-
0,25 € netto
The S5720-EI series enhanced Gigabit Ethernet switches are switches that provide flexible GE access ports (including optical, electrical, and combo ports) and 10GE uplink ports. Built on next-generation high-performance processors and Huawei Versatile Routing Platform (VRP), the S5720-EI provides larger table sizes and higher hardware processing capabilities than equivalent switches. Besides, it provides comprehensive service processing capabilities, enhanced security control, and mature IPv6 features, and supports MACsec, intelligent stack (iStack), flexible Ethernet networking, and easy operations and maintenance (O&M). With all these advantages, the S5720-EI is widely used for access/aggregation in enterprise campus networks or gigabit access in data center networks.
- 48 10/100/1000 Ethernet ports, 4 10GE SFP+ ports
- One extended slot
- Double hot swappable AC or DC power supplies, one AC power supply equipped by default
- Forwarding performance: 162 Mpps
- Switching capacity: 598 Gbit/s
Card Types
The S5720-EI (C series and PC series) provides one extended slot for ES5D21X02S01 (2-port 10GE SFP+ rear interface card) for upstream connections, or ES5D21VST000 (dedicated stack card with two QSFP+ ports) for stack connection.
Easy Operations and Maintenance (O&M)
The S5720-EI models with power sockets on the front panel can be installed in a 300 mm deep cabinet and maintained from the front panel. This simplifies equipment O&M and allows more flexible cabinet deployment. The small-sized cabinets can be placed against a wall or back to back to save space in the equipment room.
The S5720-EI allows management personnel to remotely switch on the SYS indicator on the front panel. After configuration commands are used, the SYS indicator quickly blinks within a certain period, helping the management personnel locate the device in the equipment room quickly and efficiently.
The S5720-EI supports Super Virtual Fabric (SVF), which virtualizes the "Core/Aggregation switches + Access switches + APs" structure into a single logical device. The S5720-EI enables the simplest network management solution in the industry. It allows plug-and-play of access switches and APs. In addition, the S5720-EI supports service configuration templates. The templates are configured on core devices and automatically delivered to access devices, enabling centralized control, simplified service configuration, and flexible configuration modification. The S5720-EI functions as a client in an SVF system.
The S5720-EI supports EasyOperation, a solution that provides zero-touch deployment, replacement of faulty devices without additional configuration, USB-based deployment, batch configuration, and batch remote upgrade. The EasyOperationS5720-EI Series Enhanced Gigabit Switches 12 solution facilitates device deployment, upgrade, service provisioning, and other management and maintenance operations, greatly reducing O&M costs. The S5720-EI can be managed using Simple Network Management Protocol (SNMP) v1/v2c/v3, command line interface (CLI), web-based network management system, or Secure Shell (SSH) V2.0. Additionally, it supportsremote network monitoring (RMON), multiple log hosts, port traffic statistics collection, and network quality analysis, which facilitate network optimization and reconstruction.
The S5720-EI supports Two-Way Active Measurement Protocol (TWAMP) to accurately check any IP link and obtain the
entire network's IP performance. This protocol eliminates the need of using a dedicated probe or a proprietary protocol.
Intelligent O&M
The S5720-EI provides telemetry technology to collect device data in real time and send the data to Huawei campus network analyzer CampusInsight. The CampusInsight analyzes network data based on the intelligent fault identification algorithm, accurately displays the real-time network status, effectively demarcates and locates faults in a timely manner, and identifies network problems that affect user experience, accurately guaranteeing user experience.
The S5720-EI supports a variety of intelligent O&M features for audio and video services, including the enhanced Media Delivery Index (eMDI). With this eDMI function, the switch can function as a monitored node to periodically conduct statistics and report audio and video service indicators to the CampusInsight platform. In this way, the CampusInsight platform can quickly demarcate audio and video service quality faults based on the results of multiple monitored nodes.
Multiple Reliability Mechanisms
The S5720-EI supports intelligent stack (iStack). This technology can virtualize up to nine physical switches into a single logical switch. Member switches in a stack implement redundancy backup to improve device reliability and use inter-device link aggregation to improve link reliability. iStack ensures path failover within 200 milliseconds and implements hitless master/backup switchover. iStack provides strong network expansion capability, enables easy increase of ports, bandwidth, and processing capacity of a stack, and simplifies configuration and management.
The S5720-EI is equipped with two removable power supplies that can work in 1+1 redundancy backup mode. Mixed installation of AC and DC power supplies is supported, allowing for flexible configuration of AC and DC power supplies according to service requirements. The S5720-EI provides two removable fan modules. The fan speed can be adjusted according to working temperatures of the device, improving device reliability.
