Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Martin_Stolz
Participant

SMB 1600/1800 rumours ?

First off all - Happy New Year 2021 to Check Mates!

 

Interesting finding in 

  • sk153152:  
    R80.30 Jumbo Hotfix AccumulatorTake 227 supports the new SMB 1600/1800 appliances
    LSM and Security Management for EA purpose.
  • sk165456:
    NEW: Added 1600, 1800 and 1570R appliances to SmartConsole Hardware list.

 

Are there new devices coming?

Does anyone have any technical details?

 

Ciao Martin

19 Replies
HristoGrigorov

I saw them mentioned briefly on some SMB roadmap but no details. I want to believe these will be Quantum series SMBs. 

0 Kudos
G_W_Albrecht
Legend Legend
Legend

This is a slide from CPX 2020 SMB Presentation:2020_SMB.png

Hope it is ok to show it as it is soon 1 year old 😎

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
G_W_Albrecht
Legend Legend
Legend

This really had been discussed once, a sales collegue told me - the 910 pimped with 10GbE WAN port for Maestro. For me, SMB is an appliance best positioned on the admin desk - no fan, LEDs and console port at hand 😎.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
HristoGrigorov

SMB in a Maestro configuration!??!

I nearly died laughing man 🤣

G_W_Albrecht
Legend Legend
Legend

You must think of this in a sales context 🤠 But yes, makes no sense at all, of course...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Magnus-Holmberg
Advisor

The datasheet and faq has been on the site for a few days. 🙂
Dated from the 15th.

https://www.youtube.com/c/MagnusHolmberg-NetSec
0 Kudos
G_W_Albrecht
Legend Legend
Legend

Also available since December 10th: 1600 / 1800 Appliance R80.20.XX Getting Started Guide

1600: Two WAN ports, one DMZ port, each of which is a combo port of SFP and RJ45 (on the right). Only one can operate a time when plugged in and connected. RJ45 - supports 10/100/1000MbE / SFP - supports 1000MbE. LAN ports 1-16 - support 10/100/1000MbE, LAN 1 and LAN 2 (Sync) also support 2.5GbE.

1800: Two WAN ports, each of which is a combo port of SFP and RJ45 (on the right). Only one can operate a time when plugged in and connected. RJ45 - supports 10/100/1000MbE / SFP - supports 1000MbE. One DMZ port, also  a combo port of SFP and RJ45, RJ45 - supports 10/100/1000/2500/5000MbE and 10GbE, SFP - supports 10GbE. One Management port - supports 10/100/1000MbE. LAN ports 1-18 - support 10/100/1000MbE, LAN 1 and LAN 2 (Sync) also support 2.5GbE. The 1800 also has two PSUs and SSD storage memory.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
PhoneBoy
Admin
Admin

The appliances are now in EA, so I think it’s safe to say they’re coming. 🙂
I presume a formal announcement will be made during CPX, but that’s just a guess.

0 Kudos
John_Fleming
Advisor

Are they going to do something about the poor visibility to the built in switch?

0 Kudos
PhoneBoy
Admin
Admin

Define "poor visibility"

0 Kudos
John_Fleming
Advisor

Last time I looked you can't see what physical port a given mac address is attached to on the switch. That seems like pretty poor visibility to me. Basically just have to shutdown random ports to stop local attack.

0 Kudos
PhoneBoy
Admin
Admin

That is still the case, yes, and now I remember the conversation we had on this 🙂

0 Kudos
G_W_Albrecht
Legend Legend
Legend

sk166552 All LAN ports/switches and their associated VLANs share the same MAC address in 700/900/1200R/1400/1500 SMB appliances explains that for all SMB platforms excluding the 1200R, it is possible to override the default MAC address with any other MAC configured manually.This should add the visibility you want, i assume, as both port and client MAC should be visible then.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
John_Fleming
Advisor

I don't think we're talking about the same thing. I'm talking about the MAC address of a client that is connected to a given port, not what MAC the firewall has attached to a given layer 3 interface. 

For example on a cisco switch

NotTheLab# show mac address-table address b8:ca:3a:67:41:a4
Mac Address Table
-------------------------------------------

Vlan Mac Address Type Ports
---- ----------- -------- -----
14 b8ca.3a67.41a4 DYNAMIC Gi2/0/21
101 b8ca.3a67.41a4 DYNAMIC Gi2/0/21
Total Mac Addresses for this criterion: 2
NotTheLab# 

Note: This is not the arp table. 

0 Kudos
G_W_Albrecht
Legend Legend
Legend

I understand what you mean. Yes, this is no Cisco Switch 😎

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
John_Fleming
Advisor

Its also not a d-link or netgear or like.. any managed switch really. Its a pretty basic feature of a managed switch.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

These appliances never have been equipped with manageable switches, and the large GAiA appliances also get connected to a stack of manageable switches instead of featuring them. I do not remember that other companies SOHO firewalls have that included...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
John_Fleming
Advisor

Every SMB firewall does in fact have a built in switch. This is why traffic going from LAN1 to LAN2 (by default) doesn't pass through the firewall. If it did you would get terrible performance and the CPU would go nuts. And it is indeed a managed switch as you can very easily segment the switch into multiple vlans. This is unique to the SMB devices. If that isn't enough proof even the driver used is called a switch. Oh I don't know if this is still the case but l found on the 1400 there was also no layer 2 loop detection.  

[Expert@500]# ethtool -i LAN1
driver: marvell switch port
version: 1.0
firmware-version:
bus-info: switch SMI bus
supports-statistics: yes
supports-test: no
supports-eeprom-access: no
supports-register-dump: no
supports-priv-flags: no
[Expert@1500]#

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events