Enterasys | 24-Port | Enterasys® G3

D ATASH EET
Enterasys® G3
Secure, Policy-based 10GbE Modular L2/L3/L4 Edge Switch
Versatile edge switch with
modular 10 Gigabit XFP, Gigabit
SFP, and 10/100/1000 PoE IOMs
Delivers Secure Networks
architecture to the network edge
Multilayer switching and full
Layer 3 routing with IPv6
High availability and high density
Power over Ethernet
214Mpps and 384 Gbps capacity
Product Overview
The Enterasys® G3 combines the small size and cost-effectiveness of a stackable, with the
modularity of a chassis, into a single standalone switch that supports convergence, compliance
and connectivity needs. Ready to support the QoS priority and security needs of converged voice,
video and data networks, the G3 is designed to support business-critical enterprise applications
such as IP telephony, HD video conferencing, distance learning, business intelligence, ERP, CRM,
and Internet connectivity. All this while ensuring only the right users have access to the right
information from the right place at the right time for compliance purposes.
Delivering advanced Enterasys Secure Networks policy management capabilities, the Enterasys
G3 series provides up to 96 ports of Gigabit Ethernet (GbE) connectivity in either 10/100/1000
Mbps RJ45 with integrated Power over Ethernet (PoE) options or 1 GbE ports via Small Form
Factor Pluggable fiber-optic transceivers (SFP). As many as twelve 10 GbE ports are supported
via Small Form Factor Pluggable fiber-optic transceivers (XFP).
Bandwidth, QoS and security policy control is offered for up to eight users per port based on L2/
L3/L4 traffic visibility. In addition to L2 switching and standard IPv4 RIPv1/v2 support, optional
firmware upgrades enable advanced IPv4 routing or IPv6 routing. The G3 inspects and classifies
incoming traffic; discovers attached users, applications and devices; authenticates them using
802.1x, Web and/or MAC multi-user authentication; then enforces priority and security policies by
making the filtering, forwarding or rate limiting decision.
The Enterasys G3 is integrated with the Enterasys Secure Networks architecture to offer granular
control by user and application over priority and security parameters, while enabling full user
mobility. The privileges for a user or device are enforced dynamically based on authentication
results regardless of wired or wireless connectivity. The end result is an easier way to manage the
networked infrastructure as an integrated system. This holistic approach leveraging Enterasys
NetSight® centralized visibility and control management software avoids the need to manually
reconfigure on a device-by-device basis every time there is a move, add or change.
Define the policies once, and Enterasys keeps up with all the mobility, expansion and
modification automatically.
Benefits
Minimal Operator Intervention
• Patented Secure Networks visibility and
control functions enable you to apply
business-oriented user and application
policies to create a self-managed, secure
and high-performance network
• Unlike traditional technology-oriented port
and VLAN ACL-based methods, you don’t
need to configure policies on a box-bybox basis using complex CLI commands.
An intuitive GUI enables you to define
the policies once, and regardless of the
number of moves, adds or changes,
have those user and application policies
enforced automatically across the entire network
Edge Security & Access Control
• “What you need is what you get” policies
allow you to proactively prevent security
incidents and assure service level
requirements by either rate limiting,
prioritizing, denying, or quarantining
traffic based on user privileges,
application priority, or required protocols.
• Flexibility of three expansion slots
supports any of the following IOMs:
– 24 port 10/100/1000 RJ45 with dual
SFP “combo” ports and ability to
upgrade to PoE
– 24 port 1 GbE SFP
– 2 port 10 GbE XFP
– 4 port 10 GbE XFP Predictable Quality of Service
• Extensive controls for managing QoS by
L2/L3/L4 traffic discovery, classification
and prioritization
• High availability design through
redundant cooling, hot swap fieldreplaceable power supplies, topology loop
protection, link aggregation and mesh
topology support
There is nothing more important
than our customers.
Features
Security
Convergence
• Business-oriented policy-based security by user, application, protocol,
port or VLAN
• LLDP-MED (Media Endpoint Discovery): a standard extension of
LLDP that stores values for parameters such as QoS and VLAN to
automatically configure network devices such as IP phones
• Technology-oriented ACL-based security by port or VLAN
• Multiple User Authentication via IEEE 802.1X, Web portal and/or
MAC address simultaneously for up to 8 users/devices per port
• Multiple User Quarantine via RFC 3580 for up to 8 users/devices
per port
• IP multicast routing: Optional Advanced Routing License supports
PIM sparse mode
• IP multicast snooping (data-driven IGMP): automatically prevents
flooding of IP multicast traffic
• Acceptable Use Policy enforcement when deployed with NetSight
Connectivity
• Rapid detection, isolation and remediation of threats when deployed
with NetSight and Dragon
• IEEE 802.3af Power over Ethernet: provides up to 15.4 W per port
to IEEE 802.3af compliant PoE powered devices such as IP phones,
wireless access points, and security cameras
• Proactive Protection Services
– MAC address lockdown / lockout
– Worm & virus quarantine
– Source port pairing
– ARP broadcast protection
– BPDU port protection
– DHCP service protection
Performance
• Aggregate capacity: G3 performs at wire speed per port and
provides switching capacity up to 214 Mpps throughput and
384 Gbps bandwidth.
• Address table size: Up to 32,000 addresses are supported
• Hardware queues: Eight hardware queues per port are supported
Management
• Secure Management: Authenticated and encrypted SNMPv3 support
in addition to SSHv2 and SSL
• Policy support: The G3 supports the creation of 31 profiles and 1536
unique policy rules per device. The use of 100 masks are possible per
user role or profile and up to eight roles or profiles are supported per port.
• Port mirroring: Mirrors ingress traffic from switch port(s) to a local or
remote device for further traffic analysis or compliance purposes
• RMON: provide advanced monitoring and reporting capabilities for
statistics, history, alarms, and events
• IEEE 802.1AB Link Layer Discovery Protocol (LLDP):
automated device discovery protocol for easy mapping by network
management applications
• Alias/Node Table: Dynamically updated local directory of attached
users and devices used to locate and resolve IP addresses to MAC
addresses throughout the network
• PoE power management: prioritize which ports receive power and
detect powered and non-powered end devices to enable attachment of
PoE and standard Ethernet devices on a single switch.
• Jumbo frames: on Gigabit and 10-Gigabit ports enable highperformance remote backup and disaster-recovery services
• IPv6 capable: switch hardware is capable of supporting IPv6 host,
routing, and filtering via an optional advanced routing license
High Availability
• Virtual Router Redundancy Protocol (VRRP): Requires optional G3
Advanced Routing License. VRRP allows creation of highly available
routed environments
• IEEE 802.1s Multiple Spanning Tree Protocol: provides link high
availability in multiple VLAN environments by allowing multiple
spanning trees; encompasses IEEE 802.1D Spanning Tree Protocol
and IEEE 802.1w Rapid Spanning Tree Protocol
• IEEE 802.3ad Link Aggregation Control Protocol (LACP): support up
to 6 trunks, each with up to 8 ports per trunk
• Hot-swappable power supplies and SFP/XFP optics
• Redundant power supplies and cooling
• Sparing simplicity: common accessories (interface modules,
power supplies)
Layer 2 switching
• IEEE 802.1q VLAN support and tagging: supports up to 1,024
VLANs simultaneously
• GARP VLAN Registration Protocol: allows automatic learning and
dynamic assignment of VLANs
Page 2
Layer 3 services
Quality of Service (QoS)
• Layer 3 IP routing: Static IP routing provides basic routing. RIP
provides RIPv1 and RIPv2 routing at media speed for up to 512 IPv4
routes. Optional Advanced Routing License includes PIM, VRRP and
OSPF2 which supports ECMP to provide link redundancy/scalable
bandwidth and NSSA. IPv6 routing is supported via the optional IPv6
Routing License
• Traffic classification at layer 2,3,4: enables packet classification and
tagging at the network edge based on any of the following attributes:
MAC address, physical port, IP address, IP protocol, IP ToS/DSCP,
TCP/UDP port and IP subnet.
• UDP helper function: UDP broadcasts can be directed across router
interfaces to specific IP unicast or subnet broadcast addresses and
prevent server spoofing for UDP services such as DHCP
• Loopback interface address: defines an address in RIP and OSPF that
can always be reachable, improving diagnostic capability
• Traffic prioritization: allows real-time traffic classification into 8
priority levels mapped to eight hardware queues. Weighted round
robin (WRR) and strict priority (SP) queuing are supported which
keeps low priority traffic from being completely starved of bandwidth.
Support for IP Differentiated Services Code Point (DSCP) enables the
G3 to enforce requested service levels.
Standards and Protocols
Switching services protocols
IP Routing & Multicast
RFC 1493 - BRIDGE-MIB
IEEE 802.1d (MAC Bridges)
Static routes
RFC 2674 -P-BRIDGE-MIB
IEEE 802.1t (802.1d Maintenance)
RIP v1, v2
RFC 2674-QBRIDGE-MIB VLAN BRIDGE MIB
IEEE 802.3ad (link Aggregation)
ICMP
IEEE 802.1X MIB - PORT ACCESS
IEEE 802.1w (Rapid Reconvergence)
OSPF2 (optional license)
IEEE 802.3x (Flow Control)
ARP & ARP Redirect
RFC2620 - RADIUS ACCOUNTING CLIENT
MIB
IGMP Snooping v1, v2
ARP Tables
Jumbo Frame support (9,216 bytes)
Dynamic Table Size: 2024
IP Helper Address
Static Table Size: 512
VLAN Support
PIM-SM (optional license)
IEEE 802.1Q VLAN
DVMRP (optional license)
Tagged-based VLAN
VRRP (optional license)
Port-based VLAN
DHCP/BOOTP Relay
RFC 2934 -PIM MIB FOR IPV4
(optional license)
GVRP protocol
RFC & MIB Support
ENTERASYS ENTITY MIB
GARP
RFC 2338 - IP REDUNDANCY – VRRP
(optional license)
ENTERASYS POLICY MIB
Quality of Service
IP DSCP
IP Precedence
RFC 1058 - RIP V1
RFC 2453 RIP V2
RFC 2618 AUTHENTICATION CLIENT MIB
RFC 1724 - RIP V2 MIB EXTENSION
RFC 1850 - OSPF V2 MIB (optional license)
RFC 2787 VRRP-MIB (optional license)
RFC 3289 -DIFFSERV-MIB
RFC 2933-IGMP MIB
LLDP/LLDP-MED
Additional IEEE Standards
IEEE 802.3 Ethernet
Protocol
RFC 1583, RFC 2328 - OSPF2
(optional license)
Source IP
RFC 826 - ARP, ARP REDIRCT
IEEE 802.3ab Gigabit Ethernet, copper
Destination IP
RFC 951, RFC 1542 - DHCP/BOOTP RELAY
IEEE 802.1x Network Access Control
Source MAC
RFC 2131, RFC 3046 - DHCP CLIENT/RELAY
IEEE 802.3z Gigabit Ethernet
Destination MAC
RFC 2819 - RMON-MIB
IEEE 802.1s Multiple Spanning Trees
IEEE 802.3u Fast Ethernet
RFC 1213, RFC12123-MIB/MIB II
Page 3
Specifications
G3G124-24
G3G124-24P
G3G170-24
Description
24 port 10/100/1000 switch with three
modular expansion slots (power supply
not included)
24 port 10/100/1000 PoE switch with
three modular expansion slots (power
supply not included)
24 port SFP switch with three modular
expansion slots (power supply not
included)
Port
24 fixed RJ-45 10/100/1000 ports
expandable to 96 (Type 10Base-T, Type
100Base-TX, Type 1000Base-T). Plus
2 combo SFP ports.
24 fixed RJ-45 10/100/1000 ports with
PoE expandable to 96 (Type 10Base-T,
Type 100Base-TX, Type 1000Base-T).
Plus 2 combo SFP ports.
24 fixed SFP 1000Base-X/ 100FX ports
expandable to 96 (SFP: Small Form-Factor
Plug-in) transceivers for both fiber and
copper connections. Does not support PoE
cards.
Empty slots
Three empty slots for Input/Output
Modules (IOMs)
Three empty slots for Input/Output
Modules (IOMs)
Three empty slots for Input/Output
Modules (IOMs)
Power supplies
Power supplies not included in base
unit. Order separately, see Accessories
section
Power supplies not included in base
unit. Order separately, see Accessories
section
Power supplies not included in base unit.
Order separately, see Accessories section
Form Factor
Fixed modular, standalone
Fixed modular, standalone
Fixed modular, standalone
Memory and processor
256MB RAM
32MB flash memory
256MB RAM
32MB flash memory
256MB RAM
32MB flash memory
Throughput
Up to 214 Mpps
Up to 214 Mpps
Up to 214 Mpps
Switching capacity
384 Gbps
384 Gbps
384 Gbps
PoE total power Class 3 (watts)
96 ports non-redundant, 48 ports redundant
96 ports non-redundant, 48 ports redundant
Up to 72 ports non-redundant with optional IOM
Up to 24 ports redundant with optional IOM
PoE total power Class 2 (watts)
96 ports fully redundant
96 ports fully redundant
Up to 72 ports fully redundant with
optional IOM
PoE power per port (watts)
15.4w for Class 3
15.4w for Class 3
15.4w for Class 3
IEEE 802.3af Compliant
Yes
Yes
Yes
Management
Netsight Policy Manager, Automated
Security Manager (additional license);
command line interface; web browser
Netsight Policy Manager, Automated
Security Manager (additional license);
command line interface; web browser
Netsight Policy Manager, Automated
Security Manager (additional license);
command line interface; web browser
Dimensions (HxWxD)
3.46x17.36x18.94in / 88x441x481mm
3.46x17.36x18.94in / 88x441x481mm
3.46x17.36x18.94in / 88x441x481mm
Net Weight (g/lb/Kg)
21.16lb / 9.598Kg
21.30lb / 9.662Kg
21.75lb / 9.866Kg
MTBF (Hrs)
119,152
107,645
134,153
Thermal Output (Volt-Amps)
54V-2.33A
54V-2.41A
54V-1.71A
Thermal Output (BTUs/Hr)
429.66
443.3
214.3338
Input Voltage
100-240V AC
100-240V AC
100-240V AC
Input Frequency
50-60Hz
50-60Hz
50-60Hz
Input Current
1.7A-0.7A
1.8A-0.7A
1.71A
Power Consumption (watts)
126 W
130 W [Without PoE power draw]
92.18 W
Performance
Electrical
Physical Specs
Environmental Specifications
Power requirements
Page 4
Specifications (Cont.)
G3G124-24
G3G124-24P
G3G170-24
Operating Temperature (C/F)
0-50°C / 32-122°F
0-50°C / 32-122°F
0-50°C / 32-122°F
Non-Operating/Storage
Temperature (C/F)
-40-70°C / -40-158°F
-40-70°C / -40-158°F
-40-70°C / -40-158°F
5%-95%
5%-95%
5%-95%
UL/CB/LVD
UL/CB/LVD
UL/CB/LVD
CE / FCC Class A / VCCI / C-Tick /BSMI
CE / FCC Class A / VCCI / C-Tick /BSMI
CE / FCC Class A / VCCI / C-Tick /BSMI
Operational Shock
ISTA 2A
ISTA 2A
ISTA 2A
Drop
ASTM D5276
ASTM D5276
ASTM D5276
Temperature
Humidity
Operating Humidity
Agency & Standards Specifications
Standard Safety (UL)
Eletromagnetic compatibility
Standard EMC
Vibration
IOMs
G3G-24TX –
24 10/100/1000
port IOM with 2
Combo SFP ports
G3G-24SFP –
24 port
1000BaseX IOM
G3K-2XFP –
2 port 10GB IOM
G3K-4XFP –
4 port 10 GB IOM
G3G-POE –
Power over Ethernet
daughter card
Dimensions (HxWxD)
1.61x8.07x12.60in /
41x205x320mm
1.61x8.07x12.60in /
41x205x320mm
1.61x8.07x12.60in /
41x205x320mm
1.61x8.07x12.60in /
41x205x320mm
0.63x6.69x4.49in /
16x170x114mm
Net Weight (g/lb/Kg)
2.43lb / 1.1Kg
3.09lb / 1.4Kg
2.20lb / 1Kg
2.43lb / 1.1Kg
0.14lb / 0.064Kg
MTBF (Hrs)
354,653
394,524
343,139
246,568
1,114,579
Thermal Output (Volt-Amps)
54V-0.65A
54V-0.43A
54V-0.41A
54V-0.74A
54V-0.07A
Thermal Output (BTUs/Hr)
119.35
78.43
75.93
136.4
13.64
Input Voltage
54V DC
54V DC
54V DC
54V DC
54V DC
Input Current
0.65
0.43
0.41
0.74
0.07
Power Consumption (watts)
35 W
23 W
22 W
40 W
4W
Operating Temperature (C/F)
0-50°C / 32-122°F
0-50°C / 32-122°F
0-50°C / 32-122°F
0-50°C / 32-122°F
0-50°C / 32-122°F
Non-Operating/Storage
Temperature (C/F)
-40-70°C / -40-158°F
-40-70°C / -40-158°F
-40-70°C / -40-158°F
-40-70°C / -40-158°F
-40-70°C / -40-158°F
5%-95%
5%-95%
5%-95%
5%-95%
5%-95%
UL
UL
UL
UL
UL
CE / FCC Class A / VCCI / C-Tick /BSMI
CE / FCC Class A / VCCI / C-Tick /BSMI
CE / FCC Class A / VCCI / C-Tick /BSMI
CE / FCC Class A / VCCI / C-Tick /BSMI
CE / FCC Class A / VCCI / C-Tick /BSMI
Operational Shock
ISTA 2A
ISTA 2A
ISTA 2A
ISTA 2A
ISTA 2A
Drop
ASTM D5276
ASTM D5276
ASTM D5276
ASTM D5276
ASTM D5276
Physical Specs
Environmental Specifications
Power requirements
Temperature
Humidity
Operating Humidity
Agency & Standards
Specifications
Standard Safety (UL)
Eletromagnetic compatibility
Standard EMC
Vibration
Page 5
Ordering Information
Part Number
Description
Enterasys G3 secure switch
G3G124-24
24 port 10/100/1000 switch with three modular expansion slots (power supply not included)
G3G124-24P
24 port 10/100/1000 PoE switch with three modular expansion slots (power supply not included)
G3G170-24
24 port SFP switch with three modular expansion slots (power supply not included)
Input Output Modules (IOM)
G3G-24TX
24 10/100/1000 port IOM with 2 Combo SFP ports
G3G-24SFP
24 port 1000BaseX IOM
G3K-2XFP
2 port 10GbE IOM
G3K-4XFP
4 port 10 GbE IOM
G3G-POE
Power over Ethernet daughter card
Software License
G3L3-LIC
Enterasys G3 Advanced IPv4 Routing License (OSPF, PIM, DVMRP, VRRP), Per Switch License
G3IPv6-LIC
Enterasys G3 IPv6 Routing License, Per Switch License
Accessories
G3-PWR-POE
1200 watt power supply (requires 20amp circuit)
G3-PWR
400 watt power supply (requires 15amp circuit)
XFP Modules
10GBASE-SR-XFP
XFP with 10-Gigabit Ethernet Short Reach (up to 33/82/300m on OM1/OM2/OM3 fiber) via LC connector
10GBASE-LR-XFP
XFP with 10-Gigabit Ethernet Long Reach (10KM over SMF) via LC connector
10GBASE-ER-XFP
XFP with 10-Gigabit Ethernet Extended Reach (40KM over SMF) via LC connector
10GBASE-ZR-XFP
XFP with 10-Gigabit Ethernet Extended Reach (80KM over SMF) via LC connector
10GBASE-CX4
XFP with 10-Gigabit interface,Twin Axial, Copper SFF-8470 via XFP connector (15m)
MGBIC Modules
MGBIC-LC01
Mini-GBIC with 1000Base-SX via LC connector
MGBIC-LC03
Mini-GBIC with 1000Base-LX/LH (2KM Long Haul) MMF via LC connector
MGBIC-LC04
Mini-GBIC with 100Base-FX (up to 2KM) via LC connector
MGBIC-LC05
Mini-GBIC with 100Base-FX (up to 10KM) via LC connector
MGBIC-08
Mini-GBIC with 1000Base-LX/LH (70Km Long Haul) SMF via LC connector
MGBIC-LC09
Mini-GBIC with 1000Base-LX via LC connector
MGBIC-02
Mini-GBIC with 1000Base-T via RJ45 connector
MGBIC-MT01
Mini-GBIC with 1000Base-SX via MTRJ connector
Page 6
Warranty
The Enterasys G3 comes with an advance replacement limited lifetime warranty that continues for
5 years after the date of product discontinuation. There is also a full software and firmware warranty
to cover patches, bug fixes, and feature upgrades with 8 x 5 telephone support. For full warranty
terms and conditions please go to http://www.enterasys.com/support/warranty.aspx
Service and Support
Enterasys Networks provides comprehensive service offerings that range from Professional Services
to design, deploy and optimize customer networks, customized technical training, to service and
support tailored to individual customer needs. Please contact your Enterasys account executive for
more information about Enterasys Service and Support.
Contact Us
For more information, call Enterasys Networks toll free at 1-877-801-7082, or +1-978-684-1000 and visit us on the Web at enterasys.com
© 2008 Enterasys Networks, Inc. All rights reserved. Enterasys is a registered trademark. Secure Networks is a
trademark of Enterasys Networks. All other products or services referenced herein are identified by the trademarks or
service marks of their respective companies or organizations. NOTE: Enterasys Networks reserves the right to change
specifications without notice. Please contact your representative to confirm current specifications.
04/08
Delivering on our promises. On-time. On-budget.
Download PDF