Nortel Avaya Data

Nortel/Avaya Data
Table of Contents
Table of Contents
Avaya Advanced Gateway 2330 ...................................................................................................... 2 Avaya Ethernet Routing Switch 2500 .............................................................................................. 6 Avaya Ethernet Routing Switch 4500 .............................................................................................. 9 Avaya Ethernet Routing Switch 5500 Series ................................................................................. 12 Avaya Ethernet Routing Switch 5600 Series ................................................................................. 15 Avaya Ethernet Routing Switch 8300 ............................................................................................ 20 Avaya Ethernet Routing Switch 8800 ............................................................................................ 27 Avaya Secure Router 2330 ............................................................................................................ 46 Avaya Secure Router 4134 ............................................................................................................ 50 Avaya Secure Router 8000 Series................................................................................................. 52 Avaya Secure Router Portfolio ....................................................................................................... 57 Avaya VPN Router ......................................................................................................................... 59 Avaya Configuration and Orchestration Manager .......................................................................... 61 Avaya IP Flow Manager ................................................................................................................. 70 Avaya WLAN 2300 Series ............................................................................................................. 75 Avaya WLAN 8100 Series ............................................................................................................. 83 Avaya Network Resource Manager ............................................................................................... 89 Avaya Enterprise Switch Manager ................................................................................................. 92 Avaya Identity Engines Portfolio .................................................................................................... 94 Avaya Visualization Performance and Fault Manager ................................................................... 99 Avaya VPN Portfolio .................................................................................................................... 106
Avaya Advanced Gateway 2330

The Avaya Advanced Gateway 2330 is a modular, voice gateway solution that enables enterprises to reliably extend centralized unified communications (UC) services to their remote branch users. Delivering voice gateway capabilities in a flexible, cost-effective platform, the Advanced Gateway 2330 is ideal for enterprise branch offices or remote sites. It can provide local branch connectivity to the public switched telephone network (PSTN) as well as SIP survivability in case of IP wide-area network failure or service outage. Optionally, it can be upgraded to provide advanced data and wide-area network (WAN) services and function as a full-featured integrated branch router. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: Youve deployed a centralized Unified Communications system to simplify the network and reduce costs, but also need to address branch connectivity and survivability concerns You want to grow your branch sites, but at the same time you want to keep your operational and management costs in check You need to reliably and cost-effectively extend centralized Unified Communications services to remote branch users
We can deliver the following benefits: Reduces operational costs. This is due to the reduced maintenance, improved interoperability and greater reliability of SIP-based unified communications services, especially at remote sites. By delivering resilient SIP gateway services in a cost-effective, modular platform the Advanced Gateway 2330 is a compelling alternative to existing Avaya branch solutions and to the competition. Its voice survivability features allow it to provide ongoing phone services even when remote connectivity to the voice call server is lost. Since its voice gateway/survivability feature is SIP-based, it can provide resilient voice services with a range of Avaya call servers and phones, including Avaya Aura Session Manager as well as Communication Server 1000, Communication Server 2100 and Software Communication System call servers. It is also compatible with third party call servers such as Broadsoft and Sylantro. The Advanced Gateway 2330 can also be software upgraded to deliver a complete suite of routing and WAN services. This effectively converts the Advanced Gateway 2330 into a fully functional converged branch router, which can consolidate multiple branch devices and reduce total cost of ownership.
The Advanced Gateway 2330 is interoperable with Avaya Aura and Avaya 9600 Series IP Desktop phones as well as other Avaya and third-party call servers and phones. With a rich
suite of SIP gateway features, PSTN interface options, global signaling protocols, and resiliency support, it is an ideal branch solution for centralized UC deployments. It also can be upgraded to deliver a complete suite of data and WAN services, consolidating multiple branch devices and significantly reducing an enterprises total cost of ownership.
Voice media gateway services

The Advanced Gateway 2330 offers a set of integrated voice interfaces that allow connection to the public switched telephone network (PSTN) as well as support of conventional TDM-based telephony devices. Branch users can call other users within the branch or make or receive calls through the gateway to or from the local PSTN. The gateway supports; analog, digital and SIP trunks, as well as connection of local analog/TDM phones and fax machines. T1/E1 PRI, FXS and FXO interfaces are all available for flexible telephony connection with support for up to 100 simultaneous SIP users or devices. The Advanced Gateway 2330 media gateway and survivability services are interoperable with Avaya Aura Session Manager, Communication Server 1000 (R6.0 and higher), and Software Communication System (SCS). The Advanced Gateway 2330 is also compatible with Microsoft OCS 2007 R2, as well as other third-party SIP call servers for flexible branch gateway deployment.
Survivable SIP gateway

The Advanced Gateway 2330s survivable SIP gateway capabilities enable business continuity in case of communication loss to a centralized UC/VoIP server. In this case, branch users can continue to make intra-branch calls, make/receive calls from the locally-connected PSTN, and access commonly used features such as hold, transfer, conferencing, and call waiting. When communication to the central server is restored, the Advanced Gateway 2330 automatically reconnects for resumed access to the UC and VoIP features of the central server. Since this feature is SIP-based, it is compatible with a range of Avaya and third-party SIP servers and phones. The Advanced Gateway 2330 base model supports registration of up to 25 SIP devices and a license option is available for registration of up to 100 SIP users.
Additional gateway management features

The Advanced Gateway 2330 provides a number of additional capabilities which improve gateway management and monitoring, increase security, and enable multivendor interoperability. Call Admission Control allows the network manager to define thresholds for on-net calling, after which additional calls are routed directly to the PSTN. This provides capability to manage WAN bandwidth and enable high quality communications from the remote branch. Call Detail Recording enables network managers to monitor call usage and patterns. End-to-end measurement and alarms based on packet delay, jitter, and loss enable network managers to proactively monitor IP network behavior and isolate conditions which may degrade VoIP communications quality before they impact end user satisfaction.
Offline prevention of unregistered users helps enable only registered and authorized users to be able to connect to the Advanced Gateway 2330 during periods of WAN outage.
Optional WAN routing based on Avaya Secure Router 2330

The Advanced Gateway 2330 can be software upgraded to a full suite of routing and wide-area networking (WAN) services. When upgraded, the Advanced Gateway becomes functionally equivalent to the Avaya Secure Router 2330 platform capable of delivering voice and data in a single platform. This can help to consolidate multiple devices and reduce an enterprises branch deployment costs. This upgrade adds advanced routing protocols (e.g., OSPF, BGP, RIPv2) as well as support for Layer 2/Layer 3 WAN protocols (e.g., Frame Relay, PPP) to the Advanced Gateways SIP gateway features. In essence, the upgrade converts the Advanced Gateway 2330 into a Secure Router 2330 with all the WAN, routing and gateway features of this platform. The resulting device can operate as a converged branch router with a full suite of data, WAN and gateway services and replace an existing WAN router that might be in place in the branch site.
Multiple package options

The Advanced Gateway 2330 is available in several models to address a range of branch/remote site needs and sizes. Each model consists of a modular chassis that is preinstalled with appropriate voice modules (e.g., FXS, FXO, PRI) along with software and licenses: AG2330-2FXO: Includes chassis, 2-port FXO module, 2-port FXS module and packet voice module (PVM) with support for up to 8 active DSP/TDM channels and 25 SIP survivability users. AG2330-4FXO: Includes chassis, 4-port FXO module, 4-port FXS module and packet voice module (PVM) with support for up to 8 active DSP/TDM channels and 25 SIP survivability users. AG2330-PRI: Includes chassis, 1-port T1/E1 (PRI) module, 4-port FXS module, and packet voice module (PVM) with support for up to 32 active DSP/TDM and 25 SIP survivability users.
All models also include an option to upgrade to full routing and WAN functionality. Since preinstalled voice modules only occupy two of the Advanced Gateway 2330 three slots, an additional module slot is available to add another FXO, FXS or T1/E1 PRI voice module.
Simple to install, simple to scale modular platform

The Advanced Gateway 2330 provides advanced operational features while simplifying, or eliminating, time-consuming and confusing installation tasks. The units chassis has 8 built-in Ethernet interfaces and an open module slot for an additional interface card to support the dynamic demands of growing businesses.
Management
The Advanced Gateway 2330 employs an industry-aligned command line interface (CLI) that makes it easy to set up and manage. Features include: On-Premise, Console and Command Line Interface; Telnet, Events, Syslog. Remote SSHv2 provides secure communication for configuration and maintenance. Avaya Unified Communications Management provides for fault management and device reporting.
An easy choice
The Advanced Gateway 2330 is a flexible, cost-effective branch gateway solution that can address the UC connectivity needs of remote sites. It also can serve as the springboard for converged voice and data services in a common platform for simplified management, greater cost savings and a high quality of user experience.
Avaya Ethernet Routing Switch 2500

The Avaya Ethernet Routing Switch 2500 Series is a new family of cost-effective 10/100BaseT Ethernet switching products perfectly suited for branch offices of larger enterprises, or the enterprise edge, requiring a low-cost but feature-rich solution in the wiring closet. Ideal for enterprises with big plans, but not-so-big budgets, the switch offers convergence-ready flexibility, high-speed connectivity and cost-effectiveness to deploy next-generation technology today -- while providing the high resiliency and performance customers need. When it comes to deploying converged solutions for the network edge, Avaya is uniquely positioned to help your business reduce costs by combining voice and data into an integrated system. The Ethernet Routing Switch 2500, along with other Avaya products, can help increase your profitability, streamline your business operations, increase productivity and help you gain the competitive edge.
Ethernet Routing Switch 2500
Benefits include: Cost-effective Enterprise-class feature set at an entry level price Convergence-ready - Built-in Power-over-Ethernet functionality and 802.1AB support for auto-discovery of IP phones Enterprise-class management - Support for CLI, Web GUI, or Java Device Manager
We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: Because not all network devices require Power-over-Ethernet (PoE), needs a switch that offers the right mix of PoE and non-PoE ports, so you do not pay for power capacity that you might never use. Without a switch that provides this flexibility, you may
increase your power and cooling requirements in the wiring closet because of a switch that supports PoE on all ports needs a flexible switch that can scale to meet your needs while offering simplicity in the management of ports. And if the switch does not offer sub-second failovers in case of switch or stacking cable failure, you may find that your applications and network resources are not continually available to users You want your network and data to be secure. Doing so means installing equipment that can offer high levels of security and flexibility so only authorized personnel gain access to your LAN. Without this security at every level of your network, risks losing valuable data Wire-speed Performance for optimal application delivery Ethernet Routing Switch 2500 delivers wire-speed switching that enables real-time application performance such as voice and video Scalability to grow as the network grows - Customers can scale and grow the network by stacking Ethernet Routing Switch 2500 units. This can be achieved even with an Ethernet Routing Switch 2500 stand-alone unit. Stand-alone versions of the Ethernet Routing Switch 2500 can be field-upgraded to support resilient stacking functionality on the rear ports via a stacking license, without the need to replace hardware to expand the number of switch ports. Reliability - Ethernet Routing Switch 2500 stack remains operational in case of unit or cable failure, and when the Ethernet Routing Switch 2500 is deployed at the network edge with Avaya switching products in the network core that support Avaya Switch Clustering technology (Split Multi-Link Trunking), added performance and sub-second resilience is provided in the network solution A Unified Communications Ready Edge Wire-speed switching, Power-over-Ethernet Support for IP phones, and Quality of Service so time-sensitive data gets priority PoE on half of 10/100 ports minimizing cost for non-PoE devices High-performance switching in a cost effective platform
We can deliver the following benefits:
The Ethernet Routing Switch 2500 is available in four models with the flexibility to deploy them as stand-alone units or to deploy them in stacks of up to 8 units high to form a resilient intelligent stack architecture. Units purchased as stand-alone units require the purchase of a stacking license to enable stacking functionality on the rear ports. Stack pre-enabled units can also be purchased which eliminate the need for a separate license. The four models available in Ethernet Routing Switch 2500 Series of products include: Ethernet Routing Switch 2526T provides 24 x 10/100 ports, plus 2 x combination 1000BASE-T / SFP ports, plus 2 x 1000BASE-T RJ-45 ports at the rear. Ethernet Routing Switch 2526T-PWR provides 24 x 10/100 ports (PoE supported on 12 ports), plus 2 x combination 1000BaseT / SFP ports, plus 2 x 1000BASE-T RJ-45 ports at the rear.
Ethernet Routing Switch 2550T provides 48 x 10/100 ports, plus 2 x combination 1000BASE-T / SFP ports, plus 2 1000BASE-T RJ-45 ports at the rear. Ethernet Routing Switch 2550T-PWR provides 48 x 10/100 ports (PoE supported on 24 ports), plus 2 x combination 1000BASE-T / SFP ports, plus 2 x 1000BASE-T RJ-45 ports at the rear.
The Ethernet Routing Switch 2500 switches integrate with many other Avaya products to provide a complete solution to customers looking for cost-effective networking solutions. Ethernet Routing Switch 2500 switches are aimed at 10/100 wiring closet edge solutions providing PoE, non-PoE in stand-alone and stacked options. This product family differs from other products in that it is specifically aimed as a low priced entry level enterprise-class switching platform. The Ethernet Routing Switch 2500 switches are suitable to be linked with other Avaya products in the network core, such as Ethernet Routing Switch 5000 Series (5500 and 5600 models), and Ethernet Routing Switch 8600 products, to create networking solutions for small to medium enterprise businesses.

The Avaya Ethernet Routing Switch 4500 provides the resiliency, security and convergence readiness that application and competition-driven enterprise networks require. The switch delivers flexible Ethernet switching with Power-over-Ethernet (PoE) models for simplified network deployments to help drive lower total cost of ownership. The Ethernet Routing Switch 4500 switches provide: Simplified converged deployments through PoE, Advanced QoS and IP phone port auto-configuration High-density desktop connectivity supporting up to 400 user ports Resilience through fail-safe stacking, distributed trunking and power redundancy Flexible mix-and-match stacking capabilities to best meet customer requirements
We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: needs a flexible switch that can scale to meet your needs while offering simplicity in the management of ports. And if the switch does not offer sub-second failovers in case of switch or stacking cable failure, you may find that your applications and network resources are not continually available to users s users want continuous access to the applications they need, and they want those applications to be fast. Getting what they need is a complex issue. You want a solution that can provide intelligent bi-directional traffic flows between switches and the ability to distribute trunks or aggregations across different units in the stack. Without this functionality, your traffic flows and application performance may suffer in the event of a switch or link failure You want your network and data to be secure. Doing so means installing equipment that can offer high levels of security and flexibility so only authorized personnel gain access to your LAN. Without this security at every level of your network, risks losing valuable data
10
High performance intelligent solution at the edge of the network - Ethernet Routing Switch 4500 offers the features, performance, and resilience to optimize a unified communications network Breadth of Portfolio - Eleven models to choose from allowing businesses to scale, change and grow according to business requirements Secure Networking - Intelligent stacking resilience enabling access to mission critical applications Avaya Ethernet Routing Switches consume 40% less energy than competitive solutions without sacrificing features or performance. The Avaya 4550T switch consumes 45 watts compared to 89 watts for Cisco 3750G, plugged in and idling with factory settings. This amounts to a 44 Watt savings before any devices are connected! If we assume a three-year replacement cycle for this example, then implementing the Avaya switch in place of the Cisco equivalent saves a million Watts of electricity over its life.
Avaya Ethernet Routing Switch 4500 highlights: Stackable 10/100 and 10/100/1000 switching with and without Power-over-Ethernet. Stacking provides fully redundant, non-blocking switch fabric distributed across all units in the stack. Furthermore, all units are managed as a single entity. The Ethernet Routing Switch 4500 also features auto-unit replace which automatically uploads the switch configuration when a new unit is added to the stack. High-performance, non-blocking throughput delivering up to 320 Gbps stacking capacity Advanced resiliency with fail-safe stacking, Distributed Multi-Link Trunking and redundant power option Sophisticated Quality of Service with Layer 2-4 traffic filters, prioritization based on 802.1p and DiffServ, marking, re-coloring and traffic shaping with flexible egress hardware queues Power to IP phones, WLAN Access Points, network cameras, security, lighting and access control devices through Power-over-Ethernet High-density desktop connectivity, supporting up to 400 10/100 ports or 384 10/100/1000 ports all managed as a single entity Higher network uptime through high-resiliency features such as fail-safe stacking, Distributed Multi-Link Trunking and power redundancy Investment protection with flexible mix-and-match stacking capabilities
The Ethernet Routing Switch 4500 models include: Ethernet Routing Switch 4526FX with 24 x 100BASE-FX ports plus 2 x combo 1000BASE-T/Small Form-Factor Pluggable (SFP) ports Ethernet Routing Switch 4526T with 24 x 10/100 ports plus 2 x combo 1000BASET/SFP ports Ethernet Routing Switch 4526T-PWR with 24 x 10/100 802.3af PoE ports plus 2 x combo 1000BASE-T/SFP ports
11
Ethernet Routing Switch 4550T with 48 x 10/100 ports plus 2 x combo 1000BASET/SFP ports Ethernet Routing Switch 4550T-PWR with 48 x 10/100 PoE ports plus 2 x combo 1000BASE-T/SFP ports Ethernet Routing Switch 4524GT with 24 x 10/100/1000 including 4 x combo 1000BASE-T/SFP ports Ethernet Routing Switch 4524GT-PWR with 24 x ports of 10/100/1000 PoE ports including 4 x combo 1000BASE-T/SFP ports Ethernet Routing Switch 4526GTX with 24 x 10/100/1000 ports including 4 x combo 1000BASE-T/SFP, plus 2 x 10GBASE-X XFP slots Ethernet Routing Switch 4526GTX-PWR with 24 x 10/100/1000 802.3af PoE ports including 4 x combo 1000BASE-T/SFP, plus 2 x 10GBASE-X XFP slots Ethernet Routing Switch 4548GT with 48 x 10/100/1000 including 4 x combo 1000BASE-T/SFP ports Ethernet Routing Switch 4548GT-PWR with 48 x 10/100/1000 PoE ports including 4 x combo 1000BASE-T/SFP ports
All models include built-in HiStack stacking ports that can deliver up to 320 Gbps stacking performance, plus redundant power support. Additionally, all models in the Ethernet Routing Switch family offer the ability to stack in any combination of models to form a stack up to 8 units high. This flexibility provides with a high degree of flexibility to mix and match the port configurations based on s needs. Simple installation and network configuration helps with these goals: Quick start tools for fast set-up Network management for configuration changes/updates Simple to configure stacking, and mix-and-match PoE, Fast Ethernet and Gigabit Ethernet improves flexibility and growth plans. Power-over-Ethernet provides flexible and fast installation.
In the Tolly Groups comparative study of equipment cost per throughput (report #210115 published in January 2010), the Avaya 4548GTPWR came out a clear winner at $70 per Gigabit throughput a fraction of the cost of the Cisco C3750G-48PS and the C3560G-48PS ($250 and $153 respectively). Another Tolly report on the Ethernet Routing Switch 4500 series (report #210116 published in January 2010) gives Avaya equipment straight As for reliability, throughput and quality, stating that, The Ethernet Routing Switch 4500 switches achieved zero-loss throughput with low latency and jitter, along with delivering stack resiliency.
12
Avaya Ethernet Routing Switch 5500 Series

The Avaya Ethernet Routing Switch 5500 Series is a set of stackable LAN switches that provides the security, resilience and convergence readiness that enterprises require. These switches are designed for wiring closets, data centers and smaller core environments. The range delivers medium- and high-density 10/100/1000 copper ports plus 1Gbps uplink ports, with optional standards-based Power-over-Ethernet and redundant power, and a model that provides 1Gbps/10Gbps aggregation. The Ethernet Routing Switch 5500 Series models are part of the broader Ethernet Routing Switch 5000 Series that also includes the Ethernet Routing Switch 5600 models. These products are stack-compatible and offer investment protection, resiliency and efficiency.
Ethernet Routing Switch 5500 Series
We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: Accessible networks are vital for effective collaboration among employees and customers, and resource sharing between co-workers. In the unlikely event of a link or unit failure, these interactions must be able to continue without interruption Support for IEEE 802.3af standards-compliant Power-over-Ethernet enables a switch to power multiple devicesincluding IP phones, WLAN Access Points, network cameras, security devices, and other access control devices supporting 802.3afregardless of product vendor. It is recommended that select a product that provides this support Protecting the network against both external and increasingly prevalent internal attacks is a critical part of an IT managers job. The ability to do this requires simple to manage, yet intelligent, security solutions that not only look at the identity of the person logging in, but also at the device connecting to the network
We can deliver the following benefits: High-performance - Wire-speed throughput for your unified communications business applications and real-time applications such as voice and video Scalability and resilience at the edge or core of the network Intelligent, seamless stacking and switch clustering reliability; switch clustering technology offers sub-second
13
resilience and high levels of performance enabling access to mission critical applications Secure networking Avaya Identity Engines portfolio enables user/device authentication and partitions LAN resources into access zones for authentication, remediation and full access

The Ethernet Routing Switch 5510 switches are 1 rack unit (1U) high stackable 10/100/1000 Mbps Ethernet Layer 3 switches that provide high-density Gigabit desktop connectivity for medium and large enterprise wiring closets. The switches feature two built-in Small Form Factor Pluggable (SFP) combo uplink slots. Ethernet Routing Switch 5510 switches are available in two models: Ethernet Routing Switch 5510-48T switch Ethernet Routing Switch 5510-24T switch
The switches include a 1.5 ft cascade cable. The Power-over-Ethernet versions of these switches: the Ethernet Routing Switch 5520-24T-PWR and Ethernet Routing Switch 5520-48TPWR are also available. These models will also stack with the all other 5500 and 5600 models.

The Ethernet Routing Switch 5520 models are 1 rack unit high stackable 10/100/1000 Mbps Ethernet Layer 3 switches designed to provide high-density Gigabit desktop connectivity and Power-over-Ethernet capability to mid-size and large enterprise convergence-centric wiring closets. The switches feature four built-in Small Form Factor Pluggable (SFP) combo uplink slots. Ethernet Routing Switch 5520 switches are available in two models: Ethernet Routing Switch 5520-24T-PWR. Ethernet Routing Switch 5520-48T-PWR
Ethernet Routing Switch 5520-24T-PWR offers 24 10/100/1000 RJ-45 ports for desktop switching and four built-in SFP ports for uplinks. Ports 21, 22, 23, and 24 can be configured as either 10/100/1000 or make use of the built-in SFP. Both Ethernet Routing Switch 5520-24TPWR and Ethernet Routing Switch 5520-48T-PWR may be combined in a single stack for maximum flexibility. All models within the Ethernet Routing Switch 5500 Series range are stackable up to eight (8) units high, forming a 'stackable chassis', a single logical network device that supports up to 384 ports of 10/100/1000 Ethernet, with or without Power-over-Ethernet. Stacks can be formed using like models, or with any mix of models from within the range. The Ethernet Routing Switch 5500 models are also 100% stack-compatible with models from the Ethernet Routing Switch 5600 Series. The Ethernet Routing Switch 5520-48T-PWR features 48 10/100/1000 RJ-45 ports for desktop connectivity and four built-in SFP ports for uplinks. Ports 45, 46, 47, and 48 offer configuration flexibility by allowing the network administrator to configure each port as either 10/100/1000 or make use of the built-in SFP. As many as eight Ethernet Routing Switch 5520-48T-PWR
14
models can be stacked to achieve up to 384 10/100/1000 ports for highest-density desktop switching.

The Ethernet Routing Switch 5530 addresses the performance requirements and demands of a converged network and provides 10 Gigabit Ethernet to the network core, and as the core switch in smaller network deployments. The Ethernet Routing Switch 5530-24TFD is a nextgeneration stackable 10/100/1000Mbps Ethernet Layer 3 switch. The switch provides Gigabit desktop connectivity and Gigabit and 10 Gigabit fiber connectivity for aggregation in mid-sized and large enterprise wiring closets. The Ethernet Routing Switch 5530-24TFD provides 24 10/100/1000 RJ-45 ports, 12 combo SFP slots, and 2 slots for 10 Gigabit Ethernet XFP connections. The switch includes two builtin stacking ports in a compact one rack-unit high design. The Ethernet Routing Switch 553024TFD may be utilized in stand-alone mode, or may be stacked together in a mixed stack of eight units with existing Ethernet Routing Switch 5510-24T/48T or 5520-24T/48TPWR devices. As the Ethernet Routing Switch 5530-24TFD (as with all Ethernet Routing Switch 5500 Series models) supports Avaya innovative switch cluster technology, the Ethernet Routing Switch 5530 is perfect for the role of high-performance core switch in a small network.
15

The Avaya Ethernet Routing Switch 5600 Series is a set of premium, fixed-format Ethernet switches that provide high-performance connectivity in a scalable pay-as-you-grow stackable solution. The model range provides traditional high-density and innovative ultra high-density options for Gigabit Ethernet, and medium density fiber aggregation. The products feature fieldreplaceable redundant power supplies, and optional standards-based Power-over-Ethernet (PoE). The Ethernet Routing Switch 5600 Series is part of the Ethernet Routing Switch 5000 Series of products, and offers a complete portfolio with options ranging from 24 through to 98 ports per switch, with or without PoE, with power redundancy options, and interoperability across the product line. The evolution and develop life cycle demonstrate a proven track record for unbeatable value and exceptional investment protection.
Ethernet Routing Switch 5600 Series
The comprehensive options and the embedded versatility make the switch highly accomplished in any of the diverse deployment scenarios that customers typically face - wiring closet to highperformance computing environment. The Ethernet Routing Switch 5600 Series offers flexible and versatile deployment options and is the best value port-for-port than any product on the market, continuing to lead the way for premium networking delivered via an optimized total cost of ownership model. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: Designing-out a lack of end-to-end application availability, potentially caused by individual equipment or component failure, or the inability of data-centric techniques to adequately support modern, delay-sensitive traffic. As modern business becomes intrinsically linked to the performance of its information technology resources, a lack of availability has a direct impact on the potential for consistent growth. The business needs to be flexible, in addition to the general evolution away from paperbased systems to ubiquitous electronic systems. Taken together, this means that the network needs to be easily and seamlessly scaled. Where networks cannot easily and seamlessly be scaled and operationally supported, the business will be impacted. This may involve delayed roll-out of support for users or applications, for increased costs in network deployment or support.
16
With networks being increasingly important there can also be something of a tendency to make them increasingly complex. However this can be counter-productive. Management is crucial, and simplicity is the key to effective real-work management. Where network management is sub-optimal, or at worst, ineffective, the business is being placed at risk. This generally becomes apparent during periods of downtime and reduced application performance or availability. This has direct and significant impacts on the ability of the business to undertake its core activity. Security continues to be a significant concern for network managers, often featuring right at the top of key purchasing decision criteria. In addition to the traditional threats from external sources there is the ever-expanding insider threat scenario that network managers need to consider and prepare for. Security of the network and of the information that passes over the network is one of the paramount responsibilities of the network manager. The entire survival of the business is put at risk should the network fail to provide levels of protection commensurate with the sensitivity of the information supported. Operational support is one of the areas where major costs and potential savings can be isolated. Wherever possible managers need to set up their network so it is efficiently built and supportable. Increasingly network managers are asked to do more with less. The business can be impacted if the network does not have the appropriate embedded capabilities to enable efficient and effective operational support.
We can deliver the following benefits: Flexible Advanced Stacking Technology which delivers unparalleled levels of resiliency, performance, scalability, and operational efficiency creating the stackable chassis as an alternative to lesser fixed-format offerings or more expensive modular options Switch Clustering solution for the core, the aggregation layer, and the data center. Virtualizing a pair of switches simplifies the network topology, reduces equipment costs, maximizes bandwidth, optimizes resources, and prevents one single point of failure Horizontal Stacking leveraging Flexible Advanced Stacking Technology for resiliency, performance, and scalability in addition to the real-world practicality of long stack cables enables Avaya to revolutionize the delivery of non-stop and cost-effective application availability in the data center. This solution sees high-performance switches implemented in the top of server racks, resiliently stacking these with switches in adjacent racks, and switch clustering the horizontally-stacked switches to achieve multiple layers of resiliency and the highest levels of performance
The Ethernet Routing Switch 5600 Series is a set of premium, fixed-format Ethernet switches that provide high-performance connectivity in a scalable pay-as-you-grow stackable solution. The model range includes five distinct models, and is also 100% stack-compatible with the Ethernet Routing Switch 5500 models, thereby providing an expanded range of 10 models. The Ethernet Routing Switch 5600 models are: Ethernet Routing Switch 5632FD offering a total of 32 concurrent network interfaces with 24 ports of 1000BASE-X SFP and 8 ports of 10GBASE-X XFP connectivity
17
Ethernet Routing Switch 5650TD offering a total of 50 concurrent network interfaces with 48 ports of 10/100/1000 and 2 ports of 10GBASE-X XFP connectivity Ethernet Routing Switch 5650TD-PWR offering a total of 50 concurrent network interfaces with 48 ports of 10/100/1000 with 802.3af Power-over-Ethernet and 2 ports of 10GBASE-X XFP connectivity Ethernet Routing Switch 5698TFD offering a total of 98 concurrent network interfaces with 96 ports of 10/100/1000, including 6 ports that are in a combo configuration with 6 ports of 10000BASE-X SFP, and 2 ports of 10GBASE-X XFP connectivity Ethernet Routing Switch 5698TFD-PWR offering a total of 50 concurrent network interfaces with 48 ports of 10/100/1000 with 802.3af Power-over-Ethernet, including 6 ports that are in a combo configuration with 6 ports of 10000BASE-X SFP, and 2 ports of 10GBASE-X XFP connectivity
The stacking capacity for the Ethernet Routing Switch 5600 models is similar to that for the existing Ethernet Routing Switch 5500 models: up to eight (8) switches, except when this involves the 5698 models, and then the limit is a maximum of 400 ports; this being governed by software. Therefore it is possible to have an Ethernet Routing Switch 5600 deployment that offers: Stack of 8 x 5632FD 192 ports of 1GbE and 64 ports of 10GbE, or Stack of 8 x 5650TD 384 ports of copper (with or with PoE) and 16 ports of 10GbE, or Stack of 4 x 5698TFD - up to 384 ports of copper (with or with PoE) and up to 24 ports of 1GbE, and 16 ports of 10GbE; the last six Gigabit ports being combo ports either 1000BASE-T or 1000BASE-X SFP, or Any combination of switches (up to the 8 switches or 400 ports maximums)
The Ethernet Routing Switch 5600 products feature non-blocking switch fabrics, with up to 384Gbps of capacity (288Gbps on the 5632FD & 5650TDs), providing an under-subscribed architecture regardless of the combination of both network and stacking interfaces. Avaya Flexible Advanced Stacking Technology delivers a series of differentiated capabilities revolving around three key areas: Bi-directional shortest-path traffic forwarding this capability is at the heart of our resilient stacking architecture, allowing the shortest, optimal forwarding path to be selectively chosen for each unique data flow. Avaya Ethernet Routing Switches do not use the unwieldy logical ring or token technology that competitors use, but a star-based distributed forwarding topology that allows traffic to flow either upstream or downstream simultaneously from each switch in the stack, optimizing both performance and resiliency. Auto-unit replacement this crucial serviceability and operability feature enables any unit failure to be quickly and easily rectified; a hot-swap capability. Enabling immediate like-for-like unit replacement without impacting the remaining stack functionality and traffic, and without complex engineering intervention empowers operators to deploy our stackable solutions just like they would a chassis. The auto-unit replacement
18
functionality automatically delivers the agent image software, the configuration file, and the diagnostic image software to the replacement switch. Scalable stacking performance the high performance logical backplane scales in direct proposition to the number of switches added the bandwidth scales linearly with the addition of each new unit into the stack and the number of ports/users that need to be supported.
The stacking connectors are directly integrated into the switches and recessed for additional robustness therefore no additional purchase is required, and a stacking cable is packaged with each switch. When a stack of Ethernet Routing Switch 5600 switches is created, a number of processes automatically occur: the integrity of the stacking cables is tested and confirmed, the switches are numbered and associated, the base unit is recognized and the temporary base unit is elected. When a stack is established, the Ethernet Routing Switch 5600 units form a stackable chassis solution, delivering crucial operational advantages: high performance logical backplane up to 1.152Tbps for a stack of 8 switches virtual hot-swap capability to facilitate the zero impact replacement of individual units centralized management and distributed forwarding non-blocking, wire-speed switch performance automatic unit replacement; software update and configuration download power redundancy with field replaceable AC and DC supplies up to 400 ports of 10/100/1000 Ethernet, or up to 192 ports of 1GbE & 64 ports of 10GbE the flexibility to stack vertically for wiring closet or core/distribution applications, or horizontally for deployment as the top-of-rack data center solution 100% stack-compatibility between the existing Ethernet Routing Switch 5500 and the new Ethernet Routing Switch 5600 models for enhanced investment protection and additional flexibility
Additionally, the Ethernet Routing Switch 5600 Series features field-replaceable redundant power supplies, both AC and DC variants and a variety of power ratings, to provide power redundancy and 802.3af Class 3 support without the need for any additional external power rack. The Ethernet Routing Switch 5600 Series supports a full suite of sophisticated software features and capabilities, and implements these via a tiered software licensing scheme. This minimizes unnecessary over-investment and reinforces the pay-as-you-grow theme of Avaya stackable chassis solution.
19
The Ethernet Routing Switch 5600 Series delivers comprehensive capabilities in: Layer 2 Spanning Tree support for standards-based interoperability, and extended support for various link aggregation techniques for additional performance, resiliency and flexibility Layer 3 Dynamic Layer 3 IP routing support, in addition to static and local routing, with implementations of RIP, OSPF, ECMP, and VRRP IP Multicast network efficiency improvements are enabled by implementing support for IGMP Snooping (at Layer 2) and PIM-SM Routing (at Layer 3) Security comprehensive network access control and denial-of-service prevention capabilities so the network edge infrastructure is both robust and can function as a truly effective first line of defense. The Ethernet Routing Switch 5600 supports standardsbased 802.1X EAP plus extensions, and Avaya Identity Engines solution Convergence the Ethernet Routing Switch 5600 supports a sophisticated Layer 2 and Layer 3 quality of service capability including filtering, traffic shaping, and policy-based rules. The products also support the 802.3af Power-over-Ethernet and 802.1AB Discovery protocols for effective internetworking of media devices Resiliency in addition to the obvious advantages of Avaya genuinely resilient stacking solution Flexible Advanced Stacking Technology the Ethernet Routing Switch 5600 Series also supports Avaya switch clustering capability (based on our Split Multi-Link Trunking technology). This allows Avaya to deliver a resilient solution at the appropriate price point for smaller networks.
The Ethernet Routing Switch 5600 Series delivers the highest levels of performance, functionality, scalability, and resiliency, enabling enterprises to deploy demanding applications with complete confidence. These premium stackable switches encapsulate the benefits of clear leadership in availability, unrivalled performance, scalability, flexible deployment options, and energy and space efficiency. This unique combination makes the complete Ethernet Routing Switch 5600 Series an exceptional value and the product-of-choice in its class.
20

The Avaya Ethernet Routing Switch 8300 continues to evolve into the core switch of choice for the mid-sized enterprise campus. The switch delivers simplified yet superior networking, creating one network using less but more intelligent equipment increasing availability and performance while minimizing costs. In addition, the Ethernet Routing Switch 8300 remains a premier wiring closet switch for large networks. The switch meets and exceeds the requirements of enterprises embarking on convergence as part of their strategic plan for success.
We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: Improving quality of service. Classifying, prioritizing, policing, and marking LAN traffic can offer networks reliable connectivity and required bandwidth for mission-critical applications, such as IP telephony, to specific groups, users, and individual devices. Without the ability to do this, s users cannot experience optimized network resources and capabilities, and bandwidth efficiency will not be at its highest potential. Transitioning to Gigabit Ethernet. New graphically intense applications, and the deployment of converged services such as IP telephony and unified communications, are placing increasing demands on network resources. needs a solution that can help you seamlessly transition to Gigabit Ethernet. Enabling power availability. To increase flexibility and enable the highest priority users and devices to have service when they need it, needs a switch with Power-overEthernet (PoE) modules to support an option to configure the priority level for power delivery. Without this support, you may find that when you need more power for the multiple applications being offered, some of your higher priority users will be left without the system resources they need. Enhancing network security. Lapses or failures in network security can have a costly impact on your profitability. cannot safely operate without a proper defense against both external and internal sources. Adapting to changing business needs. s network must be closely aligned with your businessoften subject to seasonal variations, or changes through merger and acquisition activity. Your network needs to have great flexibility and the ability to adapt
21
without impacting availability. Without this flexibility, it will be difficult for your business to operate efficiently and grow as you want. We can deliver the following benefits: Convergence quality access - The Ethernet Routing Switch 8300 is a high-density, high performance wiring closet product offering a full range of Access Switch features and functionality, including quality of service, access control (802.1X) as well as host integrity checking delivered via Avaya Identity Engines Portfolio solution. Seamless transition to Gigabit Ethernet Six- and 10-slot chassis, with 1GbE and 10GbE pluggable, and 10/100 and 10/100/1000 copper modules; class-leading 10GbE port density. Versatility and flexibility Pay-as-you-grow options for both hardware and software capabilities. Reliability Supports Avaya Switch Cluster technology for delivering 99.999% end-toend resilient application availability. Standards-based Power-over-Ethernet with Dynamic Power Management.
Flexible deployment options

The highly versatile Ethernet Routing Switch 8300 offers a wide range of capabilities that integrate easily into many network designs. With its performance and network resiliency features, the switch provides an excellent option for the core of the medium-sized enterprise network. The switch offers high-density 1GbE and 10GbE interface options, individual device redundancy, and delivers overall network and application resiliency. Established and newly-enhanced Access Switch features contributes to the Ethernet Routing Switch 8300 remaining the platform of choice for large-scale, enterprise-class deployments that value performance, density, security and convergence-friendly capabilities. The introduction of BGP-Lite and availability of VRF-Lite for virtualized IP routing provide a sophisticated set of capabilities accommodating, for example, operations within airport authorities, city and state government, and post merger and acquisition requirements in large enterprises. For network designs that require a third distribution tier, the Ethernet Routing Switch 8300 is an ideal option with high density interface options and high performance delivered on a relatively small footprint. The Ethernet Routing Switch 8300 series provides: High-density 1GbE and 10GbE pluggable interfaces for core, distribution and access connectivity requirements. High-performance and low latency to allow optimized application performance. Switch clustering to extend sub-second fail-over and full session load-sharing across the network infrastructure from user to application.
End-to-end application performance and availability

In a converged world reliability goes beyond individual nodes and is measured at the application level, end-to-end across the network; providing trusted and dependable fail-over
22
that is consistently less than one second, regardless of the failure scenario. Through simplified, resilient solutions, Avaya addresses this need. Switch Clustering Switch Clustering is the Avaya advanced resilient solution utilizing the Split Multi-Link Trunking and Routed Multi-Link Trunking protocols and provides complete protection against any individual component, link or node failure. This solution provides for sub-second recovery combined with user session-based load-balancing all leveraging standards-based dynamic link aggregation at the edge of the network, both user and server. Deploying the Ethernet Routing Switch 8300 in the core of a mid-tier network is the ideal solution for delivering highlyavailable services. Routed Split Multi-Link Trunking provides rapid failover for networks that are using dynamic Layer 3 routing protocols, is not dependent on the routing protocol used, and IP Gateway redundancy is achieved by synchronizing forwarding information between switch CPUs. Redundant and resilient chassis-based solution As a stand-alone device, Ethernet Routing Switch 8300 provides an extremely robust platform for resilient networking. The system supports dual redundant switch fabric/CPU modules, N+1 AC or dual-input DC power supplies, and hot-swappable modules and fan trays.
Precision performance
Real-time applications are sensitive to variable performance and are relatively bandwidthintensive. Performance is closely linked to reliability with many of the design options for todays networks being a trade-off between performance needs and reliability requirements. Avaya Ethernet Routing Switch 8300 eliminates the need to choose one over the other by delivering high-speed, low-latency performance with superior reliability. Performance architecture At the heart of the Ethernet Routing Switch 8300, there is a passive backplane design and a distributed forwarding architecture that leverages the advantages of dual N-1, active-active switch fabrics. The 720Gbps crossbar and the 8394SF switch fabric module deliver up to 464Gbps of genuine data throughput and 345Mpps of frame forwarding performance per switch. Putting these figures into a business context, an Ethernet Routing Switch 8300 core switch cluster can transport more than 60,000 average-sized office files per second, and still not be subject to contention.
Model
8306 Chassis
Port densities of up to:

Up to 36 ports of 10GbE, or 208 ports of 1GbE (SFP Pluggable), or 192 ports of 10/100/1000 (Copper) with or without PoE, or 96 ports of 100FX Up to 68 ports of 10GbE, or 400 ports of 1GbE (SFP Pluggable), or 384 ports of 10/100/1000 (Copper) with or without PoE, or 192 ports of 100FX
8310 Chassis
23
Advanced QoS The Ethernet Routing Switch 8300s Quality of Service (QoS) features allow more efficient use of bandwidth to optimize existing network resources and capabilities, and also provide packet classification and marking at the edge, which simplifies the QoS solution at the core. By classifying, prioritizing, policing and marking LAN traffic, networks can deliver the right service levels for mission-critical and quality-sensitive applications. The Ethernet Routing Switch 8300 provides eight queues per port and advanced QoS features support the Internet Engineering Task Force (IETF) Differentiated Services (DiffServ) QoS architecture standard packet classification based on the contents of the IP Packet Header fields (e.g., voice, video and data). Avaya Automatic QoS With Avaya Automatic QoS enabled, an Ethernet Routing Switch 8300 supporting an Avaya Unified Communications solution automatically recognizes the special, private Differentiated Service Code Point (DSCP) values used by these applications, and optimizes the management egress queues. Without this automated functionality, operators would need to have detailed knowledge of how QoS works, and the private DSCP values, to enable manual configuration for optimized queue usage. With this feature, the process is automated and optimized, and protects against mis-configuration. The introduction of Avaya Automatic QoS support on the Ethernet Routing Switch 8300 will see the core functionality delivered first, followed by access functionality in a subsequent release. Traffic Policing and Shaping Traffic Policing enables the provisioning of different service levels by limiting traffic throughput at the ingress (inbound) port of the Ethernet Routing Switch 8300. This feature allows limits to be placed upon the amount of bandwidth that particular users or applications can push into the network. An associated capability, Custom Auto-Negotiation Advertisements (CANA), allows for only specified connection rates to be advertised by auto-negotiation, and therefore limits lowpriority devices to the appropriate connection speed. Traffic Shaping offers the ability to limit traffic on egress (outbound) from the Ethernet Routing Switch 8300, typically to comply with some form of service tariff. Enterprises working with Service Providers or Carriers can use this feature when they deploy Ethernet as an alternative to traditional Frame Relay or ATM WAN access solutions. IP Filtering and Deep Packet Pattern Matching IP Filters can be used to manage traffic and provide security, by allowing that specific actions are performed when defined criteria are matched. Only data that matches the pattern is allowed to pass through the filter, and these filters can be used to set traffic priority, drop or allow IP packets, as well as define the conditions for mirroring traffic (e.g., IP Telephony in a contact center environment). Deep Packet Pattern Matching is an advanced implementation of filtering that allows operators to match fields deep within the packet by specifying both an offset and a value to match.
Convergence and Unified Communications

The reality of todays networks is that different applications must be given the quality of service appropriate to their differing needs and requirements. The Ethernet Routing Switch 8300
24
facilitates enterprises transition to convergence-based applications by implementing key enabling technologies while minimizing capital and operational costs. Desktop Gigabit Many enterprises are looking to transition from Fast Ethernet to Gigabit Ethernet as the default for desktop connectivity. Gigabit Ethernet offers an alternative that is more strategic; as PCs gain more performance and efficiency, there is opportunity to exploit that zone between 100Mbps and 1Gbps. The Ethernet Routing Switch 8300 enables a seamless transition to Gigabit Ethernet by offering equivalent high-density 10/100 and 10/100/1000 modules that can readily co-exist in the same system. Standards-based Power-over-Ethernet Power-over-Ethernet (PoE) is increasingly becoming the default solution for connectivity for the converged desktop, often in combination with Gigabit Ethernet. The Ethernet Routing Switch 8300 supports the deployment of IP Telephony, Wireless LAN, and any third-party linepowered device by offering standards-based PoE support on both 10/100 and 10/100/1000 interface modules. Dynamic power management To increase flexibility and see that the highest priority users and devices have service when they need it, Ethernet Routing Switch 8300 PoE Modules support an option to configure the priority level for power delivery. In the event that total available power is less then that generally required by the sum of all the devices, power will be dynamically not statically served on the basis of the configured priority level. Device Auto Discovery The Ethernet Routing Switch 8300 automatically recognizes the connection of an IP phone or other convergence device and immediately provides power to it. The switch supports two schemes Avaya Auto-Discovery and Auto-Configuration (ADAC) and standards-based 802.1AB. This flexible capability eases the roll-out of convergence applications and devices, saving time and money. Integrated access control security Lapses or failures in network security can have a costly impact on the profitability of companies. Avaya has developed a multilayered strategy for enhanced defense against threats from external and internal sources. The Ethernet Routing Switch 8300, a key element of this strategy, supports comprehensive security services for access control at the access layer. 802.1X/Extensible Authentication Protocol The Avaya commitment to open standards is proven with the Ethernet Switching portfolios support for IEEE 802.1X/Extensible Authentication Protocol (EAP) across the entire range of Access Switches. The Ethernet Routing Switch 8300 has comprehensive 802.1X/EAP support with additional enhancements such as: Multiple Hosts Multiple Authentications (MHMA) Multiple Hosts Single Authentication (MHSA) Guest VLAN
25
Mixed EAP/Non-EAP Centralized MAC-based Authentication
These enhancements contribute to a readily deployable solution that is compatible with all standards-compliant third-party 802.1X/ EAP products. This provides enterprises with a means of effectively authenticating access to the network. Identity Engines Portfolio is the Avaya endpoint security and policy compliance solution. It inspects and assesses, and thereby enables compliance to policy and enables remediation at the network end point source, prior to full network access. With Avaya, the enterprise is able to define acceptable criteria for the security software installed on PCs, test these criteria and confirm user credentials all before the user is given any access to corporate servers and information. Any failures or inconsistencies during the check process can be resolved from the safety of a quarantined remediation VLAN, and guest users can be given access to an isolated VLAN (for example, Internet-only access). Assuming successful logon and checking, the users port is automatically assigned to the appropriate production VLAN, with the correct quality settings.
Enhanced usability and flexibility

With the network now needing to be closely aligned with the business often subject to seasonal variations, or changes through merger and acquisition activity the network needs to have great flexibility and the capability to adapt without impacting availability. The highlyversatile Ethernet Routing Switch 8300 includes a comprehensive set of features, which contribute to the most cost-effective solution for enterprises. Border Gateway Protocol (BGP-Lite) Large private IP networks can often have a requirement for sophisticated IP connectivity. This could be the need to support multiple connections to Internet Service Providers, or to satisfy a requirement to join a number of large internal routing domains and apply access policy. The implementation of BGP-Lite on the Ethernet Routing Switch 8300 is intended to provide a subset of the full BGP capability, initially being a reduced scale implementation of iBGP. The feature will support up to four BGP Peers connections, and up to 8,000 BGP Routes. The BGPLite feature is classified as being part of the Advanced License feature set. Equal Cost Multi-Path (ECMP) The Ethernet Routing Switch 8300 supports load sharing of Layer 3 traffic by configuring ECMP routing on up to four individual links. ECMP supports static, and RIP and OSPF routing protocols. Multicast VLAN Registration (MVR) Multicast VLAN Registration (MVR) is a feature that enables better support for wide-scale deployment of Multicast applications client PCs remain in their separate VLANs while sharing access to common multicast streams. Integrated Time Domain Reflectometer (TDR) The Ethernet Routing Switch 8300 provides an integrated TDR to simplify troubleshooting of the physical copper cable plant, enabling operations to quickly identify faults, isolating the source of problems, and enabling maximum uptime of the network. This provides for remote
26
and non-invasive diagnosis of cabling issues such as cable opens, cable shorts or impedance mismatch reporting. The Ethernet Routing Switch 8300 can detect and report these issues without the need to unplug cables or use expensive cable testers and additional personnel. Pay-as-you-Grow With the introduction of the tiered software license framework, Avaya enables customers to pay only for the functionality that meets their business needs. This avoids over-investing in unnecessary and unused software feature functionality, yet provides a seamless enhancement path and investment protection.
Base
All features, except those defined as Advanced or Premier
Advanced
All Base features, plus: Border Gateway Protocol (BGP-Lite) Deep Packet Pattern Matching Equal Cost Multi-Path (ECMP) Open Shortest Path First (OSPF) Protocol Independent Multicast-Sparse Mode (PIM-SM) Simple Loop Prevention Protocol (SLPP) Split Multi-Link Trunking Routed Split MultiLink Trunking Virtual Router Redundancy Protocol (VRRP)
Premier
All Base and Advanced features, plus: Virtual Routing and Forwarding (VRFLite)
Network Management The Ethernet Routing Switch 8300 can be managed by a variety of management tools, offering a very flexible operational environment according to individual business requirements. These include: dual Command Line Interface (CLI), the Web-based Enterprise Device Manager, SNMP-based management (SNMPv1, v2 & v3), Enterprise Switch Manager, Enterprise Policy Manager, and the evolving Unified Communications Management solution.
27

Virtualization can transform your IT infrastructure and your business by providing a clear path to advanced applications that create a unified communications environment. Virtualization delivers flexibility and scalability, and enables faster activation of new services in data centers and the campus core. By leveraging high-availability and high-performance, virtualizing servers and consolidating services, can realize benefits such as simplified management, accelerated decision making, decreased recurring costs, and increased productivity. Providing one of the industrys highest 10G Ethernet densities per module and rack, the Avaya Ethernet Routing Switch 8800 turns infrastructure into a highly reliable network that drives Unified Communications and other business-critical applications. The Ethernet Routing Switch 8800 offers multiple options that enable IP Virtual Private Networking solutions across the entire enterprise. Avaya Layer 3 virtualization is simple, flexible, and easy to deploy and does not require adjustments to your existing infrastructure, avoiding additional capital equipment expenditures. Because the solution is standards-based and uses well-understood IP techniques, less training time is required. This can reduce operational costs when compared to the training required for service provider-centric, MultiProtocol Label Switching (MPLS) solutions. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: With the addition of multiple traffic types comes the need to classify traffic intelligently and with granularityunderstanding what traffic receives priority on the network and when it becomes more important as the number of traffic types increases. Can your current network devices handle specific types of traffic differently? With customer information, sales information, and corporate strategies flowing across the network, network security is a priority. must address security of data, access to the network, and protection against attacks. There are many security elements to consider: firewalls, passwords, access policies, secure protocols, address and port filtering, routing policies, and denial of service prevention mechanisms. How you implement these elements is of great importance to the security of your operations. Converged solutions require reliable, secure, and efficient networks. s network must handle multiple types of traffic, each with their own requirements. You need performance, efficiency, and resiliency built into the network. As more revenue-generating services are delivered over the network, resiliency and reliability become critical to s success. Network uptime and availability affect profitability. Without network resiliency, the applications that promise to increase your bottom line are not consistently availablemeaning it is unlikely that you will see the increases you are looking for. Classifying, prioritizing, policing, and marking LAN traffic can offer networks reliable connectivity and required bandwidth for mission-critical applications, such as IP telephony, to specific groups, users, and individual devices. Without the ability to do this, s users cannot experience optimized network resources and capabilities, and bandwidth efficiency will not be at its highest potential.
28
New graphically intense applications, and the deployment of converged services such as IP telephony and unified communications, are placing increasing demands on network resources. needs a solution that can help you seamlessly transition to Gigabit Ethernet. Lapses or failures in network security can have a costly impact on your profitability. cannot safely operate without a proper defense against both external and internal sources. s network must be closely aligned with your businessoften subject to seasonal variations, or changes through merger and acquisition activity. Your network needs to have great flexibility and the ability to adapt without impacting availability. Without this flexibility, it will be difficult for your business to operate efficiently and grow as you want.
We can deliver the following benefits: Security - Security is built into the Ethernet Routing Switch 8800, enabling security and data integrity across the network, from edge to core, and Metropolitan Area Networks as well. Convergence Ready The Ethernet Routing Switch 8800 is convergence ready out of the box, with integrated quality of service and five 9s reliability. The five 9s reliability enables the network to provide voice and video services with the reliability of traditional voice and video systems and with the additional benefits a converged network can provide. Lowest Total Cost of Ownership - The total cost of ownership of this solution is one of the lowest in the industry. By providing a solution which doesnt require a three-tier architecture, Enterprises are able to gain wire-speed performance without purchasing aggregation layer devices, thereby eliminating additional equipment purchases, additional configuration time, and other maintenance costs. The scalability of the Ethernet Routing Switch 8800 allows the solution to grow with an organizations network as its network needs change and evolve over time. Avaya Green IT - Avaya Ethernet Routing Switch 8800 delivers a reliable, secure and efficient network routing solution for todays convergence and Web-based applications. Like the other enterprise switches in the Avaya line, the Ethernet Routing Switch 8800 saves 60 percent of energy consumed. Only vendor in the industry to offer multiple options to enable VPN solutions across campus including standard solutions of IP-VPN MPLS and Avaya IP VPN-Lite that offers added benefit by running over existing IP backbone infrastructure without additional capital investment or operational expense. Only vendor in the industry to offer increased value per slot by delivering a combo module with copper 10/100/1000, SFP and XFP interfaces to meet the demand of smaller aggregation sites. Customers can effectively dual connect to servers, desktops and switch clustering with minimum investment, maximum flexibility and sub-second failover.
29
Only vendor to support redundant connectivity for virtualized solutions such as VRFLite, VPN-Lite for edge/core and MPLS LER IP-VPN for edge networks using Split Multi-Link Trunking/Routed Split Multi-Link Trunking. One of the industrys highest 10G densities per module/rack. The switch clustering capability (Split Multi-Link Trunking) offers resiliency in IP Hashing mode for VMware server virtualization where multiple iSCSI targets are used.
Resiliency, intelligence and scalability without design complexity

The Ethernet Routing Switch 8800 is a proven, tested, resilient, and intelligent network solution that scales, delivering hundreds of Gigabits per second (Gbps) and hundreds of millions of packets per second (Mpps) of real-world performance to the core. This flexible architecture reduces the complexity of network design, making it ideal for large-scale enterprise campuses. The Ethernet Routing Switch 8800 is a balanced solution, unconstrained by bottlenecks imposed by inferior designs. In addition to establishing a solid foundation for unified communications, the Ethernet Routing Switch 8800 delivers a flexible networking infrastructure that fosters growth by enabling businesses to leverage new, emerging applications and technologies with a unique architecture which always enables optimum performance.
What is the Ethernet Routing Switch 8800?

The Ethernet Routing Switch 8800: is a new solution that consolidates the field-proven reliability of the Ethernet Routing Switch 8600 with the enhanced virtualized functionality and improved scalability that a new generation of software delivers has been developed to match the transition occurring in customer networks: the progressive move to emerging, highly-virtualized networking infrastructures from what was largely a single dimension environment is the latest evolution of the venerable Ethernet Routing Switch 8000 Series: which has already delivered the Ethernet Routing Switch 8100 Edge Switch, Ethernet Routing Switch 8300 Edge/Core Switch, and of course the Ethernet Routing Switch 8600 Core/Edge Switch on which the Ethernet Routing Switch 8800 is based is the go-forward solution for new customers seeking the most reliable and versatile campus LAN core switch, additionally new software helps enable high levels of investment protection and continuity of service for returning Ethernet Routing Switch 8600 customers
Highlights of the Ethernet Routing Switch 8800

Offers the industrys leading resiliency model Avaya Switch Clustering empowering the most demanding applications and boosting performance by forwarding Layer 2 and 3 traffic across all available links Features unique field-reprogrammable NPU-based interface modules that, unlike conventional ASIC-based hardware, maintain full hardware-based performance and optimization as functionality and services evolve
30
Enables flexible virtualized Layer 3 deployment scenarios with device and network options: VRF-Lite, the Avaya innovative IP VPN-Lite, MPLS, and IETF IP VPN Enables consistent IP VPN services delivered across the campus and metro; leveraging the same infrastructure to seamlessly extend service provider MPLS networks into the LAN Provides simplified multicast virtualization (IGMP, PIM-SM/SSM) and Unicast traffic supported by Switch Clusterings resiliency to service multiple customers or communities-of-interest Supports high-performance IPv6 networking a key scalability tool for demanding and expanding networks Offers high-density 10G, very high-density Gigabit and 10/100/1000 Ethernet for enterprise core and aggregation applications, delivering competitively high value, flexibility, and enhanced slot conservation with the new combo module Switch Cluster resiliency model is extended to VMware Server virtualization in an iSCSI storage area network environment Supports Avaya Unified Communications Management framework featuring consistent AJAX-compliant Web-based common services, authentication and audit logging, also benchmarks network traffic and identifies anomalous behavior using standards-based IP Flow Information Export (IPFIX) Supports large-scale convergence deployments, with numerous and flexible high-speed Ethernet-over-Fiber connectivity options
The Ethernet Routing Switch 8800 meets demanding enterprise-class requirements for scalability, simplification, maximized application uptime, value, and security. It reduces network design complexity by simplifying network architecture and increasing per port value with advanced features on high-density modules.
Business continuity
Network resiliency is the most basic requirement when implementing a converged network. The Ethernet Routing Switch 8800 supports redundant connectivity for virtualized solutions such as VRF-Lite, VPN-Lite, and MPLS LER IP-VPN for edge networks. With Avaya VRF-Lite, businesses can use the same hardware platform to create multiple Layer 3 routing domains supporting numerous customer environments. The Avaya innovative IP VPN-Lite solution facilitates deployment of resilient, fault-tolerant IP VPNs over an existing IP infrastructure (Campus or Metro). To provide maximum protection, the Ethernet Routing Switch 8800 addresses resiliency at multiple levels. At the hardware level, the switch provides hot-swappable modules and fan trays along with N+1 and dual input power supplies. Its software delivers resiliency for the core with industry-leading features that include Virtual Link Aggregation Control Protocol (VLACP) for Layer 1-2 link failure detection, Bi-Directionally Forwarding Detection (BFD) for Layer 3 link failure detection, and Switch Clustering that leverages our pioneering Split Multi-Link Trunking, Routed Split Multi-Link Trunking, and VRRP Active/Active technologies.
31
Additionally, organizations are encouraged to dual-connect servers and, with minimum additional investment, the sub-second failover advantage is automatically extended beyond the boundary of the networking equipment, all the way to the application host. Competitive solutions, basing their failure recovery model on variations of the Spanning Tree Protocol, can not provide a comparable level of resiliency and simplicity.
Future-proofing the network

Network devices must be able to distinguish different traffic types and handle different traffic requirements. A sense of traffic class awareness combined with the ability to process each type uniquely sets the intelligent network apart from commonplace offerings. The Ethernet Routing Switch 8800 combines intelligence and performance to create a next-generation intelligent network solution. The networking industry is a perpetual work-in-progress, an unfinished masterpiece, and the number of standards and recommendations now runs into the thousands. Equipment that is based on a traditional ASIC architecture are limited in that these are set at a certain point in this history and cannot easily adapt to future change; typically this means that newer features and functionality are not supported purely in hardware but require additional software processing. The switching architecture of the Ethernet Routing Switch 8800 is uniquely based on Network Processing Units (NPU) rather than the ASIC technology typically found in rival products. NPUs are large-scale CPU arrays specifically designed for network-related functions such as efficient examination and manipulation of packet headers. The Avaya specialized highperformance NPU is known as the Route Switch Processor (RSP) and is an in-house development. It delivers fast-path protection through its ability to support in-life firmware upgrades and provides 10Gbps line rate switching and routing capabilities regardless of standards evolution. Avaya has been able to leverage this re-programmable capability to deliver new innovative features, such as IPv6 and our flexible IP VPN suite, and is unique in being able to help enable emerging functionality to be continuously delivered at hardwarebased performance levels. The Ethernet Routing Switch 8800 reduces complexity and risk in network design by simplifying the network architecture and increasing value with advanced features on high-density modules. High port density, combined with rich capabilities and leading reliability technologies, deliver exceptionally high value to the enterprise. Avaya RSP technology, based on this flexible NPU architecture, offers investment protection with the in-field firmware upgrade capability, and helps enable the Ethernet Routing Switch 8800 to remain ever-green, always delivering hardware-based performance.
Innovative and versatile options

Flexible and scalable The Ethernet Routing Switch 8800 is available in multiple chassis options: 10-slot featuring eight slots for interface modules; 6-slot featuring four slots for interface modules; 3-slot featuring two slots for interface modules. This enables the Ethernet Routing Switch 8800 to be deployed in a variety of deployment scenarios, enabling the optimum mix of flexibility, capacity, and cost-effectiveness. There is also the 8010co Central Office 10-slot chassis, which is NEBS-compliant for deployments scenarios that require a carrier-class platform.
32
The new 8895SF switch fabric/CPU module is the latest version and offers significant enhancements in terms of CPU performance and memory capacity; it is also 33 percent more energy-efficient. These advances allow the 8895SF to natively support the new and emerging services and applications that place intense demands on the networking infrastructure. The 8895SF is functionally equivalent to the existing 8692SF switch fabric/CPU module when upgraded with the SuperMezz CPU daughterboard. The software brings support for the new 8003R 3-slot chassis; for the first time this pocket option supports the R/RS-Series new-generation modules and therefore the new and emerging applications that leverage their re-programmable NPU capabilities. One module with many uses The Ethernet Routing Switch 8800 supports an innovative hybrid combination module that concurrently supports 10G Ethernet (x2), 1000BASE-X (x24), and 1000BASE-T (x8) ports; economical, flexible and a class-first, this combination module meets the demands of smaller aggregation sites. It is an affordable solution providing all the functionality many enterprises need in one convenient module. Also recent additions to the existing range of high-performance I/O module options offer a number of practical benefits. These include a high-density 10G Ethernet (12 ports per module and up to 96 ports per chassis) and higher-density 1000BASE-X 48-port module that complements the existing 30-port model. RS-Series interface modules enable the Ethernet Routing Switch 8800 to deliver enhanced mirroring capabilities, including enabling one-tomany, many-to-one and many-to-many mirroring for sophisticated traffic analysis and IDS/TPS clustering.
Features
The Ethernet Routing Switch 8800 provides new features and hardware: New hardware: 8895SF switch fabric/CPU module and 8003R chassis Multicast enhancements: PIM-SSM, MVR, and IGMP Snoop Querier IPv6 enhancements: BGP+, Routed Split Multi-Link Trunking-for-IPv6, VRRP-for-IPv6, RADIUS-for-IPv6, and DHCP Relay-for-IPv6 Health, Diagnostic, and Debug enhancements: Key Health Indicator, RSP Packet Tracing, and ERCD Records Dump Security enhancements: BPDU Filtering, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard IP Multinetting Enterprise Device Manager on-box Web-based management Operational enhancements
Applications: new capabilities and choices optimize communications

Through advanced capabilities including VRF-Lite, IP VPN-Lite, and MPLS-based IP VPN on a single platform, the Ethernet Routing Switch 8800 enables virtual services across campus and metro environments to address new business requirements and applications. For example, a
33
university seeking to connect several campuses can choose traditional MPLS technology or can leverage the Avaya innovative IP VPN-Lite solution. Virtual Routing and Forwarding (VRF-Lite) Through VRF-Lite on Ethernet Routing Switch 8800, enterprises can use the same hardware platform to create multiple Layer 3 routing domains to support multiple customers and to keep traffic separated for both Unicast and Multicast. The VRF-Lite capability virtualizes routing within the switch, addressing business and networking challenges driven by activities such as mergers and acquisitions, data center consolidation, departmental or business unit segmentation, and evolving audit and compliance requirements. By enabling the switch to have multiple routing instances (up to 255), more sophisticated connections can be enabled in addition to support for overlapping IP addresses. Complete and total traffic separation at Layers 2 and 3 is the usual practice, however the system can be configured to provide inter-VRF forwarding capabilities, allowing shared access to common resources. Virtual Private Networking through IP VPN-Lite The Avaya IP VPN-Lite capability is an innovative IP-in-IP technology that leverages the RSP flexible forwarding engine delivering VPN services that are easier to implement, deploy, and manage. With IP VPN-Lite, enterprises can build any-to-any private connections between local or geographically dispersed sites using any IP infrastructure (private networks or via a public IP Service Provider). IP VPNs are typically used for cross-location connectivity and to create trusted connections to external partner organizations, leveraging IP as the common carriage and removing dependency on specific wide area technologies (such as Frame Relay or ATM) or exclusivity to a single service provider. The Avaya IP VPN-Lite solution is inherently less complex and therefore much more cost-effective than using the MPLS alternative. Managing IP VPN-Lite versus MPLS is simpler and does not require specialized carrier-class IT skills or resources. The foundation of IP VPN-Lite is simply an IP network, using the flexible RFC 2547/4364 connectivity model and it does not require an MPLS-enabled core infrastructure. This simplified solution can scale per carrier-class MPLS with the cost-effective simplicity of a solution designed specifically for the enterprise. Delivering total flexibility, the Ethernet Routing Switch 8800 supports classic MPLS in addition to IP VPN-Lite and VRF-Lite and all VPN technologies can be concurrently leveraged to deliver individually tailored solutions. Multi-Protocol Label Switching (MPLS) MPLS forms the basis for most service provider IP VPNs and is used in most WAN solutions because it delivers sophisticated connectivity and traffic engineering techniques. By implementing this same functionality the Ethernet Routing Switch 8800 can interoperate directly with 3rd party MPLS networks and participate in their IP VPNs, extending them into the enterprise campus network as required. Enterprise architects can leverage this interoperability to create Ethernet Routing Switch 8800-based MPLS environments that increase the overall level of transparency.
34
Enterprise-class and enterprise-ready: fit-for-purpose

Multicast Virtualization Multicast virtualization of IGMP and PIM-SM/SSM, along with Unicast virtualization, is supported on the same system by leveraging VRF-Lite. This extends the benefit of simplified network design, less investment in hardware, lower operational expense all of which are supported by Switch Clustering resiliency. Avaya Automatic QoS With Avaya Automatic QoS, an Ethernet Routing Switch 8800 supporting an Avaya Unified Communications solution automatically recognizes the special, private Differentiated Service Code Point (DSCP) values used by specific Avaya VoIP applications and optimizes the management egress queues. Without this functionality, operators would require detailed knowledge of how QoS works and private DSCP values in order to manually configure optimized queue usage. With this feature, the process is automated, optimized, and protects against mis-configuration. Management and Visibility The Ethernet Routing Switch 8800 can be managed by a variety of management tools, creating a flexible operational environment based on business requirements. These include: standardized Command Line Interface (CLI), Web-based Enterprise Device Manager, SNMPbased management (SNMPv1, v2 and v3), and the evolving Unified Communications Management framework for comprehensive, centralized, and multi-facetted network management. Unified Communications Management is based on common services authentication and access control, audit, etc. and then a number of integrated plug-in AJAXbased applets that deliver seamless task-specific capabilities all with a consistent look and feel: Configuration and Orchestration Manager; Visualization Performance and Fault Manager; Enterprise Policy Manager; IP Flow Manager; and Network Resource Manager. Provisioning wizards and other labor-saving tools help enable faster service activation and a more consistent approach to configuration; this has the added benefit of reducing human-error as templates are pre-populated with best-practice recommendations or mandatory values. The entire framework is context-based which enables a faster, more accurate and highly-intelligent approach to delivering both device-centric and network-wide management services. The Ethernet Routing Switch 8800 also supports enhanced system-wide troubleshooting information and provides comprehensive information should the CPU need to recover automatically. The Key Health Indicators (KHI) capability allows for the collection of statistics and information about the health of the system for troubleshooting purposes related to system failure, and identifies a small number of key health indicators that allow quick assessment of the overall operational state. Additional sophisticated system analysis tools such as RSP packet tracing and ERCD records dump enhance the serviceability and operational posture of the Ethernet Routing Switch 8800 platform.
Why choose Avaya?

Avaya offers multiple, flexible options that enable versatile IP VPN solutions across the campus including Avaya innovative IP VPN-Lite. IP VPN-Lite leverages existing IP infrastructure without
35
requiring additional capital investment or the overhead operational expense of carrier-class MPLS. The unique design architecture of the next-generation R/RS modules sets Avaya apart; delivering optimal functionality and performance as new applications and services emerge, and offers high density and exceptional port value. Introduction of the combo module supporting copper 10/100/1000, SFP, and XFP interfaces cost-effectively meets the requirements of smaller sites. Avaya offers one of the industrys highest 10G Ethernet port densities, and is the only solution vendor to offer resiliency for Unicast, Multicast, Virtualized, and IPv6 environments.
Summary
The Ethernet Routing Switch 8800 is a resilient, efficient, scalable solution that enables enterprises to build a truly unified communication-ready network infrastructure and to provide reliable business continuity for critical applications; enterprises can scale converged and Web applications network-wide with Switch Clustering delivering always-on resiliency. The Ethernet Routing Switch 8800 offers a high-performance architecture combining rich, advanced services for converged applications that enhance, protect and simplify network service and operations. Customers wanting to make strategic investments in a campus LAN infrastructure can rely on the Ethernet Routing Switch 8800 to create flexible solutions that match their business evolution. A provider of end-to-end solutions spanning voice, data, applications and network management, Avaya has the necessary expertise to help businesses enhance revenue potential, streamline business operations, increase productivity and gain competitive advantage.
Table: Ethernet Routing Switch 8800 Technical Specifications Category
General and performance
Ethernet Routing Switch 8800 Technical Specifications

Switch architecture: 720Gbps gross throughput Switch Fabric performance: up to 512Gbps in an Active/Active configuration Frame forwarding rate: up to 380Mpps Frame length: 64 to 1518 Bytes (802.1Q Untagged), 64 to 1522 bytes (802.1Q Tagged) Jumbo Frame support: up to 9,000 Bytes (802.1Q Tagged) Multi-Link Trunks: up to 128 Groups, with 8 Links per Group VLANs: up to 4,000 Port/Protocol/802.1Q-based Multiple Spanning Tree Groups: up to 32 MAC Address: up to 64k IP Interfaces: 1,972 Dynamic ARP Entries: up to 32k VRRP Interfaces: up to 255 IP Forwarding Table: 250k ECMP Routes: up to 5k
36
Table: Ethernet Routing Switch 8800 Technical Specifications Category Ethernet Routing Switch 8800 Technical Specifications
RIP Instances: up to 64 RIP Interfaces: up to 200 RIP Routes: up to 10k OSPF Instances: up to 64 OSPF Adjacencies: up to 80 OSPF Routes: up to 50k BGP Peers: up to 250 BGP Routes: up to 250k VRF-Lite instances: up to 255 MPLS LDP LSPs: up to 16k MPLS Tunnels: up to 2,500 PIM Active Interfaces: up to 200 PIM Neighbors: 80/up to 200 for all VRFs IP Multicast Streams: up to 4k Interface modules 8612XLRS 12-port 10G Ethernet XFP Interface Module 8630GBR 30-port 1G Ethernet SFP Interface Module 8634XGRS 34-port 1000BASE-T/1G/10G Ethernet Combo Interface Module 8648GBRS 48-port 1G Ethernet SFP Interface Module 8648GTR 48-port 1000BASE-T Ethernet Interface Module 8648GTRS 48-port 1000BASE-T Ethernet Interface Module 8683XLR 3-port 10G Ethernet XFP Interface Module 8683ZLR 3-port 10G Ethernet WAN XFP Interface Module IEEE and IETF standards compatibility 802.1D-1998 Spanning Tree Protocol 802.1p Priority Queues 802.1Q Virtual LANs 802.1s Multiple Spanning Trees 802.1w Rapid Reconfiguration of Spanning Tree 802.1v VLAN Classification by Protocol and Port 802.1X Port Based Network Access Control 802.3 CSMA/CD Ethernet (ISO/IEC 8802-3) 802.3ab 1000BASE-T Ethernet 802.3ab 1000BASE-LX Ethernet 802.3ab 1000BASE-ZX Ethernet 802.3ab 1000BASE-CWDM Ethernet
37
802.3ab 1000BASE-SX Ethernet 802.3ab 1000BASE-XD Ethernet 802.3ab 1000BASE-BX Ethernet 802.3ad Link Aggregation Control Protocol 802.3ae 10GBASE-X XFP 802.3i 10BASE-T Auto-Negotiation 802.3 10BASE-T Ethernet 802.3u 100BASE-TX Fast Ethernet (ISO/ IEC 8802-3, Clause 25) 802.3u 100BASE-FX 802.3u Auto-Negotiation on Twisted Pair (ISO/IEC 8802-3, Clause 28) 802.3x Flow Control on the Gigabit Uplink port 802.3z Gigabit Ethernet 1000BASE-SX & LX RFC 768 UDP Protocol RFC 783 TFTP Protocol RFC 791 IP Protocol RFC 792 ICMP Protocol RFC 793 TCP Protocol RFC 826 ARP Protocol RFC 854 Telnet Protocol RFC 894 A standard for the Transmission of IP Datagrams over Ethernet Networks RFC 896 Congestion control in IP/TCP internetworks RFC 903 Reverse ARP Protocol RFC 906 Bootstrap loading using TFTP RFC 950 Internet Standard Sub-Netting Procedure RFC 951 / RFC 2131 BootP / DHCP RFC 1027 Using ARP to implement transparent subnet gateways/Avaya Subnet based VLAN RFC 1058 RIPv1 Protocol RFC 1112 IGMPv1 RFC 1253 OSPF RFC 1256 ICMP Router Discovery RFC 1305 Network Time Protocol v3 Specification, Implementation and Analysis RFC 1332 The PPP Internet Protocol Control Protocol RFC 1340 Assigned Numbers
38
RFC 1541 Dynamic Host Configuration Protocol RFC 1542 Clarifications and Extensions for the Bootstrap Protocol RFC 1583 OSPFv2 RFC 1587 The OSPF NSSA Option RFC 1591 DNS Client RFC 1695 Definitions of Managed Objects for ATM Management v8.0 using SMIv2 RFC 1723 RIP v2 Carrying Additional Information RFC 1745 BGP / OSPF Interaction RFC 1771 / RFC 1772 BGP-4 RFC 1812 Router Requirements RFC 1866 HTMLv2 Protocol RFC 1965 BGP-4 Confederations RFC 1966 BGP-4 Route Reflectors RFC 1998 An Application of the BGP Community Attribute in Multi-home Routing RFC 1997 BGP-4 Community Attributes RFC 2068 Hypertext Transfer Protocol RFC 2131 Dynamic Host Control Protocol RFC 2138 RADIUS Authentication RFC 2139 RADIUS Accounting RFC 2178 OSPF MD5 cryptographic authentication/ OSPFv2 RFC 2205 Resource ReSerVation Protocol v1 Functional Specification RFC 2210 The Use of RSVP with IETF Integrated Services RFC 2211 Specification of the Controlled-Load Network Element Service RFC 2236 IGMPv2 for snooping RFC 2270 BGP-4 Dedicated AS for sites/single provide RFC 2283 Multiprotocol Extensions for BGP-4 RFC 2328 OSPFv2 RFC 2338 VRRP: Virtual Redundancy Router Protocol RFC 2362 PIM-SM RFC 2385 BGP-4 MD5 authentication RFC 2439 BGP-4 Route Flap Dampening RFC 2453 RIPv2 Protocol RFC 2475 An Architecture for Differentiated Service RFC 2547 BGP/MPLS VPNs
39
RFC 2597 Assured Forwarding PHB Group RFC 2598 An Expedited Forwarding PHB RFC 2702 Requirements for Traffic Engineering Over MPLS RFC 2765 Stateless IP/ICMP Translation Algorithm RFC 2796 BGP Route Reflection An Alternative to Full Mesh IBGP RFC 2819 Remote Monitoring RFC 2858 Multiprotocol Extensions for BGP-4 RFC 2918 Route Refresh Capability for BGP-4 RFC 2961 RSVP Refresh Overhead Reduction Extensions RFC 2992 Analysis of an Equal-Cost Multi-Path Algorithm RFC 3031 Multiprotocol Label Switching Architecture RFC 3032 MPLS Label Stack Encoding RFC 3036 LDP Specification RFC 3037 LDP Applicability RFC 3065 Autonomous System Confederations for BGP RFC 3210 Applicability Statement for Extensions to RSVP for LSP-Tunnels RFC 3215 LDP State Machine RFC 3270 Multi-Protocol Label Switching Support of Differentiated Services RFC 3376 Internet Group Management Protocol, v3 RFC 3392 Capabilities Advertisement with BGP-4 LSP-Tunnels RFC 3443 Time To Live Processing in Multi-Protocol Label Switching Networks RFC 3569 An overview of Source-Specific Multicast RFC 3917 Requirements for IP Flow Information Export RFC 4364 BGP/MPLS IP Virtual Private Networks RFC 4379 Detecting Multi-Protocol Label Switched Data Plane Failures draft-holbrook-idmr-igmpv3-ssm-02.txt IGMPv3 for SSM draft-ietf-bfd-v4v6-1hop-06 IETF draft Bi-Directional Forwarding Detection for IPv4 and IPv6 (Single Hop) RFC 1075 DVMRP Protocol RFC 1112 IGMP v1 for routing / snooping RFC 1519 Classless Inter-Domain Routing: an Address Assignment and Aggregation Strategy RFC 2236 IGMP v2 for routing/ snooping RFC 2362 + some PIM-SM v2 extensions RFC 3446 Anycast Rendezvous Point mechanism using Protocol Independent
40
Multicast and Multicast Source Discovery Protocol RFC 3618 Multicast Source Discovery Protocol RFC 3768 Virtual Router Redundancy Protocol RFC 1881 IPv6 Address Allocation Management RFC 1886 DNS Extensions to support IP version 6 RFC 1887 An Architecture for IPv6 Unicast Address Allocation RFC 1981 Path MTU Discovery for IPv6 RFC 2030 Simple Network Time Protocol v4 for IPv4, IPv6 & OSI RFC 2373 IPv6 Addressing Architecture RFC 2375 IPv6 Multicast Address Assignments RFC 2460 Internet Protocol, v6 Specification RFC 2461 Neighbor Discovery RFC 2462 IPv6 Stateless Address Auto-Configuration RFC 2463 Internet Control Message Protocol for the Internet Protocol v6 Specification RFC 2464 Transmission of IPv6 Packets over Ethernet Networks RFC 2474 Definition of the Differentiated Services Field in the IPv4 and IPv6 Headers RFC 2526 Reserved IPv6 Subnet Anycast Addresses RFC 2710 Multicast Listener Discovery for IPv6 RFC 2740 OSPF for IPv6 RFC 2893 Configured Tunnels and Dual Stack Routing per port RFC 2893 Transition Mechanisms for IPv6 Hosts and Routers RFC 3056 Connection of IPv6 Domains via IPv4 Clouds RFC 3363 Representing Internet Protocol Version 6 Addresses in DNS3 RFC 3484 Default Address Selection for IPv6 RFC 3513 Internet Protocol Version 6 Addressing Architecture RFC 3587 IPv6 Global Unicast Address Format RFC 3596 DNS Extensions to Support IPv6 RFC 3587 IPv6 Global Unicast Address Format RFC 3590 Source Address Selection for the Multicast Listener Discovery Protocol RFC 3596 DNS Extensions to support IP version 6 RFC 3810 IPv6 Multicast capabilities SSH/SCP, Telnet, Ping, CLI, JDM support for IPv6 RFC 1305 NTP Client/Unicast mode only RFC 1340 Assigned Numbers
41
RFC 1350 The TFTP Protocol (Revision 2) RFC 2474 / RFC 2475 DiffServ Support RFC 2597 / RFC 2598 DiffServ per Hop Behavior RFC 1155 SMI RFC 1157 SNMP RFC 1215 Convention for defining traps for use with the SNMP RFC 1269 Definitions of Managed Objects for the Border Gateway Protocol v3 RFC 1271 Remote Network Monitoring Management Information Base RFC 1304 Definitions of Managed Objects for the SIP Interface Type RFC 1354 IP Forwarding Table MIB RFC 1389 RIP v2 MIB Extensions RFC 1565 Network Services Monitoring MIB RFC 1757 / RFC 2819 RMON RFC 1907 SNMPv2 RFC 1908 Coexistence between v1 & v2 of the Internet-standard Network Management Framework RFC 1930 Guidelines for creation, selection, and registration of an Autonomous System RFC 2571 An Architecture for Describing SNMP Management Frameworks RFC 2572 Message Processing and Dispatching for the Simple Network Management Protocol RFC2573 SNMP Applications RFC 2574 User-based Security Model for v3 of the Simple Network Management Protocol RFC 2575 View-based Access Control Model for the Simple Network Management Protocol RFC 2576 Coexistence between v1, v2, & v3 of the Internet Standard Network Management Framework RFC 1212 Concise MIB definitions RFC 1213 TCP/IP Management Information Base RFC 1213 MIB II RFC 1354 IP Forwarding Table MIB RFC 1389 / RFC 1724 RIPv2 MIB extensions RFC 1398 Definitions of Managed Objects for the Ethernet-Like Interface Types RFC 1406 Definitions of Managed Objects for the DS1 and E1 Interface Types RFC 1414 Identification MIB
42
RFC 1442 Structure of Management Information for version 2 of the Simple Network Management Protocol RFC 1447 Party MIB for v2 of the Simple Network Management Protocol bytes RFC 1450 Management Information Base for v2 of the Simple Network Management Protocol RFC 1472 The Definitions of Managed Objects for the Security Protocols of the Pointto-Point Protocol RFC 1483 Multiprotocol Encapsulation over ATM Adaptation Layer 5 RFC 1493 Bridge MIB RFC 1525 Definitions of Managed Objects for Source Routing Bridges RFC 1565 Network Services Monitoring MIB RFC 1573 Interface MIB RFC 1643 Ethernet MIB RFC 1650 Definitions of Managed Objects for the Ethernet-like Interface Types using SMIv2 RFC 1657 BGP-4 MIB using SMIv2 RFC 1658 Definitions of Managed Objects for Character Stream Devices using SMIv2 RFC 1695 Definitions of Managed Objects for ATM Management v8.0 using SMIv2 RFC 1696 Modem Management Information Base using SMIv2 RFC 1724 RIP v2 MIB Extension RFC 1850 OSPF MIB RFC 2021 RMON MIB using SMIv2 RFC 2037 Entity MIB using SMIv2 RFC 2096 IP Forwarding Table MIB RFC 2233 Interfaces Group MIB using SMIv2 RFC 2452 IPv6 MIB: TCP MIB RFC 2454 IPv6 MIB: UDP MIB RFC 2465 IPv6 MIB: IPv6 General group and textual conventions RFC 2466 IPv6 MIB: ICMPv6 Group RFC 2578 Structure of Management Information v2 RFC 2613 Remote Network Monitoring MIB Extensions for Switched Networks v1.0 RFC 2665 Definitions of Managed Objects for the Ethernet-like Interface Types RFC 2668 Definitions of Managed Objects for IEEE 802.3 Medium Attachment Units RFC 2674 Bridges with Traffic MIB RFC 2787 Definitions of Managed Objects for the Virtual Router Redundancy Protocol
43
RFC 2863 Interface Group MIB RFC 2925 Remote Ping, Traceroute & Lookup Operations MIB RFC 2932 IPv4 Multicast Routing MIB RFC 2933 IGMP MIB RFC 2934 PIM MIB RFC 3019 IPv6 MIB: MLD Protocol RFC 3411 An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks RFC 3412 Message Processing and Dispatching for the Simple Network Management Protocol RFC 3416 v2 of the Protocol Operations for the Simple Network Management Protocol RFC 3635 Definitions of Managed Objects for the Ethernet-like Interface Types RFC 3636 Definitions of Managed objects for IEEE 802.3 Medium Attachment Units RFC 3810 Multicast Listener Discovery v2 for IPv6 RFC 3811 Definitions of Textual Conventions for Multiprotocol Label Switching Management RFC 3812 Multiprotocol Label Switching Traffic Engineering Management Information Base RFC 3813 Multiprotocol Label Switching Label Switching Router Management Information Base RFC 3815 Definitions of Managed Objects for the Multiprotocol Label Switching, Label Distribution Protocol RFC 4022 Management Information Base for the Transmission Control Protocol 4087 IP Tunnel MIB RFC 4113 Management Information Base for the User Datagram Protocol RFC 4624 Multicast Source Discovery Protocol MIB Weights and dimensions Ethernet Routing Switch 8010 Chassis 14RU Height: 22.9 in. (58.2 cm) Width: 17.5 in. (44.5 cm) Depth: 19.9 in. (50.5 cm) Weight: up to 225 lb (102 kg) Cooling System: Fan Trays: 2 per Chassis Fans: 15 per Fan Tray Thermal Sensors: 1 per Fan Tray Ethernet Routing Switch 8010co Chassis 20RU
44
Height: 35.9 in. (88.9 cm) Width: 17.5 in. (44.5 cm) Depth: 23.7 in. (60.2 cm) Weight: up to 315 lb (143 kg) Cooling System: 8010co features front to back cooling and the maximum airflow specification for the 8010co Chassis is 330 linear ft/min The 8010co Chassis complies with Network Equipment Building Standard (NEBS) Level 3 as specified in SR3580. Typically the 8010co has superior physical and environment specifications; please reference the product documentation for full details. Ethernet Routing Switch 8006 Chassis 10RU Height: 15.8 in. (40.1 cm) Width: 17.5 in. (44.5 cm) Depth: 19.9 in. (50.5 cm) Weight: up to 170 lb (77 kg) Cooling System: Fan Trays: 1 per Chassis Fans: 20 per Fan Tray Thermal Sensors: 1 per Fan Tray Ethernet Routing Switch 8003R Chassis 7 RU Height: 12.25 in. (31.1 cm) Width: 17.5 in. (44.5 cm) Depth: 21.0 in. (53.5 cm) Weight: up to 76 lb (34.5 kg) Cooling System: Fan Trays: 1 per Chassis Fans: 3 per Fan Tray Environmental specifications Operating temperature: 0C to 40C (32F to 104F) Storage temperature: -25C to 70C (-13F to 158F) Operating humidity: 85% maximum relative humidity, non-condensing Storage humidity: 95% maximum relative humidity, non-condensing Operating altitude: 3024 m (10,000 ft) maximum Storage altitude: 3024 m (10,000 ft) maximum Free fall/drop: ISO 4180-s, NSTA 1A
45
Vibration: IEC 68-2-6/34 Shock/bump: IEC 68-2-27-29 Safety agency approvals Global basis for certification: IEC 60950 current edition with all CB member deviations US: UL60950 Canada: CSA 22.2 No. 60950 Europe: EN60950 (CE Marking) Australia/New Zealand: AS/NZS 3260 Mexico: NOM-019-SCFI-1998 Electromagnetic emissions Global basis for certification: CISPR 22-1997 Class A US: FCC CFR47 Part 15, Subpart B, Class A Canada: ICES-003, Issue-2, Class A Europe: EN 55022-1998 Class A; EN 61000-3-2/A14, Electromagnetic immunity Global basis for certification: CISPR 24:1997 Europe: EN 55024:1998
46
Avaya Secure Router 2330

The Avaya Secure Router 2330 is a modular, multi-service branch router that combines routing, voice gateway, wide area networking and security services in a single cost-effective platform for enterprises. With integrated PSTN gateway and survivable voice, it also delivers a resilient voice option for branch and remote sites, in addition to its traditional IP data routing services. The Secure Router 2330 extends the Unified Communications (UC) integrated branch solution first introduced by the Secure Router 4134. The Secure Router 2330s significantly lower price point, however, opens up sales opportunities for a much wider range of enterprise branch and remote sites. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: You want to grow your branch sites, but at the same time you want to keep your operational and management costs in check Your organization requires resilient voice gateway services and security. You also need to ease the task of managing the network when your IT budget is under considerable strain. You require Layer 3 IP routing and WAN access You require a customer premise (CPE) solution for Metro Ethernet deployments
We can deliver the following benefits: Reduces operational costs. This is due to the reduced maintenance, improved interoperability and greater reliability of a single converged device, especially at remote sites. By combining data, resilient voice services and security in a cost-effective branch device, the Secure Router 2330 is a compelling alternative to existing Avaya branch solutions and to the competition. Its voice survivability features allow it to provide ongoing phone services even when remote connectivity to the voice call server is lost. Since its voice gateway/survivability feature is SIP-based, it can provide resilient voice services with a range of Avaya call servers and phones, including Avaya Aura Session Manager as well as Communication Server 1000, Communication Server 2100 and Software Communication System call servers. It is also compatible with third party call servers such as Broadsoft and Sylantro. Like other Secure Routers, the Secure Router 2330 provides high-throughput and significant five-year total cost of ownership savings versus the competition.
The Secure Router 2330 is a powerful modular system that converges routing, voice gateway, security and multimedia traffic forwarding in a single cost-effective platform for enterprises. Delivering fast, secure, reliable and scalable WAN access, the Secure Router 2330 is perfect for enterprises requiring high-speed IP or Internet access. Based on a simple-to-scale
47
architecture, the Secure Router 2330 provides consistent wire-speed throughput even with advanced services enabled. The Secure Router 2330 combines high performance, robust routing, flexible WAN and voice media gateway connectivity and is targeted at enterprise branch and remote site environments. A rich suite of routing services and advanced WAN functionality makes the Secure Router 2330 ideal for high-speed Internet access, private line WAN connectivity, IP Telephony and multimedia, IPsec VPN, stateful firewall and data applications. Comprehensive, simple-to-use software tools enable sophisticated access and bandwidth management for dependable communications.
Robust routing
Routing services include a full IPv4 and IPv6 protocol set, including BGP-4 and multicast capabilities. A full-function IPv6 implementation also enables deployment into environments that require extended IP addressing with the same routing services all without any additional system memory requirements.
Voice media gateway services

The Secure Router 2330 offers a set of integrated voice interfaces that allow connection to the Public Switched Telephone Network (PSTN) as well as support of conventional TDM-based telephony devices. T1/E1, FXS and FXO interfaces are available for flexible telephony connection with support for up to 64 simultaneous voice channels. The Secure Router 2330s media gateway services are interoperable with Avaya Aura Session Manager, as well as Communication Server 1000, Communication Server 2100 and Software Communication System. It is also compatible with Microsoft OCS and other thirdparty SIP call servers, including Broadsoft and Sylantro, for additional telephony deployment options.
Survivable SIP gateway

The Secure Router 2330 supports a Survivable SIP gateway that facilitates connection of SIPbased registered clients. It allows enterprises to take full advantage of VoIP and other advanced SIP services. This feature provides business continuity (or survivability) for locally-connected SIP devices via failover to the Secure Routers PSTN interfaces in case of loss of the primary IP connection.
Integrated security
Powerful, integrated security features include VPN and firewalls for increased reliability and user confidence. Capabilities include stateful packet firewall, detection and prevention of more than 60 Distributed Denial of Service (DDoS) attacks, VPN hardware acceleration for hub and spoke deployment over IPsec and VPN tunnels, and IPsec VPN data-encryption services with AES, 3DES, DES, SHA-1, MD-5 and Diffie-Hellman support.
Advanced quality of service

Quality of service goes beyond Layer 3 flow-based support by including Layer 2 class-based queuing. The highest granularity of priorities (eight levels) provides maximum performance with
48
the lowest latency for voice, video and other high-priority traffic while guaranteeing bandwidth among all classes.
Multi-link capabilities
The Secure Router 2330 provides multilink PPP (MLPPP) and multilink frame relay (MFR) support to allow bonding of T1/E1 and other WAN interfaces to create a single virtual interface capable of transmitting at the maximum bandwidth available. Multilinking enables hassle-free bandwidth scalability, high-speed video, voice and data transfer while securing connectivity from individual link failures.
Simple to install, simple to scale modular platform

The Secure Router 2330 provides advanced operational features while simplifying, or eliminating, time-consuming and confusing installation tasks. The routers chassis has eight built-in Ethernet and three module slots that can support either data or voice modules to support the dynamic demands of growing businesses. This means that in addition to its eight Ethernet ports, the Secure Router 2330 can support up to: 6 T1/E1, serial or ISDN BRI ports, or 3 ADSL2+ ports, or 12 FXS/FXO ports.
Management
The Secure Router 2330 employs an industry-aligned command line interface (CLI) that makes it easy to set up and manage. Features include: On-Premises, Console and Command Line Interface; Telnet, Events, Syslog Remote SSHv2 provides secure communication for configuration and maintenance
The Secure Router family

The Secure Router 2330, with its modular design, high throughput and reliable performance, is complemented by Avaya Secure Router 1000, 3120 and 4134 Series. Deployed in combination with other Secure Router models, the Secure Router 2330 not only handles the WAN and LAN requirements of the integrated branch, but can also act as a voice media gateway device for connection to the PSTN.
An easy choice
Secure Router 2330 is a high-performance, cost-effective branch convergence solution. It combines feature-rich voice and data services into a common platform for simplified management, greater cost savings and a high quality of user experience.
49
Features
Multi-service platform Full IPV4/IPV6 routing, IPsec, VLAN and firewall Voice media gateway services, including support for digital and analog trunks, analog phones, fax machines and modems Range of WAN connectivity, including T1/E1, ISDN BRI, Serial, Ethernet and ADSL2+ Range of integrated voice interfaces including T1/E1 PRI, BRI, FXS/ DID and FXO/CAMA enable connection to the PSTN or analog telephony devices SIP survivable gateway enables business continuity for SIP devices Up to 64 simultaneous voice (DSP) channels can handle voice gateway needs of small to large branch sites
Voice Gateway services
Robust routing Low-latency, high-packet throughput ideal for VoIP and multimedia transport IPv4 or IPv6 with BGP-4 and Multicast services (PIM-SM, DVMRP)
Integrated security Stateful packet inspection firewall VPN hardware acceleration and IPsec VPN services for secure voice and data transport
50

The Avaya Secure Router 4134 delivers on the promise of the unified branch office. Its modular design supports a range of advanced network services - including IPv4/IPv6 routing, highperformance WAN, high-density Ethernet switching, Power over Ethernet, Voice over IP (VoIP) and security - in a single integrated chassis.
Secure Router 4134
We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: may be reluctant to deploy converged services platforms when expertise has been built around managing data and voice systems separately. Maintaining separate equipment and teams costs time and money could be unable to meet the capital cost reduction required of your IT budgets. This causes you to fall further behind in deploying converged services platforms that can reduce their capital budgets and solve the problem Customers are struggling to define collaborative communication implementations as a result of the perceived complexity associated with multiple vendors and additional equipment
We can deliver the following benefits: Unique device that integrates Routing, Switching, IP Telephony, and UC application hosting in a single cost-effective platform Wire-speed performance for toll-quality VoIP and Unified Communications, with low latency and loss for small packets Can host either Microsoft OCS software or Avaya Software Communication System (SCS) on an embedded co-processor to simplify Unified Communications deployment at the branch WAN, Routing, Switching, VPN, Voice, Security, and Unified Communications applications in a single box improving Return on Investment and reducing Total Cost of Ownership Extends convergence/Unified Communication applications to the branch office with performance, quality of experience and better manageability than competing solutions
The Secure Router 4134 addresses enterprise branch, regional and even headquarters routing needs. But it is especially targeted at the enterprise challenge of too many networking devices,
51
particularly in remote sites. Its highly modular design can handle a range of low-density and high-density LAN and WAN modules, as well as future voice modules. In its maximum configuration, the Secure Router 4134 supports up to 72 Power over Ethernet/Fast Ethernet ports or 58 Gigabit Ethernet ports; or up to 3 DS3/T3 or HSSI ports; or up to 91 physical/logical T1 connections. The Secure Router 4134 software architecture further provides support required by Unified Communications branch applications. Its superior low-latency and small packet handling provides a high quality of experience, regardless of which applications and services are enabled across the network. By integrating Microsoft intelligence, as well as VoIP gateway capabilities, the Secure Router 4134 fulfills the Avaya vision for the Unified Communications integrated branch. In summary, the Secure Router 4134 offers the highest performance and connectivity in the Avaya Secure Router portfolio to date. Its advanced hardware and software design not only make it a premier branch office platform, but also allow it to handle the network routing requirement of most enterprise regional and headquarters sites.
52
Avaya Secure Router 8000 Series

The Avaya Secure Router 8000 Series, which combines IP routing, wide area networking and reliability, is an ideal core and edge WAN routing solution for enterprises and service providers. The Secure Routers provide high performance and flexible network solutions, improving network value and reducing costs. Comprising four models the Secure Router 8002, 8004, 8008 and 8012 the Secure Router 8000 Series is a highly scalable yet flexible routing solution that can address a range of deployment scenarios. This includes branch office aggregation (WAN and VPN), high-speed Internet routing and enterprise core routing. All models offer the high-performance, advanced routing services, resiliency and traffic management services required for todays converged voice/data networks. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: s decreased budget requires cost cutting CXO challenges s organization to use leading edge technology for Converged Solutions is interested in leveraging your data network for IP-based converged applications wishes to use technology for competitive advantage. For example: eLearning in education vertical, leverage skilled doctors and diagnostic equipment via videoconferencing to rural clinics in health care vertical wishes to standardize transport services after acquisitions wishes to open new branch offices or grow branch offices Outgrown, depreciated or lease expiring on existing BayRS or VPN Router or other competitor systems needs to choose an alternate vendor
We can deliver the following benefits: Cost savings from converged WAN deployments Reduced management/maintenance costs Core router capability Scalability allows your organization to grow much higher bandwidth and users Investment protection for Avaya installed base or migrating from BayRS equipment Improved flexibility in network deployment for a contiguous Avaya solution Resilient high end router solution
With packet processing of up to 24 million packets per second and a 40 Gig backplane architecture, the Secure Router 8000 Series handles both enterprise data center and service provider edge routing environments. High-speed (OC-3/STM-1, POS and ATM) and high-
53
density WAN interfaces (up to 96 T1/E1) make the Secure Router 8000 Series well suited for connecting large numbers of remote sites and users. And the routers do this without sacrificing the reliability and traffic management required by demanding converged voice/data applications. The Secure Router 8000 Series routers are next-generation, centralized, high-speed forwarding routers. Based on a fault tolerant design, the Secure Routers provide scalable performance. The routers are ideal for the carrier aggregation layer and the enterprise backbone layer network. The Secure Router 8000 Series consists of four models (Secure Router 8002, 8004, 8008 and 8012) based on the number of slots.
Secure Router 8000 Series
Secure Router 8002

The Secure Router 8002 is the entry-level member of the Secure Router 8000 family of modular, high-performance enterprise routing platforms. The Secure Router 8002 provides two slots which can support a range of WAN/LAN interfaces, including OC-3/STM-1, PoS, Gigabit Ethernet (GigE), E3 and T1/E1. With advanced features, such as IPv4/IPv6, MPLS VPN, BGP-4 and multicast, the Secure Router 8002 is well-equipped to address key enterprise high-end and core routing needs. Key features: High-performance routing for enterprise core and data center environments Non-stop forwarding, graceful restart and redundancy for resilient, high-availability operations Wide range of WAN interfaces/protocols, including OC-3/STM-1, E3, Frame Relay, T1/E1 and ISDN, for flexible remote site aggregation Full IPv4/IPv6 protocol set, including OSPF, BGP-4, RIP and multicast Comprehensive Layer 2/3 MPLS VPN, including RFC 2547, for advanced traffic management Advanced QoS and low-latency optimized for converged voice/data applications
54
Secure Router 8004

The Secure Router 8004 is a mid-range member of the Secure Router 8000 family of modular, high-performance enterprise routing platforms. The Secure Router 8004 provides four slots which can support a range of WAN/LAN interfaces, including OC-3/STM-1, PoS, GigE, E3 and T1/E1. With advanced features, such as IPv4/IPv6, MPLS VPN, BGP-4 and multicast, the Secure Router 8004 is well-equipped to address key enterprise high-end and core routing needs. Key features: High-performance routing for enterprise core and data center environments Non-stop forwarding, graceful restart and redundancy for resilient, high-availability operations Wide range of WAN interfaces/protocols, including OC-3/STM-1, E3, Frame Relay, T1/E1 and ISDN, for flexible remote site aggregation Full IPv4/IPv6 protocol set, including OSPF, BGP-4, RIP and multicast Comprehensive Layer 2/3 MPLS VPN, including RFC 2547, for advanced traffic management Advanced QoS and low-latency optimized for converged voice/data applications
Secure Router 8008

The Secure Router 8008 is a mid-range member of the Secure Router 8000 family of modular, high-performance enterprise routing platforms. The Secure Router 8008 provides eight slots which can support a range of WAN/LAN interfaces, including OC-3/STM-1, PoS, GigE, E3 and T1/E1. With advanced features, such as IPv4/IPv6, MPLS VPN, BGP-4 and multicast, the Secure Router 8008 is well-equipped to address key enterprise high-end and core routing needs. Key features: High-performance routing for enterprise core and data center environments Non-stop forwarding, graceful restart and redundancy for resilient, high-availability operations Wide range of WAN interfaces/protocols, including OC-3/STM-1, E3, Frame Relay, T1/E1 and ISDN, for flexible remote site aggregation Full IPv4/IPv6 protocol set, including OSPF, BGP-4, RIP and multicast Comprehensive Layer 2/3 MPLS VPN, including RFC 2547, for advanced traffic management Advanced QoS and low-latency optimized for converged voice/data applications
55
Secure Router 8012

The Secure Router 8012 is the highest-end member of the Secure Router 8000 family of modular, high-performance enterprise routing platforms. The Secure Router 8012 provides twelve slots which can support a range of WAN/LAN interfaces, including OC-3/STM-1, ATM, PoS, GigE, E3 and T1/E1. It further supports advanced routing features, such as IPv4/IPv6, MPLS VPN, BGP-4 and multicast. With redundant router and network processors, along with a range of other high-availability features, the Secure Router 8012 can deliver the resiliency and performance required for the most demanding enterprise core routing environments Key features: High-performance routing for enterprise core and data center environments Non-stop forwarding, graceful restart and redundancy for resilient, high-availability operations Wide range of WAN interfaces/protocols, including OC-3/STM-1, E3, Frame Relay, ATM, T1/E1 and ISDN, for flexible remote site aggregation Full IPv4/IPv6 protocol set, including OSPF, BGP-4, RIP and multicast Comprehensive Layer 2/3 MPLS VPN, including RFC 2547, for advanced traffic management Advanced QoS and low-latency optimized for converged voice/data applications
Secure Router 8000 Series Features and Benefits

High-performance advanced IPv4 and IPv6 routing The Secure Router 8000 robust routing services include a full IPv4 and IPv6 protocol set, including OSPFv2/3, RIPv1/v2, BGP-4 and multicast capabilities. A full-function IPv6 implementation also allows deployment in environments requiring extended IP addressing with the same routing services all without any additional system memory requirements. All models deliver resilient high-performance routing with support for up to 600k route capacity and a full Internet route table. High availability and resiliency The Secure Router 8000 Series provides highly resilient IPv4 and IPv6 routing services. The Series provides redundant hardware components, non-stop forwarding and graceful restart. The Secure Router 8012 supports multiple redundant processors and provides sub-second failover services a key requirement for core IP and data center routing environments. MPLS VPN support The Secure Router 8000 family provides comprehensive Layer 2 and Layer 3 MPLS VPN capabilities, including VRF-Lite. This enables enterprises to address their MPLS requirements within a WAN routing platform. For example, by using VRF-Lite on the Secure Router 8000 platform, organizations can create multiple Layer 3 routing domains to support multiple customers.
56
Highly optimized Quality of Service The Secure Router 8000 Series Quality of Service (QoS) design handles the demands of converged voice and data applications. It handles the demands through an integrated Layer 2 and Layer 3 QoS architecture. The Series supports Differentiated Services (DiffServ). This provides packet classification, metering, policing, coloring, re-marking, queuing and shaping. The Secure Router 8000 enables reliable, efficient traffic handling while maintaining critical services under even the most severe loads. The Secure Router 8000 Series delivers maximum performance and low latency for voice, video and other high-priority traffic. It does this while enabling bandwidth among all classes. Additionally, Layer 2 to Layer 4 traffic classification and Classed Based Queuing can be used for granular definition of service classes. These classes can be defined to match any communication service levels required for Layer 2 to Layer 4 networks. Integrated security The Secure Router 8000 Series combines secure device access with secure networking services. The routers enable business continuity and protect your valuable business assets. The Secure Router 8000 Series offers: Site-to-site VPN services for scalable, resilient branch office VPN applications Full-featured packet filtering (i.e., Access Control Lists) Full-featured Network Address Translation (NAT)
Management solutions The Secure Router 8000 Series offers industry-standard Command Line Interface (CLI) tools. This enables administrators to quickly deploy, operate and maintain the routers. It provides role-based management access and extensive event logging and troubleshooting. This reduces operational costs while maximizing availability and performance across the enterprise network. The routers enable Secure Access via SSHv2 and IPsec VPNs, include RADIUS and TACACS+ for user authentication and provide secure network management via SNMPv3.
57
Avaya Secure Router Portfolio

The Avaya Secure Router Portfolio enables secure end-to-end converged solutions. The Secure Routers combine robust IP routing, flexible WAN connectivity and security in a single cost-effective device. Ideal for enterprise branch, remote or regional site environments, Secure Routers are optimized to deliver the low-latency, high packet throughput required by IP telephony and multimedia applications. Providing wire-speed performance even with advanced WAN services enabled, they are the right solution for enterprises requiring high-speed Internet or private WAN connectivity. Secure Routers also include an extensive suite of advanced security features, including Virtual Private Networking (VPN), Stateful packet inspection Firewall, Encryption, etc. This built-in security protects against unauthorized access and network disruption, while enabling the privacy and integrity of transmitted data. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: wants to aggregate your T1 circuits into a new router. Unfortunately, many of the routers on the market today are bigger and more expensive than you need. s systems require you to keep a network operations center or data center with special environmental controlscosting you more than typical office space costs. When you make changes to your system, you want new technology that is more compact and offers you the ability to use less space to accomplish your technology goalsnot something that requires you to add on to your existing physical space. While you know that it is necessary to purchase a router that can integrate your WAN, routing, VPN, and IP services, the price tag for many options on the market today can break your budget. Many of these solutions are costly and do not provide the lower total cost of ownership that you are looking for.
We can deliver the following benefits: When Enterprises and Service Providers want fast, secure, reliable and scalable wide area network (WAN) T1/E1 and serial access, they turn to Avaya and the Secure Router 1000 Series router. These powerful platforms provide consistent high-speed throughput with no degradation in performance even with advanced services enabled. Secure Router 1000 Series routers perform up to three times faster than standard and some much higher-end WAN access platforms. A fast path forwarding engine enables delivery of services and applications at consistently high speeds, independent of bandwidth-intensive applications, packet sizes or enabled services, unlike other routers that cannot sustain peak performance as services are added.
Secure Routers provide interoperability with Avaya solutions, convergence applications and regional WAN requirements. Secure Routers are ideal for Avaya multi-product network and convergence deployments.
58
The Secure Router product line includes: Secure Router 1001 1-port T1/E1 with ISDN back-up option Secure Router 1001S 1 serial port with ISDN back-up option Secure Router 1002 2-port T1/E1 Secure Router 1004 4-port T1/E1 Secure Router 2330 three-slot modular unit with support for up to 6 x T1/E1 or other optional I/O cards. Secure Router 3120 two-slot modular unit with support of up to 2 x DS-3 or 16 x T1/E1 port Secure Router 4134 In its maximum configuration, the Secure Router 4134 supports up to 72 Power-over-Ethernet/Fast Ethernet ports or 58 Gigabit Ethernet ports; or up to 3 DS3/T3 or HSSI ports; or up to 91 physical/logical T1 connections.
Secure Router 1000 Series and 3120 are equipped with 2 x 10/100 Ethernet; Secure Router 2330 has 8 Ethernet (4 x 10/100 plus 4 x 10/100/1000), Secure Router 4134 has 4 x 10/100/1000 Ethernet in its base chassis. With this range, Secure Routers can address entry-level enterprise remote and branch sites through large regional and headquarters sites. Secure Router 1000 Series and 3120 are ideal for enterprise branch, remote or regional site environments. The Secure Router 1000 Series delivers fast, secure, reliable and scalable WAN T1/E1 and serial access for enterprises and service providers. These platforms are ideal for installation in enterprise remote sites, branch offices or service provider points of presence (POPs). Delivering fast, secure, reliable and scalable WAN access, the Secure Router 3120 is perfect for enterprises requiring high-speed IP or Internet access. It is targeted at larger branch and regional enterprise environments. The Secure Router 4134 represents the next evolution in the Secure Router product portfolio, extending the Secure Router positioning into the mid to high-end enterprise router market. In addition to providing multiple levels of reliability these platforms offer extensive hierarchical QoS, stateful firewalling, address translation, BGP routing, VPN with a variety of WAN interface options including T1/E1, V.35 and DS3. In addition, all models provide 2 ports of 10/100 Ethernet.
59
Avaya VPN Router
Avaya VPN Router

The rise of the Internet and IP-based applications provides enterprises with a unique opportunity to realize cost savings in their external and internal communications. But the Internet was not originally designed with security in mind. Enterprises with mission-critical Internet applications must secure the data they transmit, as well as protect their internal networks from outside intrusion. Legacy routers the traditional means of Internet connection do not easily scale to meet needed security requirements without expensive add-ons and performance overhead. Avaya VPN Routers are architected to deliver the security required by enterprise IP networks with the ability to scale to address a complete range of high-performance IP services. VPN Routers are a next-generation family of products delivering security and IP services in a single integrated platform. Targeted at the wide are network (WAN) edgethe intersection of an enterprises private and public IP networksthe VPN Router family is optimized to exploit the cost advantages of the Internet while providing secure communications across the public IP infrastructure. A single VPN Router device provides IP routing, IPsec-based Virtual Private Networking (VPN), stateful firewall, encryption, authentication, and bandwidth management services in a highly-integrated platform. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: Employees need the ability to work from anywhere. Access to the corporate network from anywhere is critical. Without a virtual workspace, employees cannot increase customer responsiveness and improve productivity. Not all applications on a corporate network require the same level of security. Subscription or license-based databases have strict access constraints, departmental applications contain sensitive information, human resource applications provide confidential personal data, and financial systems require restricted access. These applications, among many others, warrant additional security within the corporate network. needs to open your network to suppliers and business partners. However, needs to enable partners to access certain portions of your corporate LAN while protecting the balance of the network from intrusion.
We can deliver the following benefits: VPN Routers are architected to deliver the security required by enterprise IP networks with the ability to scale to address a complete range of high-performance IP services. We offer flexibility and simplicity. With a portfolio ranging from low-end VPN Router 1750 to the high-end VPN Router 2700/2750, VPN Router devices can handle the needs of the smallest branch site to those of the largest headquarters, and every environment in between. Its broad range of LAN/WAN interface options makes it an easy fit into existing enterprise networks.
With a comprehensive set of secure IP services, VPN Router offers what normally takes multiple purpose-built IP and security devices to deliver. Enterprises can deploy it as a VPN
60
Avaya VPN Router
gateway, IP access router, or stateful firewall device. A flexible software licensing system further allows them to turn up new services as they are needed. For example, the VPN Router can be installed initially as an IP access router, then VPN or firewall services can be added later via a simple license key. This allows quick deployment of needed services today with the flexibility to add new ones in the futureall without costly hardware upgrades. Built on our Secure Routing Technology framework, the VPN Router is designed with security inherent across all its operations. Secure Routing Technology integrates the major functional components of VPN Routersuch as management, access, routing, and policiesweaving a consistent security structure across these services. This provides scalability and high performance even when running multiple IP services in the same device. The VPN Router family consists of the following models: VPN Router 1750: Supports up to 500 tunnels VPN Router 2700/2750: Supports up to 2000 tunnels
Since it is standards-based, the VPN Router interoperates with existing routing, authentication, directory, and security services. This means the VPN Router can bridge the transition during the introduction of new IP services into the network. VPN Router devices can be initially installed behind an existing IP access device (router, DSL modem, etc.) without disruption to the network. Or, an enterprise deploying VPN Router as a VPN gateway can later add firewall services and/or transition the VPN Router to the primary Internet access device for that site. VPN Router platform is evolving from a VPN appliance to an integrated VPN Router. Rather than providing separate devices for separate functions (tunneling, encryption, authentication, routing, WANs and firewall) Avaya provides integrated security and IP services on a single platform.
61 Avaya Configuration and Orchestration Manager
Avaya Configuration and Orchestration Manager

Avaya Configuration and Orchestration Manager is a real-time, Web-based, multi-user network configuration management solution. Configuration and Orchestration Manager offers configuration, provisioning and troubleshooting for a wide range of technologies. Designed to support multiple users across an entire enterprise network, the topology-driven Configuration and Orchestration Manager is ideal for companies that want a cost-effective, easy-to-use and manage solution. It simplifies configuration and provisioning so valuable IT resources can focus on other important activities such as running the network. In essence, the Avaya Configuration and Orchestration Manager helps organizations save resources and time. Specifically, it improves installation time related to getting Avaya Ethernet switches up and running on the network. Whereas it can take several hours using Element Managers or device CLIs to install 20 switches, Configuration and Orchestration Manager can complete the install within 20 minutesover 5X faster. It also offers configuration times of over 3X faster while also decreasing the potential for errors associated with manual configuration. Whereas using Java Device Manager and CLI can take up to several hours, with Multi-Link Trunking wizards and templates, Configuration and Orchestration Manager can configure a two-device cluster in a couple of minutes. Benefits: Saves time and operational costs Protects your network from unauthorized changes, facilitates faster configuration and changes to the network, and reduces the potential for network downtime Enables easy and cost-effective installation and maintenance Accelerates processes, saves money and frees up valuable IT resources Reduces configuration setup time, while decreasing the likelihood of error Audits logs for change audits, root-cause analysis and compliance Centralized and simplified configuration management platform - delivering secured, user authenticated and audit trailed configuration and change management
We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: Configuring multiple devices one at a time is cumbersome and can result in errors. This can increase operational costs and slow down business processes. Without user access controls, there is no way to restrict access to configuration and management tools. Your network is unprotected and can be harmed due to unauthorized access. This can lead to increased network downtime, lost business and revenue. Network administration and troubleshooting is time consuming, taking up valuable IT resources and increasing installation and maintenance costs.
We can deliver the following benefits: Consolidated configuration/provisioning and orchestration saves time and operational costs Multiple concurrent user support and powerful access control protects network and reduces downtime GUI-driven/network-wide installation/maintenance configuration/provisioning easy and cost-effective
Device element management accelerates processes, saves money, frees up IT resources Simplified, intuitive wizards, easy-to-use templates reduces configuration set-up time, decreasing errors
Applications that support strategic business plans and goals are dependent on complex network services and protocols. And, although these services and protocols are becoming more complex, installation and configuration of them should not have to be. That is where the Avaya Configuration and Orchestration Manager comes in. Imagine a typical network environment in which there are thousands of devices. An IT staff member makes a change to one of these devices, which results in several minutes of network downtime. For the enterprise, the costs of this downtime can be significant reduced productivity, lost business and missed revenue. So how do you determine who made the change and why? Without effective user-access controls in place, it is possible that the network administrator might never know. Avaya Configuration and Orchestration Manager comes with user access controls that administrators can use to restrict or permit access to configuration and management tools. It helps to protect the network from potential harm caused by unauthorized access. As a central configuration platform, the GUI-driven Configuration and Orchestration Manager reduces the administration, complexity and related costs of configuring, provisioning and troubleshooting your network all from one central server. Furthermore, Configuration and Orchestration Manager intuitive and easy-to-use wizards can help reduce configuration time by as much as 70 percent, freeing your valuable IT experts to work on other critical projects. Configuration and Orchestration Manager supports the Avaya portfolio of Ethernet Routing Switches (including modular and stackable) and Wireless LAN (WLAN) products. Configuration and Orchestration Manager allows authorized and authenticated personnel to conveniently, quickly and securely configure devices on the network regardless of where the user or the device is located.
Features and benefits

The table below defines Configuration and Orchestration Manager key features and benefits.
Table: Configuration and Orchestration Manager Key Features and Benefits

Features Benefits
Consolidates configuration, provisioning and Saves time and operational costs orchestration through topology-driven, Webbased, integrated element management Supports multiple concurrent users and Protects your network, facilitates faster includes powerful access controls such as configuration and changes to the network, role-based user control functionality and reduces the potential for network downtime GUI-driven, network-wide configuration and Enables easy and cost-effective installation provisioning of new or existing network and maintenance devices Device element management, inventory, Accelerates processes, saves money and updates, and device and user access frees up valuable IT resources control through centralized element management Simplified, intuitive wizards and easy-to- use Reduces configuration setup time, while templates that can be reused as needed decreasing the likelihood of error
Avaya Configuration Communications
and
Orchestration
Manager
and
Unified
Avaya Unified Communications Management provides comprehensive management capabilities across voice, data and multimedia applications, utilizing a set of common services that serve as a foundation for unifying management applications. Common services allow network management applications to integrate with each other so that common components (e.g., user data and database information) can be shared, without requiring that the same definitions and configurations be repeated for each application. Configuration and Orchestration Manager is an important part of the Avaya Unified Communications Management strategy. Future releases of Configuration and Orchestration Manager will align with this strategy, enabling the sharing of portals, users and credentials with other Avaya Unified Communications Management products. In addition, a future release will provide orchestration, which enables integration with business process management and composite applications. This integration will enable IT teams to automate: triage and troubleshooting; repair of incidents and alerts; change and configuration management; and many repetitive maintenance tasks.
Wizards and templates to ease configuration

Avaya Configuration and Orchestration Manager facilitates even the most complex of network configurations through simplified, intuitive wizards and easy-to-use templates. Configuration templates are created once, stored and then conveniently applied again when needed. The
result? Best practices based configuration, pre-populated device aware configuration workflow, fewer keystrokes, accelerated installation and a reduction in errors that can lead to costly network downtime.
Split Multi-Link Trunking/Multi-Link Trunking Cluster Wizard

The GUI-driven Split Multi-Link Trunking/Multi-Link Trunking Cluster wizard simplifies Split Multi-Link Trunking/Multi-Link Trunking cluster configuration dramatically, enabling administrators to configure multiple clusters once and only once. Operating as a single workflow, the wizard allows administrators to configure both of the switches in the Split Multi-Link Trunking/Multi-Link Trunking cluster and provides standard preconfigured parameters to reduce the complexity associated with this type of configuration. Furthermore, once a Split Multi-Link Trunking/Multi-Link Trunking template is created, it can be used repeatedly, resulting in even more significant time savings.
Split Multi-Link Trunking/Multi-Link Trunking Wizard
Configuration and Orchestration Manager enables administrators to create multiple Split MultiLink Trunking/Single Link Split Multi-Link Trunking access. A tab-based Split Multi-Link Trunking/Multi-Link Trunking access view allows administrators to transparently see VLANs across all Split Multi-Link Trunking/Multi-Link Trunking access. Additionally, an intuitive VLAN creation wizard lets administrators create a VLAN and use it for Split Multi-Link Trunking/Single Link Split Multi-Link Trunking access.
VLAN Management Wizard

