Transcription

DATA SHEETwww.brocade.comBROCADESERVERIRON ADX1000, 4000, AND 10000SWITCHESApplicationDeliveryHIGHLIGHTS Industry-leading price-performance valueper rack unit and per watt of power, withup to 70 Gbps of Layer 4-7 throughput, 14million DNS queries per second, 16 millionLayer 4 transactions per second, 224,000SSL transactions per second, and 120 million SYN/sec of DoS attack protection Dedicated custom processors for packetacceleration, IP traffic security/protection,application acceleration, and the separation of data and management operations Content switching policies/rules to inspect,transform, and optimize the performanceof enterprise applications from Microsoft,SAP, Oracle, and IBM Plug-in support for leading infrastructureorchestrators and enterprise applicationmanagement tools Advanced functions such as Global ServerLoad Balancing, Transparent Cache Switching, Firewall Load Balancing, and multiplehigh-availability options Future-ready chassis features modulesthat scale to 16*10 Gbps fiber ports,application expansion modules, and theindustry’s highest core density with up to32 dedicated application processor cores Industry’s only 1U application deliverycontroller with upgradable applicationprocessors and 10 GbE ports Application Delivery Controllersfor Next-Generation Data CentersBrocade ServerIron intelligent applicationdelivery and traffic management solutionshave led the industry for over a decade,helping to mitigate costs and prevent lossesby optimizing business-critical enterpriseand service provider applications with highavailability, security, multisite redundancy,acceleration, and scalability—in more than3000 of the world’s most demandingorganizations.Brocade has introduced a new generationof Application Delivery Controllers (ADCs)designed to meet growing demand forapplication connectivity, virtualization, andoperating efficiency. These new solutionsinclude: ServerIron ADX 1000 Switches ServerIron ADX 4000 Switches ServerIron ADX 10000 SwitchesServerIron ADX switches provide industryleading Layer 2 through 7 switchingperformance, enabling highly secure andscalable application service infrastructures.The switches efficiently distribute unifiedapplication services by measuring serverutilization and connection load in real time,providing visibility and manageability ofapplication performance, security, and servicedelivery.As a result, applications run more efficientlyand with higher availability—streamliningoperations, increasing business agility, andsignificantly reducing costs.HIGHEST-PERFORMANCELAYER 4-7 SWITCHINGServerIron ADX switches traffic using packetinformation beyond the traditional Layer 2 and3 headers, connecting client requests to themost available servers based on the results of avariety of Layer 4 and Layer 7 health checks.These intelligent Layer 4-7 application switchestransparently support any TCP- or UDP-basedapplication by providing specialized acceleration,content caching, load balancing of networkinfrastructure and services, and host offloadfeatures for Web services. ServerIron ADXswitches also provide a reliable line of defenseby securing servers and applications againstmany types of intrusion and attack withoutsacrificing performance.All ServerIron ADX switches forward traffic flowsbased on Layer 4-7 definitions, and provideindustry-leading performance for higher-layerapplication switching functions. Superior contentswitching capabilities include customizablerules, based on URL, HOST, and other HTTPheaders, as well as cookies, XML, andapplication content.

