Foundry Networks launched its largest Ethernet switch to date at the recent Interop show in Las Vegas — the BigIron RX32, a 32-slot, 5.1 terabit-per-second Ethernet switch aimed at high-end datacentres and campus LAN backbones. Foundry also announced new software which turns Foundry Layer 4-7 switches into antispam and application firewall devices.
The BigIron RX32 supports up to 128 line-rate 10 Gigabit Ethernet ports, or 768 10/100/1000Mbit/s ports, twice the number of its previous BigIron RX16 and more than double the capacity of currently shipping high-end switches such as Force10 Networks’ TeraScale, Cisco Systems’ Catalyst 6500 and Extreme Networks’ BlackDiamond.
Foundry is also introducing version 10.0 of its TrafficWorks software, which adds web application firewall and spam filtering capabilities to the ServerIron 4G switch.
“Customers have come to us because, historically, we’ve sold the biggest, baddest boxes,” says Foundry chief executive Bobby Johnson, calling the RX32 the new head of the company’s high-end switch family.
Foundry says the RX32 could be used to collapse an entire LAN backbone or datacentre into a single chassis (or pair of chassis for redundancy). The device could also run in carrier metro Ethernet edge or core networks, aggregating Ethernet services from customers, or act as a central hub for MPLS- or VLAN-based Ethernet VPN services.
At almost US$200,000 (NZ$275,000) for just the RX32 chassis (no line cards), the BigIron RX32’s market may be select, but it is growing, Johnson says.
“There are a lot of customers who do need this level of performance, scalability and port density,” he says, citing large university backbones and enterprises involved with data-mining, as well as government research laboratories involved in high-performance computing and clustering.
In courting these types of customers with its new high-end switch, Foundry hopes to gain some headway in the 10G Ethernet market, where it has fallen behind Cisco and Force10 in terms of shipments and revenue, according to one research firm.
“This product is a good solid step forward” for Foundry, says Tere’ Bracco, senior research director for enterprise at Current Analysis.
Bracco cautions that some network managers might be hesitant to install a chassis as new as the RX32 to handle such a large chunk of an enterprise’s network traffic. While the RX32 uses service modules, power supplies and fabric cards from the previous RX16, the chassis itself is new and not as field-tested as the previous generation BigIron switch.
Network managers, she says “might feel more comfortable with a chassis design that has some history — if [Foundry] were saying the device has been running in a beta site for nine months, for example.”
Foundry was one of the early market leaders when the 10G Ethernet specification was ratified five years ago. Then its market position eroded on two fronts. First was the emergence of Force10 Networks, with its Terascale switches, which scaled far beyond competitive gear from Foundry and others. Then Cisco ramped up its 10G products and market focus with the introduction of high-density fibre and CX-4 copper 10G blades.
Foundry’s introduction of the BigIron RX in 2005 boosted it ahead of Force10 in terms of 10G Ethernet scale.
With 128 line-rate 10G Ethernet ports in the RX32, Foundry is now only behind start-up Woven Systems, which has a box that can top out at 144 line-rate 10G ports. However, Woven’s switch currently only supports CX-4 copper 10G ports and for the most part is designed to be deployed in large switch fabrics in Ethernet storage and HPC cluster environments, connecting to other Woven switches. Foundry’s switch supports a variety of connection blades, including four-port 10G fibre XFP modules, 24-port Gigabit XFP blades, and high-density 48-port 10/100/1000Mbit/s blades.
TrafficWorks 10.0 allows ServerIron 4G switches to enforce web traffic flow policies which filter out attacks on web-based applications, Foundry says. These include SQL injection, where attackers enter SQL commands into a website URL to gain access to databases, as well as filtering buffer overflow and scripts run against web application servers.
A ServerIron 4G switch running TrafficWorks 10.0 can also act as a spam filter, as the network device can inspect traffic flows and block messages based on white-list or black-list information.
The switches can scan for spam based on 7.5 million IP prefixes, Foundry says. A pair of spam-filtering ServerIron 4Gs in front of a dedicated antispam server or appliance could be used to pre-screen traffic for the spam filter (based on basic white/black-list data) and allow spam gear to run more efficiently, Foundry says. The ServerIron 4G could also act as a stand-alone antispam box, according to the company.