Legend
Legend
PoE
802.3at (PoE+)
Cat5e
30W
30W30W
60W
UPOE
No Cabling Change from PoE+
Cat5e
NBASE-T Alliance Copper Max Distances
Cat 7 Shielded 100 m
Cat 6a Shielded 100 m
Cat 6a Unshielded 100 m
Cat 6 Shielded** 100 m
Cat 6 Unshielded** 55 m
Need Correct
UTP, Patch Panel
and Adapter.
known as IEEE 802.3bz
Greenfield - Cat 6a (2.5, 5G & 10G) 100m
Cat 6 (2.5G, 5G & 10G) 55m
Brownfield - Cat 5e (2.5&5G) 100M
Requires X620 or
X460 Switch for
Multi-rate Support
plus Client that
supports Multi-rate.
10G Passive (PN 10306 ~ 5m, 10307~ 10M)
10G SFP+ Active copper cable (upto 100m)
40G Passive (PN 10321 ~3m, 10323~ 5m)
40G Active (PN 10315~10M, 10316 ~20m, 10318~ 100m)
40G Fan-out (PN 10321 ~3m, 10322 ~5m, PN 10GB-4-
F10-QSFP ~10m, PN 10GB-4-F20-QSFP ~20m, )
10G Passive (PN 10304 ~1m, 10305~3m, 10306~5m)
SFP+ DAC Cables
QSFP+ DAC Cables
10 LRM 220m (720ft/plus mode conditioning) (PN 10303)
10GBASE-T over Class E Cat 6 (55M) (10G)
10GBASE-T over Class E Cat 6a or 7 (100M) (10G)
10 SR over OM3 (300M) or OM4 (400M) (PN 10301)
10 LR over single mode (10KM) 1310nm (PN 10302)
10 ER over single mode (40KM) 1550nm (PN 10309)
10 ZR over single mode (80KM) 1550nm (PN 10310)
802.3bz 10GBASE-T (100M) for Cat 6 (5G)
10G Fiber
10G Copper
802.3bz 10GBASE-T (100M) for Cat 5e (2.5G)
OM3 50 µm (550m/SX) Laser, LC (PN 10051H)
OM1 62.5 µm (FDDI 220m/OM1, LC (PN 10051H)
OM2 62.5 µm (ATM 275m/OM2), LC (PN 10051H)
OM4 50 µm (550m/SX) 2Km, LC (PN 10051H)
1G Fiber (50 µm)
1G Fiber (62.5 µm)
Single-fiber
transmission uses
only one strand of
fiber for both
transmit and
receive (1310nm
and 1490nm for
1Gbps; 1310nm and
1550nm for
100Mbps)
LX (MMF 220 & 550m), SMF 10km, LC (PN 10052H)
ZX SMF 70km, LC (PN 10053H)
10/100/1000 (UTP to 100m) SFP (PN 1070H)
SR4 at least 100 m OM3 MMF (PN 10319)
SR4 at least 125 m OM4 MMF (PN 10319)
LR4 at least 10 km SMF, LC (PN 10320)
LM4 140m MMF or 1kM SMF, LC (PN 10334)
Optics
Optics +
Fan-out
Fiber Cable
QSFP-SFPP-ADPTQSFP-SFPP-ADPT – QSFP to SFP+ adapter
ER4 40km SMF, LC (PN 10335) Internal CWDM
transits four wavelengths over single fiber.
MPO to 4 x LC Fanout 10m (PN 10327) for use
with (PN 10326) MPO to 4 x LC duplex
connectors, SMF
LR4 Parallel SM, 10km SMF, MPO (PN 10326)
25/50/100G
CR10 > 10 m over copper cable (10x10 Gb/s /Twinax (7M))
SR10 > 100 m over OM3 MMF (10x10 Gb/s / Multimode (100M))
SR10 > 125 m over OM4 MMF (10x10 Gb/s/ (100M) Data Center)
LR4 > 10 km over SMF (4x25 Gb/s SMF/WDM (10km) Campus)
ER4 > 40 km over SMF (4x25 Gb/s SMF/WDM (40km) Metro)
Optics and DAC Cables
Extreme Networks will restrict the integration of non-qualified 3rd party optical devices within 40G and 100G product environments,
unless you purchase the EXOS 3rd Party 40G/100G Optics feature license to allow such integration.
Proprietary got you Keyed Optics
ModelNumber Description
10GB-LR271-SFPP 10Gb CWDM LR, SM, Channel 1271nm, LC
10GB-LR291-SFPP 10Gb CWDM LR, SM, Channel 1291nm, LC
10GB-LR311-SFPP 10Gb CWDM LR, SM, Channel 1311nm, LC
10GB-LR331-SFPP 10Gb CWDM LR, SM, Channel 1331nm, LC
MUX-CWDM-01 4 Channel O-Band CWDM Mux/Demux
MUX-RACK-01 Rack mount kit for MUX-CWDM-01
40GB-LR4-QSFP 40Gb 40GBASE-LR4, SM 10Km, LC
CWDM
MUX-CWDM-01
DACs
Notes:
Collapsed (1-tier) Spine
Summit Summit
Spine
Leaf
Storage
Summit
Management
Storage
Summit
Storage
Summit
Storage
Summit
Storage
Summit
Storage
Summit
Summit Summit
4 x 72 =248 10Gs
Preparation Netsite Operation
Motion
Each network-tier adds another
two hops, which adds latency.
Latency can impact system
performance and CPU cycles.
FCOE looks like legacy Fibre
Channel and eliminates the
processing overhead associated w
TCP/IP.
Ultralow Latency
Non-Blocking,
Lossless Fabric,
Lossless Ethernet,
Virtualization,
Convergence 2.0
(Microseconds')
Collapsed (1-tier) Spine
Summit Summit
Spine
Leaf
Storage
Summit
Management
Storage
Summit
Storage
Summit
Storage
Summit
Storage
Summit
Storage
Summit
Summit Summit
4 x 72 =248 10Gs
Preparation Netsite Operation
Motion
Each network-tier adds another
two hops, which adds latency.
Latency can impact system
performance and CPU cycles.
FCOE looks like legacy Fibre
Channel and eliminates the
processing overhead associated w
TCP/IP.
Ultralow Latency
Non-Blocking,
Lossless Fabric,
Lossless Ethernet,
Virtualization,
Convergence 2.0
(Microseconds')
Traditional control
LDAP NAC DHCP Radius Captive
Portal
DNS MDMLDAP NAC DHCP Radius Captive
Portal
DNS MDM
XYZ Account ServicesUser Repositories or Corporate Control
LDAP NAC DHCP Radius Captive
Portal
DNS MDM
XYZ Account ServicesUser Repositories or Corporate Control
NAC
Analytics
Netsite
Extreme (Wired and wireless) Control
Cloud Based control
On-prim / off-prim
Traditional control
LDAP NAC DHCP Radius Captive
Portal
DNS MDM
XYZ Account ServicesUser Repositories or Corporate Control
NAC
Analytics
Netsite
Extreme (Wired and wireless) Control
Cloud Based control
On-prim / off-prim
Extreme and selected microwave gear
In the Extreme Networks microwave transportation implementation, there were several options for the L2 hello protocol that
would satisfy the reliability requirements. The two primary options considered were 802.1AG Continuity Check Messages (CCM)
and Extreme Link Status Monitoring (ELSM). The architecture of the microwave radios and the virtual chassis at each
location is critical so that no single point of failure can impact the mission.
 Flap Timers: The Extreme Networks implementation of G.8032 incorporates flap-timers to mitigate the network impact of
high-speed failure/recovery operations within the network. For example, if a crane were to spin around near to a roof-top
microwave transmitter, the link might fluctuate as the crane spun into and out of the microwave signal. In a lesser network
design the link would flap which means it would fail and restore constantly and might potentially cause an interruption of
service each time the link flapped.
 Spanning Tree to Slow: In implementations such as spanning tree convergence might be slow enough that the network would
remain out of service as the link fluctuated. After some engineering discussion it was determined to set the programmable
G.8032 wait-to-restore timer to five seconds.
 Hello Protocols: Since microwave link failures can find their origin in thunderstorms, fog, ice, intermediate transport domain
failures, or even moving machinery, each link in the network must have a hello protocol implemented which enables the
detection of logical faults. On a LAG port, these hello timers must operate on each link of the LAG. This means that the link
is now intelligent enough to wait until the physical link has been stable for 5000ms before moving traffic onto it. By the way,
this is why G.8032 restorals are so lightning fast.
Extreme and selected microwave gear
In the Extreme Networks microwave transportation implementation, there were several options for the L2 hello protocol that
would satisfy the reliability requirements. The two primary options considered were 802.1AG Continuity Check Messages (CCM)
and Extreme Link Status Monitoring (ELSM). The architecture of the microwave radios and the virtual chassis at each
location is critical so that no single point of failure can impact the mission.
 Flap Timers: The Extreme Networks implementation of G.8032 incorporates flap-timers to mitigate the network impact of
high-speed failure/recovery operations within the network. For example, if a crane were to spin around near to a roof-top
microwave transmitter, the link might fluctuate as the crane spun into and out of the microwave signal. In a lesser network
design the link would flap which means it would fail and restore constantly and might potentially cause an interruption of
service each time the link flapped.
 Spanning Tree to Slow: In implementations such as spanning tree convergence might be slow enough that the network would
remain out of service as the link fluctuated. After some engineering discussion it was determined to set the programmable
G.8032 wait-to-restore timer to five seconds.
 Hello Protocols: Since microwave link failures can find their origin in thunderstorms, fog, ice, intermediate transport domain
failures, or even moving machinery, each link in the network must have a hello protocol implemented which enables the
detection of logical faults. On a LAG port, these hello timers must operate on each link of the LAG. This means that the link
is now intelligent enough to wait until the physical link has been stable for 5000ms before moving traffic onto it. By the way,
this is why G.8032 restorals are so lightning fast.
CJIS & FIPS-140
RELIABILITY TO GO:
NETMOTION WIRELESS
MOBILITY XE MOBILE VPN Introduce a separate control plane to Ensure that users are
authorized is of greater concern in a mobile deployment where
devices can more easily be misplaced, lost or stolen.
 CJIS Authentication -Law enforcement agencies face
increasingly stringent requirements for authentication, which
is required to access federal criminal databases
 FIPS 140-2 validated AES encryption secures data sessions as
devices traverse networks.
 Persistence through coverage gaps, areas of weak signal
strength, or when users suspend their devices; applications
pause, then resume when a connection returns.
CJIS & FIPS-140
RELIABILITY TO GO:
NETMOTION WIRELESS
MOBILITY XE MOBILE VPN Introduce a separate control plane to Ensure that users are
authorized is of greater concern in a mobile deployment where
devices can more easily be misplaced, lost or stolen.
 CJIS Authentication -Law enforcement agencies face
increasingly stringent requirements for authentication, which
is required to access federal criminal databases
 FIPS 140-2 validated AES encryption secures data sessions as
devices traverse networks.
 Persistence through coverage gaps, areas of weak signal
strength, or when users suspend their devices; applications
pause, then resume when a connection returns.
Video Arraignment
Why Extreme for Smart City? Every WLAN We Design Must
Support Real-Time Applications delivering more real-time
access to information, better collaboration & enhanced
situational awareness.
 Increase security for Public safety with built-in NAC
perimeter control.
 Decrease operational expense through policy
automation Implement interoperability among agencies
 Better control City infrastructure upgrades, featuring
L2 failover and hardening for emergency/disaster
readiness
Legislative / Courts Infrastructure
Video Arraignment
Why Extreme for Smart City? Every WLAN We Design Must
Support Real-Time Applications delivering more real-time
access to information, better collaboration & enhanced
situational awareness.
 Increase security for Public safety with built-in NAC
perimeter control.
 Decrease operational expense through policy
automation Implement interoperability among agencies
 Better control City infrastructure upgrades, featuring
L2 failover and hardening for emergency/disaster
readiness
Legislative / Courts Infrastructure

3. Heading
XYZ Account 2016 DesignExtremeEdgePoE
ExtremeCore10G
2016 Design
1G 2.5G/5G 10G 40G
Jeff Green
2016
Rev. 1
Florida
Legend
Legend
PoE
802.3at (PoE+)
Cat5e
30W
30W30W
60W
UPOE
No Cabling Change from PoE+
Cat5e
NBASE-T Alliance Copper Max Distances
Cat 7 Shielded 100 m
Cat 6a Shielded 100 m
Cat 6a Unshielded 100 m
Cat 6 Shielded** 100 m
Cat 6 Unshielded** 55 m
Need Correct
UTP, Patch Panel
and Adapter.
known as IEEE 802.3bz
Greenfield - Cat 6a (2.5, 5G & 10G) 100m
Cat 6 (2.5G, 5G & 10G) 55m
Brownfield - Cat 5e (2.5&5G) 100M
Requires X620 or
X460 Switch for
Multi-rate Support
plus Client that
supports Multi-rate.
10G Passive (PN 10306 ~ 5m, 10307~ 10M)
10G SFP+ Active copper cable (upto 100m)
40G Passive (PN 10321 ~3m, 10323~ 5m)
40G Active (PN 10315~10M, 10316 ~20m, 10318~ 100m)
40G Fan-out (PN 10321 ~3m, 10322 ~5m, PN 10GB-4-
F10-QSFP ~10m, PN 10GB-4-F20-QSFP ~20m, )
10G Passive (PN 10304 ~1m, 10305~3m, 10306~5m)
SFP+ DAC Cables
QSFP+ DAC Cables
10 LRM 220m (720ft/plus mode conditioning) (PN 10303)
10GBASE-T over Class E Cat 6 (55M) (10G)
10GBASE-T over Class E Cat 6a or 7 (100M) (10G)
10 SR over OM3 (300M) or OM4 (400M) (PN 10301)
10 LR over single mode (10KM) 1310nm (PN 10302)
10 ER over single mode (40KM) 1550nm (PN 10309)
10 ZR over single mode (80KM) 1550nm (PN 10310)
802.3bz 10GBASE-T (100M) for Cat 6 (5G)
10G Fiber
10G Copper
802.3bz 10GBASE-T (100M) for Cat 5e (2.5G)
OM3 50 µm (550m/SX) Laser, LC (PN 10051H)
OM1 62.5 µm (FDDI 220m/OM1, LC (PN 10051H)
OM2 62.5 µm (ATM 275m/OM2), LC (PN 10051H)
OM4 50 µm (550m/SX) 2Km, LC (PN 10051H)
1G Fiber (50 µm)
1G Fiber (62.5 µm)
Single-fiber
transmission uses
only one strand of
fiber for both
transmit and
receive (1310nm
and 1490nm for
1Gbps; 1310nm and
1550nm for
100Mbps)
LX (MMF 220 & 550m), SMF 10km, LC (PN 10052H)
ZX SMF 70km, LC (PN 10053H)
10/100/1000 (UTP to 100m) SFP (PN 1070H)
SR4 at least 100 m OM3 MMF (PN 10319)
SR4 at least 125 m OM4 MMF (PN 10319)
LR4 at least 10 km SMF, LC (PN 10320)
LM4 140m MMF or 1kM SMF, LC (PN 10334)
Optics
Optics +
Fan-out
Fiber Cable
QSFP-SFPP-ADPTQSFP-SFPP-ADPT – QSFP to SFP+ adapter
ER4 40km SMF, LC (PN 10335) Internal CWDM
transits four wavelengths over single fiber.
MPO to 4 x LC Fanout 10m (PN 10327) for use
with (PN 10326) MPO to 4 x LC duplex
connectors, SMF
LR4 Parallel SM, 10km SMF, MPO (PN 10326)
25/50/100G
CR10 > 10 m over copper cable (10x10 Gb/s /Twinax (7M))
SR10 > 100 m over OM3 MMF (10x10 Gb/s / Multimode (100M))
SR10 > 125 m over OM4 MMF (10x10 Gb/s/ (100M) Data Center)
LR4 > 10 km over SMF (4x25 Gb/s SMF/WDM (10km) Campus)
ER4 > 40 km over SMF (4x25 Gb/s SMF/WDM (40km) Metro)
Optics and DAC Cables
Extreme Networks will restrict the integration of non-qualified 3rd party optical devices within 40G and 100G product environments,
unless you purchase the EXOS 3rd Party 40G/100G Optics feature license to allow such integration.
Proprietary got you Keyed Optics
ModelNumber Description
10GB-LR271-SFPP 10Gb CWDM LR, SM, Channel 1271nm, LC
10GB-LR291-SFPP 10Gb CWDM LR, SM, Channel 1291nm, LC
10GB-LR311-SFPP 10Gb CWDM LR, SM, Channel 1311nm, LC
10GB-LR331-SFPP 10Gb CWDM LR, SM, Channel 1331nm, LC
MUX-CWDM-01 4 Channel O-Band CWDM Mux/Demux
MUX-RACK-01 Rack mount kit for MUX-CWDM-01
40GB-LR4-QSFP 40Gb 40GBASE-LR4, SM 10Km, LC
CWDM
MUX-CWDM-01
DACs
Notes:
vMAN untagged vMAN Tagged
I/O I/OPort Port
Content
Two Scheduling Algorithms
 Strict Priority
 CIR/PR bandwidth based control
Packet Classification
 Any data field could be used to
classify the packet
 Classify all packet types:
untagged, single-tagged or double
tagged
Carrier-Class Availability
 H/W: 1:1 MSM
 S/W: Hitless Failover/Upgrades
 Network: EAPS
Flexible VLAN/vMAN handling (remapping/
translation) functionality
 Ingress remapping
 Egress translation
 NNI translation
Video
Source
Video
Source
HD TV
TVoD, VoD
Video
Source
Video
Source
Voice
gateway
Voice/Video
Telephony
Data Center
Backup, ERP
Internet
Video
Source
Video
Source
HD TV
TVoD, VoD
Video
Source
Video
Source
Voice
gateway
Voice/Video
Telephony
Data Center
Backup, ERP
Internet
Simplicity may enable XYZ Account s next killer app
Today no single technology can drive this trillion dollar market forward
However, today s complex network environments delay the deployment of new technology while inflicting
more and more support cost each year.
The world is converging on IP & Ethernet.
After all technology convergence should produce simplicity.
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Multi-Switch LAG
MLAG Operation – Looks like one big switch to remote sites. Extreme can deliver XYZ Account a networking
solution tp meet today s requirements of time, cost, security and service level?
 Combine ports on two switches to form a single logical connection
 The remote end of the connection can be either a server or a switch. Configured with a regular LAG (or
appropriate server port teaming) to form the port aggregation (e.g. no STP type of port blocking).
 Basic operation requires 2 ExtremeXOS switches interconnected by an Inter-Switch connection (ISC)
Service
1
Service
2
ISCISCSwitch 1 Switch 2
XYZ Account
Services anywhere...
Multi-Switch LAG
MLAG Operation – Looks like one big switch to remote sites. Extreme can deliver XYZ Account a networking
solution tp meet today s requirements of time, cost, security and service level?
