Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=209600406
We issued a request for proposals asking enterprise-class switch vendors to design a network based on the current needs of TacDoh, the fictional company we created for this Rolling Review. The RFP also had to take into consideration TacDoh's plans to add more users and network applications in the coming years.
We initially had some reservations about 3Com's bid--the company was once an up-and-coming powerhouse, but it dropped out of the enterprise space in 2000 to focus on the small- and midsize-business market. High capacity, flexibility, reliability, and price are the primary drivers, of course, but we also want a vendor that likely will be around for the long haul.
Now 3Com is trying to get back into the enterprise arena via a line of advanced switches that leverage R&D from its Chinese subsidiary, H3C Technologies, which it acquired from Huawei in 2007.
The financial outlook for 3Com looks reassuring: Net losses have decreased for the past three years, as net sales have gone up. The Dell'Oro Group's Ethernet Switch Report for the first quarter of 2008 indicates that 3Com isn't far behind Hewlett-Packard in Gigabit Ethernet switch ports shipped.
Moreover, 3Com's network design for our RFP was unique among respondents in that it relies solely on the use of stackable switches, rather than a chassis for the core and wiring closet switches. Modern stacking technology is certainly flexible, often allowing different switch form factors to be grouped in a single managed unit.
Improvements in performance and resilience also make the company's stacking strategy a reasonable alternative to chassis-based products. In addition, 3Com's limited warranty is similar to HP's for hardware replacement and firmware updates, although phone and e-mail support, even during business hours, requires a separate support contract.
Today's stacking technology offers high capacity and highly resilient configurations similar to chassis switches, which are a good fit for smaller companies like TacDoh, our fictional purveyor of deep-fried snacks in retail stores. Chassis have more capacity in the backplane but are generally more expensive, while stackables are more flexible and usually less costly. 3Com's stacking technology, called Expandable Resilient Networking (XRN), can pile on eight switches that act like a single unit.
Where older stacking technology had a single path from the top of the stack to the bottom, modern iterations like XRN create a ring topology, where the switches at the top and bottom of the stack are also connected. Now there are two paths for traffic to pass through. If a switch in the middle of the stack fails, the rest of the devices are still interconnected through the remaining path.
The failed switch can be replaced with a new one, and once the configuration is restored to the new switch, the stack is fully operational.
In addition, 3Com has added redundant uplinks between the access switches and the core switch stack, made up of three 5500G model switches. For locations that called for more than two switches in a stack, 3Com specified four aggregated 1-Gbps uplinks for a combined 4-Gbps capacity.
The XRN stacking allows uplink ports from any switch in the stack to be aggregated, increasing overall capacity as well as providing redundancy. If one uplink fails, it's simply dropped out of the aggregated pool. Locations with 48 ports or fewer aggregated two 1-Gbps links, while the data center stack aggregated two 10-Gbps uplinks to the core.
The downside of stacking is that the maximum bandwidth is limited to the capacity of the stacking cable. According to 3Com, XRN stacking can support 96 Gbps of throughput, but that is broken down as 48 Gbps per cable in full-duplex mode, where 24 Gbps can be transmitted and 24 Gbps can be received. With two cables, one going "up" and the other going "down," the combined bandwidth totals 96 Gbps.
Now, with just two switches, we could, in theory, get full bandwidth to each port. But add another switch, and we could potentially overrun the available capacity.
To be clear, we don't consider the 96-Gbps capacity limit to be an issue for our access switches, as we expect little communication between hosts on the same switch stack. Traffic on the access switches that is destined for the data center, however, will be limited by the uplink capacities, and we might run into some scaling issues at the core as the company grows in size.
At that point, we would investigate modular chassis products, which typically have much faster backplanes.
POWER AND VOICE
TacDoh is moving to a voice-over-IP system, and to keep costs down the company plans on using existing physical network jacks rather than running new cable for VoIP phones. The 3Com access switches will need to supply reliable Power over Ethernet to our VoIP phones. 3Com recommends we deploy its Remote Power System external AC or DC power supply to provide redundant power for the switch, as well as powering the PoE ports at 15.4 watts each. The RPS is provided by Eaton Powerware.
Like other switches supporting PoE, the 5500 and 4200 devices can supply power based on the discovery of the type of phone attached to the port. The switches ship with profiles for many 3Com and non-3Com phones and devices.
TacDoh also can prioritize so that mission-critical devices will get power before lower-priority gear. For example, the 5500 has 300 watts and can power 19 devices at 15.4 watts, well short of the 24- or 48-port models. If the RPS fails, the draw might exceed the available power. Prioritization allows the switch to disable power to low-priority gear first.
Voice devices, once detected, can be placed in a voice virtual LAN reserved exclusively for VoIP traffic. When a PC is connected to a phone--a common configuration--the switch will place the VoIP traffic into the voice virtual LAN and the data traffic into the appropriate data virtual LAN.
KEEP US SAFE
3Com's security features are on par with other vendors' offerings and include 802.1X, DHCP and ARP snooping, and access control lists, all of which can make unauthorized use of the network and IP address spoofing or theft far more difficult. In addition, the switches have denial-of-service prevention built in to thwart attacks that would overwhelm the switch CPU by dropping frames at the port.
Not all of the security features are available on both the 5500 and 4200 model switches. The 4200 is more of a workgroup device, although some traffic security features, such as DHCP snooping and port privacy--blocking two hosts on the same switch from directly communicating--are available.
The 4200 line doesn't support password policy enforcement, which can be configured to require passwords that contain upper- and lowercase letters, numbers, and symbols. These devices do not support DHCP tracking, which tracks a host's DHCP lease; ARP inspection, which tracks MAC addresses; or IP Source Guard, which ensures that IP addresses can't be taken or forged. If we need these advanced features at the edge, we'll have to upgrade to the 5500g line.