PicOS® Switches Optimize Enterprise Networks with EVPN-VXLAN

In today's digital and highly interconnected world, network security and efficiency have become indispensable core requirements for enterprises. Network segmentation, as a crucial technology, effectively enhances network security while optimizing performance. In this article, we will delve into how the FS S5870 series PicOS® switches achieve network segmentation, thereby assisting enterprises in optimizing their network architecture and enhancing overall security posture.

What Is Network Segmentation?

Network segmentation is the process of dividing a larger computer network into smaller, distinct subnetworks, or segments. This division creates isolated sections within the network, each of which can operate independently. It is like organizing a big house into separate rooms: imagine a large house where various activities—cooking in the kitchen, working in the office, relaxing in the living room—are all happening in one open space, resulting in chaos. To manage this better, walls are put up to create separate rooms, each with its own purpose and independent control. For example, the office can be locked for security, or the kitchen door closed to contain cooking smells.

Common methods for implementing network segmentation include Virtual Local Area Networks (VLANs) and physical segmentation. While VLANs create logical subnets within a physical network, physical segmentation involves using separate hardware to isolate networks. However, these traditional methods may not suffice in coping with the complexities of modern campus networks. This is where the more advanced technology, EVPN-VXLAN, comes into play.

EVPN-VXLAN: An Ideal Network Segmentation Solution

Modern campus networks span extensive geographic areas, connecting a wide variety of devices and supporting diverse application traffic. The traditional VLAN-based segmentation methods fall short of addressing the dynamic demands and complexities of these networks. EVPN-VXLAN emerges as a sophisticated solution tailored to meet these needs by enabling efficient, scalable, and flexible network segmentation.

EVPN (Ethernet VPN) combined with VXLAN (Virtual Extensible LAN) provides an overlay network that encapsulates Ethernet frames within IP packets, allowing for the creation of scalable and flexible network segments. Using a standards-based EVPN-VXLAN architecture presents numerous benefits for enterprise campus networks:

• Easier Expansion: Businesses can effortlessly grow their network by integrating core, distribution, and access layer devices without overhauling the entire architecture. By utilizing a Layer 3 IP-based underlay paired with an EVPN-VXLAN overlay, they can deploy much larger networks compared to traditional Layer 2 Ethernet setups.

• Streamlined VLAN Management: EVPN-VXLAN makes VLAN configuration across multiple buildings and locations simpler, thus decreasing operational complexity. It supports extending the same VLANs across various sites, ensuring smooth connectivity and management.

• Uniform Policy Application: This technology allows enterprises to implement group-based policies, ensuring consistent policies and services are applied across all campuses. This standardization simplifies the complexity of ACL/firewall filters on switches throughout the network.

• Improved Microsegmentation: Through group-based policies, EVPN-VXLAN enables detailed microsegmentation, granting precise control over which users or devices can communicate within the campus network. This heightened level of control significantly boosts security and network isolation.

FS PicOS® Enterprise Switches Supporting EVPN-VXLAN

Drawing from the discussed advantages of EVPN-VXLAN in modern campus networks, we are about to introduce the FS S5870 series PicOS® switches.

This series of enterprise switches, the first in the PicOS® lineup supporting EVPN-VXLAN, offers a high-performance and reliable solution specifically adapted for enterprise network environments, ensuring efficient and scalable network segmentation.

Notable features include:

• Extensive Port Options: The FS S5870 series offers extensive network capabilities with its diverse port configurations. It provides up to 48 Gigabit RJ45 ports, along with options for up to 36 2.5Gb PoE++ ports. The series also supports 25Gb SFP28 and 100Gb QSFP28 uplink ports, making it suitable for high-performance enterprise networks.

• High Performance: Built with a Broadcom Trident III chipset to ensure high reliability and performance, these switches provide sufficient bandwidth to handle large amounts of network traffic and meet the needs of modern enterprise networks.

• Advanced Features: Pre-loaded with PicOS® for a resilient, programmable NOS. Supports SDN protocols like Ansible, OpenFlow, NETCONF, sFlow, and MLAG.

• Ease of Management: Compatible with the AmpCon™ Management Platform for Zero Day Configuration Deployment, simplifying setup and maintenance.

• Security and Future-Proofing: Supports secure management via SSH and is designed to adapt to evolving network demands, ensuring long-term investment protection.

  Model	Broadcom Chip		Ports	PoE	EVPN-VXLAN Support	PicOS® Support
  S5870-48T6BC	Trident 3	BCM56371	48x 10/100/1000BASE-T RJ45 | 4x 25G SFP28, 2x 100G QSFP28		✔	✔
  S5870-48T6BC-U			48x 10/100/1000BASE-T RJ45 | 4x 10G/25G SFP28 | 2x 100G QSFP28	✔	✔	✔
  S5870-48MX6BC-U			36x 2.5G RJ45 | 12x 2.5/5/10G RJ45 | 4x 25G SFP28 | 2x 100G QSFP28	✔	✔	✔

FS is continuously expanding its PicOS® product line, with more models of switches being adapted to support EVPN-VXLAN functionality. This will provide more powerful campus network solutions for more enterprises in the future. For more information about PicOS® features, please check PicOS® 4.4.4 Unveiled: Simplify Your Network Migration Journey

Conclusion

In conclusion, the FS S5870 series PicOS® switches, with their robust EVPN-VXLAN support, bring advanced network segmentation capabilities ideal for contemporary campus networks. These switches empower enterprises to achieve scalable, secure, and efficient network architectures, ultimately enhancing their overall networking performance and security posture. As the digital landscape continues to evolve, FS remains committed to expanding its PicOS® product line, delivering state-of-the-art solutions to meet the growing demands of enterprise networks.

Related Articles:

Streamlining Network with AmpCon™ Automating Deployments

Why PicOS® Switches Should Choose Broadcom Chips？

FS PicOS® Switches Enhance Office Connect Solution