Polski
English
Italiano
Español
Čeština
Српски
Deutsch
Ελληνικά
Slovenský
-
0,25 € netto
Huawei S6720-30L-HI-24S-AC switch 24x SFP+ 4x QSFP+ 2x QSFP28 AC power supply
Price
3 464,87 €
4 261,79 € incl. tax
favoriteAdd to wishlist
S6720-HI series full-featured 10 GE routing switches are Huawei’s first IDN-ready fixed switches to provide 10 GE downlink ports as well as 40 GE and 100 GE uplink ports.
S6720-HI series switches provide native AC capabilities and can manage 1K APs. They provide a free mobility function to ensure consistent user experience and are Virtual Extensible LAN( VXLAN ) capable to implement network virtualization. S6720-HI series switches also provide built-in security probes and support abnormal traffic detection, Encrypted Communications Analytics (ECA), and network-wide threat deception. The S6720-HI is ideal for enterprise campuses, carriers, higher education institutions, and governments.
- 24 x 10 Gig SFP+, 4 x 40 Gig QSFP+, 2 x 100 Gig QSFP28
- Dual pluggable power modules, 600W AC or 350W DC (no equipped power modules by default)
- Switching capacity: 2.56 Tbit/s
Abundant Convergence Feature
This S6720-HI provides the integrated WLAN AC function that can manage 1,000 APs, reducing the costs of purchasing additional WLAN AC hardware. The wireless forwarding performance reaches up to 668 Gbit/s, breaking the forwarding performance bottleneck of an external WLAN AC. With this switch series, customers can stay ahead in the high-speed wireless era.
The S6720-HI supports SVF and functions as a parent switch. With this virtualization technology, a physical network with the "Small-sized core/aggregation switches + Access switches + APs" structure can be virtualized into a "super switch", greatly simplifying network management.
The S6720-HI provides excellent QoS capabilities and supports queue scheduling and congestion control algorithms. Additionally, it adopts innovative priority queuing and multi-level scheduling mechanisms to implement fine-grained scheduling of data flows, meeting service quality requirements of different user terminals and services.
Providing Fine Granular Network Management
The S6720-HI uses the Packet Conservation Algorithm for Internet (iPCA) technology that changes the traditional method of using simulated traffic for fault location. iPCA technology can monitor network quality for any service flow anywhere, anytime, without extra costs. It can detect temporary service interruptions in a very short time and can identify faulty ports accurately. This cutting-edge fault detection technology turns "extensive management" to "fine granular management."
The S6720-HI supports Two-Way Active Measurement Protocol (TWAMP) to accurately check any IP link and obtain the entire network's IP performance. This protocol eliminates the need of using a dedicated probe or a proprietary protocol.
Flexible Ethernet Networking
In addition to traditional Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP), the S6720-HI supports Huawei-developed Smart Ethernet Protection (SEP) technology and the latest Ethernet Ring Protection Switching (ERPS) standard. SEP is a ring protection protocol specific to the Ethernet link layer, and applies to various ring network topologies, such as open ring topology, closed ring topology, and cascading ring topology. This protocol is reliable, easy to maintain, and implements fast service switching within 50 ms. ERPS is defined in ITU-T G.8032. It implements millisecond-level protection switching based on traditional Ethernet MAC and bridging functions.
The S6720-HI supports Smart Link and Virtual Router Redundancy Protocol (VRRP), which implement backup of uplinks.One S6720-HI switch can connect to multiple aggregation switches through multiple links, significantly improving reliability of access devices.
Intelligent Stack (iStack)
The S6720-HI supports the iStack function that combines multiple switches into a logical switch. Member switches in a stack implement redundancy backup to improve device reliability and use inter-device link aggregation to improve link reliability. iStack provides high network scalability. You can increase a stack's ports, bandwidth, and processing capability by simply adding member switches. iStack also simplifies device configuration and management. After a stack is set up, multiple physical switches can be virtualized into one logical device. You can log in to any member switch in the stack to manage all the member switches in it.
Cloud-based Management
The Huawei cloud management platform allows users to configure, monitor, and inspect switches on the cloud, reducing on-site deployment and O&M manpower costs and decreasing network OPEX. Huawei switches support both cloud management and on-premise management modes. These two management modes can be flexibly switched as required to achieve smooth evolution while maximizing return on investment (ROI).
VXLAN
VXLAN is used to construct a Unified Virtual Fabric (UVF). As such, multiple service networks or tenant networks can be deployed on the same physical network, and service and tenant networks are isolated from each other. This capability truly achieves 'one network for multiple purposes'. The resulting benefits include enabling data transmission of different services or customers, reducing the network construction costs, and improving network resource utilization. The S6720-HI series switches are VXLAN-capable and allow centralized and distributed VXLAN gateway deployment modes. These switches also support the BGP EVPN protocol for dynamically establishing VXLAN tunnels and can be configured using NETCONF/YANG
Clock Synchronization
The S6720-HI supports the IEEE 1588v2 protocol, which implements low-cost, high-precision, and high-reliability time and clock synchronization. This feature can meet strict requirements of power and transportation industry customers on time and clock synchronization.
High-Performance VRP Software System
Huawei S series switches build on a unified Versatile Routing Platform (VRP) software system, meeting the growing network scale and the evolving Internet technologies and guaranteeing network services and network quality.
VRP is a network operating system developed by Huawei with independent intellectual property rights. It can run on multiple hardware platforms and provide unified network, user, and management views. VRP provides flexible application solutions for users. In addition, VRP is a future-proof platform that maximally protects customer investments.
The VRP platform is focused on IP services and uses a component-based architecture to provide more than 300 features. Besides, VRP stands out for its application-based tailorable and scalable capabilities.
OPS
Open Programmability System (OPS) is an open programmable system based on the Python language. IT administrators can program the O&M functions of a switch through Python scripts to quickly innovate functions and implement intelligent O&M
Big Data Powered Collaborative Security
Switches use NetStream to collect campus network data and then report such data to the Huawei HiSec Insight. The purposes of doing so are to detect network security threats, display the security posture across the entire network, and enable automated or manual response to security threats. The HiSec Insight delivers the security policies to the iMaster NCE-Campus. The iMaster NCE-Campus then delivers such policies to switches that will handle security events accordingly. All these ensure campus network security.
Switches supports Encrypted Communication Analytics(ECA). It uses built-in ECA probes to extract characteristics of encrypted streams based on NetStream sampling and Service Awareness(SA), generates metadata, and reports the metadata to HiSec Insight. The HiSec Insight uses the AI algorithm to train the traffic model and compare characteristics of extracted encrypted traffic to identify malicious traffic. The HiSec Insight displays detection results on the GUI, provides threat handling suggestions, and automatically isolates threats with the iMaster NCE-Campus to ensure campus network security.
Switches supports deception. It functions as a sensor to detect threats such as IP address scanning and port scanning on a network and lures threat traffic to the honeypot for further checks. The honeypot performs in-depth interaction with the initiator of the threat traffic, records various application-layer attack methods of the initiator, and reports security logs to the HiSec Insight. The HiSec Insight analyzes security logs. If the HiSec Insight determines that the suspicious traffic is an attack, it generates an alarm and provides handling suggestions. After the administrator confirms the alarm, the HiSec Insight delivers a policy to the iMaster NCE-Campus. The iMaster NCE-Campus delivers the policy to the switch for security event processing, ensuring campus network security.
Intelligent O&M
This series switches provides telemetry technology to collect device data in real time and send the data to Huawei campus network analyzer(iMaster NCE-CampusInsight). The CampusInsight analyzes network data based on the intelligent fault identification algorithm, accurately displays the real-time network status, effectively demarcates and locates faults in a timely manner, and identifies network problems that affect user experience, accurately guaranteeing user experience.
This series switches supports a variety of intelligent O&M features for audio and video services, including the enhanced Media Delivery Index (eMDI). With this eDMI function, the switch can function as a monitored node to periodically conduct statistics and report audio and video service indicators to the CampusInsight platform. In this way, the CampusInsight platform can quickly demarcate audio and video service quality faults based on the results of multiple monitored nodes.
Intelligent Upgrade
Switches support the intelligent upgrade feature. Specifically, switches obtain the version upgrade path and download the
newest version for upgrade from the Huawei Online Upgrade Platform (HOUP). The entire upgrade process is highly automated and achieves one-click upgrade. In addition, preloading the version is supported, which greatly shortens the upgrade time and service interruption time.
The intelligent upgrade feature greatly simplifies device upgrade operations and makes it possible for the customer to upgrade the version independently. This greatly reduces the customer's maintenance costs. In addition, the upgrade policies on the HOUP platform standardize the upgrade operations, which greatly reduces the risk of upgrade failures.
Specification:
| S6720-30L-HI-24S | |
| Fixed port | |
|---|---|
| 10GE port | 24 |
| 40GE port | 4 |
| 100GE port | 2 |
| Management port | |
| ETH management port | Supported |
| Console port (RJ45) | Supported |
| USB port | USB 2.0 |
| CPU | |
| Frequency | 1,5 GHz |
| Cores | 8 |
| Memory | |
| Memory (RAM) | 2 GB |
| Flash | Hardware: 1 GB, of which 624 MB is available for users |
| Power supply system | |
| Power supply type | 600 W AC (pluggable) |
| Rated voltage range |
AC: 100 V AC to 240 V AC, 50/60 Hz |
| Maximum voltage range |
90 - 264 V AC 47 - 63 Hz |
| Maximum input current | 9 A |
| Maximum power consumption of the device | 232 W |
| Power consumption in the case of 30% traffic load | 138 W |
| Heat dissipation system | |
| Heat dissipation mode | Air-cooled heat dissipation and intelligent fan speed adjustment |
| Number of fan modules | Pluggable dual fans |
| Airflow | Front-to-back |
| Physical specifications | |
| Chassis dimensions (W x D x H, mm) |
442 x 420 x 43.6 |
| Chassis height | 1 U |
| Chassis weight (full configuration weight, including weight of packaging materials) | 9,86 kg |
| Environment parameters | |
|
Long-term operating temperature |
0 - 1800 m: 0°C - 45°C
The operating temperature decreases 1°C for every 220 m increase in altitude. |
| Storage temperature | -40°C - 70°C |
| Relative humidity | 5%-95% (non-condensing) |
| Noise under normal temperature (sound power) | 65 dB(A) |
| Noise under high temperature (sound power) | 88 dB(A) |
| Noise under normal temperature (sound pressure) | 52 dB(A) |
| MTBF | 61,42 years |
| Software | |
| Ethernet features | |
| Ethernet basics |
Rate autonegotiation on an interface Flow control on an interface Jumbo frames Link aggregation Load balancing among links of a trunk Transparent transmission of Layer 2 protocol packets Device Link Detection Protocol (DLDP) Link Layer Discovery Protocol (LLDP) Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED) Interface isolation Broadcast traffic suppression on an interface Multicast traffic suppression on an interface Unknown unicast traffic suppression on an interface VLAN broadcast traffic suppression VLAN multicast traffic suppression VLAN unknown unicast traffic suppression |
| VLAN |
VLAN specification: 4094 VLANIF interface specification: 1024 Access mode Trunk mode Hybrid mode QinQ mode Default VLAN VLAN assignment based on interfaces VLAN assignment based on protocols VLAN assignment based on IP subnets VLAN assignment based on MAC addresses VLAN assignment based on MAC address + IP address VLAN assignment based on MAC address + IP address + interface number Adding double VLAN tags to packets based on interfaces Super-VLAN Super-VLAN specification: 256 Sub-VLAN Sub-VLAN specification: 1K VLAN mapping Selective QinQ MUX VLAN Voice VLAN Guest VLAN |
| GVRP |
GARP GVRP |
| VCMP | VCMP |
| MAC |
MAC address: 64K Automatic learning of MAC addresses Automatic aging of MAC addresses Static, dynamic, and blackhole MAC address entries Interface-based MAC address learning limiting Sticky MAC MAC address flapping detection Configuring MAC address learning priorities for interfaces MAC address spoofing defense Port bridge |
| ARP |
Static ARP Dynamic ARP ARP entry: 55K (share) ARP aging detection Intra-VLAN proxy ARP Inter-VLAN proxy ARP Routed proxy ARP Multi-egress-interface ARP |
| Ethernet loop protection | |
| MSTP |
STP RSTP MSTP VBST BPDU protection Root protection Loop protection Defense against TC BPDU attacks |
| Loopback detection | Loop detection on an interface |
| SEP | SEP |
| Smart Link |
Smart Link Smart Link multi-instance Monitor Link |
| RRPP |
RRPP Single RRPP ring Tangent RRPP ring Intersecting RRPP ring Hybrid networking of RRPP rings and other ring networks |
| ERPS |
G.8032 v1 G.8032 v2 ERPS semi-ring topology ERPS closed-ring topology |
| IPv4/IPv6 forwarding | |
| IPv4 and unicast routing |
IPv4 static routing VRF DHCP client DHCP server DHCP relay DHCP policy VLAN URPF check Routing policies IPv4 routes: 55K RIPv1 RIPv2 OSPF BGP MBGP IS-IS Policy-based routing (PBR) |
| Multicast routing features |
IGMPv1/v2/v3 PIM-DM PIM-SM MSDP IPv4 multicast routes: 32K (share) IPv6 multicast routes: 2K Multicast routing policies RPF |
| IPv6 features |
IPv6 protocol ND ND entry: 22K (share) ND snooping DHCPv6 snooping RIPng DHCPv6 server DHCPv6 relay OSPFv3 BGP4+ IS-IS for IPv6 IPv6 routes: 22K VRRP6 MLDv1/v2 PIM-DM for IPv6 PIM-SM for IPv6 |
| IPv6 transition technology | IPv6 manual tunneling |
| Layer 2 multicast | |
| - |
IGMPv1/v2/v3 snooping IGMP snooping proxy MLD snooping Multicast traffic suppression Inter-VLAN multicast replication |
| MPLS i VPN | |
| MPLS basic functions |
LDP protocol Double MPLS labels Mapping from 802.1p priorities to EXP priorities in MPLS packets Mapping from DSCP priorities to EXP priorities in MPLS packets |
| MPLS TE |
MPLS-TE tunnel establishment MPLS-TE tunnel specification: 256 MPLS-TE protection group |
| VPN |
MCE GRE tunneling GRE tunnel specification: 512 VLL PWE3 VPLS MPLS L3VPN IPSec Efficient VPN |
| Device reliability | |
| BFD |
Single-hop BFD BFD for static routes BFD for OSPF BFD for IS-IS BFD for BGP BFD for PIM BFD for VRRP |
| Stacking |
Service interface-based stacking Maximum number of stacked devices: 9 Stack bandwidth (Unidirectional): 360 Gb/s |
| VRRP | VRRP standard protocol |
| Ethernet OAM | |
| EFM (802.3ah) |
Automatic discovery of links Link fault detection Link troubleshooting Remote loopback |
| CFM (802.1ag) |
Software-level CCM 802.1ag MAC ping 802.1ag MAC trace |
| OAM association | Association between 802.1ag and 802.3ah |
| Y.1731 |
Unidirectional delay and jitter measurement Bidirectional delay and jitter measurement |
| QoS features | |
| Traffic classification |
Traffic classification based on ACLs Configuring traffic classification priorities Matching the simple domains of packets |
| Traffic behavior |
Traffic filtering Traffic policing (CAR) Modifying the packet priorities Modifying the simple domains of packets Modifying the packet VLANs |
| Traffic shaping |
Traffic shaping on an egress interface Traffic shaping on queues on an interface |
| Congestion avoidance |
Weighted Random Early Detection (WRED) on queues Tail drop |
| Congestion management |
Priority Queuing (PQ) Weighted Deficit Round Robin (WDRR) PQ+WDRR PQ+WDRR Weighted Round Robin (WRR) PQ+WRR |
| ACL | |
| Packet filtering at Layer 2 to Layer 4 |
Number of rules per IPv4 ACL: 6K Number of rules per IPv6 ACL: 6K Basic IPv4 ACL Advanced IPv4 ACL Basic IPv6 ACL Advanced IPv6 ACL Layer 2 ACL User group ACL User-defined ACL |
| Configuration and maintenance | |
| Login and configuration management |
Command line interface (CLI)- based configuration Console terminal service Telnet terminal service SSH v1.5 SSH v2.0 SNMP-based NMS for unified configuration Web page-based configuration and management EasyDeploy (client) EasyDeploy (commander) SVF Cloud management OPS |
| File system |
Directory and file management File upload and download |
| Monitoring and maintenance |
Deception ECA eMDI Hardware monitoring Log information output Alarm information output Debugging information output Port mirroring Flow mirroring Remote mirroring Energy saving |
| Version upgrade |
Version upgrade Version rollback |
| Security | |
| ARP security |
ARP packet rate limiting ARP anti-spoofing Association between ARP and STP ARP gateway anti-collision Dynamic ARP Inspection (DAI) Static ARP Inspection (SAI) Egress ARP Inspection (EAI) |
| IP security |
ICMP attack defense IPSG for IPv4 IPSG user capacity: 3000 IPSG for IPv6 IPSGv6 user capacity: 1500 |
| Local attack defense | CPU attack defense |
| MFF | MFF |
| DHCP snooping |
DHCP snooping Option 82 function Dynamic rate limiting for DHCP packets |
| Attack defense |
Defense against malformed packet attacks Defense against UDP flood attacks Defense against TCP SYN flood attacks Defense against ICMP flood attacks Defense against packet fragment attacks Local URPF |
| User access and authentication | |
| AAA |
Local authentication Local authorization RADIUS authentication RADIUS authorization RADIUS accounting HWTACACS authentication HWTACACS authorization HWTACACS accounting |
| NAC |
802.1X authentication MAC address authentication Portal authentication Hybrid authentication |
| Policy association |
Functioning as the control device |
| Network management | |
| - |
Ping Tracert NQA NTP iPCA NetStream SNMP v1 SNMP v2c SNMP v3 HTTP HTTPS RMON NETCONF/YANG |
| WLAN | |
| - |
AP management Number of managed APs: 1K Radio management WLAN service management WLAN QoS WLAN security WLAN user management |
| VXLAN | |
| - |
VXLAN Layer 2 gateway VXLAN Layer 3 gateway Centralized gateway Distributed gateway BGP-EVPN BGP-EVPN neighbor capacity: 256 |
| Interoperability | |
| - |
VLAN-based Spanning Tree (VBST) Link-type Negotiation Protocol (LNP) VLAN Central Management Protocol (VCMP) |
Other products in the same category that you may find interesting: