Introduction
Extreme Networks Instant Port Profiles (IPP) is a feature of ExtremeCloud IQ (XIQ) that automates the configuration of network devices based on the type of device that is connected to the port. This can save network administrators a lot of time and effort, as they no longer need to manually configure each device.
Instant Port Profiles allows the ability to define dynamic port configuration such as VLAN assignment based on wired device types created within an Instant Port Profile. An Instant Port Profile can be assigned to a port within a switch template or device level port configuration.
※ Note: Instant Port Profiles are supported on X435 and Universal Switches running Switch Engine.
Getting started with IPP
To get started with IPP, you will need to enable it in ExtremeCloud IQ. Once IPP is enabled, you will need to create Instant Port Device Types for each type of device that you want to use IPP with. You can then configure the settings for each Instant Port Device Type.
Examples of using IPP
Here are a few examples of how you can use IPP:
- Configure VoIP phones in a dedicated VLAN.
- Configure guest devices in a guest VLAN.
- Combine IoT devices with VoIP in a dedicated VLAN.
- Automate device placement into the correct VLAN for devices with port changes.
- Provision tagged VLANs for devices such as connected AP.
Some benefits of IPP are:
- Reduced operational costs by automating the configuration of devices.
- Improved security by ensuring that devices are placed in the correct VLANs.
- Improved performance by configuring broadcast suppression for specific devices or device types.
Configurations
Create an IPP within the Switching Section of a Network Policy, assign IPP to ports within a switch template, or within the port configuration of a switch at device level configuration.
Instant Port Profile configuration comprises the following tasks:
- Create an Instant Port Profile
- Create Instant Port Device Type
Configure an Instant Port Profile
Add or edit an IPP for a switch on the Port Configuration tab of the switch template.
- Go to Configure > Network Policies and select a device template for the switch.
- On the switch template page, select Port Configuration and then choose one of the following actions:
Add a new IPP
Select + , and then go to Step 3.
Edit a new IPP
Select an existing IPP from the drop-down menu, select Edit icon and then go to Step 3. - Configure the profile settings.
IPP Configuration Settings
Reference: ExtremeCloud IQ User Guide
Create an Instant Port Device Type Profile
Configure a Network Policy with a Switch Template and an Instant Port Profile.
The Port Device Type profile is part of the Instant Port Profile. When a device connects to a switch port, ExtremeCloud IQ uses the criteria defined in this task to determine whether the device port is eligible for application of the Instant Port Profile.
- From the Create Instant Port Profile dialog, select + under Device Types.
- Configure the Instant Port Device Type settings as described in IPP Device Type Settings.
- Select Save to commit changes, or select Cancel.
These configurations are applied automatically when a connected device matches predefined conditions in a profile. Conditions are based on:
- MAC Address (partial or exact matches)
- LLDP Information (system type, MAC)
IPP allows for custom definitions (device types) and match criteria, enabling automatic VLAN assignment and storm control parameters. IPP offers more granular control over the network configuration based on specific device types.
Device Types and Match Criteria
- Device Types: Custom definitions for types of wired devices.
- Match Criteria:
- MAC Learning
- LLDP Src MAC
- LLDP Capability
- LLDP MAC + Capability
When a match occurs, action parameters specified in the profile are automatically configured by the system, such as managing devices that move between different switch ports and switches while requiring consistent VLAN and port configurations.
[NOTE]
Tagged packets cannot be classified by IPP. For devices expected to send tagged data frames, use only LLDP (Link Layer Discovery Protocol) match configuration.
IPP Device Type Settings
Reference: ExtremeCloud IQ User Guide
Instant Port Profile (IPP) vs. Instant Secure Port Profile
Instant Port Profiles (IPP) and Instant Secure Port Profile are features that allow for automated configuration of switch ports based on the connected devices. The main difference is that Instant Secure Port Profile also offers integrated authentication and policy enforcement through ExtremeCloud Universal ZTNA, a zero-trust network access solution that provides secure connectivity for remote users and devices.
With IPP, you can define device types and match criteria based on MAC address or LLDP information, and assign VLANs and storm control settings to the ports dynamically. With Instant Secure Port Profile, you can also apply security policies and access rules to the devices based on their identity and context, and use encryption and tunneling to protect the data traffic.
Instant Port Profiles and Instant Secure Port Profile are designed to simplify the management of network-connected devices, such as access points, security cameras, and VoIP phones, and to improve the security and performance of the network.
Conclusion
Configuring Instant Port Profiles (IPP) in ExtremeCloud IQ (XIQ) is an automated approach to configuring switch ports based on the connected devices. Instant Port Profiles streamline the management of network-connected devices, such as access points (AP), security cameras, and VoIP devices by dynamically provisioning the appropriate port configuration automatically.
References
ExtremeCloud IQ User Guide
ExtremeCloud IQ Universal Switch Deployment Guide
No comments:
Post a Comment