Product Categories
0 0
0
LoginRegister
0
LoginRegister
English German French

Categories

Menu Shopping Search Cart

Menu

Aruba 6000 Switch Series

The Aruba 6000 Switch Series is modern family of entry level access switches ideal for branch offices, midsize businesses, and small enterprises. Optimized for reliable, simple and secure access, the 6000 series provides a convenient and cost-effective wired access solution for networks supporting IoT, mobile, and cloud applications.

The 6000 series is based on the Aruba ASIC architecture with the programmable AOS-CX operating system used across the entire Aruba CX portfolio for a more consistent, more efficient operator experience. This fully managed series has convenient built-in uplinks with up to 740W of PoE+ to support IoT devices such as security cameras and wireless APs. A compact and fanless model is ideal for use in quiet, small work spaces.

The 6000 series is easy to deploy and use with flexible management choices that include Web GUI, CLI, cloudbased and on-premise Aruba Central management, so you can choose the best fit for your business and network environment. Delivering Layer 2 capabilities with enhanced access security, traffic prioritization, and IPv6 support, the 6000 also simplifies ownership and brings peace of mind with switch software embedded with no subscription required to enable and a Limited Lifetime Warranty.

 

Key features

  • Enterprise-class Layer 2 connectivity with support for ACLs, robust QoS and static routing
  • Convenient built-in 1GbE uplinks and up to 740W of Class 4 PoE for support of IoT devices
  • Compact and fanless 12 port model for quiet deployment
  • Management flexibility with support for Aruba Central, easy-to-use Web GUI, CLI, and Aruba NetEdit
  • Simple deployment with Zero Touch Provisioning
  • Software defined ready with REST APIs
  • Simplify adds, moves and changes with colorless ports

 

Layer 2 Switching

  • VLAN support and tagging support for IEEE 802.1Q (4094 VLAN IDs) and 512 VLANs simultaneously
  • Jumbo packet support improves the performance of large data transfers; supports frame size of up to 9,198 bytes
  • Rapid Per-VLAN Spanning Tree (RPVST+) allows each VLAN to build a separate spanning tree to improve link bandwidth usage; is compatible with PVST+
  • STP supports standard IEEE 802.1D STP, IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) for faster convergence, and IEEE 802.1s Multiple Spanning Tree Protocol (MSTP)
  • MVRP allows automatic learning and dynamic assignment of VLANs
  • Bridge Protocol Data Unit (BPDU) tunneling transmits STP BPDUs transparently, allowing correct tree calculations across service providers, WANs, or MANs
  • Port mirroring duplicates port traffic (ingress and egress) to a monitoring port; supports 4 mirroring groups
  • Internet Group Management Protocol (IGMP) Controls and manages the flooding of multicast packets in a Layer 2 network

Layer 3 Services

  • Address Resolution Protocol (ARP) determines the MAC address of another IP host in the same subnet; supports static ARPs
  • Domain Name System (DNS) provides a distributed database that translates domain names and IP addresses, which simplifies network design; supports client and server
  • Supports internal loopback testing for maintenance purposes and increased availability; loopback detection protects against incorrect cabling or network configurations and can be enabled on a per-port or per VLAN basis for added flexibility

Layer 3 Routing

  • Static IP routing provides manually configured routes.
  • Dual stack static IPv4 and IPv6 routing provides simple manually configured IPv4 and IPv6 routing
  • Dual IP stack maintains separate stacks for IPv4 and IPv6 to ease the transition from an IPv4-only network to an IPv6-only network design

Cost-effective enterprise-class access

  • 1U models support 24 and 48 access ports of IEEE 802.3 1GbE with four built-in 1GbE uplink SFP ports. The 24 port PoE models support up to 370W and the and 48 pot PoE models support up to 740W IEEE 802.3at Class 4 Power over Ethernet for up to 30W per port
  • Compact and fanless model supports 12 ports of IEEE 802.3 1GbE with four uplinks (two built-in 1GbE uplink SFP ports, two built-in 1GbE ports), and 139W IEEE 802.3at Class 4 Power over Ethernet for up to 30W per port
  • Support for Energy Efficient Ethernet IEEE 802.3az reduces power consumption during periods of low network traffic
  • Support for pre-standard PoE detects and provides power to pre-standard PoE devices
  • Auto-MDIX provides automatic adjustments for straightthrough or crossover cables on all 10/100/1000 ports
  • Unsupported Transceiver Mode (UTM) allows to insert and enable all unsupported 1G transceivers and cables. Note that there is no warranty nor support for the transceiver/cable when this feature is used
  • Jumbo frames allow for high-performance backups and disaster-recovery systems; provides a maximum frame size of 9198 bytes
  • Packet storm protection against broadcast, multicast and unknown unicast storms with user-defined thresholds

