- 
$
                            
 
The S5720-SI was developed based on next-generation high-performing hardware and the Huawei Versatile Routing Platform
(VRP). The S5720-SI supports simplified operations and maintenance (O&M), intelligent stack (iStack), flexible Ethernet
networking, and MACsec. It also provides enhanced Layer 3 features and mature IPv6 features. The S5720-SI can be used in various scenarios. For example, it can be used as an access or aggregation switch on a campus network or as an access switch in a data center.
- 24 10/100/1000 Ethernet PoE+ ports, 4 10GE SFP+ ports
- Dual pluggable AC or DC power supplies, one 500 W AC power supply equipped by default
- PoE+
- Forwarding performance: 96 Mpps
- Switching capacity: 336 Gbit/s
PWR in the model name indicates a PoE-capable switch, which supports IEEE 802.3af-compliant PoE and 802.3at-compliant PoE+. Each port delivers 15.4 W PoE or 30 W PoE+ power capacity.
Product inlucdes 1 500W AC power supply!
Powerful Service Processing Capability and Multiple Security Control Mechanisms
The S5720-SI supports many Layer 2/Layer 3 multicast protocols, such as PIM SM, PIM DM, PIM SSM, MLD, and IGMP snooping, to support multi-terminal high-definition video surveillance and video conferencing services.
The S5720-SI supports multiple Layer 3 features including OSPF, IS-IS, BGP, and VRRP, meeting enterprises' requirements on access and aggregation service bearing and enabling a variety of voice, video, and data applications.
The S5720-SI supports MAC address authentication, 802.1X authentication, and Portal authentication, and implements dynamic delivery of policies (VLAN, QoS, and ACL) to users.
The S5720-SI provides a series of mechanisms to defend against DoS and user-targeted attacks. DoS attacks are targeted at switches and include SYN flood, Land, Smurf, and ICMP flood attacks. User-targeted attacks include bogus DHCP server attacks, IP/MAC address spoofing, DHCP request flood, and change of the DHCP CHADDR value.
The S5720-SI sets up and maintains a DHCP snooping binding table, and discards the packets that do not match the table entries. You can specify DHCP snooping trusted and untrusted ports to ensure that users connect only to the authorized DHCP server.
The S5720-SI supports strict ARP learning, which protects a network against ARP spoofing attacks to ensure normal network access.
Easy O&M
The S5720-SI supports Super Virtual Fabric (SVF), which virtualizes the "Core/Aggregation switches + Access switches + APs" structure into a single logical device. The S5720-SI enables the innovative network management solution in the industry. It allows plug-and-play of access switches and APs. In addition, the S5720-SI supports service configuration templates. The templates are configured on core devices and automatically delivered to access devices, enabling centralized control, simplified service configuration, and flexible configuration modification. The S5720-SI functions as a client in an SVF system.
The S5720-SI supports zero-touch deployment, replacement of faulty devices without additional configuration, USB-based deployment, batch configuration, and batch remote upgrade. The capabilities facilitate device deployment, upgrade, service provisioning, and other management and maintenance operations, greatly reducing O&M costs. The S5720-SI can be managed using Simple Network Management Protocol (SNMP) v1/v2c/v3, command line interface (CLI), web-based network management system, or Secure Shell (SSH) V2.0. Additionally, it supports remote network monitoring (RMON), multiple log hosts, port traffic statistics collection, and network quality analysis, which facilitate network optimization and reconstruction.
The S5720-SI supports the Sampled Flow (sFlow) function. It uses a method defined in the sFlow standard to sample traffic passing through it and sends sampled traffic to the collector in real time. The collected traffic statistics are used to
generate statistical reports, helping enterprises maintain their networks.
Intelligent O&M
The S5720-SI provides telemetry technology to collect device data in real time and send the data to Huawei campus network analyzer CampusInsight. The CampusInsight analyzes network data based on the intelligent fault identification algorithm, accurately displays the real-time network status, effectively demarcates and locates faults in a timely manner, and identifies network problems that affect user experience, accurately guaranteeing user experience.
The S5720-SI supports a variety of intelligent O&M features for audio and video services, including the enhanced Media Delivery Index (eMDI). With this eDMI function, the switch can function as a monitored node to periodically conduct statistics and report audio and video service indicators to the CampusInsight platform. In this way, the CampusInsight platform can quickly demarcate audio and video service quality faults based on the results of multiple monitored nodes.
Intelligent Upgrade
Switches support the intelligent upgrade feature. Specifically, switches obtain the version upgrade path and download the newest version for upgrade from the Huawei Online Upgrade Platform (HOUP). The entire upgrade process is highly automated and achieves one-click upgrade. In addition, preloading the version is supported, which greatly shortens the upgrade time and service interruption time.
The intelligent upgrade feature greatly simplifies device upgrade operations and makes it possible for the customer to upgrade the version independently. This greatly reduces the customer's maintenance costs. In addition, the upgrade policies on the HOUP platform standardize the upgrade operations, which greatly reduces the risk of upgrade failures.
Multiple Reliability Mechanisms
The S5720-SI supports intelligent stack (iStack). This technology can virtualize up to nine physical switches into a single logical switch. Downlink electrical ports support iStack. Member switches in a stack implement redundancy backup to improve device reliability and use inter-device link aggregation to improve link reliability. iStack provides high network scalability. You can increase a stack's ports, bandwidth, and processing capacity by simply adding member switches. iStack also simplifies device configuration and management. After a stack is set up, multiple physical switches are virtualized into a single logical device. You can log in to any member switch in the stack to manage all the member switches in the stack.
The S5720-SI is equipped with two removable power supplies that can work in 1+1 redundancy backup mode. Mixed installation of AC and DC power supplies is supported, allowing for flexible configuration of AC or DC power supplies according to service requirements.
In addition to traditional STP, RSTP, and MSTP, the S5720-SI supports Huawei-developed Smart Ethernet Protection (SEP) technology and the latest Ethernet Ring Protection Switching (ERPS) standard. SEP is a ring protection protocol specific to the Ethernet link layer, and applies to various ring network topologies, such as open ring topology, closed ring topology, and cascading ring topology. This protocol is reliable and easy to maintain, and implements fast protection switching within 50 ms. ERPS is defined in ITU-T G.8032. It implements millisecond-level protection switching based on traditional Ethernet MAC and bridging functions.
The S5720-SI supports Smart Link. One S5720-SI switch can connect to multiple aggregation switches through multiple links, implementing backup of uplinks and significantly improving reliability of access devices.
The S5720-SI supports Ethernet OAM (IEEE 802.3ah/802.1ag) to detect link faults quickly.
Enhanced QoS Control Mechanism
The S5720-SI provides excellent QoS capabilities and supports queue scheduling and congestion control algorithms. Additionally, it adopts innovative priority queuing and multi-level scheduling mechanisms to implement fine-grained scheduling of data flows, meeting service quality requirements of different user terminals and services.
The S5720-SI implements complex traffic classification based on packet information, such as the 5-tuple, IP preference, ToS, DSCP, IP protocol type, ICMP type, TCP source port, VLAN ID, Ethernet protocol type, and CoS. ACLs can be applied to the inbound or outbound direction of a port.
The S5720-SI supports flow-based two-rate three-color CAR. Each port supports eight priority queues, multiple queue scheduling algorithms, such as WRR, DRR, SP, WRR+SP, and DRR+SP, and WRED that is a congestion avoidance algorithm. All of these features ensure high-quality voice, video, and data services.
Mature IPv6 Technologies
The S5720-SI uses the mature, stable VRP platform and supports IPv4/IPv6 dual stacks, IPv6 RIPng, and IPv6 over IPv4 tunnels (including manual, 6-to-4, and ISATAP tunnels). With these IPv6 features, the S5720-SI can be deployed on a pure IPv4 network, a pure IPv6 network, or a shared IPv4/IPv6 network, helping achieve IPv4-to-IPv6 transition.
Cloud Management
The Huawei cloud management platform allows users to configure, monitor, and inspect switches on the cloud, reducing on-site deployment and O&M manpower costs and decreasing network OPEX. Huawei switches support both cloud management and on-premise management modes. These two management modes can be flexibly switched as required to achieve smooth evolution while maximizing return on investment (ROI).
High-Performance VRP Software System
Huawei S series switches build on a unified Versatile Routing Platform (VRP) software system, meeting the growing network scale and the evolving Internet technologies and guaranteeing network services and network quality.
VRP is a network operating system developed by Huawei with independent intellectual property rights. It can run on multiple hardware platforms and provide unified network, user, and management views. VRP provides flexible application solutions for users. In addition, VRP is a future-proof platform that maximally protects customer investments.
The VRP platform is focused on IP services and uses a component-based architecture to provide more than 300 features. Besides, VRP stands out for its application-based tailorable and scalable capabilities.
OPS
The Open Programmability System (OPS) is an open platform based on the Python language. IT administrators can program the O&M functions of a switch through Python scripts to quickly innovate functions and implement intelligent O&M.
