Product Characteristics

Agile Switches for Agile Networks

• With the native AC capability, the S7700 series allows enterprises to build a wireless network without additional hardware AC devices. The T-bit AC capability avoids performance bottlenecks on independent AC devices and can help organizations better cope with challenges in the high-speed wireless era.
• The S7700's unified user management function authenticates both wired and wireless users, ensuring a consistent experience of wired and wireless users. The S7700 supports various authentication methods, including 802.1X, MAC address, and Portal authentication, and can manage users based on user groups, domains, and time ranges. These facilitate user and service management and enable a transformation from device-centered to user-centered management.
• Super Virtual Fabric (SVF) technology can virtualize fixed switches into line cards of an S7700 switch and virtualize APs into switch ports. With this technology, a physical network with core/aggregation switches, access switches, and APs can be virtualized into one logical switch, offering the simplest network management solution.
• Packet Conservation Algorithm for Internet (iPCA) technology can monitor network quality for any service flow at any network node, anytime, without extra costs. It can detect temporary service interruptions within 1 second and accurately identify faulty ports. This cutting-edge fault detection technology allows for fine granular management.
• Huawei's IEEE 1588v2 and Synchronous Ethernet (SyncE) solutions enable high-precision time synchronization between network devices. Compared with the Global Positioning System (GPS) time synchronization solution, Huawei's solutions enhance security while reducing costs.
• The service chain function can orchestrate value-added service capabilities, such as firewall, antivirus expert system (AVE), and application security gateway (ASG). Then these capabilities can be used by campus network entities (such as switches, routers, AC, AP, and terminals), regardless of physical locations. The service chain function supports more flexible value-added service deployment and reduces equipment and maintenance costs.

Powerful Service Processing Capabilities

Carrier-Grade Reliability and Visualized Fault Diagnosis

The S7700 provides redundant backup for key components, including MPUs, power modules, and fans, all of which are hot swappable. The reliability design achieves a high availability of 0.99999.

The S7700 implements the Cluster Switch System (CSS) function through switch fabrics, addressing the problem of low switching efficiency caused by multiple switching processes during inter-chassis forwarding. A CSS system provides 256 Gbit/s cluster bandwidth, highest in the industry. The links between chassis in a cluster can be bundled to improve link utilization and eliminate single-point failures. S7700 switches can also use service ports as CSS ports and be connected using optical fibers to set up a cluster. This expands the distance allowed between cluster member chassis.

The S7700 has a dedicated fault detection subcard that provides hardware-based OAM functions including IEEE 802.3ah, 802.1ag, and ITU-Y.1731. Hardware-based OAM implements between 50 ms and 200 ms fault detection in particular scenarios and can check session connectivity of all terminals in real time when a network fault occurs. The S7700 can also be managed by an NMS. The NMS provides a graphical fault diagnosis interface and traverses all network elements and links automatically to detect and locate faults quickly. The S7700 implements seamless switchover between the master and slave MPUs and supports graceful restart to ensure nonstop forwarding. The S7700 is ready to support the in-service software upgrade (ISSU) function, which can ensure uninterrupted transmission of key services during software upgrades.

Well-Designed QoS Mechanisms to Improve Voice and Video User Experience

The S7700's QoS control mechanisms classify traffic based on information from the link layer to the application layer. With advanced queue scheduling and congestion control algorithms, the S7700 performs accurate multi-level scheduling for data flows, satisfying enterprises' QoS requirements for a variety of services and user terminals.

The S7700 supports hardware-based low-latency queues for multicast packets so that video services can be processed with high priority and low latency. This guarantees high quality of video conference and video conferencing services in an enterprise. The S7700 uses innovative priority scheduling algorithms to optimize the QoS queuing mechanism for voice and video services. The improved queuing mechanism shortens the latency of the VoIP service and eliminates the pixelation effect in the video service, improving user experience.

High Performance in IPv6 Service Processing to Allow Seamless Migration from IPv4 to IPv6

The S7700 software and hardware platforms support IPv6. The S7700 has been granted an IPv6 Network Access License and the IPv6 Ready Logo Phase 2 Certification by the Ministry of Industry and Information Technology. It supports the IPv4/IPv6 dual stack, various tunneling technologies, IPv6 static routing, RIPng, OSPFv3, BGP+, IS-ISv6, and IPv6 multicast, allowing for pure IPv6 networking and combined IPv4 and IPv6 networking.

Superb Traffic Analysis Capability for Real-Time Network Performance Monitoring

The S7700 supports NetStream for real-time collection and analysis of network traffic statistics. It supports the V5, V8, and V9 NetStream formats and provides aggregation traffic templates to reduce loads on the network collector. NetStream supports real-time traffic sampling, dynamic report generation, traffic attribute analysis, and traffic exception traps. This function help you monitor real-time traffic information and analyze device throughput, so as to make decisions on network structure optimization and capacity expansion.

Comprehensive Security Mechanisms Against Internal and External Security Threats

• The S7700 supports MAC security (MACsec) that enables hop-by-hop secure data transmission. The S7700 can be applied to scenarios that pose high requirements on data confidentiality, such as government and finance sectors.
• NGFW is a next-generation firewall card that can be installed on an S7700. In addition to the traditional defense functions such as firewall, identity authentication, and Anti-DDoS, the NGFW supports IPS, anti-spam, web security, and application control functions.
• Comprehensive network admission control (NAC) solutions for enterprise networks: The S7700 supports MAC address authentication, Portal authentication, 802.1X authentication, and DHCP snooping-triggered authentication. These authentication methods ensure security of various access modes such as dumb terminal access, mobile access, and centralized IP address allocation.
• Two-level CPU protection mechanism: The S7700 supports CPU hardware queues and separates the data plane from the control plane. This helps defend against DoS attacks and unauthorized access, and prevents control plane overloading.

Innovative Energy-Saving Chip, Allowing Intelligent Power Consumption Control

The S7700 uses innovative energy-saving chips, which can dynamically adjust power on all ports based on traffic volume. An idle port enters the sleeping mode to reduce power consumption. The S7700 supports Power over Ethernet (PoE) and uses different energy management modes depending on the powered device (PD) type, providing flexibility in energy management. The S7700 supports Energy Efficient Ethernet (IEEE 802.3az). Transceivers on line cards can quickly transition to the lower power idle state to reduce power consumption when no traffic is being transmitted.

Cloud-based Management

In Huawei CloudCampus Solution, some switches can be managed by the management and control system .

• The switches are plug-and-play.
• The switches can automatically connect to the management and control system and use bidirectional certificate authentication to ensure management channel security.
• The switches provide the NETCONF and YANG interfaces, through which the management and control system delivers configurations to them.
• Remote maintenance and fault diagnosis can be performed on the switches using the management and control system.

VXLAN

VXLAN is used to construct a Unified Virtual Fabric (UVF). As such, multiple service networks or tenant networks can be deployed on the same physical network, and service and tenant networks are isolated from each other. This capability truly achieves 'one network for multiple purposes'. The resulting benefits include enabling data transmission of different services or customers, reducing the network construction costs, and improving network resource utilization. The S7700 series switches are VXLAN-capable and allow centralized and distributed VXLAN gateway deployment modes. These switches also support the BGP EVPN protocol for dynamically establishing VXLAN tunnels and can be configured using NETCONF or YANG.

OPS

Open Programmability System (OPS) is an open programmable system based on the Python language. IT administrators can program the O&M functions of a switch through Python scripts to quickly innovate functions and implement intelligent O&M.

Intelligent Diagnosis

Open Intelligent Diagnosis System (OIDS) integrates the device health monitoring and fault diagnosis functions - that are typically deployed on a Network Management System (NMS) - into the switch software to implement intelligent diagnosis on a single switch. After OIDS is deployed on a switch, the switch periodically collects and records the running information and automatically determines whether a fault occurs. If a fault occurs, the switch automatically locates the fault or helps locate the fault. All these merits increase fault locating efficiency of O&M staff while improving device maintainability.

Related Content

Support Community

Introduction to Modular Switches