 Combine ports on two switches to form a single logical connection
 The remote end of the connection can be either a server or a switch. Configured with a regular LAG (or
appropriate server port teaming) to form the port aggregation (e.g. no STP type of port blocking).
 Basic operation requires 2 ExtremeXOS switches interconnected by an Inter-Switch connection (ISC)
Service
1
Service
2
ISCSwitch 1 Switch 2
XYZ Account
Services anywhere...
LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAGLAGLAGLAGLAGLAGLAGLAG LAG LAG LAG LAG LAG LAG LAG LAG LAG LAGLAGLAGLAG
LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAG LAGLAGLAGLAGLAGLAGLAGLAGLAG LAG LAG LAG LAG LAG LAG LAG LAG LAG LAGLAGLAGLAG
L2
L3
L2
L3
L2
L3
L2
L3
XYZ Account Design Requirements
 Ensure business and operational continuity
(Ensure long term consistency).
 Reduce overall costs (Ensure long term
investment protection).
 Minimize transformation risks (Improve level of
service).
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Remote
Server
Single
SSID
Multi-Switch LAG
MLAG Operation – Looks like one big switch to remote sites. Extreme can deliver XYZ Account a networking
solution tp meet today s requirements of time, cost, security and service level?
 Combine ports on two switches to form a single logical connection
 The remote end of the connection can be either a server or a switch. Configured with a regular LAG (or
appropriate server port teaming) to form the port aggregation (e.g. no STP type of port blocking).
 Basic operation requires 2 ExtremeXOS switches interconnected by an Inter-Switch connection (ISC)
Service
1
Service
2
ISCSwitch 1 Switch 2
XYZ Account
Services anywhere...
LAG LAG LAG LAG LAG LAG LAG LAG LAG LAG LAGLAGLAGLAG
LAG LAG LAG LAG LAG LAG LAG LAG LAG LAG LAGLAGLAGLAG
L2
L3
L2
L3
XYZ Account Design Requirements
 Ensure business and operational continuity
(Ensure long term consistency).
 Reduce overall costs (Ensure long term
investment protection).
 Minimize transformation risks (Improve level of
service).
Single SSID
10GbE Link
SummitStack-160SummitStack-160
This is where, X460s will be connected QSPF Direct
Attach Cables (DAC) for a total of 160GbE of
stacking.
 Each switch would have a single 10GbE fiber
connection using either LR (10Km or less), ER
(40Km or less), or ZR (80Km or less) for ring
redundancy. A total of two (2) 10GbE links per
school built on a ring topology.
 The X460-G2-10G supports IEEE 802.1 Audio Video
Bridging to enable reliable, real-time audio/
video transmission over Ethernet. AVB technology
delivers the quality of service required for
today s high-definition and time-sensitive
multimedia streams.
 7The Summit X460-G2-10G supports SDN Openflow
in addition to NetFlow and IPFix.
Single SSID
10GbE Link
SummitStack-160
This is where, X460s will be connected QSPF Direct
Attach Cables (DAC) for a total of 160GbE of
stacking.
 Each switch would have a single 10GbE fiber
connection using either LR (10Km or less), ER
(40Km or less), or ZR (80Km or less) for ring
redundancy. A total of two (2) 10GbE links per
school built on a ring topology.
 The X460-G2-10G supports IEEE 802.1 Audio Video
Bridging to enable reliable, real-time audio/
video transmission over Ethernet. AVB technology
delivers the quality of service required for
today s high-definition and time-sensitive
multimedia streams.
 7The Summit X460-G2-10G supports SDN Openflow
in addition to NetFlow and IPFix.
X460 Analytics lite Option 1)
Single SSID
10GbE Link
SummitStack-160
This is where, X460s will be connected QSPF Direct
Attach Cables (DAC) for a total of 160GbE of
stacking.
 Each switch would have a single 10GbE fiber
connection using either LR (10Km or less), ER
(40Km or less), or ZR (80Km or less) for ring
redundancy. A total of two (2) 10GbE links per
school built on a ring topology.
 The X460-G2-10G supports IEEE 802.1 Audio Video
Bridging to enable reliable, real-time audio/
video transmission over Ethernet. AVB technology
delivers the quality of service required for
today s high-definition and time-sensitive
multimedia streams.
 7The Summit X460-G2-10G supports SDN Openflow
in addition to NetFlow and IPFix.
X460 Analytics lite Option 1)
Single SSIDSingle SSID
SSA Analytics (Option 2)
2-10GbE VSB Links
10GbE Link
 Virtual Switch Bonding (VSB) for
Redundancy at the Edge. Advanced
Routing featuring LSNAT (Load Sharing
Network Address Translation) for load
balancing of clustered assets.
 1 Million Flows of Unsampled NetFlow for
Data Analytics collection.
 MACsec Encryption to maintain
confidentiality of transmitted data and to
take measures against frames transmitted
or modified by unauthorized devices.
SSA-180 at the XYZ Account Edge...
Single SSID
SSA Analytics (Option 2)
2-10GbE VSB Links
10GbE Link
 Virtual Switch Bonding (VSB) for
Redundancy at the Edge. Advanced
Routing featuring LSNAT (Load Sharing
Network Address Translation) for load
balancing of clustered assets.
 1 Million Flows of Unsampled NetFlow for
Data Analytics collection.
 MACsec Encryption to maintain
confidentiality of transmitted data and to
take measures against frames transmitted
or modified by unauthorized devices.
SSA-180 at the XYZ Account Edge...
Single SSID
Industrial Edge w PoE (Option 3)
4- 1G SFP
8- 10/100 RJ-45 POE+
12 Port Switch
240 Watt PoE Budget
Single SSID
Industrial Edge w PoE (Option 3)
4- 1G SFP
8- 10/100 RJ-45 POE+
12 Port Switch
240 Watt PoE Budget
Single SSID
Wave 2 Multirate Edge w PoE++ (Option 4)
This is where: 10G on
existing copper Cat5e
and Cat6 extend the
life of the installed
cable plant. Great for
1:N Convergence.
X620 (1OG Copper or Fiber)
Speed Next Gen Edge
Lowered TCO via
Limited Lifetime Warrantee
Single SSID
Wave 2 Multirate Edge w PoE++ (Option 4)
This is where: 10G on
existing copper Cat5e
and Cat6 extend the
life of the installed
cable plant. Great for
1:N Convergence.
X620 (1OG Copper or Fiber)
Speed Next Gen Edge
Lowered TCO via
Limited Lifetime Warrantee
Single SSID
10GbE Link
SummitStack-160
This is where, X460s will be connected QSPF Direct
Attach Cables (DAC) for a total of 160GbE of
stacking.
 Each switch would have a single 10GbE fiber
connection using either LR (10Km or less), ER
(40Km or less), or ZR (80Km or less) for ring
redundancy. A total of two (2) 10GbE links per
school built on a ring topology.
 The X460-G2-10G supports IEEE 802.1 Audio Video
Bridging to enable reliable, real-time audio/
video transmission over Ethernet. AVB technology
delivers the quality of service required for
today s high-definition and time-sensitive
multimedia streams.
 7The Summit X460-G2-10G supports SDN Openflow
in addition to NetFlow and IPFix.
X460 Analytics lite Option 1)
Single SSID
SSA Analytics (Option 2)
2-10GbE VSB Links
10GbE Link
 Virtual Switch Bonding (VSB) for
Redundancy at the Edge. Advanced
Routing featuring LSNAT (Load Sharing
Network Address Translation) for load
balancing of clustered assets.
 1 Million Flows of Unsampled NetFlow for
Data Analytics collection.
 MACsec Encryption to maintain
confidentiality of transmitted data and to
take measures against frames transmitted
or modified by unauthorized devices.
SSA-180 at the XYZ Account Edge...
Single SSID
Industrial Edge w PoE (Option 3)
4- 1G SFP
8- 10/100 RJ-45 POE+
12 Port Switch
240 Watt PoE Budget
Single SSID
Wave 2 Multirate Edge w PoE++ (Option 4)
This is where: 10G on
existing copper Cat5e
and Cat6 extend the
life of the installed
cable plant. Great for
1:N Convergence.
X620 (1OG Copper or Fiber)
Speed Next Gen Edge
Lowered TCO via
Limited Lifetime Warrantee
Policies:
 QoS,
 VLAN,
 802.1X
 LLDP,
 CDPv2
PBX
L3
EAPS
XYZ Account Preparation
XYZ Account Operation
Convergence 1.0
(Milliseconds)
Ethernet w ATM like QoS
 low latency (.1ms),
 low jitter (.01ms)
 zero packet loss
Performance with features
turned on (L3 built-in).
Direct Ethernet
Provider connects to
Customer in POP
FTTH, DSL,
Cable
Customer
Equipment
Customer
Edge
Provider Edge Provider
Core
M/C
CPE PE
M/C
M/C
M/C
PC
M/C
Loop Detection: ELRP CLI
Summit
SwitchD
SpanningTreeProtocol
Summit
Summit
STP the Algorithm to avoid
I'm the Root
Because MY
ID is Lesser
I’m the
root?
No, I’m
the root
No, I’m
the root?
How will
the loop
converge?
Block here!
Timing associatedwith STP:
Blocking - 20 Sec Or No Limits
Listening - 15 Sec.
Learning - 15Sec.
Forwarding - No Limits.
MasterNode
DataTraffic
ControlTraffic
10GEAPS
Summit
Summit
SummitSummit
Summit
Summit
SummitSummit
Sub50msRestoration
Scalefrom1to40GEthernetSummit
Summit
Fiber
Fiber
Fiber
Fiber
Metro Demarcation
LAG
EAPS
Blocked
EAPS
RFC3619
Ethernet Ring Protection Switching (ERPS) is an
effort at ITU-T under G.8032 Recommendation to
provide sub-50ms protection and recovery
switching for Ethernet traffic in a Ring topology
and at the same time ensuring that there are no
loops formed at the Ethernet Layer.
