Data Sheet www.brocade.com BROCADE SERVERIRON ADX 1000, 4000, AND 10000 SWITCHES APPLICATION DELIVERY Highlights •Enables low-latency, high-performance delivery of critical applications using data center–class application switches •Optimizes delivery of Web applications from BEA, IBM, Microsoft, Oracle, SAP, and Siebel, and infrastructure services such as DNS, RADIUS, firewalls, and cache services •Delivers superior HTTP performance with up to 3 million connections per second and 70 Gbps throughput •Offers a seamless and cost-effective transition to leading-edge Internet technologies such as IPv6 •Gives greater application visibility in cloud environments using Brocade Application Resource Broker and simplified integration with third-party orchestration tools •Simplifies operations with on-demand, field upgradability to meet increased performance, port, and feature requirements The Brocade One™ strategy helps simplify networking infrastructures through innovative technologies and solutions. The Brocade ServerIron ADX Series supports this strategy by delivering record performance and a range of application optimization functions to deliver critical applications. High-Performance Application Delivery for Physical and Virtualized Environments Data center virtualization and consolidation are driving more change than the IT industry has seen in years. Although organizations are well on their way to virtualizing the data center foundation of servers and applications, virtualizing the networking infrastructure will require a new class of networking solutions that can respond to the dynamic demands of a virtual data center. Service providers and enterprises now need record levels of performance and scalability to meet growing requirements for elasticity, shared services, and seamless availability and security. In these new cloud-based and virtualized environments—as well as in traditional IT environments—the need for nextgeneration application delivery controllers is clear. Organizations must have the ability to enable global deployment of Web 2.0 applications and address their challenges of network latency, packet loss, and server and network load—all while delivering uncompromised performance under highvolume and unpredictable traffic conditions. The Brocade® ServerIron® ADX Series of high-performance application delivery switches provides a broad range of application optimization functions to ensure reliable delivery of critical applications. Purpose-built for large-scale, low-latency environments, the Brocade ADX Series accelerates application performance and improves application availability—all while making the most efficient use of existing infrastructure. These benefits—coupled with the orchestration capabilities and elasticity offered by the Brocade Application Resource Broker—enable service providers and enterprises to deliver applications at a global scale with more efficiency and higher availability while streamlining operations, increasing business agility, and significantly reducing costs. The Brocade ADX product family includes: •Brocade ADX 1000 Series: A 1 RU application delivery switch with up to sixteen 1 Gigabit Ethernet (GbE) copper ports, one management CPU, up to four application CPUs (two dual-core processors), and up to two AC or DC power supplies. The on-demand software license-based upgrade capability on this platform allows customers to double or quadruple system performance, add 1 GbE/10 GbE ports, or add software features without requiring hardware upgrades. •Brocade ADX 4000 Series: A 4 RU chassis-based modular application delivery switch with one management module, up to two application switching modules—each with eight application CPUs (four dual-core processors), one switch fabric module, up to two AC or DC power supplies, one hot-swappable fan tray, and up to two interface modules. •Brocade ADX 10000 Series: A 10 RU chassis-based modular application delivery switch with up to two management modules, up to four application switching modules—each with eight application CPUs (four dual-core processors), two switch fabric modules, up to four AC or DC power supplies, one hot-swappable fan tray, and up to four interface modules. OPTIMIZED APPLICATION DELIVERY The Brocade ADX Series offers a wide range of functions for an optimal application experience, including: •Enterprise applications: Provides uninterrupted, high-performance, and low-latency delivery of popular applications, including Microsoft Exchange, Microsoft SharePoint, Microsoft Lync Server (formerly Microsoft Office Communications Server), SAP, Oracle, BEA WebLogic, IBM WebSphere, and Siebel, and financial services applications based on the Financial Information eXchange (FIX) protocol. •Infrastructure load balancing: Increases availability of infrastructure devices such as firewalls, caches, intrusion prevention appliances, Domain Name Server (DNS) and DNS Security Extension (DNSSEC) servers, and Remote Authentication Dial-in User Service (RADIUS) servers. •Efficient load balancing: Enables efficient distribution of traffic among application servers using load-balancing methods that monitor server connection load, server resources such as CPU and memory, application response time, and pre-assigned server weights. •Application health monitoring: Conducts periodic checks of application servers and services through Layer 2 ARP, Layer 3 PING, Layer 4 TCP three-way handshakes or UDP queries, and Layer 7 applicationlevel queries. •Layer 7 content inspection: Provides advanced Layer 7 inspection of the HTTP URL, cookie, host headers, and data for maintaining application flow persistence. •SSL and server connection offload: Offloads Secure Sockets Layer (SSL) negotiation and connection management tasks from application servers, giving servers more cycles for critical application delivery and improving application response time. Provides comprehensive support for a variety of cipher suites and 1024- and 2048-bit SSL keys. •Application infrastructure agility: Enables on-demand inclusion and removal of application instances using Brocade Application Resource Broker. SIMPLIFIED ORCHESTRATION AND MANAGEMENT The Brocade ADX Series supports a range of capabilities to simplify installation, configuration, operation, and management of application delivery infrastructures. Application Resource Broker: Brocade Application Resource Broker is an infrastructure software component that simplifies the management of on-demand application resources within IT data centers. This solution helps ensure optimal application performance by dynamically adding and removing application resources (such as virtual machines). The Brocade Application Resource Broker—working in tandem with the Brocade ADX Series— provides these capabilities through realtime monitoring of application resource responsiveness, traffic load information, and infrastructure capacity information from server infrastructures (see Figure 1). A programmable decision engine compares application experience information with preconfigured threshold rules. When thresholds are exceeded, Brocade Application Resource Broker initiates provisioning actions to ensure that necessary and appropriate application resources are available to meet Service Level Agreements (SLAs). The Brocade ADX Series with Brocade Application Resource Broker also automatically associates various application services with their respective virtual machines. It collects historical applicationcentric performance statistics to enable true application-level operational visibility. Brocade Application Resource Broker directly supports VMware environments through a vSphere Client Plug-in, and can leverage real-time application response monitoring capabilities of any Brocade ADX switch in the network to deliver immediate provisioning adjustments in response to fluctuating demand. This capability helps ensure consistent and reliable application responsiveness between end users and the application infrastructure. Flexible Control Interfaces: The Brocade ADX Series supports a range of flexible and powerful interfaces for system configuration and management. •Command Line Interface: The Brocade ADX Series supports an industry-standard Command Line Interface (CLI) for device configuration. •Programmatic interface: A standardsbased SOAP/XML-application programmatic interface allows for tighter integration with third-party orchestration and automation tools. This interface provides greater application visibility and control over the application infrastructure. •Web Graphical User Interface: Application and network administrators can also utilize a browser-based Graphical User Interface (GUI) for configuring and monitoring the Brocade ADX switches. •SNMP support: The Brocade ADX controllers support Simple Network Management Protocol (SNMP) v1, v2, and v3, enabling device monitoring through third-party network management applications. •Role-based management: This capability of the Brocade ADX Series allows organizations to create multiple administrative domains and assign different access privileges to users inside these domains. Brocade Network Advisor: Large numbers of Brocade ADX devices can be managed from one central console through Brocade Network Advisor. Brocade Network Advisor provides additional tools for simplifying management of SSL keys, certificates, and application services, such as Virtual IP Manager and Global Server Load Balancing (GSLB). SEAMLESS TRANSITION TO IPv6 While the ubiquity of the Internet creates vast new opportunities for service providers and enterprises alike, the rapid growth of Internet-enabled devices and applications has led to IPv4 address depletion. This depletion is forcing many organizations to begin serious adoption of IPv6 as a solution to this impending threat to Internet growth. At the same time, many organizations face regulatory or governance-driven mandates to offer IPv6 services to their customers but struggle with the cost of a complete network redesign. The Brocade ADX eases the migration to IPv6 by enabling service providers and enterprises to maximize their existing IPv4-based investments while communicating with the growing IPv6-based world, without the need for “rip-and-replace” upgrades (see Figure 2). Figure 1. Brocade Application Resource Broker provides infrastructure monitoring, loading analysis, resource provisioning and de-provisioning, and reporting. IPv6 gateway: The Brocade ADX enables IPv4 networks to interoperate with IPv6 networks via a simple, standards-based Network Address Translation 64 (NAT64) gateway. This capability enables IPv4 clients to communicate with new IPv6 services, as well as new IPv6-based clients to communicate with the traditional IPv4 networks, all without requiring forklift upgrades to existing infrastructure. IPv6 SLB gateway: The Brocade ADX also allows existing IPv4 applications to be advertised via an IPv6-based Virtual IP (VIP) service. Existing servers and applications can then be slowly migrated to IPv6 on their natural upgrade cycles. The Brocade ADX load-balances traffic destined to an IPv6 VIP among IPv4 application servers, which can be upgraded to support IPv6 at an evolutionary rate. ALWAYS-ON APPLICATION AVAILABILITY The Brocade ADX application delivery switches maximize availability and provide non-stop delivery of businesscritical applications through a range of capabilities (including application-level health monitoring). Users Users Brocade Application Resource Broker Brocade ADX VMware vCenter Users Brocade Application Resource Broker Brocade ADX VMware vCenter Brocade Application Resource Broker Brocade ADX VMware vCenter Network Resources VM VM VM VM VM VM Resources Application Resources VM VM VM VM VM VM VM High availability: The Brocade ADX provides multiple high-availability options to suit varying infrastructure and business needs for overall enhanced application resiliency. Real-time synchronization of sessions between two peer Brocade ADX units operating in high-availability mode provides protection against system outages. If one device shuts down, then the second device transparently resumes control of client traffic, with no loss to existing sessions or connectivity. Site redundancy using GSLB: Organizations deploying multiple, geographically disparate data centers can benefit from GSLB. This capability allows the Brocade ADX switches to distribute client traffic among data center sites based on site availability, site load, and several other metrics. The Brocade ADX switches determine client-to-server proximity by computing the round-trip delay between the client and the data center site. A site nearest to the client is generally selected to deliver application traffic in order to provide the optimal user experience. Brocade ADX switches also continually monitor data center sites to detect any changes in servers or services due to varying health and traffic conditions. Configurable site-load thresholds allow organizations to align health-checking parameters with the server and service capabilities of each site. All of these features work in conjunction with existing DNS as well as DNSSEC servers to minimize service disruption and maximize application uptime. Site redundancy using Healthy Route Injection: The Brocade ADX Series provides a site redundancy solution for non-DNS– based infrastructures by injecting network routes for healthy VIPs from multiple data center locations. These network routes are propagated through routing protocols such as BGP, IS-IS, and OSPF, enabling clients to connect to the closest available site. HIGH-PERFORMANCE ARCHITECTURE The Brocade ADX application delivery switches provide more than 3 million HTTP Connections Per Second (CPS) and 70 Gbps of HTTP application traffic throughput. The Brocade ADX switch also acts as a high-performance proxy for the DNS server farm, delivering up to 18 million DNS queries per second. Brocade ADX switches provide reliable protection against many forms of Denial-of-Service (DoS) attacks such as DNS attacks and SYN attacks, and offer industry-leading Figure 2. The Brocade ADX NAT64 gateway enables a seamless transition to IPv6. Topology A Topology B Topology C IPv4 Resources IPv6 Resources IPv6 App Servers IPv4 App Servers Domain Name System (DNS) Server Brocade ADX NAT64 Gateway Brocade ADX NAT64 Gateway DNS Server IPv6 Clients to IPv4 Servers IPv6 Clients IPv6 IPv4 NAT Brings new IPv6 clients onboard for existing IPv4 applications IPv6 VIP Brocade ADX IPv4 Clients to IPv6 Servers IPv4Only IPv4Only IPv4 IPv6 NAT Connects legacy IPv4 clients to new IPv6 resources IPv6 Clients IPv6 IPv4 NAT Load balancing IPv4 application servers while enabling service for IPv6 clients attack protection rates of up to 120 million SYN attacks per second. The Brocade ADX Series has demonstrated that it can support low-latency switching of application traffic—on the order of 20 microseconds (µsec)—for response-sensitive applications. Reducing latency is key to successfully delivering Web applications, improving the user experience, and ensuring customer satisfaction. Brocade ADX performance leadership is based on its scalable and flexible hardware architecture. The Brocade ADX Series features a multi-chip, multi-core, highdensity architecture designed to provide the industry’s highest performance for application delivery. The design features complete physical and logical separation of data and management planes, and a switching fabric that provides highspeed interconnect among application, management, and interface modules. Configuration flexibility: The Brocade ADX 1000 provides superior investment protection in a high-density, fixed 1U form factor. It shares the full feature set of all Brocade ADX switches and can be ordered in any of four configurations, with optional licensing to expand capacity from entry-level to higher-level configurations when required. •Eight 1 GbE copper ports with a single application core •Sixteen 1 GbE copper ports with two application cores •Sixteen 1 GbE copper ports with four application cores •Sixteen 1 GbE copper ports with four application cores and two 10 GbE fiber ports Fixed-configuration Brocade ADX 1000 systems are available with or without SSL offload activated and can be upgraded in the field without unit replacement. When higher performance and future expansion options are required, the modular design of the Brocade ADX 4000 and Brocade ADX 10000 provides scale and investment protection. Management modules in Brocade ADX chassis-based switches accept a field-upgradable application expansion module for SSL acceleration. The following modules are available (see sidebar). Capacity-on-demand: All Brocade ADX switches can be quickly upgraded in the field using software keys. This ability allows organizations to enable a full suite of hardware and software options when needed without opening switch cases. For example, on an entry-level Brocade ADX 1000 fixed configuration platform, organizations can double or quadruple performance on the box after simply adding a software license that supports the “pay-as-you-grow” deployment strategy. Additional interface density and advanced software capabilities can also be unlocked with license upgrades. BROCADE ADX MODULES Management Module Application Switch Module Switch Fabric Module Interface Modules 12-port 10/100/1000 Mbps Ethernet copper (RJ45) 12-port 1 GbE fiber (SFP) 4-port 10 GbE fiber (XFP) BROCADE ADX SERIES SPECIFICATIONS Platform ADX 1000 ADX 4000 ADX 10000 HTTP connections/sec (CPS) 375,000 1,500,000 3,000,000 HTTP transactions/sec (TPS) 2,500,000 10,000,000 20,000,000 Layer 4–7 application throughput 9 Gbps 35 Gbps 70 Gbps DNS queries/sec (stateful) 300,000 1,200,000 2,400,000 DNS queries/sec (fast stateless) 2,250,000 9,000,000 18,000,000 Maximum SSL TPS1 28,000 112,000 224,000 Maximum SSL CPS 6,500 26,000 52,000 Maximum SSL bulk throughput 1.8 Gbps 7.2 Gbps 14.4 Gbps Maximum concurrent SSL connections2 64,000 256,000 512,000 IPv6 HTTP Connections Per Sec (CPS) 125,000 500,000 1,000,000 IPv6 application throughput 7.5 Gbps 30 Gbps 60 Gbps IPv6 DNS queries/sec (stateful) 140,000 560,000 1,120,000 IPv6 DNS queries/sec (fast stateless) 500,000 2,000,000 4,000,000 SYN attacks/sec and hardware DDoS protection (packets/sec) 15,000,000 60,000,000 120,000,000 Packet-switching latency (microseconds) 20 20 20 Maximum concurrent connections 16,000,000 64,000,000 128,000,000 Maximum concurrent sessions 32,000,000 128,000,000 256,000,000 Maximum application cores 4 16 32 Maximum system memory 8 GB 32 GB 64 GB Maximum 1 Gigabit Ethernet ports Up to 16 copper Up to 24 copper or fiber Up to 48 copper or fiber Maximum 10 Gigabit Ethernet ports 2 8 16 Maximum number of VIPs 1024 4096 4096 Maximum real servers 4096 16,384 16,384 Maximum application ports 8192 32,768 32,768 Physical dimensions Height: 4.3 cm (1.7 in.) Height: 17.7 cm (7.0 in.) Height: 44.5 cm (17.5 in.) Width: 44.3 cm (17.4 in.) Width: 44.3 cm (17.4 in.) Width: 44.3 cm (17.4 in.) Depth: 45.8 cm (18.1 in.) Depth: 44.5 cm (17.5 in.) Depth: 44.5 cm (17.5 in.) Weight 37.5 lb fully loaded (17.0 kg) 54.0 lb fully loaded (24.5 kg) 112.3 lb fully loaded (50.9 kg) Maximum power requirements 390 watts 952 watts 1920 watts Warranty 1-year hardware, 90-day software, upgrades to higher levels available 1 A single SSL module provides up to 112,000 SSL TPS and 7.2 Gbps of bulk throughput performance. However, net SSL performance relies on the number of application cores in the system. As an example, an eight-application core Brocade ADX 4000 system supports up to 56,000 SSL TPS and 3.6 Gbps of bulk throughput while utilizing a single SSL module. 1 SSL TPS—multiple HTTPS transactions over fewer SSL negotiated tunnels. SSL CPS—single SSL negotiation followed single HTTPS transaction per connection. 2 Maximum number of concurrent SSL connections is based on a maximum of 16,000 SSL connections per application processor core. Load Balancing Methods Least Connections, Round Robin, Weighted, Enhanced Weighted, Weighted Round Robin, Dynamic Weighted (SNMP-based), Response Time Server Health Checks Layer 2 ARP; Layer 3 PING; Layer 4 checks for TCP and UDP ports; Layer 7 checks for applications such as HTTP, DNS, SSL, RADIUS, LDAP; and customizable health-check policies Layer 2/3 Capabilities 32,000 MAC addresses, 802.1d Spanning Tree Protocol, 802.1w Rapid Spanning Tree Protocol, 802.1ad Link Aggregation Control Protocol (LACP), VLANs and 802.1q VLAN Tagging; Static routing, Dynamic routing - RIPv2, OSPFv2, OSPFv3, IS-IS, Multiprotocol BGP, and VRRP/E Protocol Support TCP, UDP, HTTP, SSL, FTP, TFTP, SMTP, IMAP4, POP3, LDAP, DNS, WTS, SIP, NNTP, RADIUS, MMS, RTSP Standards Compliance 802.3 10 BaseT, 802.3u 100 BaseT, 802.3z 1000 BaseSX, 802.3z 1000 BaseLX, 802.3ae 10 GbE Management SSHv2, Telnet, SNMP v1, 2, and 3, Command line, Web-based GUI, Brocade Application Resource Broker, XML API, Brocade Network Advisor Safety Compliance • EN 60950-1:2001/IEC 60950-1:2001 • UL 60950-1 • EN 60825-1:1994 • CE Safety Low Voltage Directive 2006/95/EC • CAN/CSA C22.2 No. 60950-1-03 • NEBS Compliance for Brocade ADX 1000 • FCC Part 15, Subpart B (Class A) • EN55024 (CE mark) (Immunity) Information Technology Equipment EMI Compliance • EN 55022 (CE mark) (Class A) • EN 61000-3-2 • EN 61000-3-3 • ICES-003 (Canada) (Class A) • AS/NZ 55022 (Australia) (Class A) • EN 61000-6-1 • VCCI (Japan) (Class A) • AC input rating: 100 to 240 V, 50/60 Hz, 6.0 A max. • DC input rating: -48 V, 15.0 A • AC operating voltage range: 85 to 264 V, 50/60 Hz • DC operating range: -40 to -60 Vdc • AC input rating: 100 to 240 V, 50/60 Hz, 16.0 A max. per power supply • DC input rating: -48 V, 30.0 A max. per power supply Power Supply Brocade ADX 1000 Series Brocade ADX 4000/10000 Series • AC operating voltage range: 90 to 264 V, 50/60 Hz Environmental Temperature • Operating: 0º C/32º F to 40º C/104º F (dry bulb) • Storage: -25º C/-9º F to 70º C/158º F (dry bulb) Humidity • Operating: 5% to 90% (relative, non-condensing) • Storage: 5% to 95% (relative, non-condensing) Altitude • Operating: 0 to 6600 ft. (0 to 2012 m) maximum • Storage: 15,000 ft. (4500 m) maximum Mounting Options 19-inch universal EIA (Telco) rack, or tabletop • DC operating range: -40 to -60 Vdc Data Sheet www.brocade.com BROCADE APPLICATION DELIVERY INFRASTRUCTURE COMMUNITY Brocade ADX users now can find numerous support resources through the Brocade Application Delivery Infrastructure (ADI) community. This group focuses on Brocade ADX products and related partner technologies, and provides a Web 2.0 social networking resource for application and networking professionals seeking discussions, solutions, information, education, and implementation guidance. MAXIMIZING INVESTMENTS To help optimize technology investments, Brocade and its partners offer complete solutions that include education, support, and services. For more information, contact a Brocade sales partner or visit www.brocade.com. Brocade customers and partners can easily leverage the collective knowledge and experience of the Brocade ADI community to enable real-time resolution of current application delivery challenges. Resources include the latest information and use cases, along with configuration scripts and examples. Learn more at http://community.brocade.com/adi. BROCADE GLOBAL SERVICES Brocade Global Services delivers world-class professional services and technical support to enable the transition to virtualized data centers and cloud-optimized architectures. Brocade Professional Services offers assessment, design, and implementation services to help organizations optimize application delivery in cloud-optimized data centers. Brocade Premier Support and onsite residencies help organizations maximize the availability of missioncritical applications through personalized, preferential, and proactive technical support. Corporate Headquarters San Jose, CA USA T: +1-408-333-8000 email@example.com European Headquarters Geneva, Switzerland T: +41-22-799-56-40 firstname.lastname@example.org Asia Pacific Headquarters Singapore T: +65-6538-4700 email@example.com © 2011 Brocade Communications Systems, Inc. All Rights Reserved. 05/11 GA-DS-1349-09 Brocade, the B-wing symbol, BigIron, DCFM, DCX, Fabric OS, FastIron, IronView, NetIron, SAN Health, ServerIron, ADX, Brocade, the B-wing symbol, BigIron, DCFM, DCX, Fabric OS, FastIron, IronView, NetIron, SAN Health, ServerIron, TurboIron, and Wingspan are registered trademarks, and Brocade Assurance, Brocade NET Health, Brocade One, Extraordinary Networks, MyBrocade, VCS, and VDX are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned are or may be trademarks or service marks of their respective owners. Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government.