Perpetual PoE
When a PoE switch is rebooted after the software version is upgraded, the power supply to PDs is not interrupted. This capability ensures that PDs are not powered off during the switch reboot.
Specification:
| S5720-52X-PWR-SI-AC | |
| Fixed port | |
|---|---|
| GE port | 24 | 
| 10GE port | 4 | 
| Management port | |
| ETH management port | Supported | 
| Console port (RJ45) | Supported | 
| USB port | USB 2.0 | 
| CPU | |
| Frequency | 800 MHz | 
| Cores | 2 | 
| Storage | |
| Memory (RAM) | 512 MB | 
| Flash memory | Hardware: 512 MB, of which 240 MB is available for users | 
| Power supply system | |
| Power supply type | 500 W AC | 
| Power supply redundancy | 1+1 | 
| Rated voltage range | 100 - 240 V AC 50/60 Hz | 
| Maximum voltage range | 90 - 264 V AC 47 - 63 Hz | 
| Maximum input current | 7 A | 
| Maximum power consumption of the device | Without | 
| Power consumption in the case of 30% traffic load | 31.8 W | 
| Heat dissipation system | |
| Heat dissipation mode | Air-cooled heat dissipation and intelligent fan speed adjustment | 
| Number of fan modules | 1 | 
| Airflow | Air flows in from the left side and exhausts from the right side | 
| Maximum heat dissipation of the device (BTU/hour) | Without | 
| Physical specifications | |
| Chassis dimensions (W x D x H, mm) | 442 x 420 x 44,4 mm | 
| Chassis height | 1 U | 
| Chassis weight | 9,3 kg | 
| Environment parameters | |
| Long-term operating temperature | 0-1800 m: 0°C to 45°C 
 1800–5000m: The operating temperature decreases 1°C for every 220 m increase in altitude. | 
| Short-term operating temperature | 0-1800 m: -5°C to +50°C 
 1800–5000m: The operating temperature decreases 1°C for every 220 m increase in altitude. | 
| Storage temperature | -40°C to +70°C | 
| Relative humidity | 5%–95% (noncondensing) | 
| Noise under normal temperature (sound power) | 56,5 dB(A) | 
| Noise under high temperature (sound power) | 73,8 dB(A) | 
| Noise under normal temperature (sound pressure) | 38.7 dB(A) | 
| Surge protection specification (RJ45 service port) | ±6 kV | 
| MTBF | 66.78 years | 
| Software | |
| Ethernet features | |
| Ethernet basics | Full-duplex, halfduplex, and autonegotiation Rate autonegotiation on an interface Flow control on an interface Jumbo frames Link aggregation Load balancing among links of a trunk Transparent transmission of Layer 2 protocol packets Device Link Detection Protocol (DLDP) Link Layer Discovery Protocol (LLDP) Link Layer Discovery Protocol-Media Endpoint Discovery Interface isolation Broadcast traffic suppression on an interface Multicast traffic suppression on an interface Unknown unicast traffic suppression on an interface VLAN broadcast traffic suppression VLAN multicast traffic suppression VLAN unknown unicast traffic suppression | 
| VLAN | VLAN: 4094 VLANIF: 1024 Access mode Trunk mode Hybrid mode QinQ mode Default VLAN VLAN assignment based on interfaces VLAN assignment based on protocols VLAN assignment based on IP subnets VLAN assignment based on MAC addresses VLAN assignment based on MAC address + IP address VLAN assignment based on MAC address + IP address + interface number Adding double VLAN VLAN mapping Selective QinQ MUX VLAN Voice VLAN Guest VLAN | 
| GVRP | GARP GVRP | 
| VCMP | VCMP | 
| MAC | MAC address 16K Automatic learning of MAC addresses Automatic aging of MAC addresses Static, dynamic, and blackhole MAC address entries Interface-based MAC address learning limiting Sticky MAC MAC address MAC address Port bridge | 
| ARP | Static ARP Dynamic ARP ARP entry: 4K ARP aging detection Intra-VLAN proxy ARP Routed proxy ARP | 
| Ethernet loop protection | |
| MSTP | STP RSTP MSTP VBST BPDU protection Root protection Loop protection Defense against TC BPDU attacks | 
| Loopback detection | Loop detection on an interface | 
| SEP | SEP | 
| Smart Link | Smart Link Smart Link multiinstance Monitor Link | 
| RRPP | RRPP Single RRPP ring Tangent RRPP ring Intersecting RRPP ring Hybrid networking of RRPP rings and other ring networks | 
| ERPS | G.8032 v1 G.8032 v2 ERPS semi-ring topology ERPS closed-ring topology | 
| IPv4/IPv6 forwarding | |
| IPv4 and unicast routing | IPv4 static routing VRF DHCP client DHCP server DHCP relay Routing policies IPv4 routes: 8K RIPv1 RIPv2 OSPF Policy-based routing (PBR) | 
| Multicast routing features | IGMPv1/v2/v3 PIM-DM PIM-SM MSDP IPv4 multicast routes: 1K IPv6 multicast routes: 1L Multicast routing policies RPF | 
| IPv6 features | IPv6 protocol stack ND ND entry: 2K ND snooping DHCPv6 snooping RIPng DHCPv6 server DHCPv6 relay OSPFv3 IPv6 routes VRRP6 MLDv1/v2 PIM-DM for IPv6 PIM-SM for IPv6 | 
| Layer 2 multicast | |
| Layer 2 multicast features | IGMPv1/v2/v3 snooping IGMP snooping proxy MLD snooping Multicast traffic suppression Inter-VLAN multicast replication | 
| Device reliability | |
| Stacking | Service interfacebased stacking Maximum number of stacked devices: 9 Stack bandwidth (Unidirectional): Up to 48 Gbit/s | 
| VRRP | VRRP standard protocol | 
| Ethernet OAM | |
| EFM (802.3ah) | Automatic discovery of links Link fault detection Link troubleshooting Remote loopback | 
| CFM (802.1ag) | Software-level CCM 802.1ag MAC ping 802.1ag MAC trace | 
| OAM association | Association between 802.1ag and 802.3ah | 
| Y.1731 | Unidirectional delay and jitter measurement Bidirectional delay and jitter measurement | 
| QoS features | |
| Traffic classification | Traffic classification based on ACLs Configuring traffic classification priorities Matching the simple domains of packets | 
| Traffic behavior | Traffic filtering Traffic policing (CAR) Modifying the packet priorities Modifying the simple domains of packets Modifying the packet VLANs | 
| Traffic shaping | Traffic shaping on an egress interface Traffic shaping on queues on an interface | 
| Congestion avoidance | Tail drop | 
| Congestion management | Priority Queuing (PQ) Weighted Deficit Round Robin (WDRR) PQ+WDRR Weighted Round Robin (WRR) PQ+WRR | 
| ACL | |
| Packet filtering at Layer 2 to Layer 4 | Number of rules per IPv4 ACL: 2K Number of rules per IPv6 ACL: 2K Basic IPv4 ACL Advanced IPv4 ACL Basic IPv6 ACL Advanced IPv6 AC Layer 2 ACL User-defined ACL | 
| Configuration and maintenance | |
| Login and configuration management | Command line interface (CLI)-based configuration Console terminal service Telnet terminal service SSH v1.5 SSH v2.0 SNMP-based NMS for unified configuration Web page-based configuration and management EasyDeploy (client) SVF Cloud management OPS | 
| File system | Directory and file management File upload and download | 
| Monitoring and maintenance | eMDI Hardware monitoring Log information output Alarm information output Debugging information output Port mirroring Flow mirroring Remote mirroring Energy saving | 
| Version upgrade | Version upgrade Version rollback | 
| Security | |
| ARP security | ARP packet rate limiting ARP anti-spoofing Association between ARP and STP Dynamic ARP Inspection (DAI) Static ARP Inspection (SAI) Egress ARP Inspection (EAI) | 
| IP security | ICMP attack defense IPSG for IPv4 IPSG user capacity IPSG for IPv6 IPSGv6 user capacity | 
| Local attack defense | CPU attack defense | 
| MFF | MFF | 
| DHCP snooping | DHCP snooping Option 82 function Dynamic rate limiting for DHCP packets | 
| Attack defense | Defense against malformed packet attacks Defense against UDP flood attacks Defense against TCP SYN flood attacks Defense against ICMP flood attacks Defense against packet fragment attacks Local URPF | 
| User access and authentication | |
| AAA | Local authentication Local authorization RADIUS authentication RADIUS authorization RADIUS accounting HWTACACS authentication HWTACACS authorization HWTACACS accounting | 
| NAC | 802.1X authentication MAC address authentication Portal authentication Hybrid authentication | 
| MACSec | MACSec | 
| Policy association | Functioning as the access device | 
| Others | |
| Network management | Ping Tracert NQA NTP sFlow SNMP v1 SNMP v2c SNMP v3 HTTP HTTPS NETCONF/YANG RMON | 
| Interoperability | VLAN-based Spanning Tree (VBST) Link-type Negotiation Protocol (LNP) VLAN Central Management Protocol (VCMP) | 


 
                               
         
        
     
                              
 
    