 G.8032v1 supports a single ring topology.
 G.8032v2 supports multiple rings/ladder
topology.
XYZ Account Design challenges
 Pervasive connectivity (Service elasticity with a
future requirement for IPv6 support).
 Explosion of interconnections (Support growth of
virtual environment).
 Converged, automated infrastructure (Security
and compliance).

4. Heading
XYZ Account 2016 DesignExtremeEdgePoE
ExtremeCore10G
2016 Design
1G 2.5G/5G 10G 40G
Jeff Green
2016
Rev. 1
Florida
Legend
Legend
PoE
802.3at (PoE+)
Cat5e
30W
30W30W
60W
UPOE
No Cabling Change from PoE+
Cat5e
NBASE-T Alliance Copper Max Distances
Cat 7 Shielded 100 m
Cat 6a Shielded 100 m
Cat 6a Unshielded 100 m
Cat 6 Shielded** 100 m
Cat 6 Unshielded** 55 m
Need Correct
UTP, Patch Panel
and Adapter.
known as IEEE 802.3bz
Greenfield - Cat 6a (2.5, 5G & 10G) 100m
Cat 6 (2.5G, 5G & 10G) 55m
Brownfield - Cat 5e (2.5&5G) 100M
Requires X620 or
X460 Switch for
Multi-rate Support
plus Client that
supports Multi-rate.
10G Passive (PN 10306 ~ 5m, 10307~ 10M)
10G SFP+ Active copper cable (upto 100m)
40G Passive (PN 10321 ~3m, 10323~ 5m)
40G Active (PN 10315~10M, 10316 ~20m, 10318~ 100m)
40G Fan-out (PN 10321 ~3m, 10322 ~5m, PN 10GB-4-
F10-QSFP ~10m, PN 10GB-4-F20-QSFP ~20m, )
10G Passive (PN 10304 ~1m, 10305~3m, 10306~5m)
SFP+ DAC Cables
QSFP+ DAC Cables
10 LRM 220m (720ft/plus mode conditioning) (PN 10303)
10GBASE-T over Class E Cat 6 (55M) (10G)
10GBASE-T over Class E Cat 6a or 7 (100M) (10G)
10 SR over OM3 (300M) or OM4 (400M) (PN 10301)
10 LR over single mode (10KM) 1310nm (PN 10302)
10 ER over single mode (40KM) 1550nm (PN 10309)
10 ZR over single mode (80KM) 1550nm (PN 10310)
802.3bz 10GBASE-T (100M) for Cat 6 (5G)
10G Fiber
10G Copper
802.3bz 10GBASE-T (100M) for Cat 5e (2.5G)
OM3 50 µm (550m/SX) Laser, LC (PN 10051H)
OM1 62.5 µm (FDDI 220m/OM1, LC (PN 10051H)
OM2 62.5 µm (ATM 275m/OM2), LC (PN 10051H)
OM4 50 µm (550m/SX) 2Km, LC (PN 10051H)
1G Fiber (50 µm)
1G Fiber (62.5 µm)
Single-fiber
transmission uses
only one strand of
fiber for both
transmit and
receive (1310nm
and 1490nm for
1Gbps; 1310nm and
1550nm for
100Mbps)
LX (MMF 220 & 550m), SMF 10km, LC (PN 10052H)
ZX SMF 70km, LC (PN 10053H)
10/100/1000 (UTP to 100m) SFP (PN 1070H)
SR4 at least 100 m OM3 MMF (PN 10319)
SR4 at least 125 m OM4 MMF (PN 10319)
LR4 at least 10 km SMF, LC (PN 10320)
LM4 140m MMF or 1kM SMF, LC (PN 10334)
Optics
Optics +
Fan-out
Fiber Cable
QSFP-SFPP-ADPTQSFP-SFPP-ADPT – QSFP to SFP+ adapter
ER4 40km SMF, LC (PN 10335) Internal CWDM
transits four wavelengths over single fiber.
MPO to 4 x LC Fanout 10m (PN 10327) for use
with (PN 10326) MPO to 4 x LC duplex
connectors, SMF
LR4 Parallel SM, 10km SMF, MPO (PN 10326)
25/50/100G
CR10 > 10 m over copper cable (10x10 Gb/s /Twinax (7M))
SR10 > 100 m over OM3 MMF (10x10 Gb/s / Multimode (100M))
SR10 > 125 m over OM4 MMF (10x10 Gb/s/ (100M) Data Center)
LR4 > 10 km over SMF (4x25 Gb/s SMF/WDM (10km) Campus)
ER4 > 40 km over SMF (4x25 Gb/s SMF/WDM (40km) Metro)
Optics and DAC Cables
Extreme Networks will restrict the integration of non-qualified 3rd party optical devices within 40G and 100G product environments,
unless you purchase the EXOS 3rd Party 40G/100G Optics feature license to allow such integration.
Proprietary got you Keyed Optics
ModelNumber Description
10GB-LR271-SFPP 10Gb CWDM LR, SM, Channel 1271nm, LC
10GB-LR291-SFPP 10Gb CWDM LR, SM, Channel 1291nm, LC
10GB-LR311-SFPP 10Gb CWDM LR, SM, Channel 1311nm, LC
10GB-LR331-SFPP 10Gb CWDM LR, SM, Channel 1331nm, LC
MUX-CWDM-01 4 Channel O-Band CWDM Mux/Demux
MUX-RACK-01 Rack mount kit for MUX-CWDM-01
40GB-LR4-QSFP 40Gb 40GBASE-LR4, SM 10Km, LC
CWDM
MUX-CWDM-01
DACs
Notes:
Managed Services WAN (Cat 1 Spending)
SSA-180 at the XYZ Account Edge...
Preparation Netsite Operation
XYZ Account
architectural models
Example of Extreme
simplified architecture.
wire-speed non- blocking,
ultra low latency
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
XYZ Account Next generation design
 Full or almost full network virtualization (Automation
of vMotion across DC). SAN synchronization over
Ethernet connections, removing the requirement for
separate infrastructures for example Ethernet
switches and FC switches.
 Collapsed (1- or 2- tier L2 designs) No distribution
layer, no STP.
 VxLAN logical switching (Create a platform for
advanced service management Optimize for cloud
and virtualized environments).
XYZ Account Simplified architecture
 1- or 2- tier architecture with broad simplification and
virtualization (Automation of moving of virtual servers
to underutilized hardware in other data centers to
balance power and cooling requirements).
 Reduced number of network devices, Balanced
between legacy (optimized and next generation).
 Partial but relevant virtualization, reduced physical
constraints (virtualization creates uniform virtual
hardware profiles irrespective of server hardware).
Preparation Netsite Operation
XYZ Account
architectural models
Example of Extreme
simplified architecture.
wire-speed non- blocking,
ultra low latency
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
XYZ Account Next generation design
 Full or almost full network virtualization (Automation
of vMotion across DC). SAN synchronization over
Ethernet connections, removing the requirement for
separate infrastructures for example Ethernet
switches and FC switches.
 Collapsed (1- or 2- tier L2 designs) No distribution
layer, no STP.
 VxLAN logical switching (Create a platform for
advanced service management Optimize for cloud
and virtualized environments).
XYZ Account Simplified architecture
 1- or 2- tier architecture with broad simplification and
virtualization (Automation of moving of virtual servers
to underutilized hardware in other data centers to
balance power and cooling requirements).
 Reduced number of network devices, Balanced
between legacy (optimized and next generation).
 Partial but relevant virtualization, reduced physical
constraints (virtualization creates uniform virtual
hardware profiles irrespective of server hardware).
Managed Services WAN (Cat 1 Spending)
SSA-180 at the XYZ Account Edge...
Preparation Netsite Operation
XYZ Account
architectural models
Example of Extreme
simplified architecture.
wire-speed non- blocking,
ultra low latency
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
2-10GbE VSB Links
10GbE Link
XYZ Account Next generation design
 Full or almost full network virtualization (Automation
of vMotion across DC). SAN synchronization over
Ethernet connections, removing the requirement for
separate infrastructures for example Ethernet
switches and FC switches.
 Collapsed (1- or 2- tier L2 designs) No distribution
layer, no STP.
 VxLAN logical switching (Create a platform for
advanced service management Optimize for cloud
and virtualized environments).
XYZ Account Simplified architecture
 1- or 2- tier architecture with broad simplification and
virtualization (Automation of moving of virtual servers
to underutilized hardware in other data centers to
balance power and cooling requirements).
 Reduced number of network devices, Balanced
between legacy (optimized and next generation).
 Partial but relevant virtualization, reduced physical
constraints (virtualization creates uniform virtual
hardware profiles irrespective of server hardware).
