Data Sheet BROCADE FASTIRON GS SERIES Enterprise LAN switching HIGHLIGHTS • Compact 24-port and 48-port 10/100/1000 Mbps access switch models • Field upgradeable with Power over Ethernet (PoE), 10 Gigabit Ethernet, and IronStack stacking for scalable and secure network access • Hot-swappable, load-sharing AC and DC power supply options • Industry leading IEEE 802.3af PoE Class 3 port capacity in a compact form factor delivers a scalable and cost-effective solution for unified communications at the network edge • Advanced IronWare Layer 2 Ethernet switching with robust suite of security capabilities ™ • Base Layer 3 capabilities enable routed topologies to the network edge with RIP v1/v2 route announcement, static routes, and VRRP • IronStack technology scaling up to eight FastIron GS units in a logical chassis and 384 PoE ports, with automatic healing in case of link or switch failures • Optional edge routing upgrade in non-stacking configuration adds OSPF and RIP dynamic routing for routed edge topologies* Stackable, Secure, High Capacity PoE Switches The Brocade® FastIron® GS access switch series provides enterprise organizations with a flexible and feature-rich solution for building a secure and converged network edge. Upgradeable with 10-Gigabit Ethernet, PoE, and IronStack stacking technology, the FastIron GS Series gives enterprises the cost and operational benefits of a “pay-as-you-grow” architecture. With its flexible architecture, the FastIron GS Series offers investment protection, while enabling vital network applications and capabilities such as IP telephony, wireless access, WebTV, video surveillance, building management systems, triple play—voice, video and data, and remote video kiosks in a cost-effective and highperformance compact design. The FastIron GS Series delivers the scalability, QoS assurance, resilience, and VoIP-readiness needed to implement a highvalue converged solution that can scale to meet future growth at the network edge. An enterprise may initially deploy a standalone FastIron GS switch and later upgrade to IronStack stacking to scale the installation from one to eight stacked units to meet growing user requirements. Additionally, the FastIron GS Series may be deployed in metro area networks for connecting enterprise customers. In this environment, the FastIron GS enables rich and resilient services using the Brocade Metro Ring Protocol (version I and II) for building resilient ring-based topologies, VLAN stacking, and advanced multicast capabilities including IGMP v1/v2/v3 and MLD v1/v2 snooping for controlling multicast traffic for high-bandwidth content delivery. • Open and standards-based network access control features multi-host 802.1x access control, multi-device MAC authentication, and policy-controlled MAC-based VLANs • Low packet latency and advanced Quality of Service (QoS) with eight hardware-based priority queues and combined strict priority and weighted round robin scheduling • Embedded hardware-based sFlow for enhanced traffic visibility, accounting and security • IronShield™ 360 intrusion protection delivers dynamic, real-time protection from network and host-based attacks *Available only on the standalone FastIron GS. This feature is not available on the IronStack enabled FastIron GS. The wide range of switch models includes PoE-ready base models and PoE upgradeable base models. The STK models indicate IronStack-ready models with pre-installed stacking modules and software. All FastIron GS non-stacking models can be upgraded in the field to support IronStack stacking. The Edge Layer 3 Premium (EPREM) upgrade is only available on non-stacking models. See system summary table in this brochure for a complete description of port types and densities for each model. PoE-Ready, Non-Stacking Models (Standard and Edge Premium) Each of the following models include a slot for an optional 2 x 10GbE module. These models can be optionally pre-configured with, or upgraded to, Edge Premium (EPREM) routing software (OSPF and RIP support). • FastIron GS 624P-POE: 20 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity • FastIron GS 624XGP-POE: 20 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity, 1 x 10GbE XFP port • FastIron GS 648P-POE: 44 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity. PoE-Ready, Stacking Models (Standard Only) PoE Upgradeable, Stacking Models (Standard Only) • FastIron GS 624P-POE-STK: 20 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports • FastIron GS 624P-STK: 20 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports • FastIron GS 624XGP-POE-STK: 20 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity, 1 x 10GbE XFP port, 2 x 10GbE CX4 stacking ports • FastIron GS 648P-POE-STK: 44 x 10/100/1000 Mbps PoE ports plus four combo ports supporting 10/100/1000 Mbps RJ45 with PoE or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports PoE Upgradeable, Non-stacking Models (Standard and Edge Premium) Each of the following models includes a slot for an optional 2 x 10GbE module. These models can be optionally pre-configured with, or upgraded to, Edge Premium (EPREM) routing software (OSPF and RIP support). • FastIron GS 624P: 20 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity • FastIron GS 624XGP: 20 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity, 1 x 10GbE XFP port • FastIron GS 648P: 44 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity • FastIron GS 624XGP-STK: 20 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity, 1 x 10GbE XFP port, 2 x 10GbE CX4 stacking ports • FastIron GS 648-STK: 44 x 10/100/1000 Mbps ports plus four combo ports supporting 10/100/1000 Mbps RJ45 or 100/1000 Mbps SFP connectivity, 2 x 10GbE CX4 stacking ports Target Applications Offering a powerful set of Layer 2 switching and edge Layer 3 routing capabilities, extensive security features, expandability, and compact design, the FastIron GS Series supports a broad range of applications including: • Enterprise: High-capacity network access for desktop applications, video surveillance, wireless LAN switching, and unified Voice over IP (VoIP) communications • Education: Secure network edge for K-12 and universities • Metro networks: Cost-effective in-building MTU or CPE for unicast and multicast services delivery Primary Features and Benefits Performance & Scalability Today’s enterprise organizations require cost-effective, flexible, and secure solutions for delivering data and unified communication services on a network architecture that can scale and evolve to meet their ever-changing needs. The FastIron GS Series is designed to meet these requirements. Its wire-speed architecture delivers non-blocking performance for high-speed Gigabit Ethernet desktops while providing QoS assurances at VoIP endpoints. Convergence planning and deployment can occur over an extended period, and budget constraints may require phased deployments. The FastIron GS Series makes it easy to deploy a solution today that can be upgraded later to support PoE, 10-GbE, and stacking as needed. Each power supply in a FastIron GS switch delivers up to 480 watts of PoE power. In a dual power supply configuration, up to 48 10/100/1000 Mbps PoE ports of 15.4 watts per port (full Class 3) can be supported. This scalability enables the network manager to size the installation to meet current needs and still have room for future growth. As network traffic increases, network managers can easily upgrade to 10-GbE to provide high-capacity connectivity to the network backbone and/or highperformance servers. The FastIron GS can be upgraded in the field with a two-port 10-GbE XFP/CX4 module. The optional 10-GbE module is offered in three field upgradable models: the FastIron GS-2XG supporting two small form factor pluggable XFP transceivers, the FastIron GS-2XGC supporting two CX4 connectors, and the FastIron GS-1XG1XGC supporting a combination of an XFP transceiver and a CX4 connector. Supported XFP transceivers include SR, LR, ER, ZR, and ZRD optics supporting fiber lengths up to 80Km. For cost-effective and rapid scaling at the network edge, the FastIron GS is upgradeable with the Brocade IronStack stacking technology, which supports stacking up to eight units in a virtual chassis. The FastIron GS IronStack system supports 40-Gbps switching capacity between stacked units, providing a highcapacity interconnect across the stack. FastIron GS IronStack supports stacking over copper and fiber cables. This allows flexible stack configurations in which stacked units can be separated by more than several hundred meters of fiber. High Availability Hardware Features Convergence solutions serving VoIP require high availability, especially for the power supplies that power the PoE interfaces. FastIron GS switches fulfill this requirement with dual, hot-swappable AC or DC power supplies. Both redundant AC and redundant DC power configurations are included. The FastIron GS Series features 1+1 power redundancy, using hot-swappable and field replaceable power modules, which install into the back of the unit. The power modules are load-sharing supplies providing full 1+1 redundancy for as many as 48 Class 1 and Class 2 PoE ports and 31 Class 3 (15.4 watts) PoE ports. Additional design features include intake and exhaust temperature sensors and fan spin detection to aid in rapid identification of abnormal or failed operating conditions to help minimize mean time to repair. The Brocade Ironstack Solution The FastIron GS series may be ordered pre-configured with the Brocade IronStack stacking technology or upgraded in the field. IronStack is an advanced stacking technology that supports stacked configurations in which as many as eight FastIron GS and/or FastIron LS switches can be interconnected while maintaining the operational simplicity of a single switch. An IronStack stack can be a mix-and-match of different FastIron GS and FastIron LS switch models providing for very flexible stack configurations. Each IronStack enabled FastIron GS or LS model can support up to 40Gbps of stacking bandwidth per unit. IronStack configurations can be built using 10-GbE CX4 copper or XFPbased fiber connections. When XFP-based fiber connections are used, an IronStack configuration can be extended between racks, floors, and buildings with fiber lengths up to several hundred meters. The FastIron GS STK models are preconfigured with a two-port 10-GbE CX4 module, expanded CPU memory, an IronStack license (IronStack PROM) and software. The CX4 module in the STK models can be replaced in the field with any of the optional 10-GbE modules available for the FastIron GS. An IronStack system operates as a single logical chassis (with a single IP management address) and supports crossmember trunking, mirroring, switching, static routing, sFlow, multicast snooping and other switch functions across the stack. An IronStack stack has a single configuration file and supports remote console access from any stack member. Support for active-standby controller failover, stack link failover, and hot insertion and removal of stack members delivers the resilience that is typical of higher end modular switches. High Density and Full Class 3 Power Over Ethernet (PoE) When configured with PoE, the FastIron GS switches support IEEE 802.3af standardsbased PoE on all ports. The capability of FastIron GS switches to deliver high-density, full-power PoE on all ports reduces the need to purchase additional hardware to support the higher power requirements. For the 24-port PoE models, the system can support full 1+1 redundancy for 24 Class 1, Class 2, or Class 3 PoE ports. When configured with dual power supplies, the 48-port PoE models support up to 48 10/100/1000 Class 3 (15.4 watts) PoE ports, which is one of the highest Class 3 PoE port density for a compact switch in the industry. These capacities are a significant advantage for environments that require full Class 3 power for devices such as surveillance cameras, color LCD phones, point-of-service terminals, and other powered endpoints. An IronStack configuration of eight FastIron GS switches can support as many as 384 PoE ports supporting full Class 3 PoE power without the need for external power supplies. Other solutions may require external power supplies adding installation and operational complexity. Ease of Use: Plug and Play The FastIron GS Series supports the IEEE 802.1AB LLDP and ANSI TIA 1057 LLDP-MED standards that enable organizations to deploy interoperable multi-vendor solutions for unified communications. Configuring IP endpoints, such as VoIP stations can be a complex task requiring manual and time-consuming configuration. LLDP and LLDP-MED address these challenges, providing organizations with a standard and open method for configuring, discovering, and managing their network infrastructure. The LLDP protocols help reduce operations costs by simplifying and automating network operations. For example, LLDP-MED provides an open protocol for configuring QoS, security policies, VLAN assignments, PoE power levels, and service priorities. Additionally, LLDP-MED provides for the discovery of device location and asset identity, information that is used for inventory management and by emergency response services, such as Enhanced 911 (E911). These sophisticated features make converged network services easier to deploy and operate while enabling new and critical services. The FastIron GS Series supports DHCP client-based auto-configuration, simplifying customer deployment and configuration via true Plug-and-Play. Enterprises can use this feature to automate the IP address and feature configuration of FastIron GS switches without the presence of a highly-trained network engineer on-site. Technicians can simply power up a new FastIron GS and the unit will automatically get its IP address and configuration from DHCP and TFTP servers. Auto-configuration provides an intelligent solution to reduce OPEX while simplifying network management. Comprehensive Enterprise-Class Security FastIron GS switches are powered by the Brocade IronWare™ operating software, which offers an advanced security suite for Layer 2 and Layer 3, network access control (NAC), and DoS protection. IronWare security features include protection against TCP SYN and ICMP DoS attacks, Spanning Tree Root Guard and BPDU Guard to protect network spanning tree operation, and broadcast and multicast packet rate limiting. In non-stacking configurations, the FastIron GS series offers additional security features including dynamic ARP inspection and DHCP snooping to protect against address spoofing and man-in-the middle attacks.* Network Access Control Network managers can rely on features such as multi-device port authentication and 802.1X authentication with dynamic policy assignment to control network access and perform targeted authorization on a per-user level. Additionally, the FastIron GS supports enhanced MAC policies with the ability to deny traffic to and from a MAC address on a per-VLAN basis. This powerful tool allows network administrators to control access policies per endpoint device. Standards-based NAC enables network operators to deploy best-of-breed NAC solutions for authenticating network users and validating the security posture of a connecting device. Support for policycontrolled MAC-based VLANs provides additional control of network access, allowing for policy-controlled assignments of devices to Layer 2 VLANs. Traffic Monitoring and Lawful Intercept Organizations may need to set up lawful traffic intercept due to today’s heightened security environment. For example, in the United States, the Communications Assistance for Law Enforcement Act (CALEA) requires businesses be able to intercept and replicate data traffic directed to a particular user, subnet, port, etc. This capability is particularly essential in networks implementing IP phones. The FastIron GS provides the capability necessary to support this requirement through ACLBased Mirroring, MAC filter-Based Mirroring, and VLAN-Based Mirroring. Network managers can apply a “mirror ACL” on a port and mirror a traffic stream based on IP source/destination address, TCP/UDP source/destination ports, and IP protocols such as ICMP, IGMP, TCP, and UDP. A MAC filter can be applied on a port and mirror a traffic stream based on a source/destination MAC address. VLAN-Based mirroring is another option for CALEA compliance. Many enterprises have service-specific VLANs, such as voice VLANs. With VLAN mirroring, all traffic on an entire VLAN within a switch can be mirrored to a remote server. Threat Detection and Mitigation Support for embedded, hardware-based sFlow traffic sampling extends the Brocade IronShield 360 security shield to the network edge. This unique and powerful closed loop threat mitigation solution uses best-of-breed intrusion detection systems to inspect sFlow traffic samples for possible network attacks. In response to a detected attack, IronView® Network Manager (INM) can apply a security policy to the compromised port. This automated threat detection and mitigation stops network attacks in real time, without human intervention. This advanced security capability provides a network-wide security umbrella without the added complexity and cost of ancillary sensors. Advanced Multicast Features FastIron GS switches support a rich set of Layer 2 multicast snooping features that enable advanced multicast services delivery. Internet Group Management Protocol (IGMP) snooping for IGMP version 1, 2, and 3 is supported. Support for IGMPv3 source-based multicast snooping improves bandwidth utilization and security for multicast services. To enable multicast service delivery in IPv6 networks, the FastIron GS supports Multicast Listener Discovery (MLD) version 1 and 2 snooping, the multicast protocols used in IPv6 environments. Building Resilient Networks with Advanced Layer 2 and Layer 3 Protocols Software features such as Virtual Switch Redundancy Protocol (VSRP), the Brocade Metro Ring Protocol (MRP I and II), Rapid Spanning Tree Protocol (RSTP), protected link groups, 802.3ad Link Aggregation, and trunk groups provide alternate paths for traffic in the event of a link failure. Sub- *Available only on the standalone FastIron GS. This feature is not available on the IronStack enabled FastIron GS. second fault detection utilizing Link Fault Signaling and Remote Fault Notification ensures rapid fault detection and recovery. Enhanced Spanning Tree features such as Root Guard and BPDU Guard prevent rogue hijacking of a spanning tree root and maintain a contention and loop free environment especially during dynamic network deployments. Additionally, the FastIron GS supports Port Loop Detection on edge ports that do not have spanning tree enabled. This capability protects the network from broadcast storms and other anomalies that can result from layer 1 or layer 2 loopbacks on Ethernet cables or endpoints. Base Layer 3 functionality enhances the capability of the FastIron GS as an edge platform. Base Layer 3 allows enterprises to use simple Layer 3 features such as IPv4 static routes, routing between directly connected subnets, RIPv1/v2 announce, VRRP, and DHCP Relay. Network managers can remove complexity from an end-to-end Layer 3 network design and eliminate the cost required for a full Layer 3 edge switch. In addition, in non-stacking configurations, the FastIron GS models support an optional Edge Layer 3 feature set (EPREM).* These edge Layer 3 features enable full dynamic routing via OSFP and RIPv1/v2 in addition to the Base Layer 3 features. With FastIron GS Base Layer 3 and the optional EPREM upgrade, network managers can deploy endto-end Layer 3 networks utilizing the same routing policies from edge to core, thereby simplifying network design and operation. Unified and Secure Element Management The Brocade INM provides unified network management for the FastIron GS Series. INM greatly simplifies network operations, provisioning, troubleshooting, and alarm reporting. INM offers multilevel access security on the console and a secure Web management interface that prevents unauthorized users from accessing or changing the switch configuration. INM employs a Java-based network configuration and management tool that displays, in graphical detail, network and application level traffic information. Network managers can accurately monitor overall networking operation, zero in on hot spots, and quickly diagnose and troubleshoot difficulties before they develop into widespread network problems. The FastIron GS Series includes Secure Shell (SSHv2), Secure Copy, and SNMPv3 to restrict and encrypt management communications to the system. Additionally, support for Terminal Access Controller Access Control System (TACACS/TACACS+) and RADIUS authentication ensure secure operator access. Fault Detection The FastIron GS switches support logical fault detection through software features such as Link Fault Signaling (LFS), Remote Fault Notification (RFN), Protected Link Groups, and Unidirectional Link Detection (UDLD). • Link Fault Signaling (LFS) is a physical layer protocol that ensures bi-directional communication on a link between two 10-GbE switches, thereby allowing switches on both sides to disable the link. • Remote Fault Notification (RFN) enabled on 1GbE ports notifies the remote port whenever the fiber cable is either physically disconnected or has failed. When this occurs the link is disabled by the switches on both sides. • Protected Link Groups minimize disruption to the network by protecting critical links from loss of data and power. In a protected link group, one port in the group acts as the primary or active link, and the other ports act as secondary or standby links. The active link carries the traffic. If the active link goes down, one of the standby links takes over. • UDLD monitors a link between two FastIron GS switches and brings the ports on both ends of the link down if the link fails at any point between the two devices. FastIron GS devices also support stability features such as Port Flap Dampening, single link LACP, and Port Loop Detection. Port Flap Dampening increases the resilience and availability of the network by limiting the number of port state transitions on an interface. This reduces the protocol overhead and network inefficiencies caused by frequent state transitions occurring on misbehaving ports. Single link LACP provides a fast detection scheme for unidirectional or bi-directional faults. This standards-based solution works with other switch vendors. The Port Loop Detection feature enables network managers to detect and prevent Layer 1 and Layer 2 loops without using STP. Enterprises that do not enable a Layer 2 Protocol, such as STP to detect physical loops at the edge, can use Port Loop Detection. Key Features Summary Flexible and High-Capacity Architecture • 24-port and 48-port 10/100/1000 Mbps (RJ45) PoE and PoE upgradeable models including 4 combination RJ45/SFP Gigabit Ethernet ports • 2-port 10-GbE slot for optional 2-port 10GbE module • FastIron GS 624XGP models support an integral 1-port 10GbE XFP port • Field upgradeable to support IronStack technology • Field upgradeable to support EPREM Layer 3 routing features (standalone operation only) • Up to two redundant, removable, load-sharing AC and DC power supplies • Efficient space-saving form factor with front-facing data ports and a built-in temperature monitor sensor • MAC table size: 16000 • Max number of VLANs: 4096 IronStack Stacking Technology • Up to 8 units in a single stack. Ability to mix-and-match FastIron GS and FastIron LS models in a single stack • Up to 40Gbps of stacking bandwidth per unit • Support for stacking on 10GbE CX4 and 10GbE XFP ports • Logical chassis-like operations, supporting features such as static trunking, LACP, mirroring, switching, static routing, sFlow, multicast snooping across stack-members • Support for automatic failover of active controller and hot insertion/removal of stack-members Layer 3 Capabilities • Base layer 3 software supporting features such as static routes, routing between directly connected subnets, virtual interfaces, VRRP and ECMP • Edge router software (EPREM)* providing dynamic layer 3 routing via OSPF v2 and RIP v1/v2 in addition to features supported in base layer 3 software • Up to 1000 IPv4 routes Robust Power over Ethernet • Standards-based IEEE 802.3af PoE support • Up to 48 ports of 10/100/1000 Mbps Class 3 PoE per switch (48-port models with dual power supplies) • Fully redundant 1+1 power configurations • 24-port PoE model with two power supplies supports up to 15.4W for each port • 48-port PoE model with two power supplies supports up to 10W for each port • PoE auto-detection enables support for PoE and non-PoE devices without configuration changes • Per-port LED indicators to easily identify power-consuming devices • Per-port short circuit protection to supply system protection • Software accessible system and per port power consumption • Power redundancy for increased reliability • Interoperability with popular VoIP equipment, including legacy IP phones • Advanced QoS capabilities ensure high quality VoIP support • LLDP-MED and voice VLAN *Available only on the standalone FastIron GS. This feature is not available on the IronStack enabled FastIron GS. Key Features Summary continued IronShield Advanced Security • Multilevel access security for console access • IronShield 360—System-wide, automated closed-loop threat detection and mitigation solution • Secure, Web-based management • Secure Shell and SNMPv3 restrict and encrypt communications to the management interface and system • Terminal Access Controller Access Control Systems (TACACS/TACACS+) and RADIUS operator authentication • Secure Shell (SSHv2), SCP, and SNMPv3 secure remote management access and communications • MAC filters, Layer 3/Layer 4 ACLs and binding the ACL to TELNET, Web management and SNMP interface for secure management access • IEEE 802.1x authentication including multiple device authentication and dynamic VLAN, ACL, and MAC filter assignment for authenticated clients • Private VLANs provide security and isolation between switch ports to help ensure that users cannot snoop on other users’ traffic • Denial of Service Protection—Monitoring, throttling, and locking out of ICMP and TCP SYN traffic both to the management address of the switch and for transit traffic • Man-in-the-Middle prevention using Dynamic ARP Inspection and DHCP Snooping* • Port Security and MAC Address Locking limits the number of MAC addresses learned on a port. Using Port Security, network managers can allow specific MAC addresses access to the network for specific time periods. • MAC address authentication including multiple device authentication and dynamic policy configuration • Policy-controlled MAC-based VLANs provides additional control Advanced Quality of Service • Packet classification, reclassification, policing, marking, and re-marking • Identification, classification, and reclassification of traffic based on specific criteria such as port, source/destination MAC address, 802.1p priority bit, source/destination IP address, Type of Service (ToS), Differentiated Services Codepoints (DSCP), or TCP/UDP port • Flexible queue servicing using configurable Weighted Round Robin (WRR), Strict Priority (SP), or hybrid SP/WRR • 8 hardware queues for flexible QoS management • Ingress rate limiting—standard and extended ACL control • ACLs configured on a per-port, per-VLAN basis • Egress rate limiting—per-port, per-queue • Support for up to 256 wire-speed ingress traffic policers with each policer supporting configurable metering with maximum and burst size settings, color aware and out-of-profile packet remarking or dropping • sFlow and port mirroring on the same port System and Network Resilience • Advanced Layer 2 service protection features: Metro Ring Protocol (versions I and II), Virtual Switch Redundancy Protocol, Rapid Spanning Tree, Multiple Spanning Tree, Per VLAN Spanning Tree (PVST, PVST+), Protected Link groups, Link Fault Signaling (LFS), Remote Fault Notification (RFN) • Digital optical monitoring • Port range with port speed downshift and selective auto negotiation • Port loop detection to detect Layer 1/Layer 2 loops • Image checksum verification • Next boot information • Port flap dampening • Single link LACP as a standards-based bi-directional link detection protocol • Auto-configuration *Available only on the standalone FastIron GS. This feature is not available on the IronStack enabled FastIron GS. system summary 1, 2, 3 Feature FGS624P FGS624XGP FGS624P-STK FGS624XGP-STK FGS648P FGS648P-STK FGS624P-POE FGS624XGP-POE FGS624P-POE-STK FGS624XGP-POE-STK FGS648P-POE FGS648P-POE-STK Total Switching Performance 108 Gbps 136 Gbps 108 Gbps 136 Gbps Full Duplex Forwarding Performance 80 Mpps 101 Mpps 80 Mpps 101 Mpps 10/100/1000 Port Density 20 plus 4-port Combos 44 plus 4-port Combo 20 plus 4-port Combo 44 plus 4-port Combo 10/100/1000 Mbps PoE Density with 15.4W each 24 (optional) 48 (optional) 24 (1 PSU) 48 (2 PSU) 10/100/1000 Mbps PoE Density with 10W each 24 (optional) 48 (optional) 24 (1 PSU) 48 (1 PSU) 100/1000 Mbps SFP Density 4 Combo Ports 4 Combo Ports 4 Combo Ports 4 Combo Ports 10 Gigabit Ethernet 2 (FGS624P) 3 (FGS624XGP) 2 2 (FGS624P-POE) 3 (FGS624XGP-POE) 2 100 Mbps Optics 100FX and 100Base-BX 100FX and 100Base-BX 100FX and 100Base-BX 100FX and 100Base-BX Gigabit Ethernet Optics SX, LX, LHA, LHB, 1000Base-BX, and CWDM 10 Gigabit Ethernet Optics CX4, 1310-MM,SR, LR, ER, ZR, and ZRD AC and DC Power Supply Yes Yes Yes Yes Power Supply Redundancy 1+1 Load Sharing 1+1 Load Sharing 1+1 Load Sharing 1+1 Load Sharing Maximum Number of MAC addresses 16,000 16,000 16,000 16,000 Maximum Number of VLANs 4,096 4,096 4,096 4,096 Maximum Number of STP 253 253 253 253 L3/L4 Extended Access Control List Yes Yes Yes Yes Stability Features BPDU and Root Guard, Single Link LACP, Port Loop Detection, Port Flap Dampening, Trunk Threshold Maximum Number of Ports per Trunk 8 8 8 8 Number of Trunk Groups 13 (FGS624P) 13 (FGS624XGP) 25 (FGS648P) 13 (FGS624-POE) 13 (FGS624XGP-POE) 25 (FGS648P-POE) Multi-device Authentication and Dynamic VLAN Assignment Yes Yes Yes Yes 802.1X Authentication and Dynamic VLAN Assignment Yes Yes Yes Yes MAC-based VLANs Yes Yes Yes Yes Metro Features Metro Ring Protocol (version I and II), Virtual Switch Redundancy Protocol, VLAN Stacking (Q-in-Q) and Topology Groups 1-Switching and forwarding performance specifications are provided for a single FastIron GS switch unit. 2-Port densities are provided for a single FastIron GS switch unit. 3-MAC address and STP capacities apply to a single FastIron GS unit as well as to an IronStack configuration of up to eight units. BROCADE Fastiron gs SPECIFICATIONS IEEE Standards Compliance Layer 2 Metro Features • 802.1D-2004 MAC Bridging • 802.1w Rapid Spanning Tree • 802.1s Multiple Spanning Tree • 802.1X Port-based Network Access Control • 802.3 10Base-T • 802.3ak CX4 • 802.3ad Link Aggregation (Dynamic and Static) • 802.3af Power over Ethernet • 802.3u 100Base-TX • 802.3x Flow Control • 802.3z 1000Base-SX/LX • 802.3ab 1000Base-T • 802.3ae 10 Gigabit Ethernet • 802.3 MAU MIB (RFC 2239) • 802.3AB LLDP/LLDP-MED • 802.1p Mapping to Priority Queue • VLAN stacking (Q-in-Q) • Metro Ring Protocol (MRP I and II) • Virtual Switch Redundancy Protocol • Topology Groups • Super Aggregated VLANs (SAV) Layer 2 Features • 4,096 VLANs • 16,000 MAC Addresses • 802.1s Multiple Spanning Tree • Per VLAN spanning tree (PVST/PVST+/PVRST) • Private VLAN • Protocol VLAN (802.1v), Subnet VLAN • Policy controlled MAC-based VLANs • MAC Learning Disable • Port Security • MAC Address Locking • Port-based Access Control Lists • Dual Mode VLANs • Fast Port Span • BPDU Guard, Root Guard • GARP VLAN Registration Protocol • MAC-Layer Filtering • Port-based, ACL-based, MAC filter-based, and VLAN-based Mirroring • Single-instance Spanning Tree • Trunk groups • Trunk threshold • Single link LACP • Uni-Directional Link Detection (UDLD) • Auto MDI/MDIX • Port speed downshift and selective auto-negotiation • Dynamic Voice VLAN Assignment • Jumbo Frames up to 10,240 bytes for 10/100/1000 and 10GbE ports • IGMP Snooping (v1/v2/v3) • MLD Snooping (v1/v2) • PIM–SM Snooping • Private VLANs and uplink-switch • Protected Link Groups • Port Loop Detection • VLAN based Static MAC Denial • Flexible static multicast MAC address configuration Base Layer 3 Features • Virtual Interfaces (VE) • Routed Interfaces • IPv4 Static Routes • Routing between directly connected subnets • RIP v1/v2 announce • Virtual Route Redundancy Protocol (VRRP) • ECMP* L3 EPREM Features* • Host routes • OSPF • RIP V1 , V2 • Route-only support • Routes in hardware maximum: 1000 Quality of Service • MAC Address Mapping to Priority Queue • ACL Mapping to Priority Queue • ACL Mapping to ToS/DSCP • Honoring DSCP and 802.1p • ACL Mapping and Marking of ToS/DSCP • DiffServ Support • Classifying and Limiting Flows based on TCP flags • DHCP Relay • QoS Queue Management using Weighted Round Robin (WRR), Strict Priority (SP), and a combination of WRR and SP Traffic Management • Inbound rate limiting per port • ACL-based inbound rate limiting and traffic policies • Outbound rate limiting per port and per queue • Broadcast, multicast and unknown unicast rate limiting *Available only on the standalone FastIron GS. This feature is not available on the IronStack enabled FastIron GS. Management and Control Dimensions • RFC 2571 Architecture for Describing SNMP Framework • RFC 2131 DHCP Relay • RFC 1493 Bridge MIB • Configuration Logging • RFC 1643 Ethernet Interface MIB • RFC 1643 Ethernet MIB • Brocade Discovery Protocol (FDP) • RFC 2068 Embedded HTTP • RFC 2818 Embedded HTTPS • Industry Standard Command Line Interface (CLI) • Integration with HP OpenView for Sun Solaris, HP-UX, IBM’s AIX, and Windows NT Standalone Windows NT • IronView Network Manager (INM) Web-based graphical user interface • Embedded Web Management • RFC 3176 sFlow • RFC 1213 MIB-II • RFC 1516 Repeater MIB • RFC 1724 RIP v1/v2 MIB • RFC 1757 RMON MIB • RFC 2572 SNMP Message Processing and Dispatching • RFC 1573 SNMP MIB II • RFC 2575 SNMP View-based Access Control Model SNMP • RFC 1157 SNMPv1/v2c • RFC 2573 SNMPv3 Applications • RFC 2570 SNMPv3 Intro to Framework • RFC 2574 SNMPv3 User-based Security Model • SNTP Simple Network Time Protocol • Support for Multiple Syslog Servers • RFC 854 TELNET Client and Server • RFC 783 TFTP • MIB support for MRP, Port Security, MAC authentication and MAC-based VLANs • Display log messages on multiple terminals • Digital Optical Monitoring • Auto Configuration All FastIron GS models RPS-FGS, RPS-X448, RPSX424-POE or RPS8 • Operating 85VAC to 254VAC input, universal/wide input • Rated 100 to 240VAC ~ 50/60 Hz @ 8amp to 3.2amp • 600 watts of total output power Performance (Per Model) RPSDC-FGS, RPSDC-X448, RPSDC-X424-POE or RPS8DC • Operating 40VDC to 60VDC input, universal/wide input • Rated -48 to 60VDC @ 18amp to 14.3 amp • 600 watts of total output power FastIron GS 624P/ 624P-POE/624P-STK/ 624P-POE-STK • Switching Capacity 108 Gbps • Forwarding Performance 80 Mpps FastIron GS 648P/ 648P-POE/648P-STK/ 648P-POE-STK • Switching Capacity 136 Gbps • Forwarding Performance 101 Mpps Embedded Security • IEEE 802.1X username export in sFlow • Bi-level Access Mode (Standard and EXEC Level) • Protection against Denial of Service (DOS) attacks • EAP pass through support Secure Management • RADIUS/TACACS/TACACS+ • Secure Copy (SCP) • Secure Shell (SSHv2) • Username/Password • Advanced Encryption Standard (AES) with SSHv2 • Authentication, Authorization, and Accounting (AAA) 2.63” (H) x 17.5” (W) x 19.6” (D) 6.68 cm (H) x 44.45 cm (W) x 49.78 cm (D) Weight FastIron GS 624 models 25 lbs (11.36 kg) Fully loaded including dual redundant power 17.5 lbs (7.95 kg) Empty FastIron GS 648 models 29 lbs (11.36 kg) Fully loaded including dual redundant power 17.5 lbs (7.95 kg) Empty Environmental Ranges • Acoustic: 51 dB • Operating temperature: 32° to 104°F (0° to 40°C) • Relative humidity: 5% to 95%, non-condensing • Storage temperature: -23° to 158°F (-25° to 70°C) • Storage altitude: 10,000ft (3,000m) maximum MTBF • FastIron GS 624P with 4 SFP, 2-port 10GbE, and 2 RPS-FGS—267, 411 hours • FastIron GS 624P-STK with 4 SFP, 2-port 10GbE, and 2 RPS-FGS: 317, 730 hours • FastIron GS 648P with 4 SFP, 2-port 10GbE, and 2 RPS-FGS: 218, 140 hours • FastIron GS 648P-STK with 4 SFP, 2-port 10GbE, and 2 RPS-FGS: 250, 503 hours • FGS-2XG with 2 XFP (LRs): 1,597,580 hours • RPS-FGS: 346,230 hours Power Requirements Safety Certifications • EN 60950-1 • CAN/CS-C22.2 No. 60950-1-03 • EN 60825-1 Safety of Laser Products—Part 1 • EN 60825-2 Safety of Laser Products—Part 2 • IEC 950 • UL 1950 Third Edition • UL 60950-1 • CSA 950 Electromagnetic Emission Certifications • FCC Class A (Part 15) • EN 55022/CISPR-22 Class A • VCCI Class A Immunity Generic: EN 50082-1 Environmental Regulatory Compliance • RoHS Compliant (5 of 6) • WEEE compliant Data Sheet Power and Thermal Specifications Max Current Max Current Max Current Max Total @ 100 VAC @ 200 VAC @ 40 VDC Power Draw1 (Amps) (Amps) (Amps) (Watts) Max System Power Draw2 (Watts) Max Thermal Output3 (BTU/Hr) Energy Efficiency (Watts/Gbps FDX) FastIron GS624P 0.99 0.49 2.46 99 99 336.3 1.83 FastIron GS624XGP 1.06 0.53 2.65 106 106 361.7 1.96 FastIron GS648P 1.62 0.81 4.04 162 162 552 2.38 FastIron GS Base models FastIron GS models with PoE FastIron GS624P-POE 5.44 2.72 13.59 534 174.4 593.6 3.22 FastIron GS624XGP-POE 5.51 2.76 13.78 551 181 619 3.36 FastIron GS648P-POE4 10.52 5.26 26.29 1052 312.8 1066.6 4.6 FastIron GS624P-STK 1.14 0.57 2.85 114 114 389 2.11 FastIron GS624XGP-STK 1.21 0.61 3.03 121 121 413.1 2.24 FastIron GS648P-STK 1.7 0.85 4.25 170 170 579.4 2.5 FastIron GS STK models FastIron GS STK models with PoE FastIron GS624P-POE-STK 5.51 2.76 13.78 551 181 619 3.51 FastIron GS624XGP-POE-STK 5.66 2.83 14.15 566 196.4 670.3 3.63 FastIron GS648P-POE-STK4 10.6 5.3 26.5 1060 320.8 1094 4.71 1-Total power drawn from the source and consumed by the switch and attached POE devices. Class 3 devices assumed on all ports. 2-Power drawn from the source and consumed only by the switch. 3-Thermal output of the switch. 4-With two power supplies installed. Warranty • 5-year Limited Lifetime Hardware Warranty • Brocade warrants that, excluding the power supply, fan, removable optics and LED, the product hardware will be free from defects in material and workmanship that result in a material deviation from the applicable published Brocade technical specifications. • 90-days Limited Software Warranty • Brocade warrants that software, when used in accordance with the terms of the Brocade license, will operate substantially as set forth in the applicable Brocade Documentation following delivery of the software to licensee. Corporate Headquarters San Jose, CA USA T: +1-408-333-8000 email@example.com European Headquarters Geneva, Switzerland T: +41-22-799-56-40 firstname.lastname@example.org Asia Pacific Headquarters Singapore T: +65-6538-4700 email@example.com © 2009 Brocade Communications Systems, Inc. All Rights Reserved. 02/09 GA-DS-1298-00 Brocade, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, IronPoint, IronShield, IronView, IronWare, JetCore, NetIron, SecureIron, ServerIron, StorageX, and TurboIron are registered trademarks, and DCFM, Extraordinary Networks, and SAN Health are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. All other brands, products, or service names are or may be trademarks or service marks of, and are used to identify, products or services of their respective owners. Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government.