Resiliency and availability

  • Uni-directional Link Detection (UDLD) to monitor link connectivity and shut down ports at both ends if uni directional traffic is detected, preventing loops in STPbased networks
  • IEEE 802.3ad LACP supports up to 8 LAGs, each with up to 8 links per LAG; and provides support for static or dynamic groups and a user-selectable hashing algorithm
  • IEEE 802.1s Multiple Spanning Tree provides high link availability in VLAN environments where multiple spanning trees are required; and legacy support for IEEE 802.1d and IEEE 802.1w
  • SmartLink provides easy-to-configure link redundancy of active and standby link


Quality of Service (QoS)

  • Strict priority (SP) queuing
  • Traffic prioritization (IEEE 802.1p) for real-time classification
  • Class of Service (CoS) sets the IEEE 802.1p priority tag based on IP address, IP Type of Service (ToS), Layer 3 protocol, TCP/UDP port number, source port, and DiffServ
  • Rate limiting sets per-port ingress enforced maximums and per-port, per-queue minimums
  • Large buffers for graceful congestion management

Simplified configuration and management

  • Intuitive, easy to use switch Web GUI provides easy to use dashboard, robust tool set and switch insights
  • Cloud-based Aruba Central provides single pane of glass management of wired and wireless network with automated alerts and easy to use configuration
  • Built-in programmable and easy-to-use REST API interface
  • Industry-standard CLI with a hierarchical structure for reduced training time and expense. Delivers increased productivity in multivendor environments
  • sFlow (RFC 3176) is ASIC-based wire speed network monitoring and accounting with no impact on network performance; network operators can gather a variety of network statistics and information for capacity planning and real-time network monitoring purposes
  • Management security restricts access to critical configuration commands, provides multiple privilege levels with password protection and local and remote syslog capabilities allow logging of all access
  • SNMPv1/v2c/v3 support provides Read capability of industry standard Management Information Base (MIB), and private extensions
  • SNMP support includes: Write Set Speed and Duplex, Write Port Security, Write POE Priority, Write Config Mgmt, SNMP-Read single OID for average CPU and memory, SNMP MIB View
  • SNMP Trap include: Transceiver Traps (insertion/removal), SNMP Trap, SNMP MIB-SNMB Authentication, SNMPv2 MIB, Port Sec MIB-Port Sec, Config MIB-Running Config Change, Config MIB, AAA Server MIB, AAA Server State

 

 

  • Remote monitoring (RMON) with standard SNMP to monitor essential network functions. Supports events, alarms, history, and statistics groups as well as a private alarm extension group
  • TFTP and SFTP support offers different mechanisms for configuration updates; trivial FTP (TFTP) allows bidirectional transfers over a TCP/ IP network; Secure File Transfer Protocol (SFTP) runs over an SSH tunnel to provide additional security
  • Debug and sampler utility supports ping and traceroute for IPv4 and IPv6
  • Network Time Protocol (NTP) synchronizes timekeeping among distributed time servers and clients; keeps timekeeping consistent among all clock-dependent devices within the network so the devices can provide diverse applications based on the consistent time
  • IEEE 802.1AB Link Layer Discovery Protocol (LLDP) advertises and receives management information from adjacent devices on a network, facilitating easy mapping by network management applications
  • Dual flash images provides independent primary and secondary operating system files for backup while upgrading
  • Multiple configuration files can be stored to a flash image
  • Unidirectional link detection (UDLD) monitors the link between two switches and blocks the ports on both ends of the link if the link goes down at any point between the two devices

Multicast

  • IGMP Snooping allows multiple VLANs to receive the same IPv4 multicast traffic, lessening network bandwidth demand by reducing multiple streams to each VLAN
  • Multicast Listener Discovery (MLD) enables discovery of IPv6 multicast listeners; support MLD v1 and v2
  • Internet Group Management Protocol (IGMP) utilizes Any-Source Multicast (ASM) to manage IPv4 multicast networks; supports IGMPv1, v2, and v3
  • IP multicast snooping (data-driven IGMP) prevents flooding of IP multicast traffic

IPv6 capabilities

  • IPv6 host enables switches to be managed in an IPv6 network
  • Dual stack (IPv4 and IPv6) transitions from IPv4 to IPv6, supporting connectivity for both protocols
  • MLD snooping forwards IPv6 multicast traffic to the appropriate interface
  • IPv6 ACL/QoS supports ACL and QoS for IPv6 network traffic
  • IPV6 static routing

 

AOS-CX - a modern software system

The Aruba 6000 Switch Series is based on AOS-CX, a modern, database-driven operating system that is built on a modular Linux architecture. With the 6000 series, the benefits of the AOS-CX architecture is extended to small enterprise deployments providing the following unique capabilities:

  • Easy access to all network configuration state information
  • REST APIs for fine-grained programmability of network tasks
  • A micro-services architecture that enables full integration with other workflow systems and services
  • All software processes communicate with the database rather than each other, ensuring near real-time state and resiliency.

Aruba ASICs - programmable innovation

Based on over 30 years of continuous investment, Aruba’s ASICs create the basis for innovative and agile software feature advancements, unparalleled performance and deep visibility. These programmable ASICs are purpose-built to allow for a tighter integration of switch hardware and software within campus and data center architectures to optimize performance and capacity. The Aruba 6000 is based on the Aruba ASIC architecture.

Access layer performance

The Aruba 6000 Switch Series uses internally developed Aruba ASICs that provide very low latency, increased packet buffering, and adaptive power consumption. Each switch includes the following:

  • Up to 104 Gbps in non-blocking bandwidth and up to 77.3 Mpps for forwarding
  • Selectable queue configurations that allow for increased performance by defining a number of queues and associated memory buffering to best meet the requirements of network applications.

Management flexibility

Innovative design supports cloud-based and on-premise management, CLI and easy to use Web GUI with same hardware, eliminating rip and replace of equipment as network management needs grow. Cloud-based Aruba Central provides single pane of glass, unified network operations of wired, WLAN, SD-WAN, and public cloud infrastructure.

Simplify adds, moves and changes

Reduce manual IT operation tasks around initial deployment or on-going configuration changes to accommodate adds, moves and changes with colorless ports using local user roles and local-MAC-Authentication (LMA). Instead of statically pre-configuring access ports to VLANs and maintaining the switch port to VLAN mapping, colorless ports can automatically apply the role/policy required.

Security

  • Integrated trusted platform module (TPM) for platform integrity. This ensures the boot process started from a trusted combination of AOSCX switches.
  • Access control list (ACL) support for both IPv4 and IPv6; allows for filtering traffic to prevent unauthorized users from accessing the network, or for controlling network traffic to save resources; rules can either deny or permit traffic to be forwarded; rules can be based on a Layer 2 header or a Layer 3 protocol header
  • ACLs also provide filtering based on the IP field, source/destination IP address/subnet, and source/ destination TCP/UDP port number on a per-VLAN or per-port basis
  • Remote Authentication Dial-In User Service (RADIUS)
  • Terminal Access Controller Access-Control System (TACACS+) delivers an authentication tool using TCP with encryption of the full authentication request, providing additional security
  • Management access security for both on- and offbox authentication for administrative access. RADIUS
    or TACACS+ can be used to provide encrypted user authentication. Additionally, TACACS+ can also provide admin authorization services
  • Control Plane Policing sets rate limit on control protocols to protect CPU overload from DOS attacks
  • Supports multiple user authentication methods. Uses an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server to authenticate in accordance with industry standards
  • Supports MAC-based client authentication
  • Concurrent IEEE 802.1X, Web, and MAC authentication schemes per switch port accepts up to 32 sessions of IEEE 802.1X, Web, and MAC authentications
  • Secure management access delivers secure encryption of all access methods (CLI, GUI, or MIB) through SSHv2, SSL, and/or SNMPv3
  • Switch CPU protection provides automatic protection against malicious network traffic trying to shut down the switch
  • ICMP throttling defeats ICMP denial-of-service attacks by enabling any switch port to automatically throttle ICMP traffic
  • Identity-driven ACL enables implementation of a highly granular and flexible access security policy and VLAN assignment specific to each authenticated network user

 

  • STP BPDU port protection blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged BPDU attacks
  • STP root guard protects the root bridge from malicious attacks or configuration mistakes
  • Dynamic ARP protection blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or theft of network data
  • DHCP (snooping) protection blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks
  • Supports DHCPv4 Relay
  • Port security allows access only to specified MAC addresses, which can be learned or specified by the administrator
  • MAC address lockout prevents particular configured MAC addresses from connecting to the network
  • Source-port filtering allows only specified ports to communicate with each other
  • Secure shell encrypts all transmitted data for secure remote CLI access over IP networks
  • Secure Sockets Layer (SSL) encrypts all HTTP traffic, allowing secure access to the browser-based management GUI in the switch
  • Secure FTP allows secure file transfer to and from the switch; protects against unwanted file downloads or unauthorized copying of a switch configuration file
  • Critical Authentication Role ensures that important infrastructure devices such as IP phones are allowed network access even in the absence of a RADIUS server
  • MAC Pinning allows non-chatty legacy devices to stay authenticated by pinning client MAC addresses to the port until the clients logoff or get disconnected
  • Security banner displays a customized security policy when users log in to the switch
  • Dynamic IPv4 Lockdown works with DHCP protection to block traffic from unauthorized hosts, preventing IP source address spoofing
  • DHCP smart relay allows the DHCP relay agent to use secondary IP addresses when the DHCP server does not reply the DHCP-OFFER message