In addition to traditional STP, RSTP, and MSTP, the S5720-EI supports Huawei-developed Smart Ethernet Protection (SEP) technology and the latest Ethernet Ring Protection Switching (ERPS) standard. SEP is a ring protection protocol specific to the Ethernet link layer, and applies to various ring network topologies, such as open ring topology, closed ring topology, and cascading ring topology. This protocol is reliable and easy to maintain, and implements fast protection switching within 50 ms. ERPS is defined in ITU-T G.8032. It implements millisecond-level protection switching based on traditional Ethernet MAC and bridging functions.
The S5720-EI supports Smart Link and Virtual Router Redundancy Protocol (VRRP), which implement backup of uplinks. One S5720-EI switch can connect to multiple aggregation switches through multiple links, significantly improving reliability of access devices.
In addition, the S5720-EI provides multiple connection fault detection mechanisms, including Ethernet OAM (IEEE 802.3ah/802.1ag/ITU Y.1731) and Bidirectional Forwarding Detection (BFD).
Enhanced Service Processing Capability and Comprehensive Security Control Mechanisms
The S5720-EI supports the multi-VPN-instance CE (MCE) function, which allows connection of users in different VPNs. The switch supports large multi-instance routing tables to isolate users in different VPNs. Users in multiple VPNs connect to a provider edge (PE) device through the same physical port on the switch, which reduces the cost on VPN network deployment. The S5720-EI supports Multiprotocol Label Switching (MPLS) L3VPN, MPLS L2VPN (VPWSVPLS), MPLS-TE, and MPLS QoS. It is one of a few cost-effective MPLS-capable fixed switches.
With enhanced network admission control (NAC) functions, the S5720-EI supports 802.1X authentication, MAC address authentication, Portal authentication, and hybrid authentication, and can dynamically delivery user policies such as VLANs, QoS policies, and access control lists (ACLs). It also supports user management based on user groups. You can specify authentication-free IP network segments and enable redirection of HTTP connection requests to realize fast deployment of clients. If clients do not support HTTP access, the S5720-EI can trigger Portal authentication for the clients.
The S5720-EI provides a series of mechanisms to defend against DoS and user-targeted attacks. DoS attacks are targeted at switches and include SYN flood, Land, Smurf, and ICMP flood attacks. User-targeted attacks include bogus DHCP server attacks, IP/MAC address spoofing, DHCP request flood, and change of the DHCP CHADDR value.S5720-EI Series Enhanced Gigabit Switches 13
The S5720-EI sets up and maintains a DHCP snooping binding table, and discards the packets that do not match the table entries. You can specify DHCP snooping trusted and untrusted ports to ensure that users connect only to the authorized DHCP server.
The S5720-EI supports strict ARP learning, which protects a network against ARP spoofing attacks to ensure normal network access.
Enhanced QoS Control Mechanism
The S5720-EI provides excellent QoS capabilities and supports queue scheduling and congestion control algorithms. Additionally, it adopts innovative priority queuing and multi-level scheduling mechanisms to implement fine-grained scheduling of data flows, meeting service quality requirements of different user terminals and services.
The S5720-EI implements complex traffic classification based on packet information, such as the 5-tuple, IP preference, ToS, DSCP, IP protocol type, ICMP type, TCP source port, VLAN ID, Ethernet protocol type, and CoS. ACLs can be applied to the inbound or outbound direction of a port.
The S5720-EI supports flow-based two-rate three-color CAR. Each port supports eight priority queues, multiple queue scheduling algorithms, such as WRR, DRR, SP, WRR+SP, and DRR+SP, and WRED that is a congestion avoidance algorithm. All of these features ensure high-quality voice, video, and data services
Mature IPv6 Technologies
The S5720-EI uses the mature, stable VRP software platform and supports IPv4/IPv6 dual stacks, IPv6 routing protocols (RIPng, OSPFv3, BGP4+, and IS-ISv6), and IPv6 over IPv4 tunnels (including manual, 6-to-4, and ISATAP tunnels). With these IPv6 features, the S5720-EI can be deployed on a pure IPv4 network, a pure IPv6 network, or a shared IPv4/IPv6 network, helping achieve IPv4-to-IPv6 transition.
OPS
Open Programmability System (OPS) is an open programmable system based on the Python language. IT administrators can program the O&M functions of a switch through Python scripts to quickly innovate functions and implement intelligent O&M.
Specification:
S5720-56C-EI-AC | |
Fixed port | |
---|---|
GE port |
48 |
10GE port | 4 |
Flexible card |
Card slot: 1
Card type: - 2-port 10GE SFP+ interface card - 2-port QSFP+ dedicated stack card |
Management port | |
ETH | Supported |
Konsola (RJ45) | Supported |
Konsola (mini USB) | Supported |
USB | USB 2.0 |
Memory | |
Frequency | 1 GHz |
Cores | 2 |
Storage | |
Memory (RAM) | 2 GB |
Flash memory | Hardware: 512 MB, of which 340 MB is available for users |
Power supply system | |
Power supply type | 150 W AC (pluggable) |
Redundancja |
1:1 (the product includes only 1 power supply) |
Rated voltage range |
100 - 240 V AC 50/60 Hz |
Maximum voltage range |
90 - 264 V AC 47 - 63 Hz |
Maximum input current | 3 A |
Maximum power consumption of the device |
86.9 W |
Power consumption in the case of 30% traffic load |
40.45 W (without cards) |
Heat dissipation system | |
Heat dissipation mode | Air-cooled heat dissipation and intelligent fan speed adjustment |
Number of fan modules | Pluggable dual fans |
Airflow | Air flows in from the left and right sides as well as the front panel, and exhausts from the rear panel |
Maximum heat dissipation of the device (BTU/hour) |
297 |
Physical specifications | |
Chassis dimensions (W x D x H, mm) | 442 x 420 x 44.4 |
Chassis height | 1 U |
Chassis weight (full configuration weight, including weight of packaging materials) |
9.92 kg |
Environment parameters | |
Long-term operating temperature |
0-1800 m: 0°C to 45°C
|
Short-term operating temperature |
0-1800 m: -5°C to +50°C
1800-5000 m: The operating temperature decreases 1°C every time the altitude increases 220 m |
Storage temperature | -40°C - 70°C |
Relative humidity | 5%–95% (noncondensing) |
Noise under normal temperature (sound power) | 51,2 dB(A) |
Noise under high temperature (sound power) | 71 dB(A) |
Noise under normal temperature (sound pressure) |
37,5 dB(A) |
Surge protection specification (RJ45 service port) | ±8 kV |
MTBF (year) |
Without cards: 71.18 |
Software | |
Ethernet features | |
Ethernet basics |
Full-duplex, halfduplex, and autonegotiation Rate autonegotiation on an interface Flow control on an interface Jumbo frames Link aggregation Load balancing among links of a trunk Transparent transmission of Layer 2 protocol packets Device Link Detection Protocol (DLDP) Link Layer Discovery Protocol (LLDP) Link Layer Discovery Protocol-Media Endpoint Discovery Interface isolation Broadcast traffic suppression on an interface Multicast traffic suppression on an interface Unknown unicast traffic suppression on an interface VLAN broadcast traffic suppression VLAN multicast traffic suppression VLAN unknown unicast traffic suppression |
VLAN |
VLAN: 4094 VLANIF: 1024 Access mode Trunk mode Hybrid mode QinQ mode Default VLAN VLAN assignment based on interfaces VLAN assignment based on protocols VLAN assignment based on IP subnets VLAN assignment based on MAC addresses VLAN assignment based on MAC address + IP address VLAN assignment based on MAC address + IP address + interface number Adding double VLAN tags to packets based on interfaces Super-VLAN Super-VLAN specification: 256 Sub-VLAN Sub-VLAN specification: 1K VLAN mapping Selective QinQ MUX VLAN Voice VLAN Guest VLAN |
GVRP |
GARP GVRP |
VCMP | VCMP |
MAC |
MAC address 64K Automatic learning of MAC addresses Automatic aging of MAC addresses Static, dynamic, and blackhole MAC address entries Interface-based MAC address learning limiting Sticky MAC MAC address flapping detection Configuring MAC address learning priorities for interfaces MAC address spoofing defense Port bridge |
ARP |
Static ARP Dynamic ARP ARP entry: 12K ARP aging detection Intra-VLAN proxy ARP Inter-VLAN proxy ARP Routed proxy ARP Multi-egress-interface ARP |
Ethernet loop protection | |
MSTP |
STP RSTP MSTP VBST BPDU protection Root protection Loop protection Defense against TC BPDU attacks |
Loopback detection | Loop detection on an interface |
SEP | SEP |
Smart Link |
Smart Link Smart Link multiinstance Monitor Link |
RRPP |
RRPP Single RRPP ring Tangent RRPP ring Intersecting RRPP ring Hybrid networking of RRPP rings and other ring networks |
ERPS |
G.8032 v1 G.8032 v2 ERPS semi-ring topology ERPS closed-ring topology |
IPv4/IPv6 forwarding | |
IPv4 and unicast routing |
IPv4 static routing VRF DHCP client DHCP server DHCP relay DHCP policy VLAN URPF check Routing policies IPv4 routes: 16K RIPv1 RIPv2 OSPF BGP MBGP IS-IS Policy-based routing (PBR) |
Multicast routing features |
IGMPv1/v2/v3 PIM-DM PIM-SM MSDP IPv4 multicast routes: 4K IPv6 multicast routes: 2K Multicast routing policies RPF |
IPv6 features |
IPv6 protocol stack ND ND entry: 8K ND snooping DHCPv6 snooping RIPng DHCPv6 server DHCPv6 relay OSPFv3 BGP4+ IS-IS for IPv6 IPv6 routes: 8K VRRP6 MLDv1/v2 PIM-DM for IPv6 PIM-SM for IPv6 |
IPv6 transition technology | Pv6 manual tunneling |
Layer 2 multicast | |
Layer 2 multicast features |
IGMPv1/v2/v3 snooping IGMP snooping proxy MLD snooping Multicast traffic suppression Inter-VLAN multicast replication |
MPLS i VPN | |
MPLS basic functions |
LDP protocol Double MPLS labels Mapping from 802.1p priorities to EXP priorities in MPLS packets Mapping from DSCP priorities to EXP priorities in MPLS packets |
MPLS TE | MPLS-TE tunnel establishment |
VPN |
MCE GRE tunneling GRE tunnel specification: 512 VLL PWE3 VPLS MPLS L3VPN IPSec Efficient VPN |
Device reliability | |
BFD |
Single-hop BFD BFD for static routes BFD for OSPF BFD for IS-IS BFD for BGP BFD for PIM BFD for VRRP |
Stacking |
Stack card-based stacking Stack card-based stacking bandwidth (Unidirectional) Service interface-based stacking Service interface-based stacking bandwidth (Unidirectional) Maximum number of stacked devices |
VRRP | VRRP standard protocol |
Ethernet OAM | |
EFM (802.3ah) |
Automatic discovery of links Link fault detection Link troubleshooting Remote loopback |
CFM (802.1ag) |
Software-level CCM 802.1ag MAC ping 802.1ag MAC trace |
OAM association | Association between 802.1ag and 802.3ah |
Y.1731 |
Unidirectional delay and jitter measurement Bidirectional delay and jitter measurement |
QoS features | |
Traffic classification |
Traffic classification based on ACLs Configuring traffic classification priorities Matching the simple domains of packets |
Traffic behavior |
Traffic filtering Traffic policing (CAR) Modifying the packet priorities Modifying the simple domains of packets Modifying the packet VLANs |
Traffic shaping |
Traffic shaping on an egress interface Traffic shaping on queues on an interface |
Congestion avoidance |
Weighted Random Early Detection (WRED) on interfaces WRED on queues Tail drop |
Congestion management |
Priority Queuing (PQ) Weighted Deficit Round Robin (WDRR) PQ+WDRR Weighted Round Robin (WRR) PQ+WRR |
HQoS | HQoS |
ACL | |
Packet filtering at Layer 2 to Layer 4 |
Number of rules per IPv4 ACL: 4K Number of rules per IPv6 ACL: 2K Basic IPv4 ACL Advanced IPv4 ACL Basic IPv6 ACL Advanced IPv6 AC Layer 2 ACL User group ACL User-defined ACL |
Configuration and maintenance | |
Login and configuration management |
Command line interface (CLI)-based configuration Console terminal service Telnet terminal service SSH v1.5 SSH v2.0 SNMP-based NMS for unified configuration Web page-based configuration and management EasyDeploy (client) EasyDeploy (commander) SVF Cloud management OPS |
File system |
Directory and file management File upload and download |
Monitoring and maintenance |
eMDI Hardware monitoring Log information output Alarm information output Debugging information output Port mirroring Flow mirroring Remote mirroring Energy saving |
Version upgrade |
Version upgrade Version rollback |
Security | |
ARP security |
ARP packet rate limiting ARP anti-spoofing Association between ARP and STP ARP gateway anti-collision Dynamic ARP Inspection (DAI) Static ARP Inspection (SAI) Egress ARP Inspection (EAI) |
IP security |
ICMP attack defense IPSG for IPv4 IPSG user capacity IPSG for IPv6 IPSGv6 user capacity |
Local attack defense | CPU attack defense |
MFF | MFF |
DHCP snooping |
DHCP snooping Option 82 function Dynamic rate limiting for DHCP packets |
Attack defense |
Defense against malformed packet attacks Defense against UDP flood attacks Defense against TCP SYN flood attacks Defense against ICMP flood attacks Defense against packet fragment attacks Local URPF |
User access and authentication | |
AAA |
Local authentication Local authorization RADIUS authentication RADIUS authorization RADIUS accounting HWTACACS authentication HWTACACS authorization HWTACACS accounting |
NAC |
802.1X authentication MAC address authentication Portal authentication Hybrid authentication |
MACSec | MACSec |
Policy association | Functioning as the access device |
Network management | |
Network management |
Ping Tracert NQA NTP sFlow SNMP v1 SNMP v2c SNMP v3 HTTP HTTPS RMON RMON2 NETCONF/YANG |
Interoperability |
VLAN-based Spanning Tree (VBST) Link-type Negotiation Protocol (LNP) VLAN Central Management Protocol (VCMP) |