Jul 18, 2008 (08:07 PM EDT)
HP ProCurve Powers A Unified Switching Architecture
Read the Original Article at InformationWeek
In our review of enterprise switches tailored to the needs of TacDoh, a fictitious, growing company that provides deep-fried food through retail outlets, we found that Hewlett-Packard built a solid product using ProCurve switches and management software.
For the price and features, HP's network redesign hit all of our requirements. The products selected provided ample room to expand the network density, from adding more ports to migrating to 10 Gigabit Ethernet when the time comes.
HP's support for voice over IP and other real-time media is comparable with other companies' switch product support, but ProCurve has made strides in port security and management for smaller networks.
As part of our request for information, we asked vendors to supply us with a network redesign based on our company's existing network, current business needs, and future plans. We wanted it all: high speed, high reliability, high flexibility, and a low price. (Click Here for The complete RFI.)
HP's switch does it all for $89,573, excluding service and support. Included with the purchase of any ProCurve switch is a lifetime warranty on the hardware, including next-day replacement, free firmware upgrades, and free e-mail and phone support during regular business hours. Packages with 24-hour and on-site support also are available.
Our original network design took into account the way networks often grow; as new facilities are needed, infrastructure is purchased and installed. In addition, mergers and acquisitions bring their own hardware. The result was a network that contained a hodgepodge of switch models, firmware releases, and vendors.
The RFI is a chance to bring the entire organization to a single platform and build in features such as redundancy at the hardware and network layers, simplify management through a unified platform, leverage advanced traffic and network management to support real-time media, and gain additional security features.
HP's redesigned network incorporates switch lines that contain Layer 2 or 3 switches in configurations and port densities to fit neatly into any deployment scenario, from the access layer--where wiring closet issues such as power, cooling, and hands-off management are as important as port counts--to core switches that require high availability, high performance, and high port counts.
Starting at the core, HP replaced TacDoh's redundant data center switches and core switch-router with two ProCurve 5406zl-48G Intelligent Edge switches with redundant power supplies. A premium license is an additional $2,999 per unit, but it's required for the Virtual Routing Redundancy Protocol, which provides failover for routing. HP's reasoning for collapsing the data center servers and core switch router onto two 5406-48G switches is to simplify the network topology and provide an aggregation point between the data center and the access switches.
The 5406-48G is a six-slot chassis that ships with 48 10/100/1,000 Ethernet ports, which take up two slots and a single power supply. HP added an additional power supply for redundancy. There are four slots available for growth. Given the number of ports required for the data center servers and the access switches, TacDoh will have plenty of ports available as its network needs grow.
HP's redesign uses switch chassis from the 5400zl line--one for each department--populated with 10/100/1,000 Power over Ethernet ports to support the existing user base. Two smaller switches from the 3500 line are used for locations that have fewer ports. The access switches are underpopulated in the design; TacDoh plans to double its workforce in the next year and the chassis will allow incremental expansion.
HP chose to use chassis versus individual stacking switches to improve performance.
HP's solution has a number of high-availability features. The access switches are dual-homed using 1000Base-T uplinks to both core switches and Layer 2 protocols such as the Multiple Spanning Tree Protocol and the Link Aggregation Control Protocol. The zl modules are hot-swappable and and can be shared among the 5400zl chassis, so fewer spares need to be kept on hand. In addition, modules, mini-gigabit interface converters, and power supplies are hot-swappable.
We also wanted to make sure that the chosen vendor's products will support changes as the network expands, both in size and in the types of applications supported. HP's infrastructure support goes beyond speeds and feeds. Traffic monitoring uses industry standard protocols such as RMON for remote monitoring and sFlow for monitoring network traffic flows, and provides integration with third-party monitoring tools. However, sFlow is generally less supported than Cisco's NetFlow, so your choices of third-party applications that can use flow data may be limited.
Management is through HP's ProCurve Manager Plus management tool. The tool, known as PCM+, offers a full suite of management tools for device discovery, configuration management, monitoring, troubleshooting, and Layer 2 and Layer 3 mapping. Designed for small installations, PCM+ provides a wealth of tools to manage the installation. HP's command line interface has useful features as well. CLI policies can automate repeated configuration tasks and can be automatically executed by an event within the switch.
Like many organizations, TacDoh is migrating from its digital Centrex service to an IP-PBX and VoIP for internal communications. Supporting voice means applying quality of service to voice traffic, distributing power, and supporting E-911 requirements. Like all switches, the ProCurve switches support QoS marking and prioritization based on marking in the packets or though Layer 4 ports. As long as your IP phones are tagging the traffic they're sending, the ProCurves can prioritize it.
For example, a typical phone requires 8 watts of power. The two 1,500-watt external supplies can power either 144 devices using both power supplies, or 112 phones with the power supplies in a redundant configuration. The ProCurves support the Link Layer Discovery Protocol for Media Endpoint Devices to let the switch adjust the power level on a per-port basis, and provide location information to the phone for emergency services.
Leveraging 802.1x for network authentication, HP's ProCurve also supports multiple, simultaneous 802.1X clients on the same port, where each authenticated host is treated separately from all other hosts on the port.
In addition, users can be placed on individual VLANs and access control lists can be applied based on user authentication. HP suggests adding its ProCurve Identity Driven Manager, or IDM, which also plugs into PCM+, to manage user policies. IDM allows polices to be based on a user role, time of day, or location. IDM also integrates with HP's NAC-800 network access control appliance.