Configuration and Orchestration Manager includes a workflow-driven VLAN Management wizard that allows administrators to easily create or add a Spanning Tree Group, a VLAN or a port member.
VLAN Wizard
Centralized management and access control

Centralized management drives operational savings by eliminating the cumbersome, complex and error-prone task of configuring multiple devices one at a time. Through this centralization, Configuration and Orchestration Manager drives operational savings and accelerates business processes. Configuration and Orchestration Manager includes anywhere-anytime, network-wide device element management, inventory, updates, and device and user access control. Through powerful user access controls administrators can protect your network and avoid misconfiguration issues and downtime. And if administrators want insight into who made changes and when, audit logs give administrators visibility to see all the details, including who, what and when.
Element management is performed through scalable plug-in software called Off-Box Enterprise Device Manager. Once administrators download the software onto Configuration and Orchestration Manager, administrators can manage all elements from one server including assigning specific users access to a given device.
Configuration and Orchestration Manager: Off-box Enterprise Device Manager
Unlike on-box solutions that have limited processing power, Off-Box Enterprise Device Manager is able to leverage the servers powerful CPU and memory to accelerate configuration processes and perform faster and better monitoring of the system.
Off-Box Enterprise Device Manager

Centralized Off-Box Enterprise Device Manager is device element management software that allows administrators to manage all devices centrally from a single server. Through Off-Box Enterprise Device Manager, administrators have better control over who makes changes to devices. The manager offers: Read-only and read-write access control User-based access control and device list management Support for up to 30 Enterprise Device Manager user sessions concurrently User-based audit logs
For customers who still have older devices in their network, Configuration and Orchestration Manager also supports Java Device Manager in addition to Off-Box Enterprise Device Manager. Configuration and Orchestration Manager will launch Java Device Manager or Enterprise Device Manager depending on the type of device.
Configuration and Orchestration Manager sub-managers

Enterprises rely on their networks. These networks must support new services and capabilities so that enterprises can meet commitments and take advantage of opportunities. Configuration and Orchestration Manager includes several sub-managers that allow administrators to monitor, manage and configure protocols and settings in devices in the network. For example, the Multicast and VLAN management tools allow administrators to quickly configure or re-configure networks to support new service requirements. Security Manager Security Manager provides access to device and network management functions on the Avaya Ethernet Routing Switch 8000 Series as well as legacy devices discovered by Configuration and Orchestration Manager. With this tool, administrators can set, change and synchronize passwords and security features for CLI access, Web access, SNMP access, RADIUS properties and access policies. SSH Bulk Password configuration SSH Bulk Password can configure CLI passwords through Secure Shell (SSH) on multiple devices across a network discovered by Enterprise Switch Manager. Enterprise Switch Manager is a Java-based, real-time, configuration management application for Avaya Ethernet products including Ethernet Switches, Ethernet Routing Switches and WLAN devices. Community string for subnet To handle community strings of subnet, a column named subnet mask has been added to the community dialog box. During discovery, a network address combined with its subnet mask uniquely identifies a subnet for which the community strings apply. VLAN Manager VLAN Manager lets administrators: Create, delete or modify VLANs across one or multiple devices View VLAN information, membership and port configuration information in tabular format View Spanning Tree Protocol information such as members of spanning tree groups and Spanning Tree Protocol configuration View VLAN nodes across the network Export VLAN configuration to flat files
Multi-Link Trunking Manager Multi-Link Trunking is a point-to-point connection that aggregates multiple ports into a single logical port with the aggregate bandwidth available to it. By grouping multiple ports into one logical port or link, administrators can achieve higher aggregate throughput on a switch-toswitch or server-to-server application.
The Multi-Link Trunking Manager in Enterprise Switch Manager allows creation, deletion and editing of Multi-Link or Split Multi-Link Trunk membership information across devices in a network. Virtual Routing and Forwarding Manager Virtual Routing and Forwarding allows multiple instances of a routing table to co-exist within the same router at the same time. The routing instances are independent, allowing administrators to use the same or overlapping IP addresses. Virtual Routing and Forwarding management enables administrators to configure applications and services from multiple devices using a single GUI workflow. Additionally, administrators can be mapped to device-specific Virtual Routing and Forwarding, enabling better access control and device partitioning for device management where multiple users and various enterprises or divisions share the device based on Virtual Routing and Forwarding. Routing Manager The Routing Manager enables administrators to configure routing parameters on devices discovered by Configuration and Orchestration Manager across the network. The manager supports IP Routing, RIP, OSPF, ARP, VRRP, IPv6 Routing and IPv6 OSPF. Trap and Log Manager With Log Manager, administrators can open log files that are transferred from a network device. Administrators can view the entire file or just selected information. The log file is a file saved on the flash memory of a device and is used to analyze any activity written to the log file that may be of potential concern. In addition, Log Manager adds trap severity prioritization with associated color highlights. Avaya Configuration and Orchestration Manager can also be configured to receive traps for all managed devices. This helps control the overhead of checking for traps in individual switches. File and Inventory Manager File Manager is used for bulk uploads or downloads of files to or from multiple devices. With this feature, it is easier to deploy updated image or configuration files across the network. The Scheduler feature enables scheduling of file uploads/downloads. Inventory Manager displays current information about hardware and software discovered on the network.
Key features and tools

TFTP Server TFTP Server allows administrators to transfer files between servers without authentication. Administrators can also trace information on file transfer when the trace mode feature is enabled. Smart Diff for ASCII configuration files Smart Diff is a tool that compares ASCII-based switch configuration files. Through analysis, it creates a Diff list that can be stored as a file.
Device Port Scan The Device Port Scan feature enables the scanning of network device ports in order to determine the MAC addresses of connected end nodes. The data collected from these scans is stored and put into a file format. The frequency of scans is flexible as they can be scheduled at regular intervals or manually triggered. Scheduler Scheduler is a tool that allows administrators to schedule tasks submitted by sub-managers. This tool runs in the background independent of Configuration and Orchestration Manager, which means that it can execute scheduled tasks with or without Configuration and Orchestration Manager running in front. CLI management The CLI management tool allows administrators to interact with the device using Telnet and SSH. CLI manager is integrated with the Avaya Configuration and Orchestration Manager, eliminating the need for the tool to be installed on individual devices.
70
Avaya IP Flow Manager

Complexity of current network, type of application traffic it carries and the growing demand for strict adherence to Service Level Agreement for latency have placed considerable burden on network administrators. Networks have evolved into a newer paradigm where it is seen more as a service that is fully resilient to failures and would scale up as the demand for bandwidth and resource sharing grows. Avaya recognizes it is imperative that network administrators are equipped with tools that would not only provide detailed visibility of their network but also an expanded view of application behavior and performance. Avaya IP Flow Manager addresses the need to provide tools that would effectively monitor analyze and report application behaviors, and their bandwidth utilization trends. IP Flow Manager is a Unified Communications Management-ready application that is fully Web-based and uses the standard IP Flow technology with deeper analysis using packet capture, trending and threshold/alert notification capabilities. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: It is difficult to be one step ahead of the game in identifying how the network is being utilized and what are the top consumers of network resources. What gets further challenging is the ability to get an enterprise view of the network to determine regions of over utilized and under utilized network segments. Most of the tools currently used by companies provide segmented view of the network and have complex deployment and maintenance requirements. Current networks are either already carrying converged traffic such as enterprise data, voice and multimedia traffic or are expected to carry such traffic without further bandwidth expansion. The paradox of todays networks is the fact that they are mostly over or rightly provisioned but under perform due to a lack of tools that would provide network administrators visibility of the kind of applications that are running on the network. This creates a false sense of bandwidth crunch due to improper utilization of network resources and lack of policy setting to block out unwanted traffic. Todays networks contain devices from multiple vendors each offering their own unique characteristics and configurable parameters using different tools and ways of setting them. To provide a network monitoring tool that is agnostic to vendor specific device settings while providing a network view is essential to reduce complexity and cost of monitoring.
We can deliver the following benefits: A holistic end-to-end view of IP Flows providing a realistic assessment of network bandwidth utilization and application behavior over a period of time Standards-based management supporting both IPFIX, NetFlow v5/v9 and thereby making it an excellent tool to do flow capture and analysis in a multi-vendor network deployment
71
Packet capture and analysis facilitates deeper diagnosis of network problems IP Flow Manager also allows users to monitor voice traffic for planning purposes and supports protocols like RTP, SIP, and unified stimulus (UNIStim)
Following are some of the essential functional blocks of IP Flow Manager providing valuable network management experience to users:
Simple to Use User Interface (browser based UI)

IP Flow Manager provides a one stop window view of the network showing the devices that are sending flow and the data current status of the network based on user threshold settings, Top 10 consumers of network resources from application and conversation perspective. This dashboard view automatically opens up when a user launches IP Flow Manager with a valid login.
IP Flow Manager provides a one stop window view of the network
Top 10 View
IP Flow Manager provides a powerful yet easy to use and visualize reporting capability providing comprehensive details on top 10 consumers of network resources. Top 10 Views typically shows heaviest traffic patterns across the network. A user can obtain a network resource usage report not only by application level, but also by protocol, conversation, host, subnet and port. A user can launch Top 10 views as separate tabs with an ability to look at the data both as a tabular and chart form.
72
IP Flow Manager provides Top 10 Views
Alert Automation and Threshold Settings

IP Flow Manager allows a user to define threshold settings that would automatically trigger alert notifications when flow exceeds a user defined value. Alert notification can be forwarded as an SNMP Trap event, Syslog event, Email or a user can activate further analysis of the flow data using IP Flow Managers packet capture (applicable to the Ethernet Routing Switch 8600 only). Thresholds can be set against percentage of total traffic and for alert notification a severity of Low, Medium or High can be assigned to the event.
IP Flow Manager allows users to define threshold settings
73
Packet Capture
Packet capture capability is a unique feature of IP Flow Manager and a major differentiator from competitor products that allows network managers to perform a deeper analysis of network problems. It works in conjunction with packet capture capabilities of the Ethernet Routing Switch 8600 device family. This distinct feature allows network managers to view detail of the traffic (ingress) passing through a specific slot/port on the Ethernet Routing Switch device in the IP Flow Manager user interface.
IP Flow Manager provides packet capture
Supported Avaya Devices:

The table below includes the IP Flow Manager supported Avaya devices.
Table: IP Flow Manager Supported Avaya Devices

Product family Ethernet Routing Switch 8600 Ethernet Routing Switch 8300 Ethernet Routing Switch 5600 Ethernet Routing Switch 5500 Other devices Model R-module units All models Version 4.1 and later 4.2 and later
All models (stand 6.0 and later alone mode only) All models 5.0 and later
IP Flow Manager could collect data from devices that: Support IPFIX, NetFlow v5, or NetFlow v9 Can be configured to send the IP flow data to the IP Flow Manager
74
75 Avaya WLAN 2300 Series
Avaya WLAN 2300 Series

Enterprise customers demand an integrated wireless mobility infrastructure that spans both technical and financial concerns. A wireless LAN (WLAN) system needs to be capable of delivering high-quality voice, multimedia and business applications while meeting stringent security requirements, delivering seamless mobility functions, and at the same time be easy and cost-effective to install and operate. Avaya WLAN 2300 Series meets those goals, delivering secure mobility, the broadest range of services, and the lowest total cost of ownership of any WLAN system. While all WLAN systems purport to bring you mobility, the Avaya WLAN 2300 system delivers the architecture needed to allow users to roam securely while using any application anywhere in the network and over any topology, whether it is at corporate headquarters, branch offices, campuses or multi-tenant/multi-use facilities. The system does not require any changes to your current infrastructure - it simply makes your existing network, with all of its structure and services, available wirelessly. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: When an enterprise invests in a WLAN, they want improved user productivity, meaning that the WLAN service and supported applications must perform to user expectations. Usage patterns are changing quickly, and users are connecting more frequently with the WLAN and staying connected longer than ever before. Add to this a parallel investment in IP telephony and converged applications, combined with convenient desktop videoconferencing and the onslaught of new and embedded 802.11 clients (including dual mode cellular/Wi-Fi phones) and it is clear that demand for voice and multimedia over WLAN is imminent. Most of the recently introduced WLAN security standards like WPA2 and 802.11i address concerns relating to user authentication, and data confidentiality and integrity, but have done little to protect against RF-based attacks that focus on the WLAN infrastructure itself. Large-scale WLANs can present mobile clients with multiple points of connectivity at any given time. When too many users connect to a particular access point, individual performance suffers and system capacity is significantly reduced. As more and more users access networks wirelessly, this is putting a greater strain on existing WLAN networks. This causes slower performance, holes in coverage etc. While WLANs were primarily used for data access (Internet/email applications) in the past, there is the need to support more real time applications such as voice and video in addition to locating tracking applications.
We can deliver the following benefits: A better administrative experience - The WLAN 2300 Series makes life easier for administrators by automating tasks throughout the entire implementation and operations life cycle.
Simple installation - The WLAN Management Software system can be used to map the location of access points based on the expected number of users and type of applications being accessed. The WLAN Management Software system will also calculate each access points ideal configuration and push it out to the WLAN Security Switches which automatically configure the access points upon installation. Easy implementation From planning to production The WLAN Management Software system helps network administrators through every phase of a WLAN project from planning and configuration through to monitoring, reporting, expansion and ongoing operations. Standards-based/open client approach for user and application compatibility - The WLAN 2300 Series is simply: compatible. WLAN 2300 adheres to the latest IEEE and de-facto industry standards to ensure strong security and QoS while maintaining compatibility with user devices. Centralized access point management provides simplified administration - Each WLAN Security Switch provides centralized management for the access points under its control. Firmware updates, configuration changes and RF management can all be performed by the WLAN Security Switch through a management interface or via Wireless Management Software.
The Avaya WLAN 2300 Series is a complete 802.11 solution for enterprises wishing to deploy widespread wireless coverage for todays business, IP Telephony and converged multimedia applications. The solution combines the latest industry standards with a centralized architecture and advanced features to create a secure, cost-effective and highly scalable WLAN infrastructure. The WLAN 2300 Series includes the tools and features required for successful planning and implementation, whether deploying a first-time WLAN using a quick and simple approach, or graduating to a precisely engineered mobile infrastructure as part of a global enterprise mobility strategy. The WLAN 2300 Series features a centralized wireless LAN deployment model with thin access points controlled and managed by a central WLAN Security Switch. The series is comprised of four primary elements: WLAN Access Points WLAN Security Switches WLAN Management Software system WLAN Location Engine
Each plays a key role in the complete mobility solution. The Avaya WLAN 2300 Series Access Points perform 802.11a/b/g mobile connectivity, encryption/decryption for wireless traffic, priority queuing and radio frequency (RF) monitoring, including rogue access point identification and containment. Access points exchange control and data traffic with their associated WLAN Security Switch.
The Avaya WLAN 2300 family of security switches controls the access points and performs key functions such as security, networking, quality of service (QoS) and roaming for mobile users. The WLAN Security Switch also correlates radio frequency data from multiple access points and coordinates their response to changing RF conditions and RF attacks. The Avaya WLAN Management Software system is a comprehensive design and management tool that identifies ideal access point locations on detailed floor plans, configures all devices with a single click and provides granular monitoring and reporting for complete visibility and control over the entire system. The WLAN Location Engine is an optional element that adds integrated location services to any WLAN 2300 installation enabling new applications and services such as location-based security policies, content delivery or asset locating and tracking.
WLAN 2300 Centralized WLAN System
In WLAN 2300 Release 7, Avaya introduced Trapeze branded 802.11n products: the MP-432 802.11n AP, the MP-82 802.11n AP and the MX-2800 high capacity controller.
This solution is for customers with an immediate need for 802.11n. Avaya remains committed to bringing its own 802.11n solution to market in the third quarter of calendar year 2010. The Trapeze branded hardware is an interim solution until the Avaya solution is available. The WLAN 2300 Series includes a family of four security switches, each designed to meet specific needs of enterprise-wide deployments. The portfolio breadth, combined with advanced features and a common management system, provides unparalleled deployment flexibility and scalability to meet the growing demands of mobile professionals. Each switch can be deployed and managed independently, or can participate with other WLAN 2300 Security Switches in large enterprise network deployments. In multiple switch architectures, client information and policies are shared among switches to permit fast roaming among all access points. Regardless of network size or topology, the WLAN Security Switch 2300 family can lower equipment costs substantially by offering the right-sized product for any deployment scenario.
WLAN 2300 Series Access Points

The WLAN Access Point 2332 is a multi-mode, dual-radio 802.11a/b/g unit. It is controlled by the WLAN Security Switches and can be deployed in large numbers without creating a management burden. The AP is plenum-rated for ceiling installations and features an attractive enclosure that resembles a common smoke detector to blend in with office environments. The Access Point 2332 is controlled by any WLAN 2300 security switch and features improved RF performance from a dual radio 802.11a/b/g multi-mode design that can operate in multiple modes: A wired access point using both radios to deliver simultaneous 802.11a/b/g service Dual-Ethernet ports allows the access point to be dual-homed to the network for added resiliency Internal or external antenna options are available
An unwired access point using one radio for 802.11a or 802.11g wireless backhaul, and the other radio to deliver 802.11b/g service for clients The Access Point 2332 offers one-hop meshed configuration to create a wireless link between buildings or other distant locations where network connectivity is required.
Local forwarding creates more efficient traffic flows by allowing the access point to forward data packets outside of the WSS tunnel. Local forwarding can reduce latency and jitter by as much as 90% for improved voice quality. The table below compares Avaya options for WLAN APs (802.11 a/b/g WAP 2332 and 802.11n MP-432 AP) with other vendors.
Table: WLAN 2300 Series Access Points: Model Comparison

Feature Avaya WAP Trapeze MP- Trapeze 2332 432 MP-82 802.11n (3x3 No Yes Yes Yes Yes Yes No Yes Yes Yes Yes No (2x3 MIMO) No Yes No Yes Yes Yes No No No No Others
Dual radio MIMO)
Yes
Dual radio 802.11a/b/g P-MP Wireless Bridging Dual Ethernet ports Local traffic forwarding
Fully compatible with existing Yes WLAN 2300 systems
Avaya WLAN Security Switch 2350

The WLAN Security Switch 2350 is the smallest switch in the 2300 Series and is ideally suited for extending WLAN services to small or branch office environments. The WLAN Security Switch 2350 auto-configures when first connected to the network and can control up to three access points. It offers the same features as the larger WLAN 2300 switches but in a smaller package.

The WLAN Security Switch 2360 is ideally suited for mid-size office sites or wiring closet deployments and can control up to 12 access points that can be either connected directly to one of the eight Ethernet ports or indirectly through a Layer 2 or 3 network. The WLAN Security Switch 2361 is identical to the 2360, but adds a second power supply for improved wireless service resiliency.

The largest switches in the WLAN 2300 series feature Gigabit connectivity and are designed for large deployments and data center installations. The WLAN Security Switch 2382 can be licensed to control up to 128 distributed access points. Dual power supplies provide superior resiliency for voice and business applications. The WLAN Security Switch 2382 features a flexible software licensing model that allows customers to unlock capacity as required. The WLAN Security Switch 2382 is the ideal match with Avaya Ethernet Routing Switch 2500/4500 Series switches that deliver cost-effective, resilient PoE at the network edge. The WLAN Security Switch 2382 features 2 SFP GigE ports and is designed to be integrated with the network at the core, or at major distribution points.
Adding a WLAN Security Switch 2382 to Avaya Ethernet Routing Switch networks (or other vendors Layer 2/3 networks) instantly enables wireless access point compatibility on any available PoE port and gives customers the flexibility of using existing wiring closet equipment to quickly roll-out access points and create an office-wide secure Wi-Fi mobility system. The WLAN Security Switch 2382 provides key features: Licensed capacity of 32, 64, 96 or 128 WLAN 2300 system access points Up to 32 WLAN Security Switch 2382s can provide seamless mobility across a total of 4096 access points and managed as a single entity Supports the full WLAN 2300 system feature set optimized for secure enterprise-scale pervasive Wi-Fi coverage and mobile voice and unified communications 2xGigE Small-Form Pluggable (SFP) ports for 1000BASE-SX/LX fiber or 1000BASE-T copper connectivity. Note: the interface jacks need to be purchased with the 2xGigE SFP interface ports. Load balanced ports and redundant power supply Intelligent user load balancing distributes users among available access points for greatest system capacity Enabled to support Avaya WLAN Handset 6100 plus 2200 handsets for Wireless VoIP capability and associated applications.
The table below compares WLAN Security Switch 2300 models along with the new Trapeze MX-2800 controller, being introduced in Release 7.
Table: WLAN Security Switch 2300 Series: Model Comparison

WSS 2350 Number of Ethernet ports/Power Ethernet Fast 2/1 over --2 x 1-Gbps 8 x 1-Gbps (SFP) (RJ-45 or SFP) 2 x 10-Gbps (XFP) Licensed N Licensed N x 32 128 x 64 512 max max Yes rack 1U Yes rack 1U rack WSS 2360 8/6 WSS 2361 8/6 WSS 2382 1/0 (Mgt) MX-2800 1/0 (Mgt)
Number of Gigabit -Ethernet ports
Number of access 3 points supported Third-party support Form factor AP Yes Small
12
12
Yes table 1U
Yes rack 1U
Table: WLAN Security Switch 2300 Series: Model Comparison

WSS 2350 mount Power supply Single WSS 2360 mount Single WSS 2361 mount Dualredundant Mid-size office/ wiring closet WSS 2382 mount Dualredundant Data center MX-2800 mount Optional Dualredundant Data center
Application
SMB/ branch Mid-size office office/ wiring closet
Optional 802.11n hardware

Trapeze Networks MP-432 802.11n Access Point: The Trapeze Networks indoor MP-432 is a high performance 802.11n (3x3) Multiple Input / Multiple Output (MIMO), dual radio access point, with maximum aggregate data rates of up to 600 Mbps. One radio operates in the 2.4 GHz band and one in the 5 GHz band. The MP-432 is backwards compatible with legacy 802.11 a/b/g clients in the 2.4 GHz and 5 GHz bands to provide investment protection without the need for a second overlay networks. It is compliant with the IEE 802.11n Draft 2.0 standard. In most deployment scenarios, the MP-432 operates in full functionality 3 x 3 MIMO dual radio mode with the existing IEEE 802.3af. The MP-432 is compatible with the Avaya WLAN 23xx Security Switches, and can be deployed without any hardware upgrades to the installed base of switches. Trapeze Networks MP-82 802.11n Access Point: The Trapeze Networks WLAN Mobility Point 82 is an 802.11n (2x3) Multiple Input / Multiple Output (MIMO), dual radio access point, designed for high density deployments requiring maximum capacity. The MP-82 is compatible with the Avaya WLAN 2300 Security Switches and Trapeze Networks MX-2800 controller. The MP-82 is backwards compatible with legacy 802.11 a/b/g clients providing investment protection. It is compliant with the IEE 802.11n Draft 2.0 standard. Trapeze Networks MX-2800 High Capacity Controller The Trapeze Mobility Exchange MX-2800 is the next generation WLAN controller for medium to large size enterprise WLAN deployments. It offers 28 Gbps of throughput and supports up to 512 802.11n APs, while providing always-on availability and hitless failover with no service interruption.
WLAN Location Engine 2340

The WLAN Location Engine 2340 (WLE 2340) delivers accurate location of any active Wi-Fi device. The WLE 2340 integrates with the WLAN 2300 system by communicating with the WLAN 2300 to collect and log relevant user data and RF statistics. This information is used to
resolve a devices location and track its movement - thousands of devices can be tracked simultaneously. The WLE 2340 uses both geometric algorithms and RF pattern matching to allow customers to dial-in the level of accuracy they require. By using data already captured by the access points, the integrated solution mitigates the need to install client tracking software on Wi-Fi devices this simplifies operation, allows a broader range of devices to be tracked and allows locationbased security filters to be applied to any device including guest users where there is no control over client configurations. The WLE 2340 features an external API that allows developers to incorporate location information into applications such as voice, messaging, unified communications, supply chain, security, monitoring, troubleshooting, inventory management and others where a location context or presence state is required.
83

Avayas Wireless Networking portfolio delivers WLAN solutions that can meet the challenges of today, tomorrow, and into the future. While wire remains the mainstay of office environments, the enhanced throughput and range that 802.11n offers over 802.11 a/b/g makes WLAN a viable alternative to wired networking for end-user connectivity. Avaya WLAN 8100 Series is a next generation WLAN solution that delivers high performance that enterprises require. Through the 802.11n wireless standard the solution provides increased throughput and range. The WLAN 8100 Series is a complete solution that is ideal for enterprises looking to move users to wireless access for todays leading business, IP Telephony and converged multimedia applications. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: Demands for voice and multimedia over WLAN: When an enterprise invests in a WLAN, they want improved user productivity, meaning that the WLAN service and supported applications must perform to user expectations. Usage patterns are changing quickly, and users are connecting more frequently with the WLAN and staying connected longer than ever before. Add to this a parallel investment in IP telephony and converged applications, combined with convenient desktop videoconferencing and the onslaught of new and embedded 802.11 clients (including dual mode cellular/Wi-Fi phones) and it is clear that demand for voice and multimedia over WLAN is imminent. Improving WLAN security: Most of the recently introduced WLAN security standards like Wi-Fi Protected Access 2 (WPA2) and 802.11i address concerns relating to user authentication, and data confidentiality and integrity, but have done little to protect against RF-based attacks that focus on the WLAN infrastructure itself. Enabling adequate system connections: Large-scale WLANs can present mobile clients with multiple points of connectivity at any given time. When too many users connect to a particular access point, individual performance suffers and system capacity is significantly reduced. Greater performance, capacity and reliability: As more and more users access networks wirelessly, this is putting a greater strain on existing WLAN networks. Slower performance, holes in coverage, etc. Need to support more applications: While WLANs were primarily used for data access (Internet/email applications) in the past, there is the need to support more real-time applications such as voice and video.
We can deliver the following benefits: Reduce total cost of ownership: The WLAN 8100 Series provides centralized management and removes the complexities of supporting multiple overlay networks (LAN, WLAN, VPN, network management). This reduces operational costs. Performance: The WLAN 8100 Series provides high performance through the 802.11n standard. It uses Multiple In, Multiple Out-Orthogonal Frequency Division Multiplex
2010 Avaya Inc. All Rights Reserved
84
(OFDM-MIMO) and multiple spatial streams, allowing for high performance levels and improving coverage when compared to prior systems such as 802.11a, g, b. Avayas extensive experience with OFDM-MIMO as a significant contributor to the standards is reflected in the superior radio frequency performance of the Avaya Access Points. Security: WLAN 8100 Series solution is built around 802.11i. It supports Wi-Fi Protected Access 2 (WPA2) and other security features that are more robust than those of any wired network. Strong, flexible two-factor authentication and authorization, along with robust protection mechanisms, make the wireless network secure enough to meet your customers expectations. E911 support VoWLAN (voice) scaling Clustering of AP licenses: N-1 resiliency model compared to the industry norm of N+1
Avaya WLAN 8100 Series includes Avaya WLAN Access Point 8120, Avaya WLAN Controller 8180 and Avaya WLAN Management Software 8100. The WLAN 8100 Series architecture provides a complete 802.11n solution as well as unified management, a broad range of wireless application opportunities and VoWLAN. The WLAN Controller 8180 -- operating as a standalone controller in the first release -- controls the WLAN Access Point 8120 devices. Avaya plans for the WLAN 8100 Series to support split-plane architecture in a later release. Customers who purchase the WLAN 8100 Series today will be able to take advantage of splitplane in the future. The WLAN Controller 8180 can be made into a Wireless Switching Point only or Wireless Control Point only in the future. The Wireless Switching Point can be moved into the Ethernet Routing Switches and allow the same WLAN Controller 8180 to become a Wireless Control Point only and scale much higher in its singular role. With the data plane and the control plane combined in the same device you can split the traffic so the traffic goes to the Ethernet Routing Switch or the WLAN Controller 8180. This reduces total cost of ownership. Customers can deploy WLAN 8100 Series today as an overlay. The WLAN 8100 Series products in the first release are split-plane ready. When you implement split-plane, you reuse your existing components. You can support growth without needing new controllers. The WLAN 8100 Series includes: WLAN Access Point 8120: an indoor, dual radio, 802.11n AP. WLAN Controller 8180: a standalone controller, designed for medium to large enterprises. It can support up to 256 APs. For smaller deployments, a 16-license version (WC 8180 -16L) is available. WLAN Management Software 8100: a graphical user interface (GUI) application suite used to plan, configure, deploy and monitor a WLAN and its users. The WLAN Management Software 8100 is integrated into Avaya Unified Communications Management which provides unified management across wired and wireless networks, enabling network administers to streamline their workflows and reduce time required to install, configure, maintain and troubleshoot networks.
85
WLAN Access Point 8120s provide wireless access to mobile devices and perform encryption/decryption for wireless traffic, priority queuing and radio frequency (RF) monitoring, including rogue Access Point (AP) identification and containment. WLAN Access Point 8120s exchange control and data traffic with their associated Wireless Controller. Features include: Two 802.11a/b/g/n radios Two spatial streams over integrated Multiple In, Multiple Out (MIMO) Antennas (2.4 GHz and 5 GHz) Integrated and external antenna options Simultaneous dual band operation (2.4 GHz and 5 GHz) Adaptive frame aggregation One GigE uplink port Multiple Power over Ethernet options, including 802.3af support at full performance
WLAN Controller 8180s control the access points and perform key centralized functions such as security, networking, quality of service (QoS) and roaming for mobile users. Controllers can be deployed as either standalone wireless controllers today or integrated into the Avaya wired portfolio in the future.
86
WLAN Controller 8180s provide key features: Scalable architecture with separate data and control planes, each of which can scale independently and more cost-effectively than traditional controller-based architectures Expansion module for further flexibility in scaling Ability to move data plane to core/edge switches and control plane to a virtual environment in the future Support for up to 256 APs (802.11n) per controller, 32 controllers per cluster
The WLAN Management Software 8100 is a comprehensive configuration and management tool. It provides detailed floor plan and RF coverage views, configures all devices with a single click and provides granular monitoring and reporting for complete visibility and control over the entire system. WLAN 8100 Series: Enabling the unwired enterprise The WLAN 8100 Series allocates separate resources to management, control and data forwarding. The wireless controller/switch architecture delivers an optimized WLAN switching system. By combining the operational advantages of centralized management and intelligence with the scalability, efficiency and performance of distributed switching, the optimized wireless controller/switch architecture is able to deliver an optimized WLAN switching system.
The Avaya WLAN 8100 Series advantage

Enhanced user experience The WLAN 8100 Series delivers the performance and robustness of a wired network from a wireless network. It enables an optimal experience for users. Resiliency features, high availability and ubiquitous coverage that eliminates dead spots enable users to stay connected wherever they are. It makes the WLAN 8100 Series ideal in mission-critical environments such as healthcare. Since the series is built around 802.11i, it supports Wi-Fi Protected Access 2 (WPA2) and other security features that are often more robust than those deployed in most wired networks. Simplified administration The WLAN 8100 Series provides centralized management. It eliminates the need to support multiple overlay networks (including LAN, WLAN, VPN, voice and network management). This leads to operational cost savings. The Series simplifies surveying, configuring, deployment, monitoring and reporting functions. It includes self-diagnosing and self-healing capabilities to support mainstream WLAN applications as efficiently as possible. Better return on investment The WLAN Access Point 8120s provide two radio and two spatial stream MIMO capabilities while keeping power draw within the current 802.3af Power over Ethernet specifications.
87
The unwired enterprise a new era of WLAN Avaya envisions a future where the wireless bandwidth will exceed user application requirements. This will enable office environments to be entirely wireless and integrated with existing fixed and cellular wide area networks. This will give workforces seamless universal mobility both in and out of the office. This capability will be enabled by a true wireless broadband infrastructure capable of supporting all communications needs, including voice, video, unified communications and other real-time applications.
WLAN 8100 Series Benefits

The WLAN 8100 Series provides key benefits: Cost savings and lower total cost of ownership Eliminates cabling and the associated expense Requires fewer network elements, thereby reducing total cost of ownership Energy-efficient with 802.3af powered APs
Increased performance, coverage and security Provides higher performance, throughput, reliability and more, through support for 802.11n Common network access security capabilities that can be set for all users and devices, both wired and wireless; support for popular authentication types and security standards
Enhanced user mobility and productivity Optimized for voice and multimedia applications; supports industry-leading wireless voice call densities and introduces the industrys first solution to extend E-911 support to wireless devices Offers end-to-end solutions, including fixed-mobile convergence (e.g., WLAN infrastructure, WLAN handsets, data, voice, Mobile Unified Communications solutions) to extend reach and increase worker productivity
WLAN 8100 Series: An unwired enterprise enabler

Wire remains the mainstay of office environments today. The enhanced throughput and range that 802.11n offers over 802.11 a/b/g makes WLAN a viable alternative to wired networking for end-user connectivity. Avaya welcomes a future where office environments will be entirely wireless. The bandwidth users will receive from their wireless connection will be sufficient to support all the applications they would use on a wired LAN. But Avayas vision of the unwired enterprise goes far beyond the elimination of wiring. Avaya has created a simplified network infrastructure. This enables you to achieve new levels of workforce productivity, operational efficiency and competitive advantage. The days of disparate networks, applications, tools and network management are coming to an end. Avaya is leading the way in enabling this with its new WLAN 8100 Series offering.
88
The WLAN 8100 Series delivers a simpler, lower-cost solution. It offers common policies and tools for security, guest access and network management across the wireless and wired network infrastructures. As we enter the unwired enterprise era, Avaya is committed to developing solutions that deliver true unification and WLAN technology is an integral part of that. The WLAN 8100 Series, which is built from the ground up within Avaya, leverages the companys rich voice and carriergrade heritage and a decade of innovation in wireless.
89
Avaya Network Resource Manager

Avaya Network Resource Manager a key component of the Avaya Unified Communications Management solution -- simplifies management for Avaya network elements. It manages Ethernet Routing Switches, Secure Network Access Switches, Secure Routers, and VPN Routers. It reduces the time the network administrator spends configuring these devices. Network Resource Manager automates updates and backups and other services across multiple devices in the network from a Web-based interface. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: It is difficult to manage the network as one entity which it is. With proprietary management applications is required to use multiple applications to diagnose or monitor the network. Not only does this create complexity for network managers but also increases the overall cost to maintain the network. Such as, multiple servers. For each proprietary manager an additional server will be required. Increasing cost. Also, time will be lost due to the network manager being required to merge data from multiple applications to diagnose a problem. Network configuration and software updates must be centralized and controlled in order to eliminate outages due to manual configuration errors It is a complex task to manually manage configurations, perform backups and software updates, and implement routine password changes individually on a device-by-device basis Control network management cost Helps to reduce the complexity and control the costs of managing and maintaining a secure, high-performance network Manage security updates Gives network managers automated tools needed to allow password changes to be updated regularly and community strings to be properly configured Rapidly deploy changes Enables network operations center personnel to configure hundreds of Avaya devices in minutes with 100 percent accuracy Automate routine backups A comprehensive disaster recovery plan includes regular device backups. Automating backups improves staff efficiency Reduce errors; keep 5 nines reliability Automating configuration tasks from proven device configurations reduces the probability of network outages attributable to user error Reduces change management and software update execution times
A key challenge is managing converged data networks that support unified communications solutions. IT Operations is faced with managing a growing and increasingly complex network, often without the budget to add additional staff. And while reducing network outages is critical, most network outages are due to manual configuration errors.
90
The prospect of using a standard command line interface is almost inconceivable in medium to large network environments. It is a complex task to manually manage configurations, perform backups and software updates, and implement routine password changes individually on a device-by-device basis.
Avaya solution
Network Resource Manager is a software application and a key component of the Avaya Unified Communications Management solution. It streamlines and automates routine management tasks. It automates device configurations from templates, backup and restore configurations, and updates software. Network Resource Manager automates security administration tasks by enabling passwords and/or community string updates on groups of devices. Automating management tasks decreases the total cost of ownership. It maximizes staff efficiency. Automation reduces manual configuration errors that have the potential to undermine network security. Device configuration errors sometimes cause network problems that can be difficult to diagnose and correct. The ability to automate changes also reduces network downtime.
Application features
Configuration Update Generator Administrators can use the Configuration Update Generator service tool to run a common set of configuration commands on multiple system devices. With this tool, administrators can apply previously created template files to multiple devices with a single action. For example, this tool can quickly set up firewalls on multiple network elements of the same type on a network. Administrators can also populate specific data fields for devices from a comma-separated values file. This feature allows administrators to use Microsoft Excel to organize device-specific adjustments to configuration parameters in an easy-to-read format. Configuration Backup and Restore Administrators can use the Configuration Backup and Restore tool to backup and restore device configuration parameters. If administrators need to restore a device configuration, the tool automatically reboots the device after a restore operation. Software Version Updater Administrators can use the Software Version Updater tool to perform software updates of device images. Administrators can also create a package to update a group of devices of the same type. This greatly simplifies software updates on s network when new software releases are available. Device Password Manager With the Device Password Manager tool, administrators can select a group of managed devices and change an administrator password and an SNMP read-only and read/write community string. If has staff turnover or if has a policy of changing device passwords every 90 days, the process of updating passwords can be greatly simplified and rapidly executed through automation.
91
Tunnel Guard Distributor Administrators can use the Tunnel Guard Distributor tool to copy a Tunnel Guard rule from one device to multiple devices. This greatly simplifies configuration of Avaya Secure Network Access Switches that enable only trusted users utilizing compliant devices to access network resources.
92
Avaya Enterprise Switch Manager

The Avaya Enterprise Switch Manager is a Java-based, real-time, configuration management application for the Avaya Ethernet products including Ethernet Switches, Ethernet Routing Switches, Layer 4-7 Switches and WLAN devices. Network managers can discover, view, and configure more than 500 network devices, and import, export, or modify individual port settings, default gateways, SNMP traps, VLAN configurations, and product or image files. Key features: Reduces network administration costs Reduces time to deploy network devices Uses intuitive GUI for simplified device configuration Provides real-time configuration of network devices Presents a system-level view of network
We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: Configuring device by device is prone to human error and configuration errors are the number one cause of poor network performance and failure Some port configuration settings are best for VoIP and not a PC. Having the wrong VoIP configuration can negatively impact the user experience If an Ethernet switch needs to be replaced, restoring an old configuration can impact the performance, and potentially bring back old problems Inconsistent deployment of Ethernet switch software can lead to performance issues that can be time consuming to isolate and resolve
We can deliver the following benefits: Active user interface - comfort, speed - input and output via the same window or user dialog Visualization of information - speed, simplicity effective use of colors, tables, summaries Individual object handling - comfort, speed, simplicity - single object or/and grouped object management Input/output device - comfort, speed, simplicity - mouse clicks, mouse selections Information consolidation - comfort, speed - information export to printer, tables, excelfiles, what you see is what you get
Lost productivity and missed opportunities due to network downtime are costly to an enterprise. New applications and services that support strategic business functions are more dependent than ever on complex network services and protocols. Managing network configuration and reliability is a key function for IS/IT professionals.
93
Avaya Enterprise Switch Manager is a Java-based configuration management application for Avaya Ethernet products including Ethernet Routing switches, Application switches for versions AOS 21.0 or higher, and WLAN devices. With the Enterprise Switch Manager, you can discover, configure and view more than 500 devices and their physical links on a graphical topology map. The management tool is network-centric it enables you to perform configuration management of a small to medium-sized network of Ethernet products. Enterprise Switch Manager provides a graphical view of the network displaying physical connectivity between devices. It can discover devices on demand that are configured in the network. Once the discovery is completed, other sub-manager applications can perform monitoring and configuration operations on the discovered devices. The tool is the launch point for sub-manager applications.
Enterprise Switch Manager: Main Screen
A dramatic improvement over command line interface applications that require complex command strings, this intuitive Java-based solution streamlines the configuration process by using a GUI that displays data in easy-to-view windows. Enterprise Switch Manager allows network managers to configure individual port settings, default gateways, SNMP traps, VLAN configurations, and perform image and configuration file maintenance, which simplifies the set-up and management of multiple devices. This easy-to-use application expands the pool of administrators capable of performing complex network configurations. It provides a system-level view of a network and physical connectivity between devices and discovery is automatic.
94
Avaya Identity Engines Portfolio

Network security has been evolving since its inception, sometimes slowly, sometimes in larger increments. As technology has shifted, best practices have slowly matured. What was a good idea two years ago is still likely a good idea today, with minor variations based on the evolving threats and business requirements. However, we are currently at an inflection point in the use of network-based security controls. Whereas previous designs focused almost exclusively on static policies, filter rules, and enforcement controls, a newer approach has emerged that promises much more dynamic options to address the increased mobility and diversity of todays network users. This approach, called the Authenticated Network Architecture (ANA), is based on the notion of authentication of all users on a network and the association of each user with a particular set of network entitlements. For example, guests are granted access only to the Internet, contractors only to discrete network resources, employees only to the broader network as a whole, and privileged employees only to isolated enclaves of highly secured resources. Avaya Identity Engines is the Avaya premier identity-aware Network Access Control suite. It is widely considered to be the next generation of standards-based network access control and is an evolution from the Avaya first generation Secure Network Access Switch. Avaya Identity Engines portfolio integrates with s current network infrastructures to provide the central policy decision needed to enforce role-based Network Access Control. This is accomplished by combining the best elements of a next-generation RADIUS/AAA server, the deep directory integration found in application identity offerings, and one of the industry's most advanced standards-based policy engines. All this is done out-of-band for maximum scalability and cost effectiveness. The Avaya Identity Engines portfolio can allow you to: Adhere to regulatory compliance needs Secure guest, visitor and contractor access and provide audit trails Collapse existing AAA servers into a single deployment Centralize policy management to improve operations and eliminate policy distribution costs Compartmentalize the network to improve resource utilization and reduce attack surfaces or exposure Eliminate 802.1X wired or wireless deployment complexity Implement a standards-based Network Access Control solution while preserving existing access technology investments
We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: Allow guest users or visitors temporary and restricted access to the network Enable only authorized devices to be permitted on the network
95
Enable users/devices accessing the network to be only given access to the portions of the network that they require access to
We can deliver the following benefits: What truly sets Avaya Identity Engines portfolio apart from the others is its unique ability to function in a truly heterogeneous environment including its tight integration with thirdparty back end directories. This enables enterprises to preserve their very significant investments in existing edge devices as well as directory implementations. Its plain English policy definition and deep abstraction capabilities makes the operational management capabilities of this solution significantly more intuitive and cost effective when compared to the competition. Given its standards-based approach, the Avaya Identity Engines solution can be relied upon for many years to come. This presents a dramatic contrast to proprietary solutions which are not only costly, but may also have a very short shelf life.
It is important to note that none of these solutions are mutually exclusive and the proposal includes the components necessary to implement some or all of the solutions described in this section. Guest Access The first solution utilizes the Avaya Identity Engines portfolio to provide for a Guest Access solution. With this solution, it is possible to enable front-desk (reception/security) staff or the visitors themselves to safely and securely provision temporary access to the network. The solution enables the creation of temporary accounts as well as assignment to restricted portions of the network. This solution applies to both wired and un-wired as well as 802.1X and non 802.1X enabled guests. A typical implementation may look something like this: Guest arrives at the facilities and proceeds to security/reception. Reception verifies their identification as well as who they are there to see. Reception points their Web browser to the Guest Manager URL which provides them a form (which restricts them to only the required information). Since most cases it is not clear if the guest is using 802.1X on their iPhone, BlackBerry, laptop, and so on, the most common scenario is to request the guests MAC address. A hot-sheet at reception can provide the necessary instructions on how to obtain this info. Once obtained, reception can enter the info in the Web form and this will create the temporary access for this guest. Once the time expires, the Identity Engines Ignition Server will instruct the edge devices to disconnect the guest. The guest simply uses wired or wireless access to access the network and if implementing the MAC address model then no further credentials are needed (nor is any user training).
Authorized Device Access This solution is commonly used as a mechanism to prevent rogue or unauthorized devices from connecting to the network. It is most common to register the MAC addresses for the approved devices which normally include devices like printers, fax, all-in-ones, network devices and wireless access points. These MAC addresses can be registered in the Ignition Server internal
96
store (and MAC level authentication is done) or they can be registered in an external database such as LDAP or Active Directory (in this case device level authentication is done). In either case, the Ignition Server is responsible for looking up the device, and if present and authentication succeeds, then instructing the network switch or access point to grant access. This allows the enterprise to centralize the device access list as opposed to configuring MAC level authentication on each network device in the enterprise. This also prevents someone from unplugging a printer and plugging in a device to get access to the corporate network. Even more critical, in todays world, this prevents an employee from bringing in their own wireless access point and unknowingly exposing the corporate network to the outside world. Restricted Access Where regulatory compliance and audit controls are a large concern, Identity Engines can be used to isolate users to specific portions of the network. While the previous two solutions are very straightforward and can be setup quickly, planning this solution requires additional prepwork. With this solution, the employees workstations are enabled for 802.1X access which can be as simple as enabling 802.1X functionality that exists as part of the Windows operating system. The network must also be constructed in a manner that permits segmentation. This simply means the ability to group like services/requirements to common areas. This could mean grouping by building (where employees should only have access to the network where they reside) or it could be more robust where VLANs are used to create segmentation such as the HR or Finance network. Finally, plain-English Ignition Server policies are created to evaluate the access request and provide the desired response. A common policy includes querying the Active Directory to determine specific group membership for key groups (e.g., HR Group, Building 1) and, based on the group membership, instructing the edge device to allow (or deny) access and provisioning the user with a specific VLAN or Access Control List (ACL). The proposed Network Access Control solution utilizes the existing network infrastructure as well as the Identity Engines portfolio to provide with the desired capabilities.
97
Avaya Identity Engines Network Access Control Solution

Policy Enforcement Point Policy Decision Point Policy Information Point
NETWORK ABSTRACTION LAYER
Integration APIs Guest Access Posture Assessment Reporting and Analytics
Identity Engines Portfolio Optional Components In addition to the components referenced above that make up the proposal, the following optional components are available. Identity Engines Ignition Analytics: Delivers at-a-glance reports highlighting user info, failed authentications and usage summaries. Ignition Analytics is a software application that is installed on a customer provided Windows 2003 server in the data center. The Windows Server can either be virtualized (using any valid virtualization technology) or can be standalone. On an operator-scheduled basis, the Ignition Server pushes its logs to the Analytics server where upon they are automatically imported into a database that is used for reporting. The operator can then use a standard Web browser to access the reporting system to run standard reports or create custom reports. With Ignition Analytics, it is possible to schedule reports as well as receive them via email and in various formats such as HTML, PDF or XLS to name just a few. Identity Engines Ignition Posture: Performs device health assessments to enable endpoints to comply with security policies. It is possible to interrogate the users PC to enable corporate compliance prior to allowing them on the network. This allows the operator to write policies to check for things such as the presence of anti-virus or personal firewall software. Posture checking can be very granular and advanced where one could not only check for the presence of anti-virus software but check that real-time anti-virus is running and that a scan has completed within the last 24-hours for example.
DIRECTORY ABSTRACTION LAYER
98
Furthermore, it is possible to auto-repair common out-of-compliance conditions such as out-ofdate virus definitions via simple user click of the repair button. The Ignition Posture module is actually two components. The Posture Integration Module is enabled on the Ignition Server and is required to define posture policies. An appropriate number of Health Assessment End-Point licenses are required for the actual client software that runs on the users PC to conduct the actual compliance check. Identity Engines Ignition TACACS+: Enables TACACS+ authentication and authorization policies. The optional TACACS+ Integration module is applied via license key to the Ignition Server in order to enable TACACS+ functionality. This allows the enterprise to consolidate all AAA requests to the Ignition Server to support both user and network operator authentication.
99
Avaya Visualization Performance and Fault Manager

The growing myriad of communications devices, the rising demand for anytime-anywhere connectivity and the increasing need for convergence have created new challenges to network operations. This includes how to manage the whole system from end to end. Avaya understands network management and recognizes that offering you the right networking tools can lead to positive and significant benefits for your business. For example, network applications that automate tasks and reporting can improve efficiency. Having management tools within a single unifying framework can help improve workflow, reduce training requirements and decrease the complexity of managing a hyperconnected network and provide you with a smooth path to unified communications. Avaya introduces the Visualization Performance and Fault Manager to address the challenges and the need for convergence. Visualization Performance and Fault Manager is a Unified Communications Management-ready application. It provides advanced network discovery, topology visualization, fault and performance management. We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: It is difficult to manage the network as one entity which it is. With proprietary management applications your organization is required to use multiple applications to diagnose or monitor the network. Not only does this create complexity for network managers but also increases the overall cost to maintain the network. For each proprietary manager an additional server will be required, increasing cost. Also, time will be lost due to the network manager being required to merge data from multiple applications to diagnose a problem. Multiple servers increase capital expenditure (CAPEX). Multiple applications performing the same Fault and Performance function increases operational expenditure (OPEX). This may cause difficulty meeting your organizations IT budget constraints. Networks change daily. Devices are added and removed. The Fault Management platform must accommodate those changes dynamically and immediately. When a device is removed the application must be able to know this and present an accurate view of the network without this device. When a device is added it needs to be managed immediately and not force the network manager to wait for modules or kits to be released before device management can begin.
We can deliver the following benefits: A holistic end-to-end view of the network which improves the quality and reduces the time required to manage todays complex networks. Standards-based management enables quicker access to any new device being added to the network and the instrumentation it provides. Centralized management versus proprietary domain management reduces the number of applications used to manage the network. It also reduces the data being presented thus providing an easier management experience.
100
The Visualization Performance and Fault Manager has the ability to discover every device on your network, even if you deploy equipment from numerous vendors. The application transforms complex network topology into simple-to-use, hierarchy-based maps, giving you clear, end-to-end views that help you quickly determine if network issues are physical or logical in nature. By having insight into how devices are connected and performing, you can zero in on aspects of the network and reduce your mean-time-to-repair. Personnel can be dispatched quickly, resulting in less downtime, greater productivity, elevated levels of user satisfaction and a proactive rather than reactive network management environment. Through the Visualization Performance and Fault Manager you can increase productivity for not only support personnel, but also every user on the network. The application enables you to determine that a switch has gone down, view which users are connected to the switch, and perform impact analysis. An example might include an email server failing. Using the Visualization Performance and Fault Manager, you could identify which users are affected and then take proactive measures, such as sending a broadcast voicemail to say, Were aware of the issue, and working to resolve it.
Network discovery
The Visualization Performance and Fault Manager offers heterogeneous-based network discovery (versus domain-based) with support for standards-, proprietary-, application- and OSbased discovery. This means that as long as the device is IP or SNMP-based, the Visualization Performance and Fault Manager can discover it. Discovery applies to servers, end nodes and operating systems. The application discovers all IP devices and nodes attached to the network, including servers, storage servers, printer servers, switches, routers, user end nodes (e.g., PCs and laptops), IP phones and more. But the functionality does not stop there. The Visualization Performance and Fault Manager also discovers the relationships that exist among devices in the network, including topology and links. Operating systems and applications on servers can also be part of the discovery process if operating system security settings allow.
101
Discovery and Inventory Dialog Window
Network visualization
Once devices are identified through discovery, Visualization Performance and Fault Manager takes complex network topologies consisting of multiple geographic locations, multiple devices, hundreds or even thousands of devices connected to the network and transforms them into simple hierarchy-based topology views. It shows degrees of device connectivity based on device function and where it is located in the network (i.e., a layered environment approach). The visualization function also includes VoIP service-based views that provide you with insight into the application. Having service-based views enables you to differentiate between physical connectivity and logical- or application-connectivity issues. Finally, the Visualization Performance and Fault Manager provides device-centric views that enable you to see the relationship between devices, i.e., identifies a switch and all the devices connected to it, enabling you to perform impact analysis.
102
Network Connectivity View
Fault management
Once the issue(s) have been identified through network visualization, you can use the Visualization Performance and Fault Manager to monitor the network for faults. Using information collected from the network and the devices themselves, the Visualization Performance and Fault Manager performs status monitoring and sends the information that you need to do event correlation and root cause analysis. The Visualization Performance and Fault Manager determines what is the most likely cause of the network outage by correlating all network events and determining the primary and secondary devices affected. Fault management also performs event handling. If an event occurs on a specific device, the Visualization Performance and Fault Manager will know that it has to take a certain action for example, send an email notification or page the appropriate personnel. The parameters and action required are defined by the administrator during the configuration phase.
103
Fault Management
Performance management
Through the Visualization Performance and Fault Manager, you can use performance management for two key activities: capacity planning and the monitoring of changes to the network. In the latter case, the Visualization Performance and Fault Manager enables you to monitor modifications to the network such as the addition of a new switch and observe how the device performs in the short term. From a longer-term perspective, the Visualization Performance and Fault Manager performance management capability also provides crucial information that can help you address your capacity planning requirements. For example, if traffic on a particular link begins to exceed a pre-determined threshold, such as 30 percent, the Visualization Performance and Fault Manager can record and report on the performance. If the trend continues, you can plan changes to your network accordingly to address growing traffic.
Performance Trending and Data Export for Capacity Planning
104
Diagnostics management
Diagnostic management allows the network operator to run and collect diagnostic data from network devices. The Visualization Performance and Fault Manager provides Layer 2 and 3 diagnostic information in an end-to-end connectivity rather than a hierarchical view. Through this capability, you can also print and export the data in graphical format.
Diagnostics Management
Scope (device classification)

The Visualization Performance and Fault Manager includes scope or device classification a capability that provides a logical grouping of devices based on device type. By default, all devices are classified based on their discovered attributes (e.g., servers, routers, switches, etc.). Scope can also be defined on a more granular basis that has relevance to your operations. Once devices are grouped, you can treat these devices as a single unit for the purpose of collecting performance information, conducting events handling, status propagation, etc. For example, if a link fails for any of the devices within the defined logical unit (e.g., core switches), the Visualization Performance and Fault Manager can be configured to perform event handling on that classification. Device scope can also be used for fault management and performance management and trending.
105
Flexible licensing to suit your needs

Visualization Performance and Fault Manager and Visualization Performance and Fault Manager-Lite products are licensed on a node count and are available to you at three different licensing levels: Base license Incremental license Enterprise license
And if you choose the Visualization Performance and Fault Manager-Lite application initially, and your network requires the enhanced functionality of the full Visualization Performance and Fault Manager, you can upgrade easily, simply by purchasing the appropriate licenses.
106
Avaya VPN Portfolio
Avaya VPN Portfolio

The Avaya VPN Portfolio is a secure access solution that extends enterprise applications and resources to remote employees, partners, contractors and customers. By delivering fullfeatured Secure Sockets Layer (SSL) and IPsec Virtual Private Network (VPN) functionality in a single platform, the VPN Portfolio dramatically reduces the complexity of existing secure access solutions. It allows enterprises to quickly provision a flexible, scalable and highperformance solution that can meet the most challenging remote access requirements. The VPN Portfolio key benefits include: Extend access to partners, contractors, customers Increase employee productivity teleworkers, day extenders, mobile users Protect information, assets, networks
We are excited by the opportunity to partner with to assist you in overcoming the challenges you face including: wants to extend network access to partners, contractors, and customers without having to distribute or manage client software. How can you extend access to non-employees and unmanaged endpoints while guarding against information loss, theft, and unauthorized disclosure? Not all applications on a corporate network require the same level of security. Subscription or license-based databases have strict access constraints, departmental applications contain sensitive information, human resource applications provide confidential personal data, and financial systems require restricted access. These applications, among many others, warrant additional security within the corporate network.
We can deliver the following benefits: Dynamic access and policy management capabilities - VPN Portfolio provides dynamic access policy management to enable simplified yet highly secure provisioning of users and groups within the enterprise. The gateways also provide granular access control, auditing and logging for both security tracking purposes as well as user/VPN capacity planning. Flexible, universal secure access - Enterprises need solutions that offer easy-to-use flexible access options that address a wide range of access requirements. The VPN Portfolio delivers this flexibility with the industrys broadest selection of secure access options and capabilities. SSL is a convenient secure remote access alternative to IPsec that leverages the native capabilities of widely deployed Web browsers and avoids the need to install and administer client tunneling software on remote PCs. SSL services can take advantage of common user profiles, authentication techniques and management already in place for IPsec users to minimize administrative overhead.
107
Avaya VPN Portfolio
An integrated Universal Access Portal further front-ends and simplifies the VPN user experience by transparently invoking the most appropriate VPN access (IPsec or SSL) based on a users access needs.
Extend access to partners, contractors, customers The VPN Portfolio leverages browser-based software already available on a users PC to provide secure remote access. This enables enterprises to extend access without having to distribute or manage client software. An on-demand model further enables any required client side software to be loaded when needed and removed at the end of the session. When connected, end-users are granted access only to the data and applications they require. Increase employee productivity teleworkers, day extenders, mobile users Remote workers can have full network access without losing functionality they normally have within the traditional office environment. By providing application access over a standard broadband or Internet connection, the VPN Portfolio can provide huge cost savings to the enterprise. The VPN Portfolio can also be used by mobile workers, enabling them to connect from hotels, hotspots and from within other enterprise networks for convenient anytime, anywhere access. Protect information, assets and networks Administrators can guard against information loss or theft without burdening end users with intrusive, hard-to-use security features. The VPN Portfolios fine-grained access controls enable users to get access to only what is necessary to perform their job function nothing more, nothing less. Flexible endpoint security scan and block features allow on-demand validation of unmanaged endpoints. And cache cleaning enables no data to remain on the endpoint at the end of the session. The VPN Portfolio can even prevent users from saving or printing data during the session. Key VPN Portfolio Features Flexible, universal secure access for SSL and IPsec users Secure access to all applications, including voice and multimedia, from a Web browser Hardware-appliance or software-based VMware deployment options MultiOS endpoint support including Windows, Mac, Linux and PDA Dynamic role-based access to applications and resources Strong endpoint security and information protection Log and audit trails for compliance High performance, availability and scalability
Flexible, scalable, cost effective deployment The VPN Portfolio can be deployed either on dedicated VPN Gateway 3050/3070 system hardware or as a virtual appliance on any VMware compliant hardware. The virtual appliance provides the same functionality as its dedicated hardware counterpart but at a significantly lower entry-level cost. Both hardware options employ a seat-based license model which allows
108
Avaya VPN Portfolio
end-user capacity to be added as needed. This allows VPN Gateway to economically support small, medium or large deployments with the flexibility to grow as the enterprise demands. Business continuity services Avaya VPN Gateway devices can be clustered to deliver reliable business continuity services. Up to 255 VPN Gateway devices can be clustered to function as a single system with massive hardware redundancy. Clusters can also be deployed in multiple locations to provide site redundancy and optimum performance for a widely-distributed workforce. Avaya also makes it cost-effective to deploy access capacity for worst-case scenarios through Emergency Remote Access (ERA) user licenses that enable capacity to be available when needed. Key Capabilities Flexible, universal secure access The VPN Portfolio offers flexible access options to address a wide range of enterprise requirements and needs. Support for both SSL and IPsec on a common appliance also eliminates the need to deploy and maintain separate VPN devices and/or vendor relationships. Key capabilities include: Secure Portable Office an entirely new way to deliver secure access using portable USB flash memory. Secure Portable Office leverages advances in portable memory technology to deliver a solution that combines VPN access to enterprise applications with strong security and information protection. Secure Portable Office addresses a range of access and security requirements in a portable, easy-to-use solution. Clientless Web access enables access to Web-based e-mail, file systems and Web applications from any Web browser through on-the-fly content transformation. Enhanced clientless access increases the breadth of application access to client/server and mainframe systems. This capability allows administrators to provide access to targeted non-Web applications without giving end users full network access. Net Direct provides full network-layer access with no need to pre-install a client. Automatic download of Net Direct to the endpoint enables access to all Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) applications, including voice, multimedia and collaboration tools from Windows, Macintosh and Linux endpoints. IPsec VPN client access includes support for the Avaya VPN Client. This allows enterprises to support users with an IPsec requirement on Windows, Mac, PDA and Unix-based clients. Mobile device support (both SSL and IPsec VPN) for tablet PC, PDA (Pocket PC, Palm) and Smart Phones (WAP-browsers) with small device formatting options to support highly mobile user devices and applications such as Outlook Mobile Access.
Dynamic access and policy management Avaya VPN Gateways provide dynamic access policy management to enable simplified yet highly secure provisioning of users and groups within the enterprise. The gateways also
109
Avaya VPN Portfolio
provide granular access control, auditing and logging for both security tracking purposes as well as user/VPN capacity planning. Capabilities include: Role-based policy model that tightly integrates with existing identity management and directory services to assign user access privileges based on defined roles. Dynamic context-sensitive portal that enables administrators to control access based on source IP, browser type, digital certificates or other parameters before login is complete. Single sign-on capability that alleviates the need for end users to enter and maintain multiple sets of credentials for Web-based applications. Portal personalization that allows dynamic generation of the portal based on user profile. Access management that includes granular control at the URL, server or file level enabling security policies to be tailored to specific resources.
Layered security Designed as a hardened security/Web appliance, Avaya VPN Gateways provide a suite of safeguard features to protect the enterprise against malicious intent and user negligence. These include: VPN Tunnel Guard (SSL and IPsec) that performs endpoint security checking on both client and clientless VPN endpoints. Enables administrators to define endpoint security policies on the VPN Gateway itself and enable remote users devices to be inspected for compliance before access is granted. Cache cleaner for endpoints that enables software downloads and temp files installed at login to be erased at logout so that no data is left behind. Strong user authentication that includes support for options including secure tokens, smart cards and X.509 certificates. Flexible access controls that can be tailored to how or from where a user is accessing the network; for example, full network access from a managed PC versus intranet and e-mail access from a less trusted device. Auto log-off that automatically terminates a session after a configurable period of inactivity to address security in public and shared device situations. Private-side encryption that meets mandated legislative requirement for data confidentiality and security (Health Insurance Portability and Accountability Act or HIPAA, Gramm-Leach-Bliley Act or GLB, Patriot Act, etc.). Portal Guard a unique Avaya VPN Gateway feature that offloads SSL termination and public key operations from internal servers and provides a low-cost means for secure access to internal enterprise portals.
Scalable performance for enterprises and service providers The VPN Portfolio is capable of meeting the most demanding enterprise or service provider performance and availability needs while also delivering entry-level options that fit the budget of small and medium sized enterprises. Key capabilities/options include:
110
Avaya VPN Portfolio
High-performance hardware platforms. VPN Gateway 3000 series dedicated hardware platforms employ an advanced switching architecture that can support up to 5,000 concurrent VPN users on a single system with hundreds of Mbps of aggregate 3DES VPN throughput. VMware Virtual Appliance allows the VPN Gateway software to be loaded onto any VMware ESX(i) compliant hardware. Along with 10 and 50-user license starter packs, this option is an excellent way to get all the advanced technology of the VPN Gateway at an entry-level price. VPN Gateway clustering in groups of 2 to 255 units enables the deployment of a logically single system that can support hundreds of thousands of users. The Avaya unique license pooling feature enables license capacity installed on one VPN Gateway device to be freely shared by the cluster no charge clustering. Global VPN load balancing allows gateways to be deployed in a distributed environment to provide multiple redundant access points to the private network. VPN partitioning of a single VPN Gateway device or cluster into as many as 250 unique VPN or customer domains. This feature is useful both to service providers seeking to offer a managed VPN service and to enterprises who want to quickly support new acquisitions or business partners.
Table: VPN Gateway System Specifications

Dedicated VPN Gateway Appliances VPN Gateway VPN Gateway 3050 3070 Maximum concurrent VPN sessions Blended support for SSL and IPsec VPN users Deployment positioning Medium to large enterprise and VPN service providers CPU (1) Intel P4 2.4GHz Medium to large enterprise and VPN service providers (2) Intel Xeon 2.8GHz Entry-level virtual appliance solution for VMware systems (2) Quad Core 2.0 GHz recommended - supports multiple Expanded virtual appliance solution for VMware systems (4) Quad Core 2.0 GHz recommended 2000 5000 VMware Virtual Appliances VPN Appliance 3050 250 VPN Appliance 3070 500
111
Avaya VPN Portfolio
Table: VPN Gateway System Specifications

Dedicated VPN Gateway Appliances VPN Gateway VPN Gateway 3050 3070 VMware Virtual Appliances VPN Appliance 3050 concurrent virtual appliances 512MB memory allocated Support 1-4 interfaces Not applicable VPN Appliance 3070 supports multiple concurrent virtual appliances 1024 MB memory allocated Support for 1-4 network interfaces Not applicable
Memory On-board Interfaces Expansion
1GB DDR 266MHz (2) 10/100/1000TX (1) dual 10/100/1000TX (1) 40GB IDE (1) CD-ROM
2GB DDR 266MHz (2) 10/100/1000TX (1) dual 10/100/1000TX or -FX (fiber) (1) 80GB IDE (1) CD-ROM
Drives
8 GB Drive space allocated (1) CD-ROM
16 GB drive space allocated (1) CD-ROM
VPN Gateway Product specifications Security features Authentication RADIUS and challenge/response LDAP, Windows NT Domain Native local user database SC SafeWord, RSA SecurID, Entrust IdentityGuard Novell NDS/eDirectory X.509 Digital Certificate Microsoft Active Directory
Single Sign-on (SSO) WFS, Web apps HTTP, form based authentication HTTP headers SSO with CA SiteMinder, RSA ClearTrust
112
Avaya VPN Portfolio
Domain/network specific sign-on SSO Authorization Dual-profile authorization Base profile includes network, service and application level information (Layer 3, 4/7) Extended profile adds source network, client security and authentication method Endpoint security status and access method (Tunnel Guard/SSL) Security protocols SSL v2.0, 3.0 TLS 1.0 (RFC 2246) IPsec ESP, AH
Cipher suites All ciphers covered by SSLv2.0, 3.0 and TLSv1.0 except the IDEA ciphers and the FORTEZZA ciphers
Accounting Syslog/RADIUS account start and stop including user name, gateway address, session ID, session time and cause of termination
Client security Avaya VPN Tunnel Guard Auto-logoff with countdown Rewriting to no-cache/no-store headers Cache cleansing of files/history Dynamic access policies Malware Detection
Avaya VPN Client Support Split Tunneling VPN Tunnel Guard (for both IPsec and SSL) Avaya VPN Client Mobility Portal full-access tab Certificate-based authentication
113
Avaya VPN Portfolio
L2TP Client Support, including support for PDAs and smart phones Other Features and Capabilities Load balancing SSL service load balancing via clustering Load balancing of back-end services to include Source IP and round robin
Session persistence Source IP, SSL session ID, cookie information Application health checking SSL with TCP/IP/Port Scriptable, configurable intervals
Managed service features Support for 250 VPN domains per Gateway Up to 2,000 IPsec site-to-site tunnels per gateway VPN binding with 802.1q Authentication/DNS mapping Split administration License pooling and failover Emergency Use licenses for business continuity Clustering support for up to 255 VPN Gateways
Application support Access to Web-based, client/server and native terminal server applications Network-layer native desktop application access via SSL or IPsec mode Web content and protocols HTML/DHTML JavaScript/Java Applets/XML HTTP/HTTPS VBScript
File share protocols WindowsSMB/CIFS
114
Avaya VPN Portfolio
GenericFTP
E-mail/messaging protocols Microsoft Exchange (MAPI) IBM/Lotus Domino/Notes IMAP, SMTP and POP3
Terminal access protocols Telnet SSH
Remote desktop protocols Citrix ICA Microsoft WTS (RDP)
Management Secure administrative Web GUI (HTTPS) Serial port to CLI Local logging, external Syslog SNMP v2 and v3 RFC 1213 MIB for Management of TCP/IP-based internets RFC 2737 MIB entPhysicalTable RFC 2863 Interfaces Group MIB RFC 3418 SNMP MIB RFC 2574 user-based security model (USM) for SNMPv3 RFC 2575 view-based access control model (VACM) SNMP VPN Cluster Manager Multi-site management and monitoring
Web portal customization Hexadecimal color customizable Company logo (.gif ), text
115
Avaya VPN Portfolio
Novice/Int/Advanced user views Portal pass-through
Browser support Windows (98, 2000, XP, Vista) Internet Explorer 5 or better with Suns JRE 1.3 or better Internet Explorer 5 or better with Microsofts JVM 4 or better Unix Netscape Navigator 7 with Suns JRE 1.3 or better Mozilla 1.3 or better with Suns JRE 1.3 or better
Modes of operation ClientlessHTML to browser Enhanced ClientlessProxy with Java Applet Full Network ExtensionSSL Client (Net Direct) delivered via download or Avaya VPN Client access
Feature Licenses Secure Services Partitioning Portal Guard Secure Portable Office Feature
Concurrent User Licenses SSL and IPsec User licenses Emergency Remote Access (ERA) SSL On Demand Protection (SODP) IPsec Only Secure Portable Office Client Licenses (per seat)

Nortel Avaya Data

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Nortel Avaya Data

Hochgeladen von

Copyright:

Verfügbare Formate

Nortel/Avaya Data

Avaya Advanced Gateway 2330

Avaya Advanced Gateway 2330

Avaya Advanced Gateway 2330

Voice media gateway services

Survivable SIP gateway

Additional gateway management features

Avaya Advanced Gateway 2330

Optional WAN routing based on Avaya Secure Router 2330

Multiple package options

Simple to install, simple to scale modular platform

Avaya Advanced Gateway 2330

Avaya Ethernet Routing Switch 2500

Avaya Ethernet Routing Switch 2500

Ethernet Routing Switch 2500

Avaya Ethernet Routing Switch 2500

We can deliver the following benefits:

Avaya Ethernet Routing Switch 2500

Avaya Ethernet Routing Switch 4500

Avaya Ethernet Routing Switch 4500

Ethernet Routing Switch 4500

We can deliver the following benefits:

Avaya Ethernet Routing Switch 4500

Avaya Ethernet Routing Switch 4500

Avaya Ethernet Routing Switch 5500 Series

Avaya Ethernet Routing Switch 5500 Series

Ethernet Routing Switch 5500 Series

Avaya Ethernet Routing Switch 5500 Series

Ethernet Routing Switch 5510

Ethernet Routing Switch 5520

Avaya Ethernet Routing Switch 5500 Series

Ethernet Routing Switch 5530

Avaya Ethernet Routing Switch 5600 Series

Avaya Ethernet Routing Switch 5600 Series

Ethernet Routing Switch 5600 Series

Avaya Ethernet Routing Switch 5600 Series

Avaya Ethernet Routing Switch 5600 Series

Avaya Ethernet Routing Switch 5600 Series

Avaya Ethernet Routing Switch 5600 Series

Avaya Ethernet Routing Switch 8300

Avaya Ethernet Routing Switch 8300

Ethernet Routing Switch 8300

Avaya Ethernet Routing Switch 8300

Flexible deployment options

End-to-end application performance and availability

Avaya Ethernet Routing Switch 8300

Port densities of up to:

Avaya Ethernet Routing Switch 8300

Convergence and Unified Communications

Avaya Ethernet Routing Switch 8300

Avaya Ethernet Routing Switch 8300

Mixed EAP/Non-EAP Centralized MAC-based Authentication

Enhanced usability and flexibility

Avaya Ethernet Routing Switch 8300

Avaya Ethernet Routing Switch 8800

Avaya Ethernet Routing Switch 8800

Avaya Ethernet Routing Switch 8800

Avaya Ethernet Routing Switch 8800

Resiliency, intelligence and scalability without design complexity

What is the Ethernet Routing Switch 8800?

Highlights of the Ethernet Routing Switch 8800

Avaya Ethernet Routing Switch 8800

Avaya Ethernet Routing Switch 8800