REDUCED OWNERSHIP COSTSServerIron ADX switches simplify server farmmanagement and application upgradesby enabling organizations to easily removeresources and insert them into the pool—helping to minimize Total Cost of Ownership(TCO). The switches uniquely provide a singleplatform that can reduce network load andextend server farm network design andscalability. They accomplish this by combininga high-performance Layer 4-7 packetprocessing architecture with the highestavailable throughput via 1 Gigabit Ethernetand 10 Gigabit Ethernet (GbE) connectivity.In addition, ServerIron ADX switches providehardware-assisted, standards-based networkmonitoring for all application traffic flows,improving manageability and security fornetwork and server resources. To enablereal-time problem detection, extensive andcustomizable service health check capabilitiesmonitor Layer 2, 3, 4, and 7 connectivity,along with service availability and serverresponse. If a problem arises, client requestsare automatically redistributed to other serverscapable of delivering optimum service. Thisapproach helps keep applications up andrunning smoothly.To optimize application availability, ServerIronADX switches support many high-availabilityoptions, with real-time session synchronizationbetween two ServerIron ADX switchesavailable to protect against session lossduring outages. As one device shuts down,the second device transparently resumescontrol of client traffic with no loss to existingsessions or connectivity. Organizations canuse advanced synchronization capabilities tosimplify the management of two ServerIronADX switches deployed in high-availabilitymode, minimizing network downtime causedby configuration errors.ServerIron ADX switches are simple toconfigure and manage using the BrocadeCommand Line Interface (CLI) or browserbased Graphical User Interface (GUI). The CLIuses well-known industry-standard syntax forfast, error-free configuration. The switchessupport Simple Network Management Protocol(SNMP) to allow device management throughapplications such as HP OpenView. Moreover,organizations can use Brocade IronView Network Manager (INM) to monitor traffic,chart traffic, and perform comprehensiveconfiguration management.Management ModuleServerIron ADXmanagement moduleshave a dual-core processor,one console port, and oneUSB port, along with spaceSI-MMfor an optional mezzaninedaughter card.Interface ModulesSI-12GC12*1 Gbps copper (RJ45)Application Switching ModuleEach ADX ASM8 moduleis equipped with four dualcore processors dedicatedto processing applicationtraffic. Up to four ASM8SI-ASM8modules can reside in theADX 10000 for a total of 32cores.12*1 Gbps fibre (SFP)4*10 Gbps fibre (XFP)SI-4XGSwitch Fabric ModuleServerIron ADX switchfabric modules provide upto 320 Gbps of switchingcapacity, providingscalability as I/O modulesrequire more bandwidth.SI-SFMADVANCED ARCHITECTURECompared to the leading competitive offering,ServerIron ADX switches provide twice thethroughput based on an advanced designthat features complete physical and logicalseparation of the application, data, andmanagement planes. In fact, the multichip,multicore, high-density application processingplane is designed for the industry’s highestcore density and performance upgradability.This design utilizes modular hardware toaccelerate application processing and tooptimize the distribution and flow of internaltraffic to a large number of processor cores.The high-speed switching fabric uniquelysupports application processing, I/O, andmanagement modules to maximize flexibility.The data plane provides high-density 10Gbps support with hardware assist forlinear session distribution across multipleapplication cores. In addition, the ADX 4000and 10000 chassis management modulesaccept a field-upgradable ApplicationExpansion Module option for Secure SocketsLayer (SSL) acceleration, with additionalmodules for compression and other functionsplanned for future release, while the fixedconfiguration ADX 1000 is available with orwithout SSL acceleration functionality, andcan be upgraded in the field without servicedisruption.Three configurations ofServerIron ADX line cardsare available:SI-12GFAll line card packetprocessors support Layer2-3 virtualization, and theServerIron ADX chassis canscale to support even higherI/O in the future as modular40 Gbps and 100 Gbpsline card interfaces becomeavailable.CONFIGURATION FLEXIBILITYProviding the best investment protection,the ServerIron ADX 1000 provides a highdensity fixed 1U form factor that shares thefull feature set with all ADX switches, and canbe ordered in any of four configurations, withoptional licensing to expand capacity fromentry-level to higher-level configurations whenrequired. Eight 1GbE ports with a single application coreSixteen 1 GbE ports with two application coresSixteen 1 GbE ports with four application coresSixteen 1 GbE ports with four application coresand two 10 GbE ports, or Any combination of the above with SSL, or withSSL and Premium SoftwareMASSIVE SCALABILITYHowever, when large scale chassisreconfiguration or expansion is required,the unique design of the ServerIron ADX4000 and 10000 provides a dedicatedbackplane to support application, data, andmanagement functionality through specializedhot-swappable modules. The following modelinterchangeable Field Replaceable Units(FRUs) are available (see sidebar).

