Data Center Switches

We tested three data center switches for ease of management, reliability and more. Our Editor's Choice won thanks to its Web-based interface and ease of use. Find out which

March 10, 2006

28 Min Read
Network Computing logo

Routers and switches are the lions and tigers of the data center. Combined, they're king of the network jungle. Router switches, or Layer 2/3 switches, consume all packets sent their way, switch or route good ones to their final destinations, and discard unwanted traffic using ACLs (access control lists), all at Gigabit and 10 Gigabit speeds. Add high availability and modularity, and you turn a Layer 2/3 switch into a data center switch.

Today, speed is a given--throughput is no longer a major differentiator. Network processors deliver wire speeds, and a switch that lags in performance will last as long as a lame wildebeest on the Serengeti. Today's data center switch buyers would do better to focus on top-notch management: The sooner you learn about a problem on a port, module or switch that reduces network throughput and degrades performance, the fewer angry users will be hunting you down.

We asked 12 vendors to send HA (high-availability), modular switches suitable for use in data centers and populated with 48 10/100/1000Base-TX ports and two 10 Gigabit Ethernet (multimode fiber) ports to our Syracuse University Real-World Labs®. Three met the requirements and the challenge: Alcatel submitted an OmniSwitch 9700, Extreme Networks sent us a BlackDiamond 8800 and 3Com provided its 8810 Switch.

Data Center Switch FeaturesClick to enlarge in another window

Hewlett-Packard and Nortel Networks were between production releases and declined to participate. Foundry Networks cited a lack of resources, saying all available units were earmarked for customers. Allied Telesyn offered to ship us its AT-9924T Data Center Switch, but the device didn't meet our requirements. Adtran didn't have a Layer 2/3 switch offering at test time.

We never heard back from Enterasys Networks, Force10 Networks or Juniper Networks. Cisco Systems declined to participate, saying that the review was "too similar to previous tests conducted within the switching industry." Short of testing in zero gravity, it's difficult to radically depart from industry-standard tests for routing and switching, even if we wanted to.

We focused our evaluation on usability, management, security and price. All three vendors said their switches are suitable for a converged data center within a large enterprise or a campus network. Each submitted a 10-slot chassis with dual power supplies, dual management modules, redundant fabrics and hot-swappable network modules.

Each entry supports various routing strategies, including BGP (Border Gateway Protocol), RIP (Routing Information Protocol) and OSPF (Open Shortest Path First). All support multicast routing for PIM (Protocol-Independent Multicast) in sparse and dense modes. But only Alcatel supports DVMRP (Distance Vector Multicast Routing Protocol), and 3Com is unique in its support of ISO IS-IS (Intermediate System-to-Intermediate System).To focus on management, we trained our eye on SNMP versions 1, 2 and 3, which we tested with InterWorking Labs' SilverCreek Pro 9.0.5. We also tested vendor compliance with MIBs based on IETF RFCs (see "How We Tested Data Center Switches" page 66) and asked each vendor to send us its proprietary enterprise MIBs (you'll find a complete list of these MIBs online).

3Com supplied 113 enterprise MIBs; Alcatel, 53; and Extreme Networks, 35. We compiled these with SilverCreek Pro and tested them with standard MIBs. In the end, all the switches passed substantive SNMP testing without errors. Although each vendor could do more to support standardized SNMP MIB definitions, we were duly impressed with the performance and maturity in complying with SNMP.

On the Config Hunt

The command-line interfaces for all three devices are as friendly as you'll find in this field. All have tabbed command completion, though only Extreme provides a tab completion that automatically lists syntax options, like Cisco's IOS. For 3Com and Alcatel, we had to type a question mark at the end of a command instead of using the tab key. Unless you have the command line for 3Com and Alcatel memorized, that's a lot of question marks to type along with the return key.

