Extreme Switches

About Us
cable, vdsl, patch

Extreme Switch Reseller-Extreme Switch Distributor- Extreme Switch Supplier- Extreme Networks Switch Reseller

Extreme Sentriant Gigabit Ethernet Switches

Plenum Innerduct 's Extreme Networks Offerings- Plenum Innerduct is now an Extreme Networks Gigabit switch reseller and as a supplier of Extreme Gigabit Switches Plenum Innerduct now offers complete end to end carrier to desktop gigabit ethernet switching solution.
The Extreme Networks® offering includes
Summit® fixed configuration switches, Alpine™ and BlackDiamond® modular switches, wireless products, Sentriant™ security appliance, ExtremeWare® operating systems and EPICenter® management software. Our products can help you implement the solution to meet your business needs.

 

Alpine Series

Black Diamond

Summit

Sentriant

Exteme Wireless

Extreme Ware-Operating Systems EPICenterEPICenter Management Software

Extreme Sentriant Gigabit Ethernet Switches

 

Sentriant is a security appliance that secures the network interior against rapidly propagating threPlenum Innerduct including Day-Zero attacks. Sentriant is designed to work in conjunction with Extreme Networks® Security Rules Engine—CLEAR-Flow. Together, Sentriant and CLEAR-Flow provide:

Continuous monitoring of all end-points as threat sources launching internal attacks
Filtering out of basic attacks, such as denial of service (DoS) attacks, across multi-gigabit switched networks
Deeper analysis of suspicious traffic without impacting the operation of live networks
Enforcement of rapid security mitigation actions against specific threat sources across the enterprise

Sentriant uses behavior-based threat detection methods (no signatures, no heuristics) to detect threPlenum Innerduct ­ including new threPlenum Innerduct for which no signatures exist at the time of attack. It also includes a sophisticated early warning system that employs unused IP space to identify threats. Sentriant is not an in-line device, creates no performance impact to networks, and cannot jeopardize network availability ­ even while the network is under attack.

Sentriant incorporates a threat termination technology aggressive, protocol-independent, automated threat termination capability. This technology does not use software desktop agents, TCP resets, or switch-dependent VLAN shunting to compartmentalize an infected end-point.

Sentriant and the CLEAR-Flow Security Rules Engine are part of the Extreme Security Framework that is a comprehensive, scalable and easy to use network-based security solution.

TYPES OF THREATS
  Denial of Service (DoS) attacks such as Smurf, Ping of death, Ping sweep, Ping flood, Port sweep, TCP Flood (Syn, Syn-Ack, Ack, Fin, Xmas, Rst), and distributed DoS (DDoS)
  Viruses and Worms such as Welchia, Slammer, Blaster, and MyDoom
  Polymorphic viruses, Blended attacks, Day-Zero ThrePlenum Innerduct (New attack on same day as vulnerability announcement)

VIRTUALLY IN-LINE OPERATION
Detect and actively defend against threPlenum Innerduct without interfering with network traffic. Unlike firewalls and IDP systems that need to be in-line to mitigate threPlenum Innerduct and therefore can be bottlenecks or points of failure, Sentriant is “virtually” in-line

HYPER DETECTION & ACTIVE DECEPTION
Sentriant creates a network of “virtual decoys” in the unused IP address space in a broadcast domain. These virtual decoys create an “early warning system” that fires an alert when a virtual target is contacted.

By mimicking basic responses to TCP, UDP, and ICMP requests, Sentriant makes it difficult for a hacker to determine which devices are real and which are not ­ allowing valid machines to hide in the white noise of virtual decoys.

SURGICAL DEFENSE
This strategy, and the underlying technology allows Sentriant to isolate attackers and prevent them from communicating with the remainder of the network while allowing missioncritical data to continue to flow normally.

Virtually In-line Operation
Sentriant is commonly deployed on a mirror port on a switch, much like a network sniffer. However, unlike sniffers, Sentriant can actively engage, deter and terminate malicious behavior. This deployment model gives systems administrators strong security control over the internal network without the latency or single point of failure risks associated with in-line devices.

Hyper Detection
On a typical network that uses private IP address space, as much as 80% of IP address space is unassigned. Sentriant uses this asset to identify threats.

Since most worms must conduct reconnaissance to spread, there is a high probability that worm activity will hit the virtual decoys in the unused IP address space. Therefore, administrators have a much better chance of being alerted to malicious activity quickly, giving them more time to respond.

Active Deception
Sentriant provides false data about the network topology in order to deceive fingerprinting-malware designed to provide precise data about operating systems (OS) and application versions present on a network. This deception makes it difficult for the malware to attack the network effectively.

Sentriant can also actively engage an attacker during the network reconnaissance that generally precedes a threat, dramatically slowing the scanning process and giving administrators time to understand and thwart the attack. During this time, Sentriant will continue to provide false data to the scan itself, slowing or even stopping the attack and providing misleading information to the attacker.

Surgical Defense
Sentriant can logically insert itself inbetween one or more attackers and one or more target devices by redirecting communications streams from attackers to itself.

Sentriant can then selectively pass or silently drop packets based on their threat potential, thereby, isolating infected computers while permitting all other communication to flow normally on a network. This process occurs at both Layer 2 and Layer 3 of the Open System Interconnection (OSI) reference model.

Surgical defense can be invoked either manually by an administrator or automatically by the product when a threat is detected. It represents a departure from previous network security systems by combining the best characteristics of an inline protection system with the performance and reliability benefits of a passive device.

Deployment Modes
Sentriant can be deployed in two modes of operation ­ Stand-alone mode and Integrated mode.

Stand-alone mode
Sentriant can be connected to Extreme Networks core switches (BlackDiamond® 8800 series) via span ports. In this mode, Sentriant can monitor broadcast traffic from across thirty-two VLANs.

Integrated mode
Sentriant connected to the BlackDiamond 10808 (10K) switches offers the most benefits and is the recommended deployment mode. Benefits include:

Greater performance: Since CLEAR- Flow detects and filters out DoS attacks, Sentriant can focus its resources on largely suspicious traffic, hence offering higher performance under load
Broader range: Sentriant can analyze mirrored and span-port connected traffic. Access to all the mirrored traffic from threat-sources enables a quicker response time to potential attacks, as opposed to a narrower range of traffic presented via span-ports
Dynamic Mitigation Control: Sentriant can add/modify the BlackDiamond 10K switch’s CLEAR-Flow rules and ACLs to inspect additional traffic or change inspection thresholds ­ thereby allowing an automated system to fine- grain inspection rules in real-time

Sentriant provides a unique and differentiated set of benefits in the standalone and integrated deployment modes as summarized below.

 

DEPLOYMENT MODES
Sentriant is designed to operate seamlessly with perimeter and end-point security products in a stand-alone deployment mode. However, Sentriant offers the greatest benefits operating in an integrated mode within the Extreme Security Framework (ESF) as shown in the figure. Sentriant provides a unique and differentiated set of benefits in the stand-alone and integrated deployment modes as summarized below.

INTEGRATED DEPLOYMENT STAND-ALONE DEPLOYMENT
Virtual visibility into all the end-points Visibility limited to all end-points in the same broadcast domain.
More effective use of Sentriant resources acting on a reduced load filtered by the CLEAR-Flow security rules engine Without CLEAR-Flow, the Sentriant needs to process the full load including DoS attacks
The Sentriant can dynamically refine filtering criteria using dynamic ACLs to the core switch Sentriant criteria are not coupled with the switch ACLs by design; refinements can be made manually potentially affecting the system response times to attack
Inspection across a mirrored port at 1 Gbps, and across a SPAN-port at 1 Gbps possible. Mirrored traffic allows for a quicker detection and response. Inspection across 4 Gigabit Ethernet span-ports allows access to broadcast traffic resulting in potentially slower response times
Unified Management Structure and CLEAR-Flow
enable rich policy features (example: Role, Port, VLAN, Quality of Service (QoS)-based finer granularity for each detection or mitigation action)
Distinct device-level manager (Sentriant Console Manager) and without CLEARFlow, limited mitigation actions (example: No QoS-based throttling of suspicious traffic possible)

THE ATTACK MITIGATION PROCESS TYPICALLY CONSISTS OF THE FOLLOWING STEPS
1.
An infected source or malicious hacker launches a virus into the network.
2.
BlackDiamond 10K static ACLs and CLEAR-Flow rules filter out DoS attacks, determine traffic class as ‘suspicious’ and selectively port-mirror traffic to Sentriant for further analysis.
3.
The port-mirrored traffic is sent to Sentriant on a dedicated port. From here on, Sentriant controls the system in reference to the next steps.
4.
Sentriant continues to watch suspicious traffic and uses its internal rules to escalate trafficclass from suspicious to the next alert level ­ yellow.
5.
If needed, Sentriant also instantiates a dynamic ACL on BlackDiamond 10K to refine the flow criteria. BlackDiamond 10K applies the dynamic ACL in real- time and continues to port-mirror suspicious traffic conditioned on a new set of ACL rules. In parallel, if Sentriant determines that the threat is real it escalates threat-type from yellow to red alert, and sends the recommended mitigation action to EPICenter® and BlackDiamond 10K.
6.
EPICenter works with the Extreme Secure Switch Infrastructure (core and edge switches) to enforce the security policy (mitigation action) in near-real time.

We’re here to help you solve your business challenges and increase your ability to meet your own customers’ growing expectations from their telecommunications service providers.

 

 

 

cisco systems
Telco Systems
Anritsu
Leviton
telecom supply