Brocade FastIron FGS624P-POE-STK

Data Sheet
BROCADE
FASTIRON GS
SERIES
Enterprise
LAN switching
HIGHLIGHTS
• Compact 24-port and 48-port 10/100/1000
Mbps access switch models
• Field upgradeable with Power over Ethernet (PoE),
10 Gigabit Ethernet, and IronStack stacking for
scalable and secure network access
• Hot-swappable, load-sharing AC and DC power
supply options
• Industry leading IEEE 802.3af PoE Class 3 port
capacity in a compact form factor delivers a
scalable and cost-effective solution for unified
communications at the network edge
• Advanced IronWare Layer 2 Ethernet switching
with robust suite of security capabilities
™
• Base Layer 3 capabilities enable routed
topologies to the network edge with RIP v1/v2
route announcement, static routes, and VRRP
• IronStack technology scaling up to eight
FastIron GS units in a logical chassis and 384
PoE ports, with automatic healing in case of
link or switch failures
• Optional edge routing upgrade in non-stacking
configuration adds OSPF and RIP dynamic
routing for routed edge topologies*
Stackable, Secure, High Capacity
PoE Switches
The Brocade® FastIron® GS access switch
series provides enterprise organizations
with a flexible and feature-rich solution for
building a secure and converged network
edge. Upgradeable with 10-Gigabit Ethernet,
PoE, and IronStack stacking technology,
the FastIron GS Series gives enterprises
the cost and operational benefits of a
“pay-as-you-grow” architecture.
With its flexible architecture, the FastIron
GS Series offers investment protection,
while enabling vital network applications
and capabilities such as IP telephony,
wireless access, WebTV, video surveillance,
building management systems, triple
play—voice, video and data, and remote
video kiosks in a cost-effective and highperformance compact design.
The FastIron GS Series delivers the
scalability, QoS assurance, resilience, and
VoIP-readiness needed to implement a highvalue converged solution that can scale to
meet future growth at the network edge. An
enterprise may initially deploy a standalone
FastIron GS switch and later upgrade to
IronStack stacking to scale the installation
from one to eight stacked units to meet
growing user requirements.
Additionally, the FastIron GS Series may
be deployed in metro area networks for
connecting enterprise customers. In this
environment, the FastIron GS enables rich
and resilient services using the Brocade
Metro Ring Protocol (version I and II) for
building resilient ring-based topologies,
VLAN stacking, and advanced multicast
capabilities including IGMP v1/v2/v3 and
MLD v1/v2 snooping for controlling multicast
traffic for high-bandwidth content delivery.
• Open and standards-based network access
control features multi-host 802.1x access
control, multi-device MAC authentication, and
policy-controlled MAC-based VLANs
• Low packet latency and advanced Quality of
Service (QoS) with eight hardware-based priority
queues and combined strict priority and weighted
round robin scheduling
• Embedded hardware-based sFlow for enhanced
traffic visibility, accounting and security
• IronShield™ 360 intrusion protection delivers
dynamic, real-time protection from network
and host-based attacks
*Available only on the standalone FastIron GS. This feature is not available on the IronStack enabled FastIron GS.
The wide range of switch models includes
PoE-ready base models and PoE upgradeable
base models. The STK models indicate
IronStack-ready models with pre-installed
stacking modules and software. All FastIron
GS non-stacking models can be upgraded in
the field to support IronStack stacking. The
Edge Layer 3 Premium (EPREM) upgrade is
only available on non-stacking models. See
system summary table in this brochure for
a complete description of port types and
densities for each model.
PoE-Ready, Non-Stacking Models
(Standard and Edge Premium)
Each of the following models include a slot
for an optional 2 x 10GbE module. These
models can be optionally pre-configured
with, or upgraded to, Edge Premium (EPREM)
routing software (OSPF and RIP support).
• FastIron GS 624P-POE: 20 x 10/100/1000
Mbps PoE ports plus four combo ports
supporting 10/100/1000 Mbps RJ45 with
PoE or 100/1000 Mbps SFP connectivity
• FastIron GS 624XGP-POE:
20 x 10/100/1000 Mbps PoE ports
plus four combo ports supporting
10/100/1000 Mbps RJ45 with PoE
or 100/1000 Mbps SFP connectivity,
1 x 10GbE XFP port
• FastIron GS 648P-POE: 44 x 10/100/1000
Mbps PoE ports plus four combo ports
supporting 10/100/1000 Mbps RJ45 with
PoE or 100/1000 Mbps SFP connectivity.
PoE-Ready, Stacking Models
(Standard Only)
PoE Upgradeable, Stacking Models
(Standard Only)
• FastIron GS 624P-POE-STK:
20 x 10/100/1000 Mbps PoE ports
plus four combo ports supporting
10/100/1000 Mbps RJ45 with PoE or
100/1000 Mbps SFP connectivity,
2 x 10GbE CX4 stacking ports
• FastIron GS 624P-STK: 20 x 10/100/1000
Mbps ports plus four combo ports
supporting 10/100/1000 Mbps RJ45
or 100/1000 Mbps SFP connectivity,
2 x 10GbE CX4 stacking ports
• FastIron GS 624XGP-POE-STK:
20 x 10/100/1000 Mbps PoE ports
plus four combo ports supporting
10/100/1000 Mbps RJ45 with PoE or
100/1000 Mbps SFP connectivity,
1 x 10GbE XFP port, 2 x 10GbE CX4
stacking ports
• FastIron GS 648P-POE-STK:
44 x 10/100/1000 Mbps PoE ports
plus four combo ports supporting
10/100/1000 Mbps RJ45 with PoE or
100/1000 Mbps SFP connectivity,
2 x 10GbE CX4 stacking ports
PoE Upgradeable, Non-stacking
Models (Standard and Edge Premium)
Each of the following models includes a slot
for an optional 2 x 10GbE module. These
models can be optionally pre-configured
with, or upgraded to, Edge Premium (EPREM)
routing software (OSPF and RIP support).
