Intelligent switching for your VoIP network.If you look at the list of hot topics for networking this year, two are bound to emerge near the top. The first is Voice over IP (VoIP) and following not too far behind is intelligent switching. These topics go hand in hand and for good reason. If you are considering the move to VoIP, two of the items you must consider are the type of switch you will use and the security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising" security that you will implement to protect voice and data traffic. This means you will need an intelligent switch. Intelligent or Unintelligent Switching: That is the Question For practical purposes, we will classify switches into two major categories, unintelligent and intelligent. An unintelligent switch in its purest form is any switch that lacks management capability. Intelligent switches, on the other hand, typically offer a host of management capabilities including manual port configuration for items like speed and duplexing, VLAN See virtual LAN. VLAN - Virtual Local Area Network membership, and Class of Service (CoS). The classification for intelligent switches has also been expanded to include a new breed of network devices called switch-routers. Leading manufacturers have identified the need for a small, integrated device that can function as an "all-in-one" access solution for the branch office. These manufacturers have integrated Wide Area and Local Area Network (WAN and LAN (Local Area Network) A communications network that serves users within a confined geographical area. The "clients" are the user's workstations typically running Windows, although Mac and Linux clients are also used. ) functionality into a single product for converged access. These products offer increased intelligence and are feature-rich and some can be quite cost-effective. These devices take an intelligent switch and add a full-featured router, along with CSU/DSU See DSU/CSU. CSU/DSU - channel service unit/digital service unit capability, VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. capability, firewall, and in some cases, Power over Ethernet Power over Ethernet or PoE technology describes a system to transmit electrical power, along with data, to remote devices over standard twisted-pair cable in an Ethernet network. . Why Choose a Managed or Intelligent Switch? When budgets are lean, network managers need every edge they can get to keep their networks running properly, while keeping administration costs to a minimum. Tools that enable network administrators to manage devices remotely become even more important. Advanced applications, such as VoIP, are now being extended to remote locations and require an intelligent device that can manage the extended enterprise. Devices that are intelligent enough to be managed remotely have traditionally come at a higher cost than their lower-end counterparts, creating something of a Catch-22. However, as the market for network switches matures along with the growth of VoIP and other technologies, enterprises can now buy intelligent network switches for prices that are easy to cost-justify, especially when given the many benefits the switches provide. Features such as remote configuration, port monitoring and CoS help managers keep the network running at peak efficiency from a central location. Support for virtual LANs, 802.1x and RADIUS TACACS (Terminal Access Controller Access Control System) An access control protocol used to authenticate a user logging into the network. TACACS is a simple username/password system. + authentication provide added security, especially for networks implementing VoIP or wireless LANs. In most cases, intelligent switches can be managed from any SNMP-capable management platform. Most enterprises already have switches that support most or all of those features mentioned earlier in their network core, but some are still lacking at the network edge. Extending the features to the network edge by installing intelligent switches in wiring closets throughout the enterprise reduces network downtime, improves performance, and provides better security--all while increasing the productivity of network support staff. Enhanced Performance and Security Additional features will help gain even more control over network bandwidth, to optimize performance and help secure the network. Classes of Service (CoS), for example, enables you to classify different types of traffic according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. their level of performance. This ensures that prioritized traffic, such as voice packets, won't be kept waiting at the expense of a file transfer or other transaction that is not time sensitive. Look for switches that comply with the IEEE 802.1p IEEE 802.1p is a standard that provides traffic class expediting and dynamic multicast filtering. Essentially, it provides a mechanism for implementing Quality of Service (QoS) at the MAC (Media Access Control) level. standard. This standard specifies up to eight levels of priority, which is more than ample for most enterprise applications. Link aggregation See port aggregation. is another way to address varying traffic requirements. With link aggregation, users can pool multiple switch ports to form a single, larger trunk between two points to meet high-capacity requirements. For example, using link aggregation, four 100 Mbps ports can be aggregated to form a 400 Mbps link, thus allowing this link to handle more traffic demand. As an added bonus, if one of the ports fails, the other three remain intact, providing added network resiliency. Virtual Local Area Networks or VLANs are another way to improve network performance while easing administration. Look for standards-based devices that incorporate the IEEE 802.1Q IEEE 802.1Q (also known as VLAN Tagging) was a project in the IEEE 802 standards process to develop a mechanism to allow multiple bridged networks to transparently share the same physical network link without leakage of information between networks (i.e. trunking). IEEE 802. standard. VLANs allow IT managers to group users and resources in any formation, regardless of the physical LAN segment A section of a local area network that is used by a particular workgroup or department and separated from the rest of the LAN by a bridge, router or switch. Networks are divided into multiple segments for security and to improve traffic flow by filtering out packets that are not destined to which those resources are attached. As an example all of the users for a single department can be grouped on the same VLAN, even if each one is at a different geographical location. Since VLANs are