CAPACITY ON DEMANDAll ServerIron ADX switches can be quicklyupgraded in the field using software keys,allowing for a full suite of hardware andsoftware options to be enabled when needed,without opening the switch cases or otherwisedisrupting service. In particular, the ADX1000 fixed configuration can be purchasedas an entry-level ADX 1008-1, and can thenbe upgraded to any higher level, includingthe 1016-2, 1016-4, and 1216-4 fullysupporting a ‘pay-as-you-grow’ deploymentstrategy. The list of performance and capacityupgrades includes hardware features, such asadditional processing cores with memory, SSLacceleration, as well as additional 1 GbE and10 GbE ports, and premium software featuressuch as GSLB, IPv6, and Layer 3 switching.ADX PLATFORM BENEFITSServerIron ADX switches are based on aunique architecture that supports scalabilityand expansion to meet growing applicationtraffic switching requirements: High-performance, modular design: Achoice of models starting with the compact1U ServerIron ADX 1000 to the highly scalable ServerIron ADX 4000 and 10000 series with 320 Gbps of switching bandwidth Redundant power supplies: Support forredundant, hot-swappable power supplieson all models—front-serviceable on theServerIron ADX 4000 and 10000 Hot-swappable modules: Expansion slotsfor management, application switching, switch fabric, line interface, and fanmodules to increase performance and portdensityAPPLICATION OPTIMIZATIONServerIron ADX switches support a widerange of IP and Web traffic managementapplications by providing the followingcapabilities: Efficient Server Load Balancing (SLB):Distributes IP-based application flows andtransparently balances traffic among multiple servers while continuously monitoringserver, application, and content health toincrease reliability and availability. Intelligent application content inspectionand switching: ServerIron ADX provides apowerful ability to create rules, policies, andconfigurations to perform application trafficmanagement operations (at both layer 4and layer 7) including server and application load balancing, health monitoring, inspection, switching, redirection, persistenceand content transformation. Disaster recovery and Global Server LoadBalancing (GSLB): Distributes servicestransparently across multiple sites andserver farm locations, balancing traffic ona global basis while monitoring site, server,and application health. By directing clientsto the best site for the fastest content delivery, ServerIron ADX switches increase application availability and reduce bandwidthcosts. Moreover, site-level redundancy andfast transparent failover facilitate disasterrecovery. Robust application security: Shields serverfarms and applications from wire-speedmulti-Gigabit-rate Denial of Service (DoS),Distributed DoS (DDoS), virus, and wormattacks while serving legitimate applicationtraffic at peak performance. Application infrastructure agility: Application Performance Predictive Load Balancing provides an application response timepredictor for balancing load, a companioncapability to Application Resource Broker Enterprise applications: Supportsenterprise environments running IP- andWeb-based and popular applications suchas Oracle, BEA Web Logic, IBM WebSphere,PeopleSoft, SAP, Microsoft SharePoint, andSiebel. ServerIron ADX switches enableload balancing and persistence to improveavailability, security, and performance. Financial protocols: FIX (FinancialInformation eXchange) protocol supportprovides Layer 7 switching and applicationdelivery services for Financial ServicesApplications SYN-Guard: Protects server farms againstmultiple forms of DoS attacks, such asTCPSYN and ACK attacks, by monitoringand tracking session flows. Only validconnection requests are sent to the server.ServerIron ADX switches are capable ofdefeating DoS attacks at the industry’shighest rate (up to 120 million SYN/sec). High-availability application switching:Utilizes active-standby mode, whereby thestandby ServerIron ADX switch assumescontrol and preserves the state of existingsessions in the unlikely event the primaryapplication delivery device fails. In activeactive mode, both ServerIron ADX switcheswork simultaneously and provide a backupfor each other while supporting statefulfailover. IPv6 Gateway: IPv6 to IPv4 Gateway for IPv6clients provides simultaneous support for Active/active and active/standby management modules: Optionally redundant modules for higher availability and performance Upgradable to hardware-assisted SSL acceleration and compression: Optional mezzanine service modules to add integratedand scalable hardware SSL accelerationWebBusiness-Critical Serverand Application ClustersERP Reliability: A resilient switching and routingfoundation with advanced support for RIP2, OSPF 2 and 3 (IPv6), VRRP, and VRRP-EVoIPServerIron ADX Flexible connectivity options: Expansionfrom 12 to 48 GbE ports in mixed copper/fiber combinations, or up to 16 10 GbE XFPportsE-mailServersNetIron MLXServersServerIron ADXNetIron MLXNetIron MLXWANFigure 1.ServerIron ADX switches providehigh-availability, high-performanceapplication services.

both IPv4 and IPv6 real servers behind asingle IPv6 VIP, for data center migration HTTP Multiplexing (server connectionoffload): Increases server performance,availability, response time, and security byoffloading connection management fromthe servers. Using persistent HTTP 1.0 and1.1 connections to the server, ServerIronADX switches stream a large numberof client connections to very few serverconnections. Connection offload enablesthe servers to dedicate resources for highperformance application content delivery. Application rate limiting: Protects serverfarms by controlling the rate of TCP andUDP connections on an application-portbasis, thereby guarding against maliciousattacks from high-bandwidth users. High-performance access control: Usesextended Access Control Lists (ACLs) torestrict access to specific applications froma given address or subnet. Application redirection: Uses HTTPredirect to send traffic to remote serversif the requested service or content is notavailable on the local server farm. Hardware SSL acceleration: ADX 4000and 10000 management modules acceptan optional Application Expansion Moduleupgrade to accelerate SSL transactions,and ADX 1000 is also optionally availablewith SSL acceleration. Advanced firewall and security device loadbalancing: Increases firewall and perimetersecurity performance by distributingInternet traffic loads across multiplefirewalls and other perimeter securityappliances. This approach overcomesscalability limitations, increases throughput,and improves resiliency by eliminatingperimeter security devices—such asfirewalls, anti-virus gateways, VPN devices,and intrusion appliances—as single pointsof failure. Transparent Cache Switching (TCS):Balances Web traffic across multiplecaches, eliminating the need to configureeach client browser, improving Internetresponse time, decreasing WAN accesscosts, and increasing overall Web cachingsolution resiliency. ServerIron ADX switchesimprove service availability by implementingcache health checking, redirecting clientrequests to the next available cache serveror directly to the origin server in the eventof a cache or server farm failure.HIGHER INFRASTRUCTURE ROIWith their intelligent application-aware loadbalancing and content switching capabilities,ServerIron ADX switches significantly improveapplication and server farm performancewhile increasing availability, security,scalability, and resource utilization. Keybenefits include: Improved infrastructure utilization:ServerIron ADX switches perform highlycustomizable real-time health checks,dynamically monitoring the ability of serversto optimize performance and transparentlyreacting to server farm congestion bydistributing client traffic loads to the mostavailable servers. Intelligent contentswitching maximizes server utilization andperformance by eliminating the need toreplicate content and application functionson every server. Increased server availability: ServerIronADX switches can be deployed in multiplehigh-availability modes with hitless andstateful session synchronization andfailover to extend availability even throughswitch failures. Robust security: With built-in intelligence,ServerIron ADX switches detect and discardviruses and worms that spread throughapplication-level messages. The switchesload-balance legitimate application trafficwhile preventing and defeating attacks.Through specialized embedded logic, theswitches reliably protect against manyforms of DoS and DDoS attacks at industryleading data rates of up to 32 million attackpackets per second. Massive scalability: ServerIron ADXswitches provide virtually unlimitedscalability to IP-based applications andserver farms in a cost-effective manner.They allow the use of multiple servers withload balancing and failover, eliminatingforklift upgrades to server farms anddisruption to applications. Faster ROI: ServerIron ADX switchesprovide high ROI for application andserver infrastructure in a short timeframe,supporting significantly higher applicationtraffic and user loads on existinginfrastructure by maximizing serverresource utilization. With support forserver connection offload, the switchesreduce connection managementoverhead, freeing up resources forapplication processing and improvingoverall server farm performance andcapacity. On-demand and unlimited virtualserver farm scalability eliminates the needfor forklift upgrades and dramaticallyimproves server infrastructure ROI.SITE REDUNDANCY AND SCALABILITYServerIron ADX 1000, 4000, and 10000series switches can redirect client trafficgeographically among multiple sites basedon availability, load, and response time.These switches also measure client/serverproximity as defined by round-trip delayand geographic location. All these featurescan work in conjunction with the network’sexisting Domain Name Server (DNS)servers, minimizing network disruption whenimplementing GSLB.The switches continually monitor multiplesites to detect any changes in servers orservices due to varying health and trafficconditions. Configurable site load thresholdsenable organizations to align health checkingparameters with each site’s server andservice capabilities.In addition, ServerIron ADX switches usegeographic site selection to keep requestswithin continental domains. Continuousapplication traffic monitoring helps createa dynamic knowledge base that enablesmore intelligent GSLB methodologies andsite selection criteria. ServerIron ADX GSLBprovides the following key functions: Acts as a DNS proxy to transparentlyintercept and modify the DNS responses,thereby directing users to the best site Leverages existing DNS servers andminimizes disruption to the existing DNSenvironment Provides continuous site monitoring todetect changes in site health conditions Provides configurable settings to fine-tuneindividual site load thresholds Monitors a