• FastIron GS 624P: 20 x 10/100/1000
Mbps ports plus four combo ports
supporting 10/100/1000 Mbps RJ45
or 100/1000 Mbps SFP connectivity
• FastIron GS 624XGP: 20 x 10/100/1000
Mbps ports plus four combo ports
supporting 10/100/1000 Mbps RJ45
or 100/1000 Mbps SFP connectivity,
1 x 10GbE XFP port
• FastIron GS 648P: 44 x 10/100/1000
Mbps ports plus four combo ports
supporting 10/100/1000 Mbps RJ45
or 100/1000 Mbps SFP connectivity
• FastIron GS 624XGP-STK:
20 x 10/100/1000 Mbps ports plus four
combo ports supporting 10/100/1000
Mbps RJ45 or 100/1000 Mbps SFP
connectivity, 1 x 10GbE XFP port,
2 x 10GbE CX4 stacking ports
• FastIron GS 648-STK: 44 x 10/100/1000
Mbps ports plus four combo ports
supporting 10/100/1000 Mbps RJ45
or 100/1000 Mbps SFP connectivity,
2 x 10GbE CX4 stacking ports
Target Applications
Offering a powerful set of Layer 2
switching and edge Layer 3 routing
capabilities, extensive security features,
expandability, and compact design, the
FastIron GS Series supports a broad
range of applications including:
• Enterprise: High-capacity network
access for desktop applications, video
surveillance, wireless LAN switching,
and unified Voice over IP (VoIP)
communications
• Education: Secure network edge for K-12
and universities
• Metro networks: Cost-effective in-building
MTU or CPE for unicast and multicast
services delivery
Primary Features and Benefits
Performance & Scalability
Today’s enterprise organizations require
cost-effective, flexible, and secure
solutions for delivering data and unified
communication services on a network
architecture that can scale and evolve
to meet their ever-changing needs. The
FastIron GS Series is designed to meet
these requirements. Its wire-speed
architecture delivers non-blocking
performance for high-speed Gigabit
Ethernet desktops while providing QoS
assurances at VoIP endpoints.
Convergence planning and deployment
can occur over an extended period, and
budget constraints may require phased
deployments. The FastIron GS Series makes
it easy to deploy a solution today that can
be upgraded later to support PoE, 10-GbE,
and stacking as needed.
Each power supply in a FastIron GS switch
delivers up to 480 watts of PoE power.
In a dual power supply configuration, up
to 48 10/100/1000 Mbps PoE ports of
15.4 watts per port (full Class 3) can be
supported. This scalability enables the
network manager to size the installation
to meet current needs and still have room
for future growth.
As network traffic increases, network
managers can easily upgrade to 10-GbE
to provide high-capacity connectivity
to the network backbone and/or highperformance servers. The FastIron GS can
be upgraded in the field with a two-port
10-GbE XFP/CX4 module.
The optional 10-GbE module is offered in
three field upgradable models: the FastIron
GS-2XG supporting two small form factor
pluggable XFP transceivers, the FastIron
GS-2XGC supporting two CX4 connectors,
and the FastIron GS-1XG1XGC supporting
a combination of an XFP transceiver and a
CX4 connector. Supported XFP transceivers
include SR, LR, ER, ZR, and ZRD optics
supporting fiber lengths up to 80Km.
For cost-effective and rapid scaling at
the network edge, the FastIron GS is
upgradeable with the Brocade IronStack
stacking technology, which supports
stacking up to eight units in a virtual
chassis. The FastIron GS IronStack system
supports 40-Gbps switching capacity
between stacked units, providing a highcapacity interconnect across the stack.
FastIron GS IronStack supports stacking
over copper and fiber cables. This allows
flexible stack configurations in which
stacked units can be separated by more
than several hundred meters of fiber.
High Availability Hardware Features
Convergence solutions serving VoIP require
high availability, especially for the power
supplies that power the PoE interfaces.
FastIron GS switches fulfill this requirement
with dual, hot-swappable AC or DC power
supplies. Both redundant AC and redundant
DC power configurations are included.
The FastIron GS Series features 1+1 power
redundancy, using hot-swappable and field
replaceable power modules, which install
into the back of the unit. The power modules
are load-sharing supplies providing full 1+1
redundancy for as many as 48 Class 1 and
Class 2 PoE ports and 31 Class 3 (15.4 watts)
PoE ports.
Additional design features include intake
and exhaust temperature sensors and fan
spin detection to aid in rapid identification
of abnormal or failed operating conditions
to help minimize mean time to repair.