Configuration-file management isn't often evaluated, but good management capabilities can increase an administrator's quality of life, especially if he or she discovers a configuration change that wasn't warranted or needs to return a switch to its original configuration in a flash. Each vendor differs in how it handles file management, how it saves the current configuration as the next boot configuration, and how it switches from the active management module to the redundant module. Alcatel's experience shows in this category: Its file structure included /flash, /working and /certified directories. Changes we made to the working environment using the command #write memory were saved to the /working directory permanently. The command #copy working certified is similar to the Cisco command #copy running-config to startup-config. In other words, the running configuration is saved to the boot configuration. Alcatel's OmniSwitch synchronized our changes across management blades regularly. And we could make changes in a heartbeat with the #copy flash-synchro command.On boot, the OmniSwitch compared the configuration files in our /working directory with the /certified directory. If there were differences, it booted with the /flash/certified directory. If we didn't confirm our changes, they weren't lost. We just went back and did a #reload working command to return to the uncertified changes. Very nice, once we got the hang of it. GUI-loving administrators should note that Alcatel submitted the only Web-based (HTTP/HTTPS) interface for our roundup.

Extreme's BlackDiamond came in second on file management and boasts some handy network utilities. It let us use popular Unix commands, like top to view CPU utilization and processes, terminate to kill processes, and vi to edit policy files. But we could not edit BlackDiamond's configuration files.

Modifying 3Com 8810's configuration file requires only a simple save command. Once issued, the running configuration is saved to flash memory and retained on the next boot. The same is true for the BlackDiamond. On the 8810, if we intended to save our configuration before reboot and didn't, we could return to the configuration prior to our last save command by issuing a #reset saved-configuration command. That loaded the previously saved configuration file for the next boot-up. If we wanted to revert to the factory default, we simply issued a #startup saved-configuration command, where the file name is the default configuration file, like factorydefault.txt, or another file you name.

Both Alcatel and Extreme gave us client-server software to manage multiple switches. 3Com's dedicated software is still in the works and will be released later this year. Extreme's Epicenter includes more features and functionality than Alcatel's OmniVista 2500, and Epicenter is easier to use. But OmniVista discovers other switches, including those from Cisco, Extreme Networks and 3Com. At minimum, we could obtain SNMP information and add the devices into an asset inventory.

Guarding Your TurfTo rate security, we tested the depth and breadth of ACLs and filters, resistance to DoS (denial of service) attacks, network login schemes, and RADIUS performance.

All three vendors have a similar strategy for implementing ACLs for Layer 2/3 traffic and multicast traffic. ACLs permit or deny traffic at the switch or router interface; often they're referred to as filters. Alcatel stands out in this crowd with its ability to configure ACLs from the Web interface.

We were pleased with the way all three entries implemented 802.1X authentication with our Funk Software Steel-Belted Radius server. We easily configured the switches to use a RADIUS server to authenticate end users in a port-based authentication scheme by MAC (Media Access Control) address and to authenticate users to management interfaces. This is testament to the maturity of 802.1X and these switches.

The OmniSwitch's DoS protection scheme is more complex to implement compared with the other switches, but the payoff is increased flexibility. One nit: We missed the automated ACL generated by the BlackDiamond's DoS response. We set the OmniSwitch to detect port scans by monitoring TCP and UDP packets sent to open and closed ports. Then we set penalty values for the packets scanning open and closed ports along with a port scan threshold value that determined the highest point value that can be reached before a trap is generated and an administrator notified.

BlackDiamond's DoS protection becomes active if 4,000 packets are received in one second. It then automatically configures ACLs from the saved packet headers to limit the flow of packets to the CPU. The default ACL protection time is five seconds. The interval of time to check for DoS attacks and the ACL expiration time are configurable parameters. 3Com's switch has a simple measure to protect from DoS attacks: It relies on a configuration for the maximum number of SA (Source Active) peer addresses cached on the router. The protection, however, is limited to the multicast source-discovery protocol.Kings and QoS

A switch would hardly be king of the data center jungle without QoS; quality of service software dictates the food chain to permit or deny certain packets and prioritize others, especially those associated with voice, video, database and Web applications, as well as file services. QoS software manipulates flows through the switch based on configurable policies. Otherwise, all traffic would contend equally on a FIFO (first in, first out) basis.

Setting up QoS on the switches we tested is as simple as allowing and denying traffic using ACLs or filters. Setting filters at Layer 2, 3 or 4 effectively blocks or allows traffic by destination, source, port, protocol and more. We also easily dedicated VLANs for voice traffic.

Using QoS software to prioritize traffic is more complex but still essential. Enterprises want to configure prioritization strategies across their networks and over multiple devices, and some endpoints can set their own prioritization values that need to be translated or mapped at switches; for example, mapping Layer 2 bits of 802.1p (Prioritization) to Layer 3 DiffServ (Differentiated Services) or ToS (Type of Service).

We also examined some basic ways of implementing QoS. These included QoS through traffic prioritization and bandwidth; ICMP policies, such as filtering, prioritizing and rate-limiting ICMP traffic for security; and policies for marking and mapping traffic flows, including 802.1p, DiffServ or ToS. Each switch supports both the IEEE's 802.1p and DiffServ. When packets came into a switch, its QoS software checked to see if there were any policies with conditions to match the flow. If there were none, the flow was accepted or denied, based on a switch's ACL.All three switches provide eight prioritized queues per port to distribute tagged or marked packets based on policies and the priority value of the packet. So what's the differentiator here? Once again, it's management: creating and modifying policies and viewing how well they do their job.

Alcatel stood above the rest of our participants. We created QoS policies directly on the switch using the command-line or Web interface. Alcatel also has a PolicyView application for OmniVista that can create policies on an external LDAP server. But the switch distinguished policies created on an LDAP server and ones created on the switch using the command line or WebView--in other words, policies can be modified only if you're using the same interface on which they were created.

New to Extreme Networks XOS, now at version 11, is the ability to edit (with vi) policy configuration files on the BlackDiamond. As with Alcatel's setup, we could view and edit the policy configuration on the command line. 3Com's policy configuration is limited to CLI commands. To view the effects of QoS policies on the switches, all participants provide CLI and SNMP views to QoS.

Big Game, Big Appetites

These units will eat up rack space. They averaged 14 RU and weighed 128 to 196 pounds fully loaded. Price was not a huge differentiator; Alcatel's is the lowest, with an as-tested total of $54,470 for the OmniSwitch, but the others were only a few thousand more. Comparing per-port cost, 3Com has the lowest price for 10 Gigabit Ethernet (including the cost of the module supporting the transceiver), at approximately $6,498 per port. Extreme Networks has the best price for 10/100/1000 Mbps, at approximately $292 per port (including module). 3Com was a little high here because it submitted modules with SFP (Small Form-factor Pluggable) ports to easily upgrade from 10/100Base-TX to 1000Base-TX or replace problematic transceivers. Note that Extreme submitted and quoted a four-port, 10 Gigabit Ethernet module (10G4X) with a base price of $13,995 without the 10 Gigabit Ethernet transceivers. We reduced the cost of the card by half and added the cost of two transceivers to get a fair comparison.

In the end, our Editors Choice Award went to Alcatel's OmniSwitch 9700. It is simply the easiest to use and contains the best strategies for reliability and management. Although Alcatel didn't submit the most proprietary enterprise SNMP MIBs, it supports the most MIBs defined by the IETF and has the best price in our roundup.

Alcatel OmniSwitch 9700
Alcatel's OmniSwitch 9700 receives our Editor's Choice for its superb manageability, reliability and ease of use. This switch best supports the SNMP standard and was the only participant to supply a Web interface from which we could perform many tasks normally accomplished on a CLI.

Like its rivals, the OmniSwitch breezed through our SNMP tests. With our SilverCreek test suite, we performed both single-function and syntactic tests on the OmniSwitch to verify SNMP protocol compliance as well as error and exception handling and boundary condition behavior for IETF-defined MIBs.

When we first accessed the OmniSwitch, we had to use the console port because all other access to the switch was blocked until we enabled alternative methods to access the CLI over telnet, SSH or the Web view and enabled ACLs. That setup gets high marks for security, but at the expense of ease of use. Using the command aa authentication default local we unlocked all session types for use. We enabled an HTTPS server using the command ip http ssl. We then defined an ACL to permit all access to all ports from our management PC.Alcatel's WebView is a departure from the usual--data center switches tend to rely heavily on a CLI--but we're hoping Alcatel's method catches on. Bring on those browsers and dedicated management software.

Alcatel Omniswitch 9700Click to enlarge in another window

Speaking of management software, Alcatel submitted its OmniVista 2500 3.0 to manage multiple Alcatel switches. Like Extreme's Epicenter software, OmniVista is an SNMP-based platform that supports SNMPv1, 2 and 3. It uses a client-server model with an NMS (network management server) and Java client software. The write once, run anywhere code philosophy is alive and well in the infrastructure market.

We input SNMP community strings into the OmniVista tool and sent it out to discover our test bed. It found the 8810 and the BlackDiamond as well as a Cisco switch. Focusing on the OmniSwitch, OmniVista provided a health view of modules and individual ports with statistics and event monitoring that gave us some options to set thresholds and alarms. It also drilled down to set policy-based QoS, Spanning Tree configuration, IP and IPX routes, and more.

The OmniVista tool set includes backup/restore for configurations, a facility to upgrade the code base or images on switches, and a one-stop shop for centralizing switch-management control. We easily set up users, passwords and access rights to the switch. However, OmiVista's reporting is not as extensive as that of Extreme's easier to use Epicenter, and OmniVista exports data in .csv format only.Alcatel's secure Web interface was a walk along the watering hole vis-à-vis CLI access. The interface had two frames: The left frame was tab-delimited with a Microsoft Outlook motif. A "Physical" tab accessed physical management tasks dealing with chassis modules and ports, overall switch health, and let us view devices adjacent to the OmniSwitch using the Alcatel Mapping Adjacency Protocol (AMAP). Other tabs enable management tasks for Layer 2 (VLAN management, Spanning Tree, link aggregation and port security) and Layer 3 (IPv4, IPv6, IPX, IP multicast routing) as well as the views to configure QoS and port-based security.

The CLI took some getting used to. At the command prompt, a ? brought up command sets in discreet categories, like "System Service and File Management," "Chassis Supervision," "Spanning Tree Command Set," "VLAN Command Set" and more. But once we settled in, Alcatel's was as powerful as the other CLIs in the review with the best file management of the bunch.

File management relies on Unix conventions, with separate directories for working and certified files. Our OmniSwitch shipped with 128 MB of flash memory and 256 MB of SIMM (DRAM) memory to store files, including boot and image files. The flash directory contains /working and /certified directories. These directories work together to provide a rollback feature for image or configuration files in the event a problem occurs with the running configuration.

With Alcatel's file design, we could make running configuration changes without saving or certifying them. On reboot, the system would boot the files from the /certified directory while our running configurations were still maintained in the /working directory. So, we could go back later and work on them while users were on the system. And it was grand to get vi to edit configuration files right on the command line, unlike Extreme's implementation of vi that limited edits to policy files.

Like Extreme Networks and 3Com, Alcatel delivers fully redundant power supplies and CMMs (Chassis Management Modules). One CMM is the primary management module to manage all switch operations, and the other acts as a backup. The switch fabrics in the management modules are independent of the management processor. Hence, they are both active and add to the maximum switching and throughput capacity of the switch.

Rather than wait for the primary to fail on the OmniSwitch, we invoked the secondary CMM by command: #reload secondary with-fabric, and confirmed that operations on network modules and ports continued to work. Alcatel calls this "Smart Continuous Switching." We call it cool. But note that the switch only continues the status quo--network modules can't learn new routes during the switchover.

Support and maintenance for the OmniSwitch includes three options. The base for all three plans includes one year of 24/7 telephone support, e-service Web access, software releases, NMS, and Authentication Services software that enables access to the network (through the switch) over MAC or IP address or over specific protocol. The variables in each option dealt with the repair and return of equipment. For $5,128, customers get the base package (above) plus repair and return of equipment within 10 business days of receipt. Option 2 includes the base package with advance shipment for next-business-day arrival of replacement hardware for a cost of $7,383. Option 3, a premium service, includes the base package and 24/7, four-hour replacement (labor and parts), for $11,395.OmniSwitch 9700. Alcatel, (800) 999-9526.

Extreme Networks BlackDiamond 8800
The BlackDiamond was the quickest to deploy off the crate and out of the box. It has a first login script that runs to set the IP address and management access over telnet. It also has an intuitive and functional CLI. Like our other participants, the BlackDiamond performed admirably in SNMP performance testing and network authentication with 802.1X/RADIUS. But it trailed both 3Com's 8810 and Alcatel's OmniSwitch 9700 in SNMP management.

Its SNMPv1, 2 and 3 support were error-free. We walked the entire MIB tree for SNMP (all versions) and conducted error, exception handling and boundary condition behavior without a hiccup. We then loaded Extreme's proprietary enterprise MIBs and compiled them. Although we received some noncritical syntax errors while loading them into SilverCreek Pro, the proprietary MIBs performed without errors.

Extreme Networks BlackDiamond 8800Click to enlarge in another window

The BlackDiamond gave us the most options in setting up port-based, network authentication schemes. It supports Web, MAC and 802.1X authentication via RADIUS strategies. We tested 802.1X authentication with Funk's Steel-Belted Radius Server, and the BlackDiamond did not miss a port-based authentication. And with hitless failure activated, it even worked when the primary management module went down. Hitless failover for network logins is supported with two management switch fabric modules. One module has the primary role, while the other assumes a backup position. After a client is authenticated, the primary module informs the backup of that fact. If the primary fails and the backup takes over, the authenticated client continues its port-based activities without reauthenticating with the backup module.We tested hitless failover with a number of authenticated clients accessing the network. Executing the #run msm-failover command simulated a failover from the primary module to the backup. This took less than one minute to execute. The hand-off was seamless to our authenticated clients.

Each of our participants included DoS protection. The BlackDiamond's response mechanism attempted to identify attacks and filter out offending traffic to protect CPU utilization. When DoS protection is enabled it detected a flood of packets sent to the switch. We enabled DoS protection (#enable dos-protect) and fired up our Spirent Avalanche to send 4,000-plus packets per second through the switch. As this began to task the switch and CPU rose over 50 percent, the switch automatically created ACLs for the client traffic generated and reduced the CPU load to normal limits.

Extreme sent us dedicated, client-server software to manage the switch: Epicenter 5.1.0. The Epicenter server used port 8080 on our Windows XP workstation by default. Our clients accessed the server using a Java Applet with Internet Explorer or Sun's Java Plug-in.

We monitored and configured the BlackDiamond using Epicenter. It polled the BlackDiamond for SNMP-based information to provide a centralized management platform. Like OmniVista, Epicenter is an event manager with configurable thresholds and alarms that can trigger automated actions on the switch. But OmniVista gave us better graphic detail of real-time activity on the BlackDiamond and included Web reports on system health that we could drilled into for details and export to CSV or XML formats. The application also let us download configuration files from the switch, choose baseline configurations and receive alarms for changed configurations.

Placing the BlackDiamond in the data center requires your attention to air-flow dynamics. Air flows from front to back at the power-supply level (lower chassis) and from the left side to the right side at higher elevations, so leave several inches free and clear around the chassis--don't put its back to the wall.Our BlackDiamond came with a 10 Gigabit module (10G4X). Extreme didn't scrimp, populating it with four ports of MMF (multimode fiber), though we only used and priced two ports. The BlackDiamond's SR XENPAK module specifications were interoperable with the OmniSwitch 9700 but would not link to 3Com's 8810 Gigabit Ethernet modules. There was a mismatch in the wavelength range between the BlackDiamond module (840 nm to 860 nm) and 3Com's module that prevented an active link state between the two devices. That's something to watch for, especially at $2,000 per port.

On the CLI, the BlackDiamond laid out all our options when we hit the tab key. The tab key also provided command-line completion, and when hit after a command, gave us further command options.All three switches' CLIs provide command histories that can be recalled using the up-arrow key, but none displayed the number of commands in the history file in the command prompt like the BlackDiamond did. And none indicated when the running configuration file was different than our saved configuration. The BlackDiamond displays an asterisk in the command prompt when a "save configuration" is necessary.

File management on the BlackDiamond was the easiest for us. The command set was similar to Unix in listing files < em="">, copying them (#cp), or renaming them (#mv). In fact, Extreme added the top command to obtain process utilization as well as vi to edit files. But we could edit only policy-based configuration files (.pol or .xsf file formats). Primary and secondary configuration files were off limits.

Extreme sent us two G8X management switch modules. Each G8X holds both a control plane and the switch fabric for the switch. One was required for operation, the second provided HA (high availability) and additional throughput. Each G8X provided 192 Gbps switching throughput using three ASICs. As tested, the BlackDiamond's maximum switching throughput was 384 Gbps. Unique to the BlackDiamond, the G8X also contained eight SFP fiber mini-GBIC data ports that we could use for I/O, like any other module on the chassis.

The physical interface to the G8X made it the easiest switch to manage in person. One button (labeled R) on the interface reset the module. Another button (labeled A) let us boot the alternative BootROM image. A third button (labeled D) forced a system dump of debug information to NVRAM and made it available on the next boot. Note that no core file is created.

For support, Extreme keeps it simple: Next business day support for the BlackDiamond costs $5,500 annually and includes access to Extreme's Technical Assistance Center (24/7/365), software updates and parts replacement as well as access to documentation, the knowledge base and Extreme's eSupport site and self-help center.BlackDiamond 8800. Extreme Networks, (888) 257-3000, (408) 579-2800.

3Com 8810 Switch
3Com's 8810 Switch came in last, but it is certainly was not least. It turned in the best rating in SNMP performance using standard Internet MIBs and its proprietary, enterprise MIBs. Although it lacks a Web interface and software to manage multiple devices, its CLI was one of the best in the roundup and its file management was very good, despite its reliance on DOS.

3Com sent us two 24-port 1000Base-X (SFP) modules. Bad Gigabit copper transceivers can be removed and replaced without returning the entire module. We found this added to the overall usability of the switch but, on the flip side, it would be difficult to connect a device with a 10/100-Mbps connection, such as an IP phone, without replacing the 1000Base-X with a 10/100/1000-Mbps transceiver.

Although 3Com matched our other vendors in shipping redundant power supplies, management modules and fabric, it neglected to include a cryptographic module to configure SSH and SNMPv3 (export laws prevent vendors from shipping equipment with certain cryptographic modules). We proceeded to test SNMPv1 and v2 without a hitch. Then, 3Com sent us an earlier version of the code with the cryptographic module.

As with the other switches, we could get an image file to the switch in a number of ways, including over FTP, TFTP or a serial console connection. We set up a TFTP server and transferred the file to the /flash: directory. After the second error message indicated that the file could not be copied to the /flash: directory, we realized that the directory did not have sufficient file space. We moved to the /cf directory, where we saw numerous previous versions of software and plenty of space to transfer the file.

After we uploaded the software to the /cf directory, we changed the boot loader to point to the directory and typed in the name of the file to boot: 88h03_ 01_ 01s56ADVc11. app. After a reboot, version 3.01.01s56 ADV was in memory and the cryptographic module was used to set up SSH and SNMPv3.

We completed the SNMPv3 testing without incident and then compiled 3Com's enterprise MIBs. 3Com submitted more than 100 enterprise MIBs. We noted that the MIBs were the product of the joint venture between 3Com and Huawei. There were a few syntax errors in compiling the MIBs, but all were successfully implemented.

Support and maintenance is available in two tiers: Guardian and Express. The Guardian includes on-site engineering assistance, advanced hardware replacement without waiting for failed hardware to be returned, telephone technical support, software upgrades and knowledge bases over Web services. Express includes all the same services as Guardian minus onsite support. Within these two models, costs were further broken up by 24/7 response or 8-to-5 response. Then, within the range of response times, customers could select a four-hour response window or next business day response.

For a large enterprise with engineering support, the Express maintenance contract with 24/7 support and four-hour response makes most sense. That price doesn't include onsite engineering but does include a fast response time, as the switch would be critical.

Unique to the 8810 is support for RPR (Resilient Packet Ring) and IS-IS routing. RPR is a new MAC-layer protocol used in MANs (metropolitan area networks) that adopts a bi-directional ring topology. IS-IS is an intra-domain routing information exchange protocol designed by ISO (International Organization for Standardization). It is an interior gateway protocol similar to OSPF.3Com 8810 Switch. 3Com, (800) NET-3COM,(508) 323-5000.

Sean Doherty is a senior technology editor and lawyer based at our Syracuse University Real-World Labs®. A former project manager and IT engineer at Syracuse University, he helped develop centrally supported applications and storage systems. Write to him at [email protected].

Executive Summary: Data Center Switches

We sent out a call for modular Layer 2/3 switches with 48 10/100/1000Base-T ports and two 10 Gigabit Ethernet ports. Of 10 vendors invited, only Alcatel, Extreme Networks and 3Com sent entries to our Syracuse University Real-World Labs®. We focused our testing on management, including QoS, SNMP performance and traffic monitoring, as well as reliability based on HA and VRRP. We also looked at price, security and usability of the CLI, other interfaces and dedicated software.

All three entries posted respectable scores, but Alcatel's OmniSwitch 9700 took our Editor's Choice thanks in large part to Alcatel's support for standards-based SNMP and overall manageability. It was also the only participant to supply a Web interface from which we could perform many tasks normally accomplished on a CLI (CLI diehards can click over to our Interactive Report Card for this story, to tailor these results).How We Tested

After linking each switch console port to a Lantronix SCS1600 console switch for out-of-band management, we connected and configured the 10/100Base-TX management ports of each device under test on a network separate from the data paths of the switches. We dedicated this network to SNMP traffic using Kiwi Enterprises' Syslog service manager as our trap receiver. It also worked as our syslog server.

We tested the switches' conformance to SNMP versions 1, 2 and 3 with InterWorking Labs' SilverCreek Pro compliance testing suite and standard MIB definitions based on IETF RFCs. We also compiled the vendor-supplied enterprise MIBs with SilverCreek Pro and tested them. RADIUS integration was done with Funk's Steel-Belted Radius Enterprise Edition, while packet and load generation were accomplished with Spirent Avalanche 7.02.

We installed network management software for Alcatel (Omnivista) and Extreme Networks (Epicenter) on a Dell PowerEdge 2400 workstation with dual Intel PIII 600-MHz processors and 1024 MB of RAM, running Windows XP.

All Network Computing product reviews are conducted by current or former IT professionals in our own Real-World Labs®, according to our own test criteria. Vendor involvement is limited to assistance in configuration and troubleshooting. Network Computing schedules reviews based solely on our editorial judgment of reader needs, and we conduct tests and publish results without vendor influence.


Data Center Switches

your browser
is not Java

Welcome to NETWORK COMPUTING's Interactive Report Card, v2. To launch it, click on the Interactive Report Card ® icon above. The program components take a few moments to load.

Once launched, enter your own product feature weights and click the Recalc button. The Interactive Report Card ® will re-sort (and re-grade!) the products based on the new category weights

you entered.

Click here for more information about our Interactive Report Card ®.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights