Additional traffic flow classification features allow operators to better manage service level agreements and access control. With multiple classification fields, network operators can precisely monitor network traffic, ensure packets are forwarded to specific ports, specify transmission and dropping priorities, and maintain secure connections for their customers.
Hardware-based security features
Zarlink's Ethernet switches integrate a hardware-based DoS (denial of service) attack-flow engine to protect against viruses and malicious attacks. This attack prevention engine ensures uninterrupted services while preventing the loss of information or revenue that can result from network disruptions.
The ClassSwitch family's built-in "packet identifier" micro-engine pre- filters L2 to L7 packet fields can be used to match suspicious traffic types. If user programmable patterns are recognized, the devices forward suspicious packets to off-the-shelf Deep Content Analysis processors for further analysis. Zarlink classifier switches can be programmed to accept or deny service based on the information used for classification.
Advanced switch design
Zarlink's Ethernet switches include up to 24 MACs (media access controllers) for 10/100 Mbps and two GMACs (Gigabit MACs) for 10/100/1000 Mbps. All MACs and GMACs support copper (twisted wire) or fiber physical interfaces. In its core, the device family provides multi-field traffic classification of L2 and L7 fields, IP Multicast and Unicast bandwidth distribution, and a traffic queuing engine.
Fair management of traffic is maintained at all times through an advanced WFQ scheduling algorithm, flexible packet buffer and queue management, and a WRED (weighted random early detect) algorithm. To simplify equipment design, the platform's parametric programmability allows efficient and flexible system development without requiring additional programming for network processor implementations.
Programmable prioritized filtering and forwarding allows hardware-based per-flow accounting, allowing processor resources to be dedicated to more important tasks. The ToS (type of service), priority or DSCP (differentiated service code points) bits can be re-tagged based on the traffic classification allowing DiffServ implementations at wire-speed. New service level agreements based on Ethernet type, VLAN ID, 802.1p priority Type of Service (ToS, DSCP), L2/L3 and subnet addresses, L4 port numbers and others are immediately possible at wire-speed.
Support and availability
Zarlink's ClassSwitch family is supported by a field-proven software platform. The switches incorporate device driver software offering an easy-to- use API supporting advanced access control, and various protocol modules including IGMPv3 for IP video applications.
The ZL33042 and ZL33046 Ethernet switches, available now, are priced at US$68.00 and US$60.00 respectively in quantities of 5,000 units. Evaluation boards with various plug-in modules for 100/1000 Ethernet transceivers as well as CPUs based on PowerPC, ARM and MIPS will be available soon.
More information on the product is available at http://products.zarlink.com/product_profiles/ZL33042.htm.