ExtremeXOS Network Operating System
ExtremeXOS was designed from the ground up to meet the needs of large cloud and private data centers, service providers, intelligent, converged enterprise edge networks, and everything in between. It provides the high performance and rich features required by these diverse environments.
Based on a resilient architecture and protocols, ExtremeXOS supports network virtualization and standards-based SDN capabilities like VXLAN gateway, OpenFlow and OpenStack Cloud Orchestration. ExtremeXOS supports comprehensive role-based policy. This feature establishes a secure framework where every user receives a predetermined set of rules for accessing the network based on their role in the organization. Policies are defined and centrally managed by Control Center, a single pane-of-glass management system that automatically pushes policies to Extreme Networks’ access points and switches. This significantly simplifies IT’s task of managing a secure network and enhances operational efficiency. Above all, it provides a comprehensive set of security features that protect your applications, traffic, and infrastructure in a proactive manner.
ExtremeXOS is engineered to support the increasing demands placed on converged networking, cloud, and enterprise data centers while providing a single OS from core to edge.
Resilient – Modular architecture, memory protected, self-healing, resilient protocols (EAPS, ERPS, MLAG, FRR, Graceful Restart, TRILL)
Virtualized – Virtualized Applications support with XNV™ VM lifecycle management at the network level, identity-aware VDI provisioning; Layer 2 Virtualization with Hardware-based VXLAN gateway, 802.1ad Q-in-Q; Layer 2 VPN support with VPLS, VXLAN fabric overlay; Layer 3 Virtualization with Virtual Routers and VRF
Automated – Network as a development platform: Native Python and TCL scripting capabilities; User, Device, Network event, and time-based triggers; auto-provisioning capabilities; SOAP/XML and Native Application SDK
Standards-based SDN – Support for OpenFlow, OpenStack Cloud Orchestration, Open APIs
Role-Based Policy – Allows global policy definition and deployment based on distinct user roles, centrally managed by Control Center
Versatile – Support for IPv6, MPLS, VRRP, BFD, QoS, TRILL, MLAG, DCB, Policy, CFM, Y.1731, IPFIX, Sflow, AVB. Refer to Datasheet for a complete list
Role-Based Policy – Allows centrally managed, global policy deployment based on distinct user roles with Control Center network management
Proven – 10+ years in the field, 10+ years in development, millions of ports shipped; IPv6 Ready, EANTC Tested, AVNU Certified
Secure – Common Criteria EAL3+ Certified; Comprehensive toolkit to protect applications, traffic, and infrastructure
Carrier-Class Availability – Features such as EAPS (Ethernet Automatic Protection Switching), hitless failover, and self-healing automatic process restart help deliver voice-grade resiliency.
Virtualization – XNV™ (ExtremeXOS Network Virtualization), helps provide VM awareness, control, and automation for cloud and other virtualized data centers. Hardware-based VXLAN gateway capability on supported platforms provides a virtualization overlay for Ethernet layer 2 network services. Identity Manager helps provision and manage VDI, aiding desktop virtualization efforts.
Role-Based Policy – Allows centrally-managed, global policy deployment based on distinct user roles. Each defined role is granted individualized access to specific network services and applications and these access privileges remain associated with users as they move across both wired and wireless network access points. Pre-defined operational roles ensure each user has access to appropriate information, thus aligning network resource utilization with business goals and priorities.
Automation – ExtremeXOS Universal Port helps support VoIP deployment and configuration with a powerful event-driven framework. XOS includes a powerful scripting environment, further aiding automation. Flexible APIs and an expandable architecture help enable integration with management and billing systems as well as devices such as dedicated security appliances.
Security – ExtremeXOS is identity-aware, allowing identity-based access control and policy, enhancing security and facilitating regulatory compliance.
ExtremeXOS high-availability modular architecture provides process monitoring and restart, memory protection, hitless failover on dual-management module systems, and module-level software upgrade on all ExtremeXOS-enabled switches. The modular and memory-protected design prevents system corruption and avoids system reboots using self-healing process recovery. It also adds extensibility for VoIP and Security application integration dynamic application loading and scripting. ExtremeXOS embraces a Hardware Abstraction Layer model, providing a consistent and feature-rich interface to platform-specific capabilities such as ACLs, QoS, counters, and diagnostics.
Management is secured through SNMPv3, SSL, SCP-2, SSH-2, RADIUS per command authentication, and TACACS+. Access to your network is controlled with Network Login’s 802.1x/MAC/Web-based methods, allowing you to turn on network access authentication on every port, integrated with host integrity checking. The ExtremeXOS network operating system provides enterprise and metro Layer 2 and IPv4/IPv6 Layer 3 resiliency and control protocols including OSPF, ISIS, PIM, BGP, STP, VRRP, EAPS, ESRP, and ELSM unidirectional link detection. Traffic-scaling capabilities include IGMP/MLD Snooping and Multicast VLAN Registration (MVR). Network monitoring capabilities include LLDP, LLDP-MED, RMON, SMON, sFlow, and IPFIX.
- Memory protection, process monitoring and restart, loadable modules, hitless failover, DoS Protection
- SNMPv1/v2/v3, Telnet/TFTP, SSH2/SCP, HTTP, HTTPS/SSL, RADIUS, TACACS+
- Network Login with 802.1x, Web- and MAC-based, integrated with host integrity solutions
- Identity Manager for secure access, device, location, and presence awareness
- XNV™ for insight, control and automation in highly virtualized data centers
- IP Security to protect DHCP and ARP abuse
- EAPS, STP 802.1D/w/s/PVST+, VRRP, ESRP, LACP, M-LAG, ELSM Layer 2+ resiliency protocols
- OSPFv2/v3, RIPv1/v2/ng, BGP4, MBGP, PIM-DM/SM/SSM, IGMPv1/v2/v3, MLDv1/v2
- LLDP, LLDP-MED, sFlow, RMON, SMON, XML, CLEAR-Flow, IPFIX