Traditional control
LDAP NAC DHCP Radius Captive
Portal
DNS MDMLDAP NAC DHCP Radius Captive
Portal
DNS MDM
XYZ Account ServicesUser Repositories or Corporate Control
LDAP NAC DHCP Radius Captive
Portal
DNS MDM
XYZ Account ServicesUser Repositories or Corporate Control
NAC
Analytics
Netsite
Extreme (Wired and wireless) Control
Cloud Based control
On-prim / off-prim
Traditional control
LDAP NAC DHCP Radius Captive
Portal
DNS MDM
XYZ Account ServicesUser Repositories or Corporate Control
NAC
Analytics
Netsite
Extreme (Wired and wireless) Control
Cloud Based control
On-prim / off-prim
XYZ Account (911 LLDP MED Design)
XYZ Account Reference Design Notes: 802.1X/Access control – multiple supplicants with
Auto-sensing of IP phones (LLDP, LLDP-MED). Create dynamic profiles, Switch applies profiles
based on standard LLDP-MED discovery protocols, One Device Profile per port Profile
action
Deep Rate-limiting with upto 8 queues per port with consistent queue policing
 Weighted-round robin
 Weight fair queuing
 WRED
Topology maps are created in OneView with the assistance of link and device discovery
protocols (e.g. Link Layer Discovery Protocol) that aid in the creation of these maps by
automatically identifying and drawing the physical links between network devices. It is
necessary for the link layer protocol to be enabled on each device within the
infrastructure for discovery to take place. Once the appropriate devices have been
discovered, a network administrator can arrange the corresponding device icons in a
logical manner that best represents the network infrastructure.
XYZ Account Endpoint move detection and reporting. In this case, Cisco phones must be
individually provisioned (through the phone interface) with their voice VLAN information.
Both LLDP-MED and Cisco Discovery Protocol support this capability. LLDP-MED provides finer
control of the network policy by allowing separate control for signaling and bearer
applications. However, from a practical point of view, the critical capability is the VLAN
configuration, and it is supported by both Cisco Discovery Protocol and LLDP-MED.
XYZ Account VoWLAN management application or an LIS (Location Information Server)
programs the location identification into network using SNMP and the LLDP-MED MIB
 Every port may advertise a unique coordinate, civic, and/or ELIN location value
 Network infrastructure advertise periodic LLDP-MED frames containing location TLV
 Endpoint has location information to use immediately in the call setup
XYZ Account signaling topology layers (CDPv2) - Once the Layer 1 is Active CDP Sends the
information to its neighbor. It can be used for Layer 1, layer 2, layer 3 troubleshooting.
Information
 Logical Address (if define).
 Hostname (given by hostname command).
 Hardware Platform.
 IOS Version.
 Interface Type and Interface Number of local and remote device connected.
1
Cisco VOIP
VoIP phone advertise
CDP packets
Switch responds to phone
request with Voice VLAN
and QoS info
2
 Configure Voice VLAN
 Configure QoS
 Advertise PoE
 CDPv2 for VOIP setup
CDP Advertisement are send through all
the ports by default. Global CDP
information:
 Sending CDP packets every 60 seconds
 Sending a hold time value of 180
seconds
 Advertisement are send via multicast.
XYZ Account signaling topology layers (CDPv2) - Once the Layer 1 is Active CDP Sends the
information to its neighbor. It can be used for Layer 1, layer 2, layer 3 troubleshooting.
Information
 Logical Address (if define).
 Hostname (given by hostname command).
 Hardware Platform.
 IOS Version.
 Interface Type and Interface Number of local and remote device connected.
1
Cisco VOIP
VoIP phone advertise
CDP packets
Switch responds to phone
request with Voice VLAN
and QoS info
2
 Configure Voice VLAN
 Configure QoS
 Advertise PoE
 CDPv2 for VOIP setup
CDP Advertisement are send through all
the ports by default. Global CDP
information:
 Sending CDP packets every 60 seconds
 Sending a hold time value of 180
seconds
 Advertisement are send via multicast.
LLDP-MED provides several technical advantages for XYZ Account ECS location. VoWLAN
Location Considerations, For WLAN devices capable of higher accuracy Smart clients
could compute relative position, using TOA or triangulation, from nearby APs
AP could advertise client specific location using reliable multicasts or via the Presence
Parameters information element (11v), in addition to LLDP-MED location
Emergency Services, Some Thoughts ...
 Wireless client would quickly discover new physical location on roaming
 Switches need physical location configuration anyway, to support wired IP phones
 AP could auto-discover it s physical location via LLDP from wired network
Information Exchanged is in the form of
TLVs and includes mandatory and
optional information such as:
 System name and description
 Port name and description
 IP management address
 VLAN name
 System capabilities (switching,
routing, etc.)
 MAC/PHY information
 MDI power
 Link aggregation
LLDP-MED provides several technical advantages for XYZ Account ECS location. VoWLAN
Location Considerations, For WLAN devices capable of higher accuracy Smart clients
could compute relative position, using TOA or triangulation, from nearby APs
AP could advertise client specific location using reliable multicasts or via the Presence
Parameters information element (11v), in addition to LLDP-MED location
Emergency Services, Some Thoughts ...
 Wireless client would quickly discover new physical location on roaming
 Switches need physical location configuration anyway, to support wired IP phones
 AP could auto-discover it s physical location via LLDP from wired network
Information Exchanged is in the form of
TLVs and includes mandatory and
optional information such as:
 System name and description
 Port name and description
 IP management address
 VLAN name
 System capabilities (switching,
routing, etc.)
 MAC/PHY information
 MDI power
 Link aggregation
Cisco Discovery Protocol - If you have ever worked or studied Cisco on any level you will already
be aware of Cisco Discovery Protocol (CDP), and what it is and does. Invented at Cisco by Keith
McCloghrie and Dino Farinacci, Cisco Discovery Protocol was initially introduced on Cisco products
in 1994. This protocol now operates on tens of millions of Cisco devices throughout the world. It
initially supported a limited set of attributes that were used mainly for device discovery. These
attributes are based on type, length, and value descriptions, referred to as TLVs
XYZ Account (911 LLDP MED Design)
XYZ Account Reference Design Notes: 802.1X/Access control – multiple supplicants with
Auto-sensing of IP phones (LLDP, LLDP-MED). Create dynamic profiles, Switch applies profiles
based on standard LLDP-MED discovery protocols, One Device Profile per port Profile
action
Deep Rate-limiting with upto 8 queues per port with consistent queue policing
 Weighted-round robin
 Weight fair queuing
 WRED
Topology maps are created in OneView with the assistance of link and device discovery
protocols (e.g. Link Layer Discovery Protocol) that aid in the creation of these maps by
automatically identifying and drawing the physical links between network devices. It is
necessary for the link layer protocol to be enabled on each device within the
infrastructure for discovery to take place. Once the appropriate devices have been
discovered, a network administrator can arrange the corresponding device icons in a
logical manner that best represents the network infrastructure.
XYZ Account Endpoint move detection and reporting. In this case, Cisco phones must be
individually provisioned (through the phone interface) with their voice VLAN information.
Both LLDP-MED and Cisco Discovery Protocol support this capability. LLDP-MED provides finer
control of the network policy by allowing separate control for signaling and bearer
applications. However, from a practical point of view, the critical capability is the VLAN
configuration, and it is supported by both Cisco Discovery Protocol and LLDP-MED.
XYZ Account VoWLAN management application or an LIS (Location Information Server)
programs the location identification into network using SNMP and the LLDP-MED MIB
 Every port may advertise a unique coordinate, civic, and/or ELIN location value
 Network infrastructure advertise periodic LLDP-MED frames containing location TLV
 Endpoint has location information to use immediately in the call setup
XYZ Account signaling topology layers (CDPv2) - Once the Layer 1 is Active CDP Sends the
information to its neighbor. It can be used for Layer 1, layer 2, layer 3 troubleshooting.
Information
 Logical Address (if define).
 Hostname (given by hostname command).
 Hardware Platform.
 IOS Version.
 Interface Type and Interface Number of local and remote device connected.
1
Cisco VOIP
VoIP phone advertise
CDP packets
Switch responds to phone
request with Voice VLAN
and QoS info
2
 Configure Voice VLAN
 Configure QoS
 Advertise PoE
 CDPv2 for VOIP setup
CDP Advertisement are send through all
the ports by default. Global CDP
information:
 Sending CDP packets every 60 seconds
 Sending a hold time value of 180
seconds
 Advertisement are send via multicast.
LLDP-MED provides several technical advantages for XYZ Account ECS location. VoWLAN
Location Considerations, For WLAN devices capable of higher accuracy Smart clients
could compute relative position, using TOA or triangulation, from nearby APs
AP could advertise client specific location using reliable multicasts or via the Presence
Parameters information element (11v), in addition to LLDP-MED location
Emergency Services, Some Thoughts ...
 Wireless client would quickly discover new physical location on roaming
 Switches need physical location configuration anyway, to support wired IP phones
 AP could auto-discover it s physical location via LLDP from wired network
Information Exchanged is in the form of
TLVs and includes mandatory and
optional information such as:
 System name and description
 Port name and description
 IP management address
 VLAN name
 System capabilities (switching,
routing, etc.)
 MAC/PHY information
 MDI power
 Link aggregation
Cisco Discovery Protocol - If you have ever worked or studied Cisco on any level you will already
be aware of Cisco Discovery Protocol (CDP), and what it is and does. Invented at Cisco by Keith
McCloghrie and Dino Farinacci, Cisco Discovery Protocol was initially introduced on Cisco products
in 1994. This protocol now operates on tens of millions of Cisco devices throughout the world. It
initially supported a limited set of attributes that were used mainly for device discovery. These
attributes are based on type, length, and value descriptions, referred to as TLVs

5. Heading
XYZ Account 2016 DesignExtremeEdgePoE
ExtremeCore10G
2016 Design
1G 2.5G/5G 10G 40G
Jeff Green
2016
Rev. 1
Florida
Legend
Legend
PoE
802.3at (PoE+)
Cat5e
30W
30W30W
60W
UPOE
No Cabling Change from PoE+
Cat5e
NBASE-T Alliance Copper Max Distances
Cat 7 Shielded 100 m
Cat 6a Shielded 100 m
Cat 6a Unshielded 100 m
Cat 6 Shielded** 100 m
Cat 6 Unshielded** 55 m
Need Correct
UTP, Patch Panel
and Adapter.
known as IEEE 802.3bz
Greenfield - Cat 6a (2.5, 5G & 10G) 100m
Cat 6 (2.5G, 5G & 10G) 55m
Brownfield - Cat 5e (2.5&5G) 100M
Requires X620 or
X460 Switch for
Multi-rate Support
plus Client that
supports Multi-rate.
10G Passive (PN 10306 ~ 5m, 10307~ 10M)
10G SFP+ Active copper cable (upto 100m)
40G Passive (PN 10321 ~3m, 10323~ 5m)
40G Active (PN 10315~10M, 10316 ~20m, 10318~ 100m)
40G Fan-out (PN 10321 ~3m, 10322 ~5m, PN 10GB-4-
F10-QSFP ~10m, PN 10GB-4-F20-QSFP ~20m, )
10G Passive (PN 10304 ~1m, 10305~3m, 10306~5m)
SFP+ DAC Cables
QSFP+ DAC Cables
10 LRM 220m (720ft/plus mode conditioning) (PN 10303)
10GBASE-T over Class E Cat 6 (55M) (10G)
10GBASE-T over Class E Cat 6a or 7 (100M) (10G)
10 SR over OM3 (300M) or OM4 (400M) (PN 10301)
10 LR over single mode (10KM) 1310nm (PN 10302)
10 ER over single mode (40KM) 1550nm (PN 10309)
10 ZR over single mode (80KM) 1550nm (PN 10310)
802.3bz 10GBASE-T (100M) for Cat 6 (5G)
10G Fiber
10G Copper
802.3bz 10GBASE-T (100M) for Cat 5e (2.5G)
OM3 50 µm (550m/SX) Laser, LC (PN 10051H)
OM1 62.5 µm (FDDI 220m/OM1, LC (PN 10051H)
OM2 62.5 µm (ATM 275m/OM2), LC (PN 10051H)
OM4 50 µm (550m/SX) 2Km, LC (PN 10051H)
1G Fiber (50 µm)
1G Fiber (62.5 µm)
Single-fiber
transmission uses
only one strand of
fiber for both
transmit and
receive (1310nm
and 1490nm for
1Gbps; 1310nm and
1550nm for
100Mbps)
LX (MMF 220 & 550m), SMF 10km, LC (PN 10052H)
ZX SMF 70km, LC (PN 10053H)
10/100/1000 (UTP to 100m) SFP (PN 1070H)
SR4 at least 100 m OM3 MMF (PN 10319)
SR4 at least 125 m OM4 MMF (PN 10319)
LR4 at least 10 km SMF, LC (PN 10320)
LM4 140m MMF or 1kM SMF, LC (PN 10334)
Optics
Optics +
Fan-out
Fiber Cable
QSFP-SFPP-ADPTQSFP-SFPP-ADPT – QSFP to SFP+ adapter
ER4 40km SMF, LC (PN 10335) Internal CWDM
transits four wavelengths over single fiber.
MPO to 4 x LC Fanout 10m (PN 10327) for use
with (PN 10326) MPO to 4 x LC duplex
connectors, SMF
LR4 Parallel SM, 10km SMF, MPO (PN 10326)
25/50/100G
CR10 > 10 m over copper cable (10x10 Gb/s /Twinax (7M))
SR10 > 100 m over OM3 MMF (10x10 Gb/s / Multimode (100M))
SR10 > 125 m over OM4 MMF (10x10 Gb/s/ (100M) Data Center)
LR4 > 10 km over SMF (4x25 Gb/s SMF/WDM (10km) Campus)
ER4 > 40 km over SMF (4x25 Gb/s SMF/WDM (40km) Metro)
Optics and DAC Cables
Extreme Networks will restrict the integration of non-qualified 3rd party optical devices within 40G and 100G product environments,
unless you purchase the EXOS 3rd Party 40G/100G Optics feature license to allow such integration.
Proprietary got you Keyed Optics
ModelNumber Description
10GB-LR271-SFPP 10Gb CWDM LR, SM, Channel 1271nm, LC
10GB-LR291-SFPP 10Gb CWDM LR, SM, Channel 1291nm, LC
10GB-LR311-SFPP 10Gb CWDM LR, SM, Channel 1311nm, LC
10GB-LR331-SFPP 10Gb CWDM LR, SM, Channel 1331nm, LC
MUX-CWDM-01 4 Channel O-Band CWDM Mux/Demux
MUX-RACK-01 Rack mount kit for MUX-CWDM-01
40GB-LR4-QSFP 40Gb 40GBASE-LR4, SM 10Km, LC
CWDM
MUX-CWDM-01
DACs
Notes:
Wireless Controllers
Elastic virtual Appliance? delivers Scale on demand, V2110 V9 Virtual Wireless Appliance of 8
APs, expandable to 250 (Hyper-V)/525 (VMware) APs in 1 or 16 AP increments – includes 2 free
Radar licenses.
 This is where, XYZ Account can scale on demand by adjusting resources allocated to
virtual machine (*Supported on VMware version only).
 Support for 525 APs in standalone and 1050 APs in H/A mode.
 Support for 4,096 users in standalone and 8,192 users in H/A mode.
Configuration Small (OVA) Medium Large
HostResources 2 CPU
1 GB RAM
25 GB HDD
4 CPU
2 GB RAM
25 GB HDD
8 CPU
4 GB HDD
25 GB HDD
System Limits
AP Capacity 100 500 1050
Local AP
High Availability
50
50
250
250
525
525
User Capacity 1024 4096 8192
Standalone Users
High Availability
512
512
2048
2048
4096
4096
Max Number Services/VNS 32 128 256
Max Number of Active WLAN
services
16 64 128
Max Number Topologies 32 128 256
Max Number Policies/Roles 128 512 1024
Traditional Appliance
(30135 or WS-C5210)
Elastic Appliance
(WS-V2110-9-NAM)
Wireless Controllers
Elastic virtual Appliance? delivers Scale on demand, V2110 V9 Virtual Wireless Appliance of 8
APs, expandable to 250 (Hyper-V)/525 (VMware) APs in 1 or 16 AP increments – includes 2 free
Radar licenses.
 This is where, XYZ Account can scale on demand by adjusting resources allocated to
virtual machine (*Supported on VMware version only).
 Support for 525 APs in standalone and 1050 APs in H/A mode.
 Support for 4,096 users in standalone and 8,192 users in H/A mode.
Configuration Small (OVA) Medium Large
HostResources 2 CPU
1 GB RAM
25 GB HDD
4 CPU
2 GB RAM
25 GB HDD
8 CPU
4 GB HDD
25 GB HDD
System Limits
AP Capacity 100 500 1050
Local AP
High Availability
50
50
250
250
525
525
User Capacity 1024 4096 8192
Standalone Users
High Availability
512
512
2048
2048
4096
4096
Max Number Services/VNS 32 128 256
Max Number of Active WLAN
services
16 64 128
Max Number Topologies 32 128 256
Max Number Policies/Roles 128 512 1024
Traditional Appliance
(30135 or WS-C5210)
Elastic Appliance
(WS-V2110-9-NAM)
Wireless Analytics (Netflow with MirrorN)
Physical or Virtual Appliance? Overlay design and deployment in this case, the network switches
lack the required capabilities required for unsampled NetFlow. A passive network tap can be
used to direct traffic to an out-of-band CoreFlow2 switch that can generate the required
unsampled NetFlow stats and traffic mirror. A Massive and Customizable Signature Set – With
a library of more than 7,000 applications with over 13,000 fingerprints and growing, and the
ability to easily create your own fingerprint, Purview can identify virtually any application.
Analytics with Sensor
W PV-A-300 Appliance Bundle
(PV-50K-SYS-2)
Virtual Appliance Bundle
(PV-V-50K-SYS-2)
PV-FPB-XXX – Purview Flow per Minute license
 Up to 25K tracked clients (20
tracked applications/client).
 Up to 500K flows in active
cache
 Up to 1M Flows/Min
PV-A-300
Sensor PV-FC-180, S or K Series (Core
Flow 2/ 1 Million Flows)
Netsite Advance (NMS-ADV-5)
6 Million Flows
Wireless Analytics (Netflow with MirrorN)
Physical or Virtual Appliance? Overlay design and deployment in this case, the network switches
lack the required capabilities required for unsampled NetFlow. A passive network tap can be
used to direct traffic to an out-of-band CoreFlow2 switch that can generate the required
unsampled NetFlow stats and traffic mirror. A Massive and Customizable Signature Set – With
a library of more than 7,000 applications with over 13,000 fingerprints and growing, and the
ability to easily create your own fingerprint, Purview can identify virtually any application.
Analytics with Sensor
W PV-A-300 Appliance Bundle
(PV-50K-SYS-2)
Virtual Appliance Bundle
(PV-V-50K-SYS-2)
PV-FPB-XXX – Purview Flow per Minute license
 Up to 25K tracked clients (20
tracked applications/client).
 Up to 500K flows in active
cache
 Up to 1M Flows/Min
PV-A-300
Sensor PV-FC-180, S or K Series (Core
Flow 2/ 1 Million Flows)
Netsite Advance (NMS-ADV-5)
6 Million Flows
NAC : Who (and What) is on Your Network?
Physical or Virtual Appliance? Extreme Networks NAC is
upgradable, allowing assessment to be integrated onto a
single box with the other NAC functions. The appliances
are capable of supporting both network-based and/or
agent-based assessment. A virtual appliance is a software
image that runs on a virtual machine. The Identity &
Access Virtual Appliance is packaged in the .OVA file
format defined by VMware and must be deployed on a
VMware ESXTM 4.0, 4.1, 5.0, or 5.1 server or ESXiTM 4.0, 4.1,
5.0, or 5.1 server with a vSphere(TM) 4.0, 4.1, 5.0, or 5.1
client. Virtual appliance requires 12 GB of memory, four
CPUs, two network adapters, and 40 GB of thick-
provisioned hard drive space.
IA-ES-1K 1,000 End-system license $7,995
IA-ES-3K 3,000 End-system license $22,495
IA-ES-12K 12,000 End-system license $84,995
IA-PA-3K 3,000 Posture Assessment license $9,995
IA-PA-12K 12,000 Posture Assessment license $39,995
Traditional Appliance
(IA-A-20 & IA-A-300)
NAC Elastic Appliance
(Virtual appliances are
included in NetSight
Advanced
(IA-ES license required))
NAC : Who (and What) is on Your Network?
Physical or Virtual Appliance? Extreme Networks NAC is
upgradable, allowing assessment to be integrated onto a
single box with the other NAC functions. The appliances
are capable of supporting both network-based and/or
agent-based assessment. A virtual appliance is a software
image that runs on a virtual machine. The Identity &
Access Virtual Appliance is packaged in the .OVA file
format defined by VMware and must be deployed on a
VMware ESXTM 4.0, 4.1, 5.0, or 5.1 server or ESXiTM 4.0, 4.1,
5.0, or 5.1 server with a vSphere(TM) 4.0, 4.1, 5.0, or 5.1
client. Virtual appliance requires 12 GB of memory, four
CPUs, two network adapters, and 40 GB of thick-
provisioned hard drive space.
IA-ES-1K 1,000 End-system license $7,995
IA-ES-3K 3,000 End-system license $22,495
IA-ES-12K 12,000 End-system license $84,995
IA-PA-3K 3,000 Posture Assessment license $9,995
IA-PA-12K 12,000 Posture Assessment license $39,995
Traditional Appliance
(IA-A-20 & IA-A-300)
NAC Elastic Appliance
(Virtual appliances are
included in NetSight
Advanced
(IA-ES license required))
Netsite: How is Your Network Being Used?
Physical or Virtual Appliance? Understand your
network in OneView Third-party devices can
be managed via SNMP, SSH, Syslog, or even
Secure Copy. OneViewTM supports reporting on
about 2,500devices/interfaces in a typical
enterprise network which stores: raw data for
7 days with a 15 minute polling interval, hourly
rollups for 8 weeks, and daily rollups for
6months. More information on tuning the
deployment is available in the OneViewTM
Users Guide.
Up to 6 Purview Engines
Up to 3 Million Flows/Min
Up to 50K tracked clients
Up to 5K TopN records/hour
Up to 20 applications/client (10 TopN, 10
tracked)
Up to 600 GB database storage
Traditional Appliance
(NS-A-20)
Elastic Appliance
(NMS-ADV-XX )
VM and
Cloud
Directory
PKI
Device
Mgmt
Provisioning
Software
CMDB
Asset
Alarm
Systems
Netsite: How is Your Network Being Used?
Physical or Virtual Appliance? Understand your
network in OneView Third-party devices can
be managed via SNMP, SSH, Syslog, or even
Secure Copy. OneViewTM supports reporting on
about 2,500devices/interfaces in a typical
enterprise network which stores: raw data for
7 days with a 15 minute polling interval, hourly
rollups for 8 weeks, and daily rollups for
6months. More information on tuning the
deployment is available in the OneViewTM
Users Guide.
Up to 6 Purview Engines
Up to 3 Million Flows/Min
Up to 50K tracked clients
Up to 5K TopN records/hour
Up to 20 applications/client (10 TopN, 10
tracked)
Up to 600 GB database storage
Traditional Appliance
(NS-A-20)
Elastic Appliance
(NMS-ADV-XX )
VM and
Cloud
Directory
PKI
Device
Mgmt
Provisioning
Software
CMDB
Asset
Alarm
Systems
Integrated RADAR : Wireless Dashboard
The wireless dashboard provides an
overview of the status and performance
of the entire wireless infrastructure. It
displays an overview of the availability,
load and status of the controllers, the
most recent and severe events from the
wireless infrastructure and statistics on
the most loaded APs.
Wireless coverage
 Overall
 Per channel
 Expected data rate
 Channel allocation
 Location
 Current
 Over time
 Location readiness
Integrated RADAR : Wireless Dashboard
The wireless dashboard provides an
overview of the status and performance
of the entire wireless infrastructure. It
displays an overview of the availability,
load and status of the controllers, the
most recent and severe events from the
wireless infrastructure and statistics on
the most loaded APs.
Wireless coverage
 Overall
 Per channel
 Expected data rate
 Channel allocation
 Location
 Current
 Over time
 Location readiness
ADSP : Air Defense Spectrum Control
Forensic
Summary
Association
Analysis
Protocol
Abuse
Anomalous
Behavior
Signature
Analysis
Policy
Manager
Noise &
Interference
Roaming
Issues
Scanner Printer
Connectivity
Problems
Correlation
Engines
Context-aware
Detection
Engines
ADSP : Air Defense Spectrum Control
Forensic
Summary
Association
Analysis
Protocol
Abuse
Anomalous
Behavior
Signature
Analysis
Policy
Manager
Noise &
Interference
Roaming
Issues
Scanner Printer
Connectivity
Problems
Correlation
Engines
Context-aware
Detection
Engines
XYZ Account Single Site
Design Considerations
A Single Site deployment of Identity and Access Control (IAC) is typical in small to medium sized environments. The network design generally consists
of a core router with collapsed distribution and edge switching. A small datacenter is typically deployed where virtual machines can be used to
host services and a dual ISP link is configured through a pair of firewalls. Based on this general architecture, the design for IAC will include a
Control Center appliance and at least two IAC Engines in the datacenter. These three appliances can all be virtual, physical, or a combination of
both physical and virtual. Depending upon the use case, the wireless controller will also sit in the datacenter with Bridge at AP topologies, Bridge at
Controller topologies or a combination of both.
For an IAC deployment it's common to see the IAC Engines in the datacenter at the main building. A minimum of two IAC Engines are recommended
for redundancy and they can be either virtual or physical. Generally, along with the IAC Engines, the Control Center server and wireless controllers
also reside in the datacenter. For the wireless deployment it's common to see Bridge at AP topologies for wireless users within the campus buildings.
However, guest services may still tunnel back to the datacenter with a Bridge at Controller topology before accessing network resources.
XYZ Account Single Site
Design Considerations
A Single Site deployment of Identity and Access Control (IAC) is typical in small to medium sized environments. The network design generally consists
of a core router with collapsed distribution and edge switching. A small datacenter is typically deployed where virtual machines can be used to
host services and a dual ISP link is configured through a pair of firewalls. Based on this general architecture, the design for IAC will include a
Control Center appliance and at least two IAC Engines in the datacenter. These three appliances can all be virtual, physical, or a combination of
both physical and virtual. Depending upon the use case, the wireless controller will also sit in the datacenter with Bridge at AP topologies, Bridge at
Controller topologies or a combination of both.
For an IAC deployment it's common to see the IAC Engines in the datacenter at the main building. A minimum of two IAC Engines are recommended
for redundancy and they can be either virtual or physical. Generally, along with the IAC Engines, the Control Center server and wireless controllers
also reside in the datacenter. For the wireless deployment it's common to see Bridge at AP topologies for wireless users within the campus buildings.
However, guest services may still tunnel back to the datacenter with a Bridge at Controller topology before accessing network resources.
Unique Purpose-Built Access Points
(Opex or CAPEX)
Wall-plate AP
 2x2:2 11ac Wave 2
 Up to 3 pass-through E/N
ports with PoE out port
 BLE/Zigbee support
AP + Camera (AP3916)
 2x2:2 SS, Dual band &
radio
 RF Spectrum Analysis
 4x integral antennae
MU-MIMO (up to 4) 160 MHz
 4 MU-MIMO sessions
 2.5/5G Ethernet
 BLE/Zigbee support (IoT)
Stadiums (3865e)
 11ac (3x3:3 MIMO)
 Mesh, Policy, QoS
 IP67/NEMA6
Unique Purpose-Built Access Points
(Opex or CAPEX)
Wall-plate AP
 2x2:2 11ac Wave 2
 Up to 3 pass-through E/N
ports with PoE out port
 BLE/Zigbee support
AP + Camera (AP3916)
 2x2:2 SS, Dual band &
radio
 RF Spectrum Analysis
 4x integral antennae
MU-MIMO (up to 4) 160 MHz
 4 MU-MIMO sessions
 2.5/5G Ethernet
 BLE/Zigbee support (IoT)
Stadiums (3865e)
 11ac (3x3:3 MIMO)
 Mesh, Policy, QoS
 IP67/NEMA6
Separate voice and/or data
 32 VNS segments per Controller
 Per SSID or WLAN domain (Controller, AP)
 QoS, Security, Roaming, No VLAN
configuration required
Single XYZ Account SSID
Separate voice and/or data
 32 VNS segments per Controller
 Per SSID or WLAN domain (Controller, AP)
 QoS, Security, Roaming, No VLAN
configuration required
Single XYZ Account SSID
This is where, XYZ Account maybe familiar with the idea that as chaos or change rates within a particular network go up, so do your costs.
 Roles are Business level groupings built to correspond to specific user types.
 Rules are policies enforced at the port level to decide what types of traffic XYZ Account wants to allow, deny, rate limit or prioritize (No complicated scripting).
 Services are containers of similar Rules. Grouping Rules allows the Administrator to apply rules in groups rather than as individual components.
Policy Components (Cost to Chaos Ratio)
Roles
Faculty
Student
Guest
Rules
Allow, deny, rate limit,
prioritize. Or contain.
Services
PoS
Oracle
Guest
if X + Y,= Z then action
IT Admin Employee Guest
Oracle VPNAdmin.
AllowHTTP
AllowHTTPS
AllowIPSec
AllowSAP
RateLimit
AllowPing
AllowTelnet
AllowEmail
AllowTFTP
AllowSNMP
AllowOracle
DenyBlast
then place user into a defined ROLE
Looks like a next
generation Firewall
across your XYZ
Account Network.
RolesRulesServices
This is where, XYZ Account maybe familiar with the idea that as chaos or change rates within a particular network go up, so do your costs.
 Roles are Business level groupings built to correspond to specific user types.
 Rules are policies enforced at the port level to decide what types of traffic XYZ Account wants to allow, deny, rate limit or prioritize (No complicated scripting).
 Services are containers of similar Rules. Grouping Rules allows the Administrator to apply rules in groups rather than as individual components.
Policy Components (Cost to Chaos Ratio)
Roles
Faculty
Student
Guest
Rules
Allow, deny, rate limit,
prioritize. Or contain.
Services
PoS
Oracle
Guest
if X + Y,= Z then action
IT Admin Employee Guest
Oracle VPNAdmin.
AllowHTTP
AllowHTTPS
AllowIPSec
AllowSAP
RateLimit
AllowPing
AllowTelnet
AllowEmail
AllowTFTP
AllowSNMP
AllowOracle
DenyBlast
then place user into a defined ROLE
Looks like a next
generation Firewall
across your XYZ
Account Network.
RolesRulesServices
The XYZ Account first line of defense,
This is where Increase Safety. Lack of
visibility of critical assets is a problem with
substantial business impact
 Network can facilitate and assist with
implementing inpatient, ambulatory,
and clinical information systems with
security and reliability.
 Real-time location services for
inventory and asset tracking.
 Network analytics to provide real-time
tracking of patient status and
increase awareness on present patient
locations.
Asset Visibility
Asset
Location
Wi-Fi Tags
and Clients
RTLS Location Engine
(built-in)
Ekahau
Positioning
Engine
AeroScout
Engine
The XYZ Account first line of defense,
This is where Increase Safety. Lack of
visibility of critical assets is a problem with
substantial business impact
 Network can facilitate and assist with
implementing inpatient, ambulatory,
and clinical information systems with
security and reliability.
 Real-time location services for
inventory and asset tracking.
 Network analytics to provide real-time
tracking of patient status and
increase awareness on present patient
locations.
Asset Visibility
Asset
Location
Wi-Fi Tags
and Clients
RTLS Location Engine
(built-in)
Ekahau
Positioning
Engine
AeroScout
Engine
Device capabilities (clients),
 Constraints = certifications, drivers/software, power, durability, size
 Understand protocols/standards and channels supported
 Take measurements with device, understand Rx sensitivities
Coverage - How much? 2.4GHz or 5GHz? Choose one!
 Recommended target -65dBm to -67dBm - 802.11ac designs likely incorporate stronger signal
 Always consider environmental elements, SNR & retries
 Match AP and Client Tx power; target symmetrical speeds
Interference
 Channel reuse and cell dimension critical – 20MHz high-density
 Static channel assignment to avoid CCI
 More power better Wi-Fi
Roaming - How many channels in use? less scans, Active vs. passive client scanning – both consume airtime
 WPA2-PSK vs. WPA2-ENT? 802.11r/802.11k?
 Target below 50ms
 Consider wired network and traffic forwarding (L2/L3, local/centralized)
Quality of Service (QoS) - Does the client/application support marking?
 Never forget end-to-end QoS, Consider both voice signaling and encoding.
 Wireless QoS (WMM/802.11e) + Wired QoS (802.1D/Diffserv) If not, how you will classify the traffic.
 Use OKC if 802.11r/802.11k not available
VoWLAN Design Considerations
Device capabilities (clients),
 Constraints = certifications, drivers/software, power, durability, size
 Understand protocols/standards and channels supported
 Take measurements with device, understand Rx sensitivities
Coverage - How much? 2.4GHz or 5GHz? Choose one!
 Recommended target -65dBm to -67dBm - 802.11ac designs likely incorporate stronger signal
 Always consider environmental elements, SNR & retries
 Match AP and Client Tx power; target symmetrical speeds
Interference
 Channel reuse and cell dimension critical – 20MHz high-density
 Static channel assignment to avoid CCI
 More power better Wi-Fi
Roaming - How many channels in use? less scans, Active vs. passive client scanning – both consume airtime
 WPA2-PSK vs. WPA2-ENT? 802.11r/802.11k?
 Target below 50ms
 Consider wired network and traffic forwarding (L2/L3, local/centralized)
Quality of Service (QoS) - Does the client/application support marking?
 Never forget end-to-end QoS, Consider both voice signaling and encoding.
 Wireless QoS (WMM/802.11e) + Wired QoS (802.1D/Diffserv) If not, how you will classify the traffic.
 Use OKC if 802.11r/802.11k not available
VoWLAN Design Considerations
Device capabilities (clients),
 Constraints = certifications, drivers/software, power, durability, size
 Understand protocols/standards and channels supported
 Take measurements with device, understand Rx sensitivities
Coverage - How much? 2.4GHz or 5GHz? Choose one!
 Recommended target -65dBm to -67dBm - 802.11ac designs likely incorporate stronger signal
 Always consider environmental elements, SNR & retries
 Match AP and Client Tx power; target symmetrical speeds
Interference
 Channel reuse and cell dimension critical – 20MHz high-density
 Static channel assignment to avoid CCI
 More power better Wi-Fi
Roaming - How many channels in use? less scans, Active vs. passive client scanning – both consume airtime
 WPA2-PSK vs. WPA2-ENT? 802.11r/802.11k?
 Target below 50ms
 Consider wired network and traffic forwarding (L2/L3, local/centralized)
Quality of Service (QoS) - Does the client/application support marking?
 Never forget end-to-end QoS, Consider both voice signaling and encoding.
 Wireless QoS (WMM/802.11e) + Wired QoS (802.1D/Diffserv) If not, how you will classify the traffic.
 Use OKC if 802.11r/802.11k not available
VoWLAN Design Considerations
Wave 2 XYZ Account Considerations
The Edge deployment model is the most frequently used in the IAC
solution. This deployment model identifies and controls both wired and
wireless devices at the edge of the network with the main requirement
being that there is no additional networking equipment downstream of
the port where the device is being identified.
When identifying devices at the edge of the network a visibility
mechanism, typically authentication, needs to be enabled at every entry
point to the network. On edge switches, this requires enabling
authentication for each port. For wireless, this means enabling
authentication on the wireless SSID's. If there are multiple devices
attached to a single port of a switch, then multi-user authentication
needs to be enabled on the port in order to detect all devices and assign
them individual authentication sessions.
The VPN Remote Access deployment model allows IAC to identify devices
connected to the network through a compatible VPN concentrator.
Deployment spectrum recommendations - transmit Power (dBm) 5 GHz: Min
12/Max 15. 5GHz is the preferred Wi-Fi frequency for indoor use More
capacity, less interference compared to 2.4GHz. 5GHz should become
dominant for your client devices 2.4GHz should be left for Bluetooth,
ZigBee and RTLS (M2M). Unlicensed 5GHz spectrum is attractive for
service providers. New LTE-U/LAA services are coming; impact currently
unknown
 Beacon Rate (Mbps) By default lowest For both 802.11a and g radio
use 12 or 24.
 Multicast rate optimization enabled.
 Channels 80 MHz channels can be used in green field deployments. DFS
channels must be used when operating on 80 MHz channels (Remove
channel 144 from list).
 Rogue Devices can be Anywhere on the Network and can be
Encrypted. Identify Every Type of Rogue Device Connected to the
Network
 Track and Identify New Non-Wireless Devices
 Track Critical Assets to Identify Removal From Network
Wave 2 XYZ Account Considerations
The Edge deployment model is the most frequently used in the IAC
solution. This deployment model identifies and controls both wired and
wireless devices at the edge of the network with the main requirement
being that there is no additional networking equipment downstream of
the port where the device is being identified.
When identifying devices at the edge of the network a visibility
mechanism, typically authentication, needs to be enabled at every entry
point to the network. On edge switches, this requires enabling
authentication for each port. For wireless, this means enabling
authentication on the wireless SSID's. If there are multiple devices
attached to a single port of a switch, then multi-user authentication
needs to be enabled on the port in order to detect all devices and assign
them individual authentication sessions.
The VPN Remote Access deployment model allows IAC to identify devices
connected to the network through a compatible VPN concentrator.
Deployment spectrum recommendations - transmit Power (dBm) 5 GHz: Min
12/Max 15. 5GHz is the preferred Wi-Fi frequency for indoor use More
capacity, less interference compared to 2.4GHz. 5GHz should become
dominant for your client devices 2.4GHz should be left for Bluetooth,
ZigBee and RTLS (M2M). Unlicensed 5GHz spectrum is attractive for
service providers. New LTE-U/LAA services are coming; impact currently
unknown
 Beacon Rate (Mbps) By default lowest For both 802.11a and g radio
use 12 or 24.
 Multicast rate optimization enabled.
 Channels 80 MHz channels can be used in green field deployments. DFS
channels must be used when operating on 80 MHz channels (Remove
channel 144 from list).
 Rogue Devices can be Anywhere on the Network and can be
Encrypted. Identify Every Type of Rogue Device Connected to the
Network
 Track and Identify New Non-Wireless Devices
 Track Critical Assets to Identify Removal From Network