The Brocade Ironstack Solution
The FastIron GS series may be ordered
pre-configured with the Brocade IronStack
stacking technology or upgraded in the
field. IronStack is an advanced stacking
technology that supports stacked
configurations in which as many as eight
FastIron GS and/or FastIron LS switches
can be interconnected while maintaining the
operational simplicity of a single switch. An
IronStack stack can be a mix-and-match of
different FastIron GS and FastIron LS switch
models providing for very flexible stack
configurations. Each IronStack enabled
FastIron GS or LS model can support up
to 40Gbps of stacking bandwidth per
unit. IronStack configurations can be
built using 10-GbE CX4 copper or XFPbased fiber connections. When XFP-based
fiber connections are used, an IronStack
configuration can be extended between
racks, floors, and buildings with fiber
lengths up to several hundred meters.
The FastIron GS STK models are preconfigured with a two-port 10-GbE CX4
module, expanded CPU memory, an
IronStack license (IronStack PROM) and
software. The CX4 module in the STK models
can be replaced in the field with any of the
optional 10-GbE modules available for the
FastIron GS.
An IronStack system operates as a
single logical chassis (with a single IP
management address) and supports crossmember trunking, mirroring, switching,
static routing, sFlow, multicast snooping and
other switch functions across the stack. An
IronStack stack has a single configuration
file and supports remote console access
from any stack member. Support for
active-standby controller failover, stack link
failover, and hot insertion and removal of
stack members delivers the resilience that
is typical of higher end modular switches.
High Density and Full Class 3
Power Over Ethernet (PoE)
When configured with PoE, the FastIron GS
switches support IEEE 802.3af standardsbased PoE on all ports. The capability of
FastIron GS switches to deliver high-density,
full-power PoE on all ports reduces the need
to purchase additional hardware to support
the higher power requirements.
For the 24-port PoE models, the system
can support full 1+1 redundancy for 24
Class 1, Class 2, or Class 3 PoE ports.
When configured with dual power supplies,
the 48-port PoE models support up to 48
10/100/1000 Class 3 (15.4 watts) PoE
ports, which is one of the highest Class 3
PoE port density for a compact switch in the
industry. These capacities are a significant
advantage for environments that require
full Class 3 power for devices such as
surveillance cameras, color LCD phones,
point-of-service terminals, and other
powered endpoints.
An IronStack configuration of eight FastIron
GS switches can support as many as 384
PoE ports supporting full Class 3 PoE
power without the need for external power
supplies. Other solutions may require
external power supplies adding installation
and operational complexity.
Ease of Use: Plug and Play
The FastIron GS Series supports the IEEE
802.1AB LLDP and ANSI TIA 1057 LLDP-MED
standards that enable organizations to deploy
interoperable multi-vendor solutions for unified
communications. Configuring IP endpoints,
such as VoIP stations can be a complex
task requiring manual and time-consuming
configuration. LLDP and LLDP-MED address
these challenges, providing organizations with
a standard and open method for configuring,
discovering, and managing their network
infrastructure. The LLDP protocols help
reduce operations costs by simplifying and
automating network operations. For example,
LLDP-MED provides an open protocol for
configuring QoS, security policies, VLAN
assignments, PoE power levels, and service
priorities. Additionally, LLDP-MED provides
for the discovery of device location and asset
identity, information that is used for inventory
management and by emergency response
services, such as Enhanced 911 (E911).
These sophisticated features make converged
network services easier to deploy and operate
while enabling new and critical services.
The FastIron GS Series supports DHCP
client-based auto-configuration, simplifying
customer deployment and configuration
via true Plug-and-Play. Enterprises can use
this feature to automate the IP address and
feature configuration of FastIron GS switches
without the presence of a highly-trained
network engineer on-site. Technicians can
simply power up a new FastIron GS and the
unit will automatically get its IP address and
configuration from DHCP and TFTP servers.
Auto-configuration provides an intelligent
solution to reduce OPEX while simplifying
network management.
Comprehensive
Enterprise-Class Security
FastIron GS switches are powered by the
Brocade IronWare™ operating software,
which offers an advanced security suite
for Layer 2 and Layer 3, network access
control (NAC), and DoS protection. IronWare
security features include protection against
TCP SYN and ICMP DoS attacks, Spanning
Tree Root Guard and BPDU Guard to protect
network spanning tree operation, and
broadcast and multicast packet rate limiting.
In non-stacking configurations, the FastIron
GS series offers additional security features
including dynamic ARP inspection and DHCP
snooping to protect against address spoofing
and man-in-the middle attacks.*
Network Access Control
Network managers can rely on features
such as multi-device port authentication
and 802.1X authentication with dynamic
policy assignment to control network access
and perform targeted authorization on a
per-user level. Additionally, the FastIron GS
supports enhanced MAC policies with the
ability to deny traffic to and from a MAC
address on a per-VLAN basis. This powerful
tool allows network administrators to control
access policies per endpoint device.
Standards-based NAC enables network
operators to deploy best-of-breed NAC
solutions for authenticating network users
and validating the security posture of a
connecting device. Support for policycontrolled MAC-based VLANs provides
additional control of network access,
allowing for policy-controlled assignments
of devices to Layer 2 VLANs.
Traffic Monitoring and
Lawful Intercept
Organizations may need to set up lawful
traffic intercept due to today’s heightened
security environment. For example, in
the United States, the Communications
Assistance for Law Enforcement Act
(CALEA) requires businesses be able to
intercept and replicate data traffic directed
to a particular user, subnet, port, etc. This
capability is particularly essential in networks
implementing IP phones. The FastIron
GS provides the capability necessary to
support this requirement through ACLBased Mirroring, MAC filter-Based Mirroring,
and VLAN-Based Mirroring. Network
managers can apply a “mirror ACL” on a
port and mirror a traffic stream based on
IP source/destination address, TCP/UDP
source/destination ports, and IP protocols
such as ICMP, IGMP, TCP, and UDP. A MAC
filter can be applied on a port and mirror a
traffic stream based on a source/destination
MAC address. VLAN-Based mirroring is
another option for CALEA compliance. Many
enterprises have service-specific VLANs,
such as voice VLANs. With VLAN mirroring, all
traffic on an entire VLAN within a switch can
be mirrored to a remote server.
Threat Detection and Mitigation
Support for embedded, hardware-based
sFlow traffic sampling extends the Brocade
IronShield 360 security shield to the
network edge. This unique and powerful
closed loop threat mitigation solution
uses best-of-breed intrusion detection
systems to inspect sFlow traffic samples
for possible network attacks. In response
to a detected attack, IronView® Network
Manager (INM) can apply a security policy
to the compromised port. This automated
threat detection and mitigation stops
network attacks in real time, without
human intervention. This advanced security
capability provides a network-wide security
umbrella without the added complexity and
cost of ancillary sensors.
Advanced Multicast Features
FastIron GS switches support a rich set
of Layer 2 multicast snooping features
that enable advanced multicast services
delivery. Internet Group Management
Protocol (IGMP) snooping for IGMP version
1, 2, and 3 is supported. Support for
IGMPv3 source-based multicast snooping
improves bandwidth utilization and security
for multicast services.
To enable multicast service delivery in
IPv6 networks, the FastIron GS supports
Multicast Listener Discovery (MLD) version
1 and 2 snooping, the multicast protocols
used in IPv6 environments.
Building Resilient Networks with
Advanced Layer 2 and Layer 3 Protocols
Software features such as Virtual Switch
Redundancy Protocol (VSRP), the Brocade
Metro Ring Protocol (MRP I and II), Rapid
Spanning Tree Protocol (RSTP), protected
link groups, 802.3ad Link Aggregation, and
trunk groups provide alternate paths for
traffic in the event of a link failure. Sub-
*Available only on the standalone FastIron GS. This feature is not available on the IronStack enabled FastIron GS.
second fault detection utilizing Link Fault
Signaling and Remote Fault Notification
ensures rapid fault detection and recovery.
Enhanced Spanning Tree features such
as Root Guard and BPDU Guard prevent
rogue hijacking of a spanning tree root
and maintain a contention and loop free
environment especially during dynamic
network deployments. Additionally, the
FastIron GS supports Port Loop Detection on
edge ports that do not have spanning tree
enabled. This capability protects the network
from broadcast storms and other anomalies
that can result from layer 1 or layer 2
loopbacks on Ethernet cables or endpoints.
Base Layer 3 functionality enhances the
capability of the FastIron GS as an edge
platform. Base Layer 3 allows enterprises
to use simple Layer 3 features such as
IPv4 static routes, routing between directly
connected subnets, RIPv1/v2 announce,
VRRP, and DHCP Relay. Network managers
can remove complexity from an end-to-end
Layer 3 network design and eliminate the
cost required for a full Layer 3 edge switch.
In addition, in non-stacking configurations,
the FastIron GS models support an optional
Edge Layer 3 feature set (EPREM).* These
edge Layer 3 features enable full dynamic
routing via OSFP and RIPv1/v2 in addition
to the Base Layer 3 features. With FastIron
GS Base Layer 3 and the optional EPREM
upgrade, network managers can deploy endto-end Layer 3 networks utilizing the same
routing policies from edge to core, thereby
simplifying network design and operation.
Unified and Secure Element
Management
The Brocade INM provides unified network
management for the FastIron GS Series.
INM greatly simplifies network operations,
provisioning, troubleshooting, and alarm
reporting. INM offers multilevel access
security on the console and a secure
Web management interface that prevents
unauthorized users from accessing or
changing the switch configuration.
INM employs a Java-based network
configuration and management tool that
displays, in graphical detail, network and
application level traffic information. Network
managers can accurately monitor overall
networking operation, zero in on hot spots,
and quickly diagnose and troubleshoot
difficulties before they develop into
widespread network problems.
The FastIron GS Series includes Secure
Shell (SSHv2), Secure Copy, and SNMPv3
to restrict and encrypt management
communications to the system. Additionally,
support for Terminal Access Controller
Access Control System (TACACS/TACACS+)
and RADIUS authentication ensure secure
operator access.
Fault Detection
The FastIron GS switches support logical fault
detection through software features such
as Link Fault Signaling (LFS), Remote Fault
Notification (RFN), Protected Link Groups, and
Unidirectional Link Detection (UDLD).
• Link Fault Signaling (LFS) is a physical
layer protocol that ensures bi-directional
communication on a link between two
10-GbE switches, thereby allowing switches
on both sides to disable the link.
• Remote Fault Notification (RFN) enabled
on 1GbE ports notifies the remote
port whenever the fiber cable is either
physically disconnected or has failed.
When this occurs the link is disabled by
the switches on both sides.
• Protected Link Groups minimize
disruption to the network by protecting
critical links from loss of data and power.
In a protected link group, one port in the
group acts as the primary or active link,
and the other ports act as secondary or
standby links. The active link carries the
traffic. If the active link goes down, one of
the standby links takes over.
• UDLD monitors a link between two
FastIron GS switches and brings the ports
on both ends of the link down if the link
fails at any point between the two devices.
FastIron GS devices also support stability
features such as Port Flap Dampening,
single link LACP, and Port Loop Detection.
Port Flap Dampening increases the
resilience and availability of the network by
limiting the number of port state transitions
on an interface. This reduces the protocol
overhead and network inefficiencies caused
by frequent state transitions occurring
on misbehaving ports. Single link LACP
provides a fast detection scheme for
unidirectional or bi-directional faults. This
standards-based solution works with other
switch vendors. The Port Loop Detection
feature enables network managers to detect
and prevent Layer 1 and Layer 2 loops
without using STP. Enterprises that do not
enable a Layer 2 Protocol, such as STP to
detect physical loops at the edge, can use
Port Loop Detection.
Key Features Summary
Flexible and High-Capacity Architecture
• 24-port and 48-port 10/100/1000 Mbps (RJ45) PoE and PoE upgradeable models
including 4 combination RJ45/SFP Gigabit Ethernet ports
• 2-port 10-GbE slot for optional 2-port 10GbE module
• FastIron GS 624XGP models support an integral 1-port 10GbE XFP port
• Field upgradeable to support IronStack technology
• Field upgradeable to support EPREM Layer 3 routing features (standalone operation only)
• Up to two redundant, removable, load-sharing AC and DC power supplies
• Efficient space-saving form factor with front-facing data ports and a built-in temperature
monitor sensor
• MAC table size: 16000
• Max number of VLANs: 4096
IronStack Stacking Technology
• Up to 8 units in a single stack. Ability to mix-and-match FastIron GS and FastIron LS
models in a single stack
• Up to 40Gbps of stacking bandwidth per unit
• Support for stacking on 10GbE CX4 and 10GbE XFP ports
• Logical chassis-like operations, supporting features such as static trunking, LACP, mirroring,
switching, static routing, sFlow, multicast snooping across stack-members
• Support for automatic failover of active controller and hot insertion/removal of stack-members
Layer 3 Capabilities
• Base layer 3 software supporting features such as static routes, routing between directly
connected subnets, virtual interfaces, VRRP and ECMP
• Edge router software (EPREM)* providing dynamic layer 3 routing via OSPF v2 and
RIP v1/v2 in addition to features supported in base layer 3 software
• Up to 1000 IPv4 routes
Robust Power over Ethernet
• Standards-based IEEE 802.3af PoE support
• Up to 48 ports of 10/100/1000 Mbps Class 3 PoE per switch (48-port models with dual
power supplies)
• Fully redundant 1+1 power configurations
• 24-port PoE model with two power supplies supports up to 15.4W for each port
• 48-port PoE model with two power supplies supports up to 10W for each port
• PoE auto-detection enables support for PoE and non-PoE devices without
configuration changes
• Per-port LED indicators to easily identify power-consuming devices
• Per-port short circuit protection to supply system protection
• Software accessible system and per port power consumption
• Power redundancy for increased reliability
• Interoperability with popular VoIP equipment, including legacy IP phones
• Advanced QoS capabilities ensure high quality VoIP support
• LLDP-MED and voice VLAN
*Available only on the standalone FastIron GS. This feature is not available on the IronStack enabled FastIron GS.
Key Features Summary continued
IronShield Advanced Security
• Multilevel access security for console access
• IronShield 360—System-wide, automated closed-loop threat detection and mitigation solution
• Secure, Web-based management
• Secure Shell and SNMPv3 restrict and encrypt communications to the management
interface and system
• Terminal Access Controller Access Control Systems (TACACS/TACACS+) and RADIUS
operator authentication
• Secure Shell (SSHv2), SCP, and SNMPv3 secure remote management access and
communications
• MAC filters, Layer 3/Layer 4 ACLs and binding the ACL to TELNET, Web management and
SNMP interface for secure management access
• IEEE 802.1x authentication including multiple device authentication and dynamic VLAN,
ACL, and MAC filter assignment for authenticated clients
• Private VLANs provide security and isolation between switch ports to help ensure that
users cannot snoop on other users’ traffic
• Denial of Service Protection—Monitoring, throttling, and locking out of ICMP and TCP SYN
traffic both to the management address of the switch and for transit traffic
• Man-in-the-Middle prevention using Dynamic ARP Inspection and DHCP Snooping*
• Port Security and MAC Address Locking limits the number of MAC addresses learned
on a port. Using Port Security, network managers can allow specific MAC addresses
access to the network for specific time periods.
• MAC address authentication including multiple device authentication and dynamic
policy configuration
• Policy-controlled MAC-based VLANs provides additional control
Advanced Quality of Service
• Packet classification, reclassification, policing, marking, and re-marking
• Identification, classification, and reclassification of traffic based on specific criteria such as
port, source/destination MAC address, 802.1p priority bit, source/destination IP address,
Type of Service (ToS), Differentiated Services Codepoints (DSCP), or TCP/UDP port
• Flexible queue servicing using configurable Weighted Round Robin (WRR), Strict Priority (SP),
or hybrid SP/WRR
• 8 hardware queues for flexible QoS management
• Ingress rate limiting—standard and extended ACL control
• ACLs configured on a per-port, per-VLAN basis
• Egress rate limiting—per-port, per-queue
• Support for up to 256 wire-speed ingress traffic policers with each policer supporting
configurable metering with maximum and burst size settings, color aware and
out-of-profile packet remarking or dropping
• sFlow and port mirroring on the same port
System and Network Resilience
• Advanced Layer 2 service protection features: Metro Ring Protocol (versions I and II), Virtual
Switch Redundancy Protocol, Rapid Spanning Tree, Multiple Spanning Tree, Per VLAN
Spanning Tree (PVST, PVST+), Protected Link groups, Link Fault Signaling (LFS), Remote
Fault Notification (RFN)
• Digital optical monitoring
• Port range with port speed downshift and selective auto negotiation
• Port loop detection to detect Layer 1/Layer 2 loops
• Image checksum verification
• Next boot information
• Port flap dampening
• Single link LACP as a standards-based bi-directional link detection protocol
• Auto-configuration
*Available only on the standalone FastIron GS. This feature is not available on the IronStack enabled FastIron GS.
system summary 1, 2, 3
Feature
FGS624P
FGS624XGP
FGS624P-STK
FGS624XGP-STK
FGS648P
FGS648P-STK
FGS624P-POE
FGS624XGP-POE
FGS624P-POE-STK
FGS624XGP-POE-STK
FGS648P-POE
FGS648P-POE-STK
Total Switching Performance
108 Gbps
136 Gbps
108 Gbps
136 Gbps
Full Duplex Forwarding Performance
80 Mpps
101 Mpps
80 Mpps
101 Mpps
10/100/1000 Port Density
20 plus 4-port Combos
44 plus 4-port Combo
20 plus 4-port Combo
44 plus 4-port Combo
10/100/1000 Mbps PoE Density with
15.4W each
24 (optional)
48 (optional)
24 (1 PSU)
48 (2 PSU)
10/100/1000 Mbps PoE Density with
10W each
24 (optional)
48 (optional)
24 (1 PSU)
48 (1 PSU)
100/1000 Mbps SFP Density
4 Combo Ports
4 Combo Ports
4 Combo Ports
4 Combo Ports
10 Gigabit Ethernet
2 (FGS624P)
3 (FGS624XGP)
2
2 (FGS624P-POE)
3 (FGS624XGP-POE)
2
100 Mbps Optics
100FX and 100Base-BX
100FX and 100Base-BX
100FX and 100Base-BX
100FX and 100Base-BX
Gigabit Ethernet Optics
SX, LX, LHA, LHB, 1000Base-BX, and CWDM
10 Gigabit Ethernet Optics
CX4, 1310-MM,SR, LR, ER, ZR, and ZRD
AC and DC Power Supply
Yes
Yes
Yes
Yes
Power Supply Redundancy
1+1 Load Sharing
1+1 Load Sharing
1+1 Load Sharing
1+1 Load Sharing
Maximum Number of MAC addresses
16,000
16,000
16,000
16,000
Maximum Number of VLANs
4,096
4,096
4,096
4,096
Maximum Number of STP
253
253
253
253
L3/L4 Extended Access Control List
Yes
Yes
Yes
Yes
Stability Features
BPDU and Root Guard, Single Link LACP, Port Loop Detection, Port Flap Dampening, Trunk Threshold
Maximum Number of Ports per Trunk
8
8
8
8
Number of Trunk Groups
13 (FGS624P)
13 (FGS624XGP)
25 (FGS648P)
13 (FGS624-POE)
13 (FGS624XGP-POE)
25 (FGS648P-POE)
Multi-device Authentication and Dynamic
VLAN Assignment
Yes
Yes
Yes
Yes
802.1X Authentication and Dynamic VLAN
Assignment
Yes
Yes
Yes
Yes
MAC-based VLANs
Yes
Yes
Yes
Yes
Metro Features
Metro Ring Protocol (version I and II), Virtual Switch Redundancy Protocol, VLAN Stacking
(Q-in-Q) and Topology Groups
1-Switching and forwarding performance specifications are provided for a single FastIron GS switch unit. 2-Port densities are provided for a single FastIron GS switch unit. 3-MAC address
and STP capacities apply to a single FastIron GS unit as well as to an IronStack configuration of up to eight units.
BROCADE Fastiron gs SPECIFICATIONS
IEEE Standards Compliance
Layer 2 Metro Features
• 802.1D-2004 MAC Bridging
• 802.1w Rapid Spanning Tree
• 802.1s Multiple Spanning Tree
• 802.1X Port-based Network Access Control
• 802.3 10Base-T
• 802.3ak CX4
• 802.3ad Link Aggregation (Dynamic and Static)
• 802.3af Power over Ethernet
• 802.3u 100Base-TX
• 802.3x Flow Control
• 802.3z 1000Base-SX/LX
• 802.3ab 1000Base-T
• 802.3ae 10 Gigabit Ethernet
• 802.3 MAU MIB (RFC 2239)
• 802.3AB LLDP/LLDP-MED
• 802.1p Mapping to Priority Queue
• VLAN stacking (Q-in-Q)
• Metro Ring Protocol (MRP I and II)
• Virtual Switch Redundancy Protocol
• Topology Groups
• Super Aggregated VLANs (SAV)
Layer 2 Features
• 4,096 VLANs
• 16,000 MAC Addresses
• 802.1s Multiple Spanning Tree
• Per VLAN spanning tree (PVST/PVST+/PVRST)
• Private VLAN
• Protocol VLAN (802.1v), Subnet VLAN
• Policy controlled MAC-based VLANs
• MAC Learning Disable
• Port Security
• MAC Address Locking
• Port-based Access Control Lists
• Dual Mode VLANs
• Fast Port Span
• BPDU Guard, Root Guard
• GARP VLAN Registration Protocol
• MAC-Layer Filtering
• Port-based, ACL-based, MAC filter-based, and VLAN-based Mirroring
• Single-instance Spanning Tree
• Trunk groups
• Trunk threshold
• Single link LACP
• Uni-Directional Link Detection (UDLD)
• Auto MDI/MDIX
• Port speed downshift and selective auto-negotiation
• Dynamic Voice VLAN Assignment
• Jumbo Frames up to 10,240 bytes for 10/100/1000 and 10GbE ports
• IGMP Snooping (v1/v2/v3)
• MLD Snooping (v1/v2)
• PIM–SM Snooping
• Private VLANs and uplink-switch
• Protected Link Groups
• Port Loop Detection
• VLAN based Static MAC Denial
• Flexible static multicast MAC address configuration
Base Layer 3 Features
• Virtual Interfaces (VE)
• Routed Interfaces
• IPv4 Static Routes
• Routing between directly connected subnets
• RIP v1/v2 announce
• Virtual Route Redundancy Protocol (VRRP)
• ECMP*
L3 EPREM Features*
• Host routes
• OSPF
• RIP V1 , V2
• Route-only support
• Routes in hardware maximum: 1000
Quality of Service
• MAC Address Mapping to Priority Queue
• ACL Mapping to Priority Queue
• ACL Mapping to ToS/DSCP
• Honoring DSCP and 802.1p
• ACL Mapping and Marking of ToS/DSCP
• DiffServ Support
• Classifying and Limiting Flows based on TCP flags
• DHCP Relay
• QoS Queue Management using Weighted Round Robin (WRR),
Strict Priority (SP), and a combination of WRR and SP
Traffic Management
• Inbound rate limiting per port
• ACL-based inbound rate limiting and traffic policies
• Outbound rate limiting per port and per queue
• Broadcast, multicast and unknown unicast rate limiting
*Available only on the standalone FastIron GS. This feature is not available on the IronStack enabled FastIron GS.
Management and Control
Dimensions
• RFC 2571 Architecture for Describing SNMP Framework
• RFC 2131 DHCP Relay
• RFC 1493 Bridge MIB
• Configuration Logging
• RFC 1643 Ethernet Interface MIB
• RFC 1643 Ethernet MIB
• Brocade Discovery Protocol (FDP)
• RFC 2068 Embedded HTTP
• RFC 2818 Embedded HTTPS
• Industry Standard Command Line Interface (CLI)
• Integration with HP OpenView for Sun Solaris, HP-UX, IBM’s AIX,
and Windows NT Standalone Windows NT
• IronView Network Manager (INM) Web-based graphical user interface
• Embedded Web Management
• RFC 3176 sFlow
• RFC 1213 MIB-II
• RFC 1516 Repeater MIB
• RFC 1724 RIP v1/v2 MIB
• RFC 1757 RMON MIB
• RFC 2572 SNMP Message Processing and Dispatching
• RFC 1573 SNMP MIB II
• RFC 2575 SNMP View-based Access Control Model SNMP
• RFC 1157 SNMPv1/v2c
• RFC 2573 SNMPv3 Applications
• RFC 2570 SNMPv3 Intro to Framework
• RFC 2574 SNMPv3 User-based Security Model
• SNTP Simple Network Time Protocol
• Support for Multiple Syslog Servers
• RFC 854 TELNET Client and Server
• RFC 783 TFTP
• MIB support for MRP, Port Security, MAC authentication and
MAC-based VLANs
• Display log messages on multiple terminals
• Digital Optical Monitoring
• Auto Configuration
All FastIron GS models
RPS-FGS, RPS-X448, RPSX424-POE or RPS8
• Operating 85VAC to 254VAC input, universal/wide input
• Rated 100 to 240VAC ~ 50/60 Hz @
8amp to 3.2amp
• 600 watts of total output power
Performance (Per Model)
RPSDC-FGS, RPSDC-X448,
RPSDC-X424-POE or
RPS8DC
• Operating 40VDC to 60VDC input,
universal/wide input
• Rated -48 to 60VDC @ 18amp to 14.3 amp
• 600 watts of total output power
FastIron GS 624P/
624P-POE/624P-STK/
624P-POE-STK
• Switching Capacity 108 Gbps
• Forwarding Performance 80 Mpps
FastIron GS 648P/
648P-POE/648P-STK/
648P-POE-STK
• Switching Capacity 136 Gbps
• Forwarding Performance 101 Mpps
Embedded Security
• IEEE 802.1X username export in sFlow
• Bi-level Access Mode (Standard and EXEC Level)
• Protection against Denial of Service (DOS) attacks
• EAP pass through support
Secure Management
• RADIUS/TACACS/TACACS+
• Secure Copy (SCP)
• Secure Shell (SSHv2)
• Username/Password
• Advanced Encryption Standard (AES) with SSHv2
• Authentication, Authorization, and Accounting (AAA)
2.63” (H) x 17.5” (W) x 19.6” (D)
6.68 cm (H) x 44.45 cm (W) x 49.78 cm (D)
Weight
FastIron GS 624 models
25 lbs (11.36 kg) Fully loaded including dual
redundant power
17.5 lbs (7.95 kg) Empty
FastIron GS 648 models
29 lbs (11.36 kg) Fully loaded including dual
redundant power
17.5 lbs (7.95 kg) Empty
Environmental Ranges
• Acoustic: 51 dB
• Operating temperature: 32° to 104°F (0° to 40°C)
• Relative humidity: 5% to 95%, non-condensing
• Storage temperature: -23° to 158°F (-25° to 70°C)
• Storage altitude: 10,000ft (3,000m) maximum
MTBF
• FastIron GS 624P with 4 SFP, 2-port 10GbE, and 2 RPS-FGS—267,
411 hours
• FastIron GS 624P-STK with 4 SFP, 2-port 10GbE, and 2 RPS-FGS: 317,
730 hours
• FastIron GS 648P with 4 SFP, 2-port 10GbE, and 2 RPS-FGS: 218,
140 hours
• FastIron GS 648P-STK with 4 SFP, 2-port 10GbE, and 2 RPS-FGS: 250,
503 hours
• FGS-2XG with 2 XFP (LRs): 1,597,580 hours
• RPS-FGS: 346,230 hours
Power Requirements
Safety Certifications
• EN 60950-1
• CAN/CS-C22.2 No. 60950-1-03
• EN 60825-1 Safety of Laser Products—Part 1
• EN 60825-2 Safety of Laser Products—Part 2
• IEC 950
• UL 1950 Third Edition
• UL 60950-1
• CSA 950
Electromagnetic Emission Certifications
• FCC Class A (Part 15)
• EN 55022/CISPR-22 Class A
• VCCI Class A
Immunity
Generic: EN 50082-1
Environmental Regulatory Compliance
• RoHS Compliant (5 of 6)
• WEEE compliant
Data Sheet
Power and Thermal Specifications
Max Current Max Current Max Current Max Total
@ 100 VAC
@ 200 VAC @ 40 VDC
Power Draw1
(Amps)
(Amps)
(Amps)
(Watts)
Max System
Power Draw2
(Watts)
Max Thermal
Output3 (BTU/Hr)
Energy Efficiency
(Watts/Gbps FDX)
FastIron GS624P
0.99
0.49
2.46
99
99
336.3
1.83
FastIron GS624XGP
1.06
0.53
2.65
106
106
361.7
1.96
FastIron GS648P
1.62
0.81
4.04
162
162
552
2.38
FastIron GS Base models
FastIron GS models with PoE
FastIron GS624P-POE
5.44
2.72
13.59
534
174.4
593.6
3.22
FastIron GS624XGP-POE
5.51
2.76
13.78
551
181
619
3.36
FastIron GS648P-POE4
10.52
5.26
26.29
1052
312.8
1066.6
4.6
FastIron GS624P-STK
1.14
0.57
2.85
114
114
389
2.11
FastIron GS624XGP-STK
1.21
0.61
3.03
121
121
413.1
2.24
FastIron GS648P-STK
1.7
0.85
4.25
170
170
579.4
2.5
FastIron GS STK models
FastIron GS STK models with PoE
FastIron GS624P-POE-STK
5.51
2.76
13.78
551
181
619
3.51
FastIron GS624XGP-POE-STK
5.66
2.83
14.15
566
196.4
670.3
3.63
FastIron GS648P-POE-STK4
10.6
5.3
26.5
1060
320.8
1094
4.71
1-Total power drawn from the source and consumed by the switch and attached POE devices. Class 3 devices assumed on all ports. 2-Power drawn from the source and consumed
only by the switch. 3-Thermal output of the switch. 4-With two power supplies installed.
Warranty
• 5-year Limited Lifetime Hardware Warranty
• Brocade warrants that, excluding the power supply, fan, removable optics and LED, the
product hardware will be free from defects in material and workmanship that result in a
material deviation from the applicable published Brocade technical specifications.
• 90-days Limited Software Warranty
• Brocade warrants that software, when used in accordance with the terms of the Brocade
license, will operate substantially as set forth in the applicable Brocade Documentation
following delivery of the software to licensee.
Corporate Headquarters
San Jose, CA USA
T: +1-408-333-8000
info@brocade.com
European Headquarters
Geneva, Switzerland
T: +41-22-799-56-40
emea-info@brocade.com
Asia Pacific Headquarters
Singapore
T: +65-6538-4700
apac-info@brocade.com
© 2009 Brocade Communications Systems, Inc. All Rights Reserved. 02/09 GA-DS-1298-00
Brocade, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, IronPoint, IronShield, IronView, IronWare, JetCore, NetIron,
SecureIron, ServerIron, StorageX, and TurboIron are registered trademarks, and DCFM, Extraordinary Networks, and
SAN Health are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
All other brands, products, or service names are or may be trademarks or service marks of, and are used to identify,
products or services of their respective owners.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied,
concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the
right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This
informational document describes features that may not be currently available. Contact a Brocade sales office for
information on feature and product availability. Export of technical data contained in this document may require an
export license from the United States government.