Network Security
With support for various types of ACLs, port security, IP-MAC-port binding, and other security technologies, the RG-S2910-H can effectively prevent various ARP spoofing and proactively protect against various DoS and DDoS attacks.
It supports Ruijie CPU Protection Policy (CPP) and Network Foundation Protection Policy (NFPP). The two technologies can be used to differentiate data flows destined for the CPU and assign priorities to queues for different processing. Moreover, the device delivers real-time bandwidth limiting to protect the CPU from being occupied by unauthorized traffic and malicious attacks, which guarantees stable CPU operation. It rate-limits ARP packets, ICMP request packets, and DHCP request packets sent by users on a network, and discards the packets of which the transmit rate exceeds the rate limit. It can also identify attacks and isolate users that launch attacks, ensuring secure and stable operation of the entire network.
VSU
Virtual Switching Unit (VSU) enables multiple physical devices to be virtualized into one logical device. The physical devices use the same IP address, Telnet process, and CLI for management, and support automatic version check and automatic configuration. In this context, a network administrator only manages one logical device, improving working efficiency and experience.
Simplified management: The network administrator can manage multiple switches uniformly without connecting to each switch for separate configuration and management.
Simplified network topology: A VSU serves as a switch on a network and connects to peripheral devices through aggregate links. Therefore, no Layer 2 loop occurs and MSTP configuration is not required. Various control protocols can run on the VSU.
Fault rectification within milliseconds: A VSU connects to peripheral devices through aggregate links. If one device or member link in the VSU malfunctions, data and services can be switched to another member link within only 50 ms to 200 ms.
High scalability: Devices can be added to or removed from a virtualized network, without affecting normal operation of other devices.
Increase in return on investment: Aggregate links are used for connecting the VSU to peripheral devices, implementing link redundancy and load balancing. All network devices and bandwidth resources are fully leveraged. Any type of 10GE ports can be used to establish a VSU over any data transmission cable, without requiring additional cable or expansion card configurations. There are no limitations on the port or cable types used, which maximizes user investment protection.
Standard Protocols for Easier Device Interworking
The RG-S2915-L series switches support the Ethernet Ring Protection Switching (ERPS) technology, which is a Layer 2 link redundancy protocol designed for the core Ethernet. The master device is used to block loops and restore links, and the non-master device directly reports the link status to the master device, without any processing from other non-master devices. Therefore, loop elimination and restoration time of ERPS is faster than that of STP. ERPS supports link restoration within milliseconds.
SDN for Future Service Development
The RG-S2910-H supports OpenFlow, and can be used with Ruijie Networks' Software-defined Networking (SDN) controller to easily realize large-scale 2-layer networking architecture. It also supports smooth upgrade of the entire network to an SDN network, which greatly simplifies network management while reducing maintenance costs.