software based, computers can move from one physical destination to another without any hardware reconfiguration. VLANs can also be used to enhance security, by ensuring that users have access only to the resources they need to do their jobs, while blocking unauthorized users. Some intelligent switches also support enhanced authentication, including 802.1x with RADIUS support. RADIUS is an access control protocol that defines how to use a challenge/response scheme to authenticate users. Popular for connecting wireless LANs to a wired backbone, 802.1x requires a user to authenticate to a RADIUS server before the user's port is enabled. Examining the Basics While the exact features of any intelligent, managed switch will vary by vendor and model, there are a number of basics to look for. They include support for: * 10/100Base-T and Gigabit Ethernet. An intelligent switch will typically have a dozen or more 10/100 or 10/100/1000 Mbps Ethernet ports and at least a pair of Gigabit ports, to link to the backbone through and through; thoroughly; entirely. - Lord Lytton. See also: Backbone or to other workgroup switches. * Non-blocking Architecture. Make sure to check the aggregate non-blocking capacity of the switch, which is the true measure of how much bandwidth is available. * Centralized Port Monitoring. The ability to monitor, from a central management station, packets sent or received on any given port is fundamental for an intelligent switch. This gives administrators the ability to gather usage statistics on a per-port basis, which can be used to monitor traffic patterns and tune the network accordingly. Port monitoring also helps identify congested con·gest·ed adj. Affected with or characterized by congestion. congested ENT adjective Referring to a boggy blood-filled tissue. See Nasal congestion. or failed ports and pinpoint trouble areas on the network. * Packet Error Detection. This is the ability to detect errors in packets as they enter or exit a port. Intelligent switches will look for under- or oversize o·ver·size n. 1. A size that is larger than usual. 2. An oversize article or object. adj. o·ver·size also o·ver·sized Larger in size than usual or necessary. Adj. 1. packets, fragments, and other malformed mal·formed adj. Abnormally or faultily formed. packets, and are typically configured to alert an administrator when the number of packet errors exceeds a predefined threshold, signaling problems on the network. * Port Control and Security. You may want the same port to operate differently depending on traffic conditions and the device connected to it. The ability for a port to automatically configure itself for optimum performance is, therefore, crucial. Look for capabilities including auto-sensing, which enables the port to adapt to the speed of the connecting device, and auto-negotiation of half or full duplex mode. * SNMP (Simple Network Management Protocol) A widely used network monitoring and control protocol. Data are passed from SNMP agents, which are hardware and/or software processes reporting activity in each network device (hub, router, bridge, etc. . SNMP is the industry standard protocol used to communicate management information. Centralized consoles such as HP OpenView typically use SNMP to communicate with SNMP agents on managed devices, such as switches. RMON (Remote MONitoring) Enhancements to the management information base (MIB) structure used by the simple network management protocol (SNMP). In 1991, RMON added comprehensive network monitoring capabilities. is an SNMP extension that provides additional, more specific network traffic and performance data. * Spanning Tree Protocol Based on an algorithm invented by Radia Perlman while working for Digital Equipment Corporation[1][2], Spanning Tree Protocol Is an OSI layer-2 protocol which ensures a loop free topology for any bridged LAN. (STP STP or standard temperature and pressure, standard conditions for measurement of the properties of matter. The standard temperature is the freezing point of pure water, 0°C; or 273.15°K;. ). The 802.1D Spanning Tree Protocol enables network switches to reconfigure a network in order to break the loops that can occur in an Ethernet network when more than one path exists between two end points. Such loops can cause broadcast storms that rapidly deteriorate network performance. A newer version of STP, called Rapid STP (802.1w), reduces the amount of time it takes a switch to reconfigure the network to less than a second, from up to a minute with STP. Improving Performance with Switch-Routers Switch-routers are making a name for themselves in today's VoIP architectures. These devices are especially beneficial in areas where cabinet space is limited and cost is a major concern. These devices typically combine the functionality of multiple devices (up to five) into a single, easy-to-manage chassis and at a cost that is typically well below multi-box solutions. In addition to the wealth of management features outlined above, these devices also add features like Quality of Service (QoS), SIP ALG ALG antilymphocyte globulin. ALG antilymphocyte globulin. ALG Antilymphocyte globulin, see there , Enhanced VLANs, Radius Authentication, and support for 802.1x and SSH/SSL that are inherent to their router functionality. These features provide enhanced security and offer added advantages in a VoIP environment. Manageability is another key feature of these devices. Offering a Web-based Graphical User Interface graphical user interface (GUI) Computer display format that allows the user to select commands, call up files, start programs, and do other routine tasks by using a mouse to point to pictorial symbols (icons) or lists of menu choices on the screen as opposed to having to or common Command Line Interface (CLI (1) (Call Level Interface) A database programming interface from the SQL Access Group (SAG), an SQL membership organization. SAG's CLI is an attempt to standardize the SQL language for database access. ), these devices are simple to set up and administer both on-site and remotely. Making the Choice Whether you choose an intelligent switch or a next-generation switch-router for your VoIP application you will receive a wealth of benefits. The extra cost, when compared to lower-function unmanaged devices should be easy as you explain the rewards of increased functionality, enhanced security, and remote management capabilities that, in turn, make network administration even easier for the IT manager and staff. Joe McClain is product manager at ADTRAN Enterprise Networks Division (Huntsville, AL). www.adtran.com |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion