Enterasys KG2001-0224 Datasheet

Brand: Enterasys

Model: KG2001-0224

Category: Network switch modules

Type: Datasheet

This manual is also suitable for

Product Overview

The Enterasys K-Series™ is the most cost-effective, ﬂow-based switching solution in the industry.

Providing exceptional levels of automation, visibility and control from the network edge to the small

enterprise core, these ﬂexible, modular switches signiﬁcantly reduce operational costs while still

offering premium features.

The K-Series is built upon the Enterasys CoreFlow2 custom ASIC. This cornerstone switching

technology provides greater visibility into critical business applications and the ability to enable

better controls to meet the Service Level Agreements (SLAs) demanded by the business.

Designed to address the challenges associated with a growing demand for access to new

applications and services, the K-Series protects businesses trafﬁc and supports changing

operational needs. This includes the consumerization of IT and “bring your own device” programs

that require more robust location, identiﬁcation, visibility and overall management capabilities.

The K-Series is uniquely suited to intelligently manage individual user, device and application

conversations, as well as to provide the visibility and management to troubleshoot connectivity

issues, locate devices, and ensure protection of corporate data.

Enterasys K-Series switches are available in the following form factors:

• 6-slotchassisofferinguptoamaximumof144triple-speedportsand(4)10Gbuplinks

• 10-slotchassisofferinguptoamaximumof216triple-speedportsand(8)10Gbports

TheK-Seriessupportsupto(12)10Gbuplinks,includingfourportsonthefabriccardand8portson

(2)10GbIOMs.

The K-Series makes forwarding decisions and enforces security policies and roles while classifying/

prioritizingtrafcatwirespeed.AllI/OmodulesprovidethehighestQualityofService(QoS)features

for critical applications such as voice and HD video even during periods of high network trafﬁc load

while also proactively preventing Denial of Service (DoS) attacks and malware propagation.

The K-Series implements an industry-leading, ﬂow-based switching architecture to intelligently

manage individual user and application conversations — far beyond the capabilities of switches

that are limited to using VLANs, ACLs, and ports to implement role-based access controls. Users

are identiﬁed and roles are applied to ensure each individual user can access their business-critical

applications no matter where they connect to the network. K-Series policy rules combined with

There is nothing more important

than our customers.

Beneﬁts

Business Alignment

• Ensureseachend-userreceivesthe

information,servicesandapplications

neededtoachievetheirbusinessgoals

throughextensivenetworkvisibilityand

controlcapabilities

• Greenandefcientpowersystem

modularitydrivesdownpowerand

coolingcostsbyprovidingoptimal

incrementalpowerconsumption

• Consistentenduserexperienceand

networkprotectionbyeffectively

allocatingcriticalnetworkservices

whileblockingsuspicioustrafc

Operational Efﬁciency

• High-density,smallformfactorchassis

providesupto(216)10/100/1000

portswith(8)10Gbuplinksina

standardrack,signicantlyreducing

footprintcosts

• Managementautomationandbuilt-

inresiliencyfeaturesdrivedown

operationalcostsandmaximizeuptime

• Automaticallyidentiesandprovisions

newdevicesandservicesreducingIT

deploymenttime

Security

• Reducesriskandsimpliesnetwork

administrationwithbuilt-in,notbolted-

onsecurity

• Protectsbusinesstrafcfrommalicious

attacksandmaintainsinformation

condentiality,integrityandavailability

• Extendsnetworkaccesscontroland

securitytoexistingedgeswitches

andwirelessaccesspoints,meeting

thechallengesassociatedwiththe

consumerizationofIT

Support and Service

• Industry-leadingcustomersatisfaction

andrstcallresolutionrates

Versatile,highdensityedgetosmallcore

switchingwithexibleconnectivityand

poweroptionsreducescostofownership

Advancedautomatednetworkprovisioning

maximizestheefciencyandreliability

ofsupportingnewITservicessuchas

virtualizeddesktops

Integratedvisibility,granularityandcontrol

deliverssignicantcostsavingsandpremium

securityformissioncriticalnetworks

Easytodeployaccesscontrolsandprioritization

providesmorerobustlocation,identication

andoverallmanagementcapabilitiesincluding

supportfor“bringyourowndevice”programs

Enterasys K-Series

™

Flexible,ModularSwitchWithPremiumFeatures,forEnterpriseEdgetoSmallCoreDeployments

DATASHEET

deep packet inspection can intelligently sense and automatically respond

to security threats while improving reliability and quality of the user

experience.

A signiﬁcant differentiator for the K-Series is the ability to collect

NetFlow data at wire-speed providing total visibility into network

resource consumption for users and applications. The K-Series joins the

S-Series as the only enterprise switches to support multi-user, multi-

method authentication on every port — absolutely essential when you

have devices such as IP phones, computers, printers, copiers, security

cameras, badge readers, and virtual machines connected to the network.

These new modular switches deliver ﬂexible connectivity, premium

features and integrated security that enable the network to quickly adapt

to changing business requirements.

Hardware-Based High Availability Features

The K-Series includes many standard high availability features. These

hardware-based high availability features allow the K-Series to be

deployedinmissioncriticalenvironmentsthatrequire24/7availability.

The K-Series supports the following hardware-based high availability

features:

• Passivechassisbackplane

• Hotswappablefantrayswithmultiplecoolingfans

• Hotswappableandload-sharingpowersupplies

• MultipleACinputconnectionsforpowercircuitredundancy

• Upto36groupsofeightEthernetportscanbegroupedtogetherto

createamulti-linkaggregationgroup(LAG)

Distributed, Flow-Based Architecture

In order to ensure granular visibility and management of trafﬁc without

sacriﬁcing performance, the Enterasys K-Series deploys a ﬂow-

based architecture. This architecture ensures that when a speciﬁc

communications ﬂow is being established between two end points, the

ﬁrst packets in that communication are processed through the multilayer

classicationenginesintheswitchandtheI/Ofabricmodule.Inthis

process, the role is identiﬁed, the applicable policies are determined,

the packets are inspected and the action is determined. After the

ﬂow is identiﬁed, all subsequent packets associated with that ﬂow

are automatically handled in the Enterasys ASICs without any further

processing. In this way the Enterasys K-Series is able to apply a very

granular level of control to each ﬂow at full line rate.

Multi-User/Method Authentication and Policy

Authentication allows enterprise organizations to manage network access

and provide mobility to users and devices. It provides a way to know who

or what is connected to the network and where this connection is at any

time. The Enterasys K-Series has unique, industry leading capabilities

regarding types of simultaneous authentication methods. K-Series modules

can support multiple concurrent authentication techniques, including:

• 802.1Xauthentication

• MACauthentication,whichisawaytoauthenticatedevicesonthe

networkusingtheMACaddress

• Web-basedauthentication,alsoknownasPortWebAuthentication

(PWA),whereausernameandpasswordaresuppliedthroughabrowser

• CEP,alsoknownasConvergenceEndPoint,wheremultiplevendors

VoIP phones are identiﬁed and authenticated; this capability provides

great ﬂexibility to enterprises looking to implement access control

mechanisms across their infrastructure

A signiﬁcant additional feature of the K-Series is the capability to

support multi-user authentication. This allows multiple users and

devices to be connected to the same physical port and each user or

device to be authenticated individually using one of the multi-method

options(802.1x,MAC,PWA,orCEP).Themajorbenetofmulti-user

authentication is to authorize multiple users, either using dynamic policy

or VLAN assignment for each authenticated user. In the case of dynamic

policy,thisiscalledMulti-UserPolicy.Multi-userportcapacitieswiththe

K-Seriesaredeterminedonaperport,perI/Omodule,andpermulti-slot

system basis.

Multi-userauthenticationandpolicycanprovidesignicantbenets

to customers by extending security services to users connected to

unmanaged devices, third party switches/routers, VPN concentrators,

or wireless LAN access points at the edge of their network. Using

authentication provides security, priority, and bandwidth control while

protectingexistingnetworkinvestments.TheK-Seriessupportsupto8

usersperportwithalicenseoptionfor256usersperport.Totalsystem

capacitysupports1152usersontheK6and1920usersontheK10.

Dynamic, Flow-Based Packet Classiﬁcation

Another unique feature that separates the Enterasys K-Series from all

competitiveswitchesisthecapabilitytoprovideUser-BasedMulti-layer

PacketClassication/QoS.Withthewidearrayofnetworkapplications

usedonnetworkstoday,traditionalMulti-layerPacketClassication

by itself is not enough to guarantee the timely transport of business-

criticalapplications.IntheK-Series,User-BasedMulti-layerPacket

Classiﬁcation allows trafﬁc classiﬁcation not just by packet type, but

also by the role of the user on the network and the assigned policy of

thatuser.WithUser-BasedMulti-layerPacketClassication,packets

can be classiﬁed based on unique identiﬁers like “All Users”, “User

Groups”,and“IndividualUser”,thusensuringamoregranularapproach

to managing and maintaining network conﬁdentiality, integrity, and

availability.

Network Visibility From High Fidelity NetFlow

Network performance management and security capabilities via NetFlow

are available on Enterasys K-Series switch ports without slowing down

switching and routing performance or requiring the purchase of expensive

daughter cards for every module. Enterasys NetFlow tracks every packet

in every ﬂow as opposed to more typical statistical sampling techniques

Page 2

or restrictive appliance-based implementations. The value of unsampled,

real-time NetFlow monitoring is the visibility into exactly what trafﬁc is

traversing the network. If something abnormal occurs it will be captured

by NetFlow and appropriate action can be applied. Additionally, NetFlow

can be used for capacity planning, allowing the network manager to

monitor the trafﬁc ﬂows and volumes of trafﬁc in the network and

understand where the network needs to be reconﬁgured or upgraded.

This saves time and money by enabling administrators to know when and

where upgrades might be needed.

Network Trafﬁc Monitoring - Port Mirroring

Port mirroring is an integrated diagnostic tool for tracking network

performance and security that is especially useful for fending off network

intrusion and attacks. It is a low-cost alternative to network taps and

other solutions that may require additional hardware, disrupt normal

network operation, affect client applications or may introduce a new

point of failure into your network.

Port mirroring is highly scalable and easy to monitor . It is especially

convenient to use in networks where ports are scarce. Ports that can be

conﬁgured to participate in mirroring include physical ports, virtual ports

andhostports—VLANinterfaces,andintrusiondetectionports.With

this feature, analyzing bi-directional trafﬁc and ensuring connectivity

between, for example, a departmental switch and its high speed uplink to

a backbone switch becomes simple and cost effective process.

K-Series port mirroring relationships can be set on inbound trafﬁc,

outboundtrafc,orbothforupto4portmirrorsconsistingofone-to-one,

one-to-many, many-to-one, IDS or policy mirrors.

Multi-layer packet classiﬁcation - enables the delivery

of critical applications to speciﬁc users via trafﬁc

awareness and control

• User,port,anddeviceLevel(Layer2through4packetclassication)

• QoSmappingtopriorityqueues(802.1p&IPToS/DSCP)upto11

queues per port

• Multiplequeuingmechanisms(SPQ,WFQ,WRRandHybrid)

• GranularQoS/ratelimiting

• VLANtopolicymapping

Switching/VLAN services - provides high performance

connectivity, aggregation, and rapid recovery services

• Extensiveindustrystandardscompliance(IEEEandIETF)

• Inboundandoutboundbandwidthratecontrolperow

• VLANservicessupport

 - Linkaggregation(IEEE802.3ad)

 - Multiplespanningtrees(IEEE802.1s)

 - Rapidrecongurationofspanningtree(IEEE802.1w)

•ProviderBridges(IEEE802.1ad),Q-in-QReady

•Flowsetupthrottling

•DHCPServer

IP Routing - provides dynamic trafﬁc optimization,

broadcast containment and efﬁcient network resilience

• Standardroutingfeaturesincludestaticroutes,RIPv2,RIPngand

Multicastroutingsupport(DVMRP,IGMPv1/v2/v3),PolicyBased

RoutingandRouteMapsandVRRP

• LicensedroutingfeaturesincludeOSPFv2/v3,VRFandPIM-SM

Security (User, Network and Management)

• Usersecurity

 - Authentication(802.1X,MAC,PWA+andCEP),MAC(Staticand

Dynamic) port locking

 - Multi-userauthentication/policies

• Networksecurity

- Access Control Lists (ACL) – basic and extended

- Policy-based security services (examples: spooﬁng, unsupported

protocol access, intrusion prevention, DoS attacks limits)

• ManagementSecurity

 - SecureaccesstotheK-SeriesviaSSH,SNMPv3

Management, Control and Analysis – provide

streamlined tools for maintaining network availability

and health

• Conguration

- Industry-standard CLI and web management support

 - Multiplermwareimageswitheditablecongurationles

• NetworkAnalysis

 - SNMPv1/v2c/v3,RMON(9groups)andSMON(rfc2613)VLAN

and Stats

- Port/VLAN mirroring (one-to-one, one-to-many, many-to-many)

- Unsampled NetFlow on every port with no impact on system

switching and routing performance

• Automatedset-upandreconguration

 - ReplacementI/Omodulewillautomaticallyinheritprevious

modules conﬁguration

FeatureSummary

Page 3

Examples of additional functionality and features that are supported by

the Enterasys K-Series:

• NetFlow-Providesreal-timevisibility,applicationprolingand

capacity planning

• LLDP-MED-LinkLayerDiscoveryProtocolforMediaEndpoint

Devices enhances VoIP deployments

• FlowSetupThrottling-(FST)effectivelypreemptsanddefends

against DoS attacks

• Node&AliasLocation-Automaticallytracksuseranddevicelocation

and enhances network management productivity and fault isolation

• PortProtectionSuite-Maintainnetworkavailabilitybyensuringgood

protocol and end station behavior

• Flex-EdgeTechnology-Providesadvancedbandwidthmanagement

and allocation for demanding access/edge devices

Flow Setup Throttling (FST) is a proactive feature designed to mitigate

zero-day threats and Denial of Service (DoS) attacks before they can

affect the network. FST directly combats the effects of zero-day and

DoS attacks by limiting the number of new or established ﬂows that

can be programmed on any individual switch port. This is achieved by

monitoring the new ﬂow arrival rate and/or controlling the maximum

number of allowable ﬂows.

In network operations, it is very time consuming to locate a device or

ﬁnd exactly where a user is connected. This is especially important when

reacting to security breaches. Enterasys K-Series modules automatically

track the network’s user/device location information by listening to

network trafﬁc as it passes through the switch. This information is then

used to populate the Node/Alias table with information such as an

end-station’sMACaddressandLayer3aliasinformation(IPaddress,

IPXaddress,etc.).ThisinformationcanthenbeutilizedbyEnterasys

NMSSuitemanagementtoolstoquicklydeterminetheswitchandport

number for any IP address and take action against that device in the

event of a security breach. This node and alias functionality is unique

to Enterasys and reduces the time to pinpoint the exact location of a

problem from hours to minutes.

For organizations looking to deploy Uniﬁed Communications, the

Enterasys K-Series combines policy-based automation with support for

multiplestandards-baseddiscoverymethods,includingLLDP-MED,SIP

andH.323,toautomaticallyidentifyandprovisionUCservicesforIP

phones from all major vendors. K-Series switches also provide dynamic

mobility for IP clients; when an IP phone moves and plugs in elsewhere

in the enterprise network, its VoIP service provisioning, security and

trafﬁc priority settings move with it, with none of the typical manual

administration required for moves, adds and changes.

The K-Series also supports a comprehensive portfolio of port protection

capabilities,suchasSPANguardandMACLock,whichprovidethe

abilitytodetectunauthorizedbridgesinthenetworkandrestrictaMAC

addresstoaspecicport.OtherportprotectionfeaturesincludeLink

Flap, Broadcast Suppression and Spanning Tree Loop protection which

protects against mis-conﬁguration and protocol failure.

Enterasys K-Series Flex-Edge technology provides line rate trafﬁc

classiﬁcation for all access ports with guaranteed priority delivery for

control plane trafﬁc and high-priority trafﬁc as deﬁned by the Enterasys

policy overlay. In addition to allocating resources for important network

trafﬁc, prioritized bandwidth can be assigned on a per port or per

authenticated user basis. Flex-Edge technology is ideal for deployment in

wiring closets and distribution points that can often suffer from spikes in

utilizationthatcausenetworkcongestion.WithFlex-Edgetechnologies,

organizations no longer have to fear a momentary network congestion

event that would result in topology changes and random packet discards.

Feature-RichFunctionality

Page 4

StandardsandProtocols

Switching/VLAN Services

• GenericVLANRegistrationProtocol(GVRP)

• 802.3uFastEthernet

• 802.3abGigabitEthernet(copper)

• 802.3zGigabitEthernet(ber)

• 802.3ae10GigabitEthernet(ber)

•802.1QVLANs

•802.1DMACBridges

•ProviderBridges(IEEE802.1ad)Ready

• 802.1wRapidre-convergenceofSpanning

Tree

• 802.1sMultipleSpanningTree

• 802.3adLinkAggregation

•802.3aeGigabitEthernet

• 802.3xFlowControl

• IPMulticast(IGMPsupportv1,v2,v3,per-

VLAN querier ofﬂoad)

• JumboPacketwithMTUDiscoverySupport

forGigabit

• LinkFlapDetection

• DynamicEgress(AutomatedVLANPort

Conﬁguration)

• 802.S1abLLDP-MED

Standard IP Routing Features

•StaticRoutes

•StandardACLs

• OSPFwithMultipathSupport

• OSPFPassiveInterfaces

• IPv6RoutingIPv6RoutingCapable

•ExtendedACLs

• Policy-basedRouting

•RFC147DenitionofaSocket

•RFC768UDP

•RFC781Specicationof(IP)Timestamp

 Option

•RFC783TFTP

•RFC791InternetProtocol

•RFC792ICMP

•RFC793TCP

•RFC826ARP

•RFC854Telnet

•RFC894TransmissionofIPoverEthernet

Networks

•RFC919BroadcastingInternetDatagrams

•RFC922BroadcastingIPDatagramsover

Subnets

•RFC925Multi-LANAddressResolution

•RFC950InternetStandardSubnetting

Procedure

•RFC951BOOTP

•RFC959FileTransferProtocol

•RFC1027ProxyARP

• RFC1112IGMP

•RFC1122RequirementsforIPHosts-

Comm Layers

Page 5

•RFC1123RequirementsforIPHosts-

Application and Support

•RFC1191PathMTUDiscovery

•RFC1323TCPExtensionsforHigh 

Performance

•RFC1349TypeofServiceintheInternet

Protocol Suite

•RFC1388RIPv2CarryingAdditional

Information

•RFC1492TACAS+

•RFC1517ImplementationofCIDR

•RFC1518CIDRArchitecture

• RFC1519CIDR

•RFC1542BootP:Claricationsand 

Extensions

• RFC1583/RFC2328OSPFv2

• RFC1587OSPFv2NSSA

•RFC1624IPChecksumviaIncremental

Update

•RFC1722RIPv2ProtocolApplicability

Statement

•RFC1723RIPv2CarryingAdditional

Information

•RFC1745OSPFInteractions

•RFC1746OSPFInteractions

•RFC1765OSPFDatabaseOverow

•DVMRPv3-10

•RFC1812GeneralRouting

•RFC1886DNSExtensionstoSupportIP

 Version6

•RFC1981PathMTUDiscoveryforIPv6

•RFC2001TCPSlowStart

•RFC2018TCPSelectiveAcknowledgment

 Options

• RFC2030SNTP

•RFC2080RIPv6

•RFC2082RIP-IIMD5Authentication

•RFC2113IPRouterAlertOption

•RFC2117PIM-SMProtocolSpecication

•RFC2131DHCPServerRelay

•RFC2132DHCPOptionsandBOOTP

Vendor Extensions

•RFC2138RADIUSAuthentication

•RFC2154OSPFwithDigitalSignatures

•RFC2236IGMPv2

•RFC2328OSPFv2

•RFC2329OSPFStandardizationReport

•RFC2338VRRP

•RFC2361ProtocolIndependentMulticast-

SparseMode

•RFC2362PIM-SMProtocolSpecication

•RFC2370TheOSPFOpaqueLSAOption

• RFC2373AddressNotationCompression

•RFC2374IPv6AggregatableGlobalUnicast

Address Format

•RFC2375IPv6MulticastAddress 

Assignments

•RFC2401SecurityArchitectureforInternet

Protocol

•RFC2404UseofHMAC-SHA-1-96within

ESP and AH

•RFC2406IPEncapsulatingSecurity

Payload (ESP)

•RFC2407InternetIPSecurityDomainof

 InterpretationforISAKMP

•RFC2408ISAKMP

•RFC2428FTPExtensionsforIPv6and

NATs

•RFC2453RIPv2

•RFC2460IPv6Specication

•RFC2461NeighborDiscoveryIPv6

•RFC2462IPv6StatelessAddress

Autoconﬁguration

•RFC2463ICMPv6

•RFC2464TransmissionofIPv6over

Ethernet

•RFC2474DSFielddenitioninIPv4/v6

Headers

•RFC2475AnArchitectureforDifferentiated

Service

• RFC2710MLDv1

•RFC2711IPv6RouterAlertOption

•RFC2827NetworkIngressFiltering

•RFC2865RADIUSAuthentication;RADIUS

Accounting

•RFC2894RouterRenumbering

•RFC3041PrivacyExtensionsforIPv6

SLAAC

•RFC3101OSPFNSSAOption

•RFC3137OSPFStubRouterAdvertisement

•RFC3376IGMPv3

•RFC3411SNMPArchitecturefor

ManagementFrameworks

•RFC3412MessageProcessingand

DispatchingforSNMP

•RFC3413SNMPApplications

•RFC3446AnycastRPusingPIMand

 MSDP

•RFC3484DefaultAddressSelectionfor

 IPv6

•RFC3493BasicSocketInterface 

 ExtensionsforIPv6

•RFC3509AlternativeImplementationsof

OSPFABRs

•RFC3513IPv6AddressingArchitecture

•RFC3590MLDMulticastListenerDiscovery

•RFC3595TextualConventionsforIPv6

Flow Label

•RFC3596DNSExtensionstoSupportIPv6

•RFC3623GracefulOSPFRestart

•RFC3704NetworkIngressFiltering

•RFC3768VRRP

•RFC3810MLDv2

•RFC3879DeprecatingSiteLocalAddresses

•RFC3956EmbeddingRPAddressinIPv6

 MulticastAddress

•RFC4007IPv6ScopedAddressArchitecture

•RFC4167GracefulOSPFRestart

ImplementationReport

•RFC4193UniqueLocalIPv6Unicast

Addresses

•RFC4222PrioritizedTreatmentofOSPFv2

Packets

•RFC4291IPVersion6Addressing

Architecture

•RFC4301SecurityArchitectureforIP

•RFC4302IPAuthenticationHeader

•RFC4303IPEncapsulatingSecurity

Payload (ESP)

•RFC4305CryptoAlgorithmRequirements

for ESP and AH

•RFC4443ICMPv6forIPv6

•RFC4541IGMPSnooping

•RFC4552Authentication/Condentiality

forOSPFv3

•RFC4601PIM-SM

•RFC4602PIM-SMIETFProposedStdReq

Analysis

•RFC4604IGMPv3andMLDv2

•RFC4607Source-SpecicMulticastforIP

•RFC4608PIM--SSMin232/8

•RFC4610Anycast-RPUsingPIM

•RFC4835CryptoAlgorithmRequirements

for ESP and AH

•RFC4861NeighborDiscoveryforIPv6

•RFC4878OAMFunctionsonEthernet-Like

Interfaces

•RFC4884ExtendedICMPMulti-Part

Messages

•RFC4940IANAConsiderationsforOSPF

•RFC5059BSRforPIM

•RFC5095DeprecationofType0Routing

 HeadersinIPv6

•RFC5186IGMPv3/MLDv2/MCASTRouting

Protocol Interaction

•RFC5187OSPFv3GracefulRestart

•RFC5250OSPFOpaqueLSAOption

•RFC5340OSPFforIPv6

•RFC5798VRRPVersion3

•RFC6164Using127-BitIPv6Prexeson

 Inter-RouterLinks

Class of Service

•StrictPriorityQueuing

•WeightedFairQueuingwithShaping

•11TransmitQueuesperPort

•PacketCountorBandwidthbasedRate

Limiters(BandwidthThresholdsbetween64

Kbpsand4Gbps)

•IPToS/DSCPMarking/Remarking

•802.1DPriority-to-TransmitQueueMapping

StandardsandProtocols(cont.)

Page 6

Network Security and Policy

Management

•802.1XPort-basedAuthentication

• Web-basedAuthentication

•MAC-basedAuthentication

•ConvergenceEndpointDiscoverywith

DynamicPolicyMapping

 (SiemensHFA,CiscoVoIP,H.323,andSIP)

•MultipleAuthenticationTypesperPort

Simultaneously

•MultipleAuthenticatedusersperportwith

unique policies per user/End System (VLAN

association independent)

•RFC3580IEEE802.1RADIUSUsage

Guidelines,withVLANtoPolicyMapping

•WormPrevention(FlowSet-UpThrottling)

•BroadcastSuppression

•ARPStormPrevention

•MAC-to-PortLocking

• SpanGuard(SpanningTreeProtection)

•BehavioralAnomalyDetection/FlowCollector

(non-sampled Netﬂow)

•StaticMulticastGroupProvisioning

•MulticastGroup,SenderandReceiverPolicy

Control

Management, Control and Analysis

•SNMPv1/v2c/v3

•Web-basedManagementInterface

•IndustryCommonCommandLineInterface

•MultipleSoftwareImageSupportwith

RevisionRollBack

•Multi-congurationFileSupport

•EditableText-basedCongurationFile

•COMPortBootPromandImageDownload

viaZMODEM

•TelnetServerandClient

•SecureShell(SSHv2)ServerandClient

•CabletronDiscoveryProtocol

•CiscoDiscoveryProtocolv1/v2

•Syslog

•FTPClient

•SimpleNetworkTimeProtocol(SNTP)

•Netowversion5andversion9

•RFC2865RADIUS

•RFC2866RADIUSAccounting

•TACACS+forManagementAccessControl

•ManagementVLAN

•4Manyto-One-port,One-to-ManyPorts,

VLANMirrorSessions

IETF and IEEE MIB Support

•RFC1213MIB-II

•RFC1389RIPv2MIBExtension

•RFC1493BRIDGE-MIB

•RFC1659RS-232-MIB

•RFC1724RIPv2MIBExtension

•RFC1850OSPFv2MIB

•RFC2012TCP-MIB

•RFC2013UDP-MIB

•RFC2096IPForwardingTableMIB

•RFC2233TheInterfacesGroupMIBusing

 SMIv2

•RFC2578SNMPv2-SMI

•RFC2579SNMPv2-TC

•RFC2613SMON-MIB

•RFC2674P/Q-BRIDGE-MIB

•RFC2787VRRPMIB

•RFC2819RMONMIB

•RFC2863IF-MIB

•RFC2864IF-INVERTED-STACK-MIB

•RFC2922PTOPO-MIB

•RFC2934PIMMIBforIPv4

•RFC3273HC-RMON-MIB

•RFC3291INET-ADDRESS-MIB

•RFC3411SNMPArchitecturefor 

 ManagementFrameworks

•RFC3412MessageProcessingand 

 DispatchingforSNMP

•RFC3412SNMP-MPD-MIB

•RFC3413SNMPApplications

•RFC3413SNMP-NOTIFICATIONS-MIB

•RFC3413SNMP-PROXY-MIB

•RFC3413SNMP-TARGET-MIB

•RFC3414SNMP-USER-BASED-SM-MIB

•RFC3415SNMP-VIEW-BASED-ACM-MIB

•RFC3417SNMPv2-TM

•RFC3418SNMPv2MIB

•RFC3584SNMP-COMMUNITY-MIB

•RFC3621POWER-ETHERNET-MIB

•RFC3635ETHERLIKE-MIB

•RFC4133ENTITYMIB

•RFC4188BridgeMIB

•RFC4268ENTITY-STATE-MIB

•RFC4268ENTITY-STATE-TC-MIB

•RFC4292IPForwardingMIB

•RFC4293MIBfortheInternetProtocol(IP)

•RFC4560DISMAN-PING-MIB

•RFC4560DISMAN-TRACEROUTE-MIB

•RFC4560DISMAN-NSLOOKUP-MIB

•RFC4750OSPFv2MIB

•RFC4836MAU-MIB

•RFC4836IANA-MAU-MIB

•RFC4884RFC4884ExtendedICMPMulti-

 PartMessages

•RFC5060PIMMIB

•RFC5240PIMBootstrapRouterMIB

•RFC5519MGMD-STD-MIB

•RFC5643OSPFv3MIB

•DVMRP-MIB

•IANA-ADDRESS-FAMILY-NUMBERS-MIB

•IEEE8021-PAE-MIB

•IEEE8023-LAG-MIB

•LLDP-EXT-DOT1-MIB

•LLDP-EXT-DOT3-MIB

•LLDP-EXT-MED-MIB

•LLDP-MIB

•RSTP-MIB

•U-BRIDGE-MIB

•USM-TARGET-TAG-MIB

Enterasys Network Management

Suite

•NMSConsole

•NMSPolicyManager

• NMSInventoryManager

•NMSAutomatedSecurityManager

•NMSNACManager

StandardsandProtocols(cont.)

Page 7

Specications

K6 K10

Performance/Capacity

Switching Fabric Bandwidth 280Gbps 440Gbps

Switching Throughput 190Mpps(Measuredin64-bytepackets) 299Mpps(Measuredin64-bytepackets)

RoutingThroughput 190Mpps(Measuredin64-bytepackets) 299Mpps(Measuredin64-bytepackets)

Address Table Size 32,000MACAddresses 32,000MACAddresses

VLANs Supported 4,096 4,096

TransmitQueues 11 11

ClassicationRules 8,196/chassis 8,196/chassis

Packet Buffering 3.0GB 4.5GB

Physical Speciﬁcations

ChassisDimensions(HxWxD) H:22.15cm(8.719”)

W:44.70cm(17.60”)

D:35.546cm(14”)

H:31.02cmcm(12.219”)

W:44.70cm(17.60””)

D:35.546cm(14”)

HostMemoryandFlash 1GbDRAM

32MBashmemory

1GbDRAM

32MBashmemory

Environmental Speciﬁcations

OperatingTemperature +5°Cto+40°C(41°Fto104°F) +5°Cto+40°C(41°Fto104°F)

Storage Temperature -30°Cto+73°C(-22°Fto164°F) -30°Cto+73°C(-22°Fto164°F)

OperatingHumidity 5%to90%relativehumidity,non-condensing 5%to90%relativehumidity,non-condensing

PowerRequirements 100to125VAC,12Aor200to250VAC,7.6A;50to60Hz

(Maxperpowersupply)

100to125VAC,12Aor200to250VAC,7.6A;50to60Hz

(Maxperpowersupply)

Power over Ethernet Speciﬁcations

System Power •AutomatedormanualPoEpowerdistribution

•Per-portenable/disable,powerlevel,prioritysafety,overload,

and short-circuit protection

•Systempowermonitor

•PoEPower:

400Wperpowersupply(100to125VAC)2400WMax.

800Wperpowersupplyat(200to250VAC)4800WMax.

•AutomatedormanualPoEpowerdistribution

•Per-portenable/disable,powerlevel,prioritysafety,overload,

and short-circuit protection

•Systempowermonitor

•PoEPower:

400Wperpowersupply(100to125VAC)2400WMax.

800Wperpowersupplyat(200to250VAC)4800WMax

Standards Compliance •IEEE802.3af

•IEEE802.3at

•IEEE802.3af

•IEEE802.3at

Agency and Standard Speciﬁcations

Safety UL60950-1,FDA21CFR1040.10and1040.11,CAN/CSA

C22.2No.60950-1,EN60950-1,EN60825-1,EN60825-2,

IEC60950-1,2006/95/EC(LowVoltageDirective)

UL60950-1,FDA21CFR1040.10and1040.11,CAN/CSA

C22.2No.60950-1,EN60950-1,EN60825-1,EN60825-2,

IEC60950-1,2006/95/EC(LowVoltageDirective)

Electromagnetic Compatibility FCC47CFRPart15(ClassA),ICES-003(ClassA),EN

55022(ClassA),EN55024,EN61000-3-2,EN61000-3-3,

AS/NZCISPR-22(ClassA).VCCIV-3.CNS13438(BSMI),

2004/108/EC(EMCDirective)

FCC47CFRPart15(ClassA),ICES-003(ClassA),EN

55022(ClassA),EN55024,EN61000-3-2,EN61000-3-3,

AS/NZCISPR-22(ClassA).VCCIV-3.CNS13438(BSMI),

2004/108/EC(EMCDirective)

Environmental 2002/95/EC(RoHSDirective),2002/96/EC(WEEEDirective),

MinistryofInformationOrder#39(ChinaRoHS)

2002/95/EC(RoHSDirective),2002/96/EC(WEEEDirective),

MinistryofInformationOrder#39(ChinaRoHS)

OrderingInformation

Part Number Description

K6 Chassis

K6-Chassis K-Series6SlotChassisandFanTray

K6-FAN K6FanTray-Spare

K6-MID-KIT K6Mid-MountKit

K10 Chassis

K10-Chassis K-Series10SlotChassisandFanTray

K10-FAN K10FanTray-Spare

K10-MID-KIT K10Mid-MountKit

OrderingInformation

Part Number Description

Power Supplies and Accessories

K-AC-PS K-SeriesPowerSupply,15A,100-240VACinput,(600Wsystem,400/800WPOE)

K-POE-4BAY K-SeriesExternal4BayPowerShelf

K-POE-4BAY-RAIL MountingKitforK-POE-4BAY

K-POE-CBL-2M K-SeriesPoEPowertoKChassisCable-2M

I/O Fabric Modules

KK2008-0204-F2 K10Management/FabricModule(4)10GBviaSFP+

KK2008-0204-F2G K10Management/FabricModule(4)10GBviaSFP+(TAACompliant)

KK2008-0204-F1 K6Management/FabricModule(4)10GBviaSFP+

KK2008-0204-F1G K6Management/FabricModule(4)10GBviaSFP+(TAACompliant)

I/O Modules

KT2006-0224 K-Series(24)Port10/100/1000802.3atRJ45PoEIOM

KT2006-0224-G K-Series(24)Port10/100/1000802.3atRJ45PoEIOM(TAACompliant)

KT2010-0224 K-Series(24)Port10/100/1000802.3atMini-RJ21PoEIOM

KT2010-0224-G K-Series(24)Port10/100/1000802.3atMini-RJ21PoEIOM(TAACompliant)

KG2001-0224 K-Series(24)Port1GbSFPIOM

KG2001-0224-G K-Series(24)Port1GbSFPIOM(TAACompliant)

KK2008-0204 K-Series(4)Port10GbSFP+IOM

Licenses

K-EOS-L3 AdvancedRoutingLicense(OSPF,VRF,PIM-SM)

K-EOS-PPC K-Series Per Port User Capacity License Upgrade

Page 8

Formoreinformation,callEnterasysNetworkstollfreeat1-877-801-7082,

or+1-978-684-1000andvisitusontheWebatenterasys.com

ContactUs

Delivering on our promises. On-time. On-budget.

speciﬁcations without notice. Please contact your representative to conﬁrm current speciﬁcations.

Please visit http://www.enterasys.com/company/trademarks.aspx for trademark information.

0519-0312

Patented Innovation

Transceivers

Enterasys transceivers provide connectivity options for Ethernet over

twisted pair copper and ﬁber optic cables with transmission speeds

from100Megabitspersecondto10Gigabitspersecond.AllEnterasys

transceivers meet the highest quality for extended life cycle and the best

possible return on investment. For detailed speciﬁcations, compatibility

and ordering information please go to

http://www.enterasys.com/products/transceivers-ds.pdf.

Service and Support

Enterasys Networks provides comprehensive service offerings that range

from Professional Services to design, deploy and optimize customer

networks, customized technical training, to service and support tailored

to individual customer needs. Please contact your Enterasys account

executive for more information about Enterasys Service and Support.

Warranty

As a customer-centric company, Enterasys is committed to providing

quality products and solutions. In the event that one of our products

fails due to a defect, we have developed a comprehensive warranty that

protects you and provides a simple way to get your products repaired or

media replaced as soon as possible.

K-Series switches come with the Enterasys lifetime warranty against

manufacturing defects. For full warranty terms and conditions please go

to: http://www.enterasys.com/support/warranty.aspx.

Enterasys KG2001-0224 Datasheet

Brand: Enterasys

Model: KG2001-0224

Category: Network switch modules

Type: Datasheet

This manual is also suitable for

Download PDF

report

Enterasys KG2001-0224 Datasheet

This manual is also suitable for

Enterasys KG2001-0224 Datasheet

Related papers

Other documents