Polski
English
Italiano
Español
Čeština
Српски
Deutsch
Ελληνικά
Slovenský
-
0,25 € netto
Huawei S6720S-26Q-LI-24S-AC switch 24x SFP+ 2x QSFP+ AC power supply
Price
2 171,23 €
2 670,61 € incl. tax
favoriteAdd to wishlist
The S6720-LI series switches (S6720-LI) are next-generation simplified 10GE fixed switches and can be used as 10GE access switches on campus networks and data center networks.
The S6720-LI provides line-rate 10GE access ports and 40GE uplink ports. In addition, the S6720-LI delivers a wide variety of services, comprehensive security control policies, and various QoS features to help customers build scalable, reliable, manageable, and secure campus and data center networks.
- 24 x 10GE SFP+ ports, 2 x 40GE QSFP+ ports
- Built-in AC power supply and RPS
- USB
- Forwarding performance: 240 Mpps
- Switching capacity: 1.28 Tbit/s
High-Density 10GE Access Ports and 40GE Uplink Ports
To provide sufficient bandwidth for users, more and more servers use 10GE network adapters. Each S6720-LI provides up
to 32 line-rate 10GE ports and two line-rate 40GE QSFP+ ports.
Ports of the S6720-LI support GE access and 10GE access and can identify optical module types, maximizing the return on investment and allowing users to flexibly deploy services.
Comprehensive Security Control Policies
The S6720-LI provides multiple security measures to defend against Denial of Service (DoS) attacks, as well as attacks on networks or users. DoS attacks include SYN flood, Land, Smurf, and ICMP flood attacks. Attacks on networks refer to STP BPDU/root attacks. Attacks on users include bogus DHCP server attacks, man-in-the-middle attacks, IP/MAC spoofing attacks, and DHCP request flood attacks. DoS attacks that change the CHADDR field in DHCP packets are also attacks against users.
The S6720-LI supports DHCP snooping, which generates user binding entries. DHCP snooping discards invalid packets
that do not match any binding entries, such as ARP spoofing packets and IP spoofing packets. This prevents hackers from using ARP packets to initiate attacks on campus networks. DHCP snooping trusted ports can be specified to ensure that users connect only to the authorized DHCP server.
The S6720-LI supports strict ARP learning. This feature prevents ARP spoofing attackers from exhausting ARP entries so that users can connect to the Internet normally. The S6720-LI supports IP source check to prevent DoS attacks caused by MAC address spoofing, IP address spoofing, and MAC/IP spoofing.
The S6720-LI supports centralized MAC address authentication and 802.1X authentication. It authenticates users based
on statically or dynamically bound user information such as the user name, IP address, MAC address, VLAN ID, port number, and flag indicating whether antivirus software is installed. VLANs, QoS policies, and ACLs can be applied to users dynamically.
The S6720-LI can limit the number of MAC addresses learned on a port to prevent attackers from exhausting MAC address entries by using bogus source MAC addresses. This function minimizes packet flooding that occurs when MAC addresses of users cannot be found in the MAC address table.
Comprehensive Reliability Mechanisms
The S6720-LI supports MSTP multi-process that enhances the existing STP, RSTP, and MSTP implementation. This function increases the number of MSTIs supported on a network. It also supports enhanced Ethernet reliability technologies such as Smart Link and RRPP, which implement millisecond-level protection switchover and ensure network reliability. Smart Link and RRPP both support multi-instance to implement load balancing among links, improving bandwidth use efficiency.
The S6720-LI supports enhanced trunk (E-trunk). A CE can be dual-homed to two PEs through Eth-Trunk links. This implements inter-device link aggregation and link load balancing, and greatly improves reliability of access devices.
The S6720-LI supports the Smart Ethernet Protection (SEP) protocol, a ring network protocol applied to the link layer of an Ethernet network. SEP can be used on open ring networks and provides millisecond-level switchover to ensure nonstop services. SEP features simplicity, high reliability, fast switchover, easy maintenance, and flexible topology, facilitating network planning and management.
The S6720-LI supports G.8032, also called Ethernet Ring Protection Switching (ERPS). ERPS is based on traditional Ethernet MAC and bridging functions. It uses the mature Ethernet OAM and Ring Automatic Protection Switching (Ring APS or R-APS) technologies to implement millisecond-level protection switchover on Ethernet. ERPS supports multiple services and provides flexible networking options, reducing the OPEX and CAPEX.
The S6720-LI supports VRRP. Two S6720-LIs can form a VRRP group to ensure nonstop and reliable communication. Multiple equal-cost routes to an upstream device can be configured on the S6720-LI to provide route redundancy. When an active route is unreachable, traffic is switched to a backup route.
Various QoS Control Mechanisms
The S6720-LI implements complex traffic classification based on packet information such as the 5-tuple, IP preference, ToS, DSCP, IP protocol type, ICMP type, TCP source port, VLAN ID, Ethernet protocol type, and CoS. ACLs can be applied to the inbound or outbound direction to filter packets. The S6720-LI supports a flow-based two-rate three-color CAR. Each port supports eight priority queues and multiple queue scheduling algorithms such as WRR, DRR, PQ, WRR+PQ, and DRR+PQ. All of these ensure the quality of voice, video, and data services.
High Scalability
The S6720-LI supports intelligent stack (iStack) and virtualizes multiple switches into one logical switch. A port of the S6720-LI can be configured as a stack port using a command for flexible stack deployment. The distance between stacked switches is further increased when the switches are connected with optical fibers. Compared with a single device, iStack has advantages on scalability, reliability, performance, and overall architecture. A new switch can join a stack to increase the system capacity or replace a faulty member switch without interrupting services. Compared with stacking of modular switches, the iStack function can increase system capacity and port density with no restriction of the hardware architecture. Multiple devices in a stack can be considered as one logical device. These switches can be managed using a single IP address, which greatly reduces system expansion and O&M costs.
Convenient Management
The S6720-LI supports automatic configuration, plug-and-play, deployment using a USB flash drive, and batch remote upgrade. These capabilities simplify device management and maintenance, and greatly reduce maintenance costs.
The S6720-LI supports SNMPv1/v2/v3 and provides flexible methods for managing and maintaining devices, such as CLI and Web NMS. The NQA function helps users with network planning and upgrades. In addition, the S6720-LI supports NTP, SSH v2, HWTACACS, RMON, log hosts, and port-based traffic statistics.
The S6720-LI supports GVRP, which dynamically distributes, registers, and propagates VLAN attributes to reduce the manual configuration workloads of network administrators and ensure correct VLAN configuration.
The S6720-LI supports MUX VLAN that isolates Layer 2 traffic between ports in a VLAN. MUX VLAN defines principal VLANs and subordinate VLANs. Subordinate VLANs can communicate with the principal VLAN but cannot communicate with each other. This function prevents communication between network devices connected to certain ports or port groups but allows the devices to communicate with the default gateway. MUX VLAN is usually used on an enterprise intranet to isolate user ports from each other but allow them to communicate with server ports.
Complying with IEEE 802.3ah and 802.1ag, the S6720-LI supports point-to-point Ethernet fault management and can detect faults in the last mile of an Ethernet link to users. Ethernet OAM improves the Ethernet network management and
maintenance capabilities and ensures a stable network.
Various IPv6 Features
The S6720-LI supports various IPv6 routing protocols including RIPng and OSPFv3. It uses the IPv6 Neighbor Discovery Protocol (NDP) to manage packets exchanged between neighbors. It also provides the Path MTU Discovery (PMTU) mechanism to select a proper MTU on the path from the source to the destination, optimizing network resources and obtaining the maximum throughput.
Intelligent O&M
The S6720-LI provides telemetry technology to collect device data in real time and send the data to Huawei campus network analyzer CampusInsight. The CampusInsight analyzes network data based on the intelligent fault identification algorithm, accurately displays the real-time network status, effectively demarcates and locates faults in a timely manner, and identifies network problems that affect user experience, accurately guaranteeing user experience.
The S6720-LI supports a variety of intelligent O&M features for audio and video services, including the enhanced Media Delivery Index (eMDI). With this eDMI function, the S6720-LI can function as a monitored node to periodically conduct statistics and report audio and video service indicators to the CampusInsight platform. In this way, the CampusInsight platform can quickly demarcate audio and video service quality faults based on the results of multiple monitored nodes.
Intelligent Upgrade
Switches support the intelligent upgrade feature. Specifically, switches obtain the version upgrade path and download the
newest version for upgrade from the Huawei Online Upgrade Platform (HOUP). The entire upgrade process is highly automated and achieves one-click upgrade. In addition, preloading the version is supported, which greatly shortens the upgrade time and service interruption time.
The intelligent upgrade feature greatly simplifies device upgrade operations and makes it possible for the customer to upgrade the version independently. This greatly reduces the customer's maintenance costs. In addition, the upgrade policies on the HOUP platform standardize the upgrade operations, which greatly reduces the risk of upgrade failures.
High-Performance VRP Software System
Huawei S series switches build on a unified Versatile Routing Platform (VRP) software system, meeting the growing network scale and the evolving Internet technologies and guaranteeing network services and network quality.
VRP is a network operating system developed by Huawei with independent intellectual property rights. It can run on multiple hardware platforms and provide unified network, user, and management views. VRP provides flexible application solutions for users. In addition, VRP is a future-proof platform that maximally protects customer investments.
The VRP platform is focused on IP services and uses a component-based architecture to provide more than 300 features. Besides, VRP stands out for its application-based tailorable and scalable capabilities.
Specification:
| S6720-26Q-LI-24S-AC | |
| Fixed port | |
|---|---|
| 10GE port | 24 |
| 40GE port | 2 |
| Management port | |
| ETH management port | Supported |
| Console port (RJ45) | Supported |
| USB port | USB 2.0 |
| CPU | |
| Frequency | 1 GHz |
| Cores | 2 |
| Memory | |
| Memory (RAM) | 1 GB |
| Flash | Hardware: 512 MB, of which 240 MB is available for users |
| Power supply system | |
| Power supply type | Built-in AC |
| Power supply redundancy | Built-in single power supply and RPS in 6:1 mode |
| RPS | Supported |
| Rated voltage range |
100 - 40 V AC 50/60 Hz |
| Maximum voltage range |
90 - 264 V AC 47 - 63 Hz |
| Maximum input current | 3 A |
| Maximum power consumption of the device | 100.2 W |
| Power consumption in the case of 30% traffic load | 67.1 W |
| Heat dissipation system | |
| Heat dissipation mode | Air-cooled heat dissipation and intelligent fan speed adjustment |
| Number of fan modules | 3 |
| Airflow | Air flows in from the left side and front panel, and exhausts from the right side. |
| Maximum heat dissipation of the device (BTU/hour) | 342 |
| Physical specifications | |
| Chassis dimensions (W x D x H, mm) | 420 x 220 x 43.6 |
| Chassis height | 1 U |
| Chassis weight | 4.2 kg |
| Environment parameters | |
|
Long-term operating temperature |
0 - 1800 m: 0°C - 45°C
The operating temperature decreases 1°C for every 220 m increase in altitude. |
|
Short-term operating temperature |
0 - 1800 m: -5°C - 50°C
1800-5000 m: The operating temperature decreases 1°C for every 220 m |
| Storage temperature | -40°C - 70°C |
| Relative humidity | 5%-95% (non-condensing) |
| Noise under normal temperature (sound power) | 46.5 dB(A) |
| Noise under high temperature (sound power) | 72.9 dB(A) |
| Noise under normal temperature (sound pressure) | 34.6 dB(A) |
| MTBF | 39.2 years |
| Software | |
| Ethernet features | |
| Ethernet basics |
Full-duplex, halfduplex, and auto-negotiation Rate autonegotiation on an interface Flow control on an interface Jumbo frames Link aggregation Load balancing among links of a trunk Transparent transmission of Layer 2 protocol packets Device Link Detection Protocol (DLDP) Link Layer Discovery Protocol (LLDP) Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED) Interface isolation Broadcast traffic suppression on an interface Multicast traffic suppression on an interface Unknown unicast traffic suppression on an interface VLAN broadcast traffic suppression VLAN multicast traffic suppression VLAN unknown unicast traffic suppression |
| VLAN |
VLAN specification: 4094 VLANIF interface specification: 1024 Access mode Trunk mode Hybrid mode QinQ mode Default VLAN VLAN assignment based on interfaces VLAN assignment based on protocols VLAN assignment based on IP subnets VLAN assignment based on MAC addresses VLAN assignment based on MAC address + IP address VLAN assignment based on MAC address + IP address + interface number Adding double VLAN tags to packets based on interfaces VLAN mapping Selective QinQ MUX VLAN Voice VLAN Guest VLAN |
| GVRP |
GARP GVRP |
| MAC |
MAC address: 32K Automatic Automatic aging of MAC addresses Static, dynamic, Interface-based Sticky MAC MAC address MAC address Port bridge |
| ARP |
Static ARP Dynamic ARP ARP entry: 8K ARP aging detection Intra-VLAN proxy ARP Routed proxy ARP |
| Ethernet loop protection | |
| MSTP |
STP RSTP MSTP VBST BPDU protection Root protection Loop protection Defense against TC BPDU attacks |
| Loopback detection | Loop detection on an interface |
| SEP | SEP |
| Smart Link |
Smart Link Smart Link multi-instance Monitor Link |
| RRPP |
RRPP Single RRPP ring Tangent RRPP ring Intersecting RRPP ring Hybrid networking of RRPP rings and other ring networks |
| ERPS |
G.8032 v1 G.8032 v2 ERPS semi-ring topology ERPS closed-ring topology |
| IPv4/IPv6 forwarding | |
| IPv4 and unicast routing |
IPv4 static routing VRF DHCP client DHCP server DHCP relay DHCP policy check Routing policies IPv4 routes: 8K RIPv1 RIPv2 OSPF Policy-based routing (PBR) |
| Multicast routing features |
IGMPv1/v2/v3 PIM-DM PIM-SM MSDP IPv4 multicast routes: 1,5K IPv6 multicast routes: 0,5K Multicast routing policies RPF |
| IPv6 features |
IPv6 protocol ND ND entry ND snooping DHCPv6 snooping RIPng DHCPv6 server |
| Layer 2 multicast features | |
| - |
IGMPv1/v2/v3 snooping IGMP snooping proxy MLD snooping Multicast traffic suppression Inter-VLAN multicast replication |
| Device reliability | |
| Stacking |
Service Maximumnumber of stacked devices: 9 Stack bandwidth (Unidirectional): 176 Gb/s |
| VRRP | VRRP standard protocol |
| Ethernet OAM | |
| EFM (802.3ah) |
Automatic discovery of links Link fault detection Link troubleshooting Remote loopback |
| CFM (802.1ag) |
Software-level CCM 802.1ag MAC ping 802.1ag MAC trace |
| OAM association | Association between 802.1ag and 802.3ah |
| Y.1731 |
Unidirectional delay and jitter measurement Bidirectional delay and jitter measurement |
| QoS features | |
| Traffic classification |
Traffic classification based on ACLs Configuring traffic classification priorities Matching the simple domains of packets |
| Traffic behavior |
Traffic filtering Traffic policing (CAR) Modifying the packet priorities Modifying the simple domains of packets Modifying the packet VLANs |
| Traffic shaping |
Traffic shaping on an egress interface Traffic shaping on queues on an interface |
| Congestion avoidance | Tail drop |
| Congestion management |
Priority Queuing (PQ) Weighted Deficit Round Robin (WDRR) PQ+WDRR Weighted Round Robin (WRR) PQ+WRR |
| ACL | |
| Packet filtering at Layer 2 to Layer 4 |
Number of rules per IPv4 ACL: 2K Number of rules per IPv6 ACL: 2K Basic IPv4 ACL Advanced IPv4 ACL Basic IPv6 ACL Advanced IPv6 ACL Layer 2 ACL User-defined ACL |
| Configuration and maintenance | |
| Login and configuration management |
Command line interface (CLI)- based configuration Console terminal service Telnet terminal service SSH v1.5 SSH v2.0 SNMP-based Web page-based configuration and management EasyDeploy (client) SVF OPS |
| File system |
Directory and file management File upload and download |
| Monitoring and maintenance |
eMDI Hardware monitoring Log information output Alarm information output Debugging information output Port mirroring Flow mirroring Remote mirroring Energy saving |
| Version upgrade |
Version upgrade Version rollback |
| Security | |
| ARP security |
ARP packet rate limiting ARP anti-spoofing Association between ARP and STP Dynamic ARP Inspection (DAI) Static ARP Inspection (SAI) Egress ARP Inspection (EAI) |
| IP security |
ICMP attack defense IPSG for IPv4 IPSG user capacity: 1000 IPSG for IPv6 IPSGv6 user capacity: 512 |
| Local attack defense | CPU attack defense |
| MFF | MFF |
| DHCP Snooping |
DHCP snooping Option 82 function Dynamic rate limiting for DHCP packets |
| Attack defense |
Defense against malformed packet attacks Defense against UDP flood attacks Defense against TCP SYN flood attacks Defense against ICMP flood attacks Defense against packet fragment attacks Local URPF |
| User access and authentication | |
| AAA |
Local authentication Local authorization RADIUS authentication RADIUS authorization RADIUS accounting HWTACACS authentication HWTACACS authorization HWTACACS accounting |
| NAC |
802.1X authentication MAC address authentication Portal authentication Hybrid authentication |
| Policy association | Functioning as the access device |
| Network management | |
| - |
Ping Tracert NQA NTP sFlow SNMP v1 SNMP v2c SNMP v3 HTTP HTTPS RMON NETCONF/YANG |
| Interoperability | |
| - |
VLAN-based Spanning Tree (VBST) Link-type Negotiation Protocol (LNP) VLAN Central Management Protocol (VCMP) |
Other products in the same category that you may find interesting: