Huawei S5700 Series S5720-HI Switch

Product overview

Huawei S5720-HI series are advanced Gigabit Ethernet switches that provide rich agile features. The switches are developed based on Huawei Versatile Routing Platform (VRP), and use the fully programmable structure to implement software definition and service change on demand. With services and network convergence as the core, the switches provide the ubiquitous service function to ensure consistent user experience. The Super Virtual Fabric (SVF) function virtualizes the entire network into one device. In addition, the switches support flexible Ethernet networking, comprehensive VPN tunnel solutions, various security control methods, intelligent deployment, and simple operation and maintenance. The S5720-HI switches are the best choices for the branches of high-quality large- and middle-sized campus networks, the core layer of small-sized campus networks, and the access layer of data center networks.

Product appearance

The following models are available in S5720-HI series:

Appearance Description


  • 24 Gig SFP, 8 of which are dual-purpose 10/100/1,000 or SFP
  • 4 x 10 Gig SFP+
  • 2 interface slots
  • 600W AC power supply
  • Forwarding performance: 168 Mpps
  • Switching capacity: 598 Gbit/s


  • 48 Ethernet 10/100/1,000 ports
  • 4 x 10 Gig SFP+
  • 2 interface slots
  • 600W AC power supply
  • Forwarding performance: 192 Mpps
  • Switching capacity: 598 Gbit/s


  • 48 Ethernet 10/100/1,000 POE+ ports
  • 4 x 10 Gig SFP+
  • 2 interface slots
  • 580W/1,150W AC power supply
  • Forwarding performance: 192 Mpps
  • Switching capacity: 598 Gbit/s

Product characteristics

Enabling networks to be more agile for services

  • The high-speed Ethernet Network Processor (ENP) embedded in the S5720-HI is tailored for Ethernet. The chip’s flexible packet processing and traffic control capabilities can meet current and future service requirements, helping build a highly scalable network.
  • In addition to the capabilities of traditional switches, the S5720-HI series provide fully programmable open interfaces and support user-defined forwarding behaviors. Enterprises can use the open interfaces to develop new protocols and functions independently or jointly with equipment vendors to build campus networks meeting their own needs.
  • The ENP has a fully programmable architecture, on which enterprises can define their own forwarding models, forwarding behaviors, and lookup algorithms. Microcode programmability makes it possible to provide new services within six months, without the need of replacing the hardware. In contrast, traditional ASIC chips use a fixed forwarding architecture and follow a fixed forwarding process. For this reason, new services cannot be provisioned until new hardware is developed to support the services 1 to 3 years later.

Delivering abundant services more agilely

  • The S5720-HI series integrates the AC function with 80 Gbit/s of wireless throughput, so customers do not need to buy independent AC devices or hardware components. An S5720-HI switch can manage up to 1K APs and 16K users, coping with the fast growth of wireless services.
  • With the unified user management function, the S5720-HI authenticates both wired and wireless users, ensuring a consistent user experience no matter whether they are connected to the network through wired or wireless access devices. The unified user management function supports various authentication methods, including 802.1x, MAC address, and Portal authentication, and is capable of managing users based on user groups, domains, and time ranges. These functions visualize user and service management and boost the transformation from device-centered management to user-centered management.

Providing fine-grained network management more agilely

  • The S5720-HI series use the Packet Conservation Algorithm for Internet (iPCA) technology that changes the traditional method of using simulated traffic for fault location. iPCA technology can monitor network quality for any service flow anywhere and anytime, without extra costs. It can detect temporary service interruptions in a very short time and can identify faulty ports accurately. This cutting-edge fault detection technology turns “extensive management” to “fine-grained management.”
  • The S5720-HI using the Super Virtual Fabric (SVF) technology and functions as a parent switch. It can not only virtualize fixed-configuration switches into line cards of a chassis switch, but also vertically virtualize APs as ports of the chassis switch. With this virtualization technology, a physical network with the “Small-sized core/aggregation switches + Access switches + APs” structure can be virtualized into a “super switch”, offering the industry’s simplest network management solution.
  • With the Easy Deploy function, the S5720-HI series manage access switches in a similar way an AC manages APs. In deployment, access switches and APs can go online with zero-touch configuration. In the Easy Deploy solution, the Commander collects topology information about the connected clients and stores the clients’ startup information based on the topology. Clients can be replaced with zero-touch configuration. The Commander can deliver configurations and scripts to clients in batches and query the delivery results. In addition, the Commander can collect and display information about power consumption on the entire network.

Complete VPN Tunnels

  • S5720-HI series switches support the MPLS function and can work as access devices for high-quality enterprise leased lines. The S5720-HI series can connect users in different VPNs and isolate users through multi-instance routing. Users in multiple VPNs connect to a PE through the same physical uplink port on the switch, which lowers a single user’s Capital Expenditure (CAPEX) for network deployment.

Flexible Ethernet networking

  • In addition to traditional Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP), the S5720-HI supports Huawei-developed Smart Ethernet Protection (SEP) technology and the latest Ethernet Ring Protection Switching (ERPS) standard. SEP is a ring protection protocol specific to the Ethernet link layer, and applies to various ring network topologies, such as open ring topology, closed ring topology, and cascading ring topology. This protocol is reliable, easy to maintain, and implements fast protection switching. ERPS is defined in ITU-T G.8032. It implements millisecond-level protection switching based on traditional Ethernet MAC and bridging functions.
  • The S5720-HI supports Smart Link and Virtual Router Redundancy Protocol (VRRP), which implement backup of upstream links. One S5720-HI switch can connect to multiple aggregation switches through multiple links, significantly improving reliability of access devices.
  • The S5720-HI series have large tables, coping with the fast growth of data volume in the big data era. With the support for 128K MAC addresses, 1M FIB entries, the S5720-HI series switch meets the requirements of educational networks and metro area networks and allows the access of a large number of terminals. The S5720-HI is the best choice in cloud computing era.

Various security control methods

  • The S5720-HI series support MAC address authentication and 802.1x authentication and implement dynamic delivery of VLAN, QoS, and ACL policies to users. They support port-based 802.1x, MAC address, and hybrid authentications and VLANIF interface-based portal authentication.
  • The S5720-HI provides a series of mechanisms to defend against DoS attacks and user-targeted attacks. DoS attacks are targeted at switches and include SYN flood, Land, Smurf, and ICMP flood attacks. User-targeted attacks include bogus DHCP server attacks, IP/MAC address spoofing, DHCP request flood, and change of the DHCP CHADDR value.
  • The S5720-HI series set up and maintain the DHCP snooping binding tables, and discard the packets that do not match the table entries. Users can specify DHCP snooping trusted ports to ensure that users connect only to the authorized DHCP server.
  • The S5720-HI supports strict ARP learning, which prevents ARP spoofing attackers from exhausting ARP entries.
  • The S5720-HI supports MAC security (MACSec) that enables hop-by-hop secure data transmission. Therefore, the S5720-HI can be applied to scenarios that pose high requirements on data confidentiality, such as government and finance sectors.

Mature IPv6 features

  • The S5720-HI is developed based on the mature, stable VRP and supports IPv4/IPv6 dual stacks, IPv6 routing protocols (RIPng, OSPFv3, BGP4+, and IS-IS for IPv6). With these IPv6 features, the S5720-HI can be deployed on a pure IPv4 network, a pure IPv6 network, or a shared IPv4/IPv6 network, helping realize IPv4-to-IPv6 transition.

Intelligent stack (iStack)

  • The S5720-HI supports the iStack function that combines multiple switches into a logical switch. Member switches in a stack implement redundancy backup to improve device reliability and use inter-device link aggregation to improve link reliability. iStack provides high network scalability. You can increase ports, bandwidth, and processing capacity of a stack by simply adding member switches to the stack. iStack also simplifies device configuration and management.

Product specifications

Item S5720-32C-HI-24S-AC S5720-56C-HI-AC S5720-56C-PWR-HI-AC S5720-56C-PWR-HI-AC1
Fixed Ports 24 x 1,000 Base-X, 8 x Combo (10/100/1,000
Base-T), 4 x 10 GE SFP+
48 x 10/100/1,000 Base-T, 4 x 10 GE SFP+ 48 x 10/100/1,000 Base-T, 4 x 10 GE SFP+ 48 x 10/100/1,000 Base-T, 4 x 10 GE SFP+
Extended Slots One port extended slot with optional subcard 4 x 10 GE SFP+
One slot reserved for the stack card
MAC Address Table IEEE 802.1d standards compliance
128K MAC address entries
MAC address learning and aging
Static, dynamic, and blackhole MAC address entries
Packet filtering based on source MAC addresses
Guest VLAN, Voice VLAN
VLAN assignment based on MAC addresses, protocols, IP subnets, policies, and ports
VLAN mapping
Wireless AC AP access control, AP domain management, and AP configuration template management
Radio frequency management, unified static configuration, and dynamic centralized management
WLAN basic services, QoS, security, and user management
CAPWAP, Tag/terminal location, and spectrum analysis
Reliability RRPP ring topology and RRPP multi-instance
Smart Link tree topology and Smart Link multi-instance, providing the millisecond-level protection switchover
G.8032 Ethernet Ring Protection Switching (ERPS)
BFD for OSPF, BFD for IS-IS, BFD for VRRP, and BFD for PIM
STP (IEEE 802.1d), RSTP (IEEE 802.1w), and MSTP (IEEE 802.1s)
BPDU protection, root protection, and loop protection
IP Routing Static routes, RIPv1/v2, RIPng, OSPF, OSPFv3, IS-IS, IS-ISv6, BGP, BGP4+, ECMP, and routing policy
Interoperability VLAN-Based Spanning Tree (VBST), working with PVST, PVST+, and RPVST
Link-type Negotiation Protocol (LNP), similar with DTP
VLAN Central Management Protocol (VCMP), similar with VTP
IPv6 Features Neighbor Discover (ND)
IPv6 Ping, IPv6 Tracert, IPv6 Telnet
ACLs based on source IPv6 addresses, destination IPv6 addresses, Layer 4 ports, or protocol types
Multicast Listener Discovery snooping (MLDv1/v2)
Multicast IGMP v1/v2/v3 snooping and IGMP prompt leave
Multicast forwarding in a VLAN and multicast replication between VLANs
Multicast load balancing among member ports of a trunk
Controllable multicast
Port-based multicast traffic statistics collection
IGMP v1/v2/v3, PIM-SM, PIM-DM, and PIM-SSM
QoS/ACL Rate limitation in the inbound and outbound directions of a port
Packet redirection
Port-based traffic policing and two-rate and three-color CAR
Eight queues on each port
DRR, SP and DRR + SP queue scheduling algorithms
Re-marking of the 802.1p and DSCP fields of packets
Packet filtering on Layer 2 to Layer 4, filtering out invalid frames based on the source MAC address, destination MAC address, source IP address, destination IP address, TCP/UDP source/destination port number, protocol number, or VLAN
Queue-based rate limitation and shaping on ports
Security Hierarchical user management and password protection
DoS attack defense, ARP attack defense, and ICMP attack defense
Binding of the IP address, MAC address, interface number, and VLAN ID
Port isolation, port security, and sticky MAC
MAC Forced Forwarding (MFF)
Blackhole MAC address entries
Limitation on the number of learned MAC addresses
IEEE 802.1x authentication and limitation on the number of users on a port
AAA authentication, RADIUS authentication, HWTACACS authentication, and NAC
SSH V2.0
CPU protection
Blacklist and whitelist
DHCP relay/server/snooping/client/security
OpenFlow Multi-controller
Nine-level session table
Group table
OpenFlow 1.3
VxLAN Supports the VxLAN function, supports VxLAN L2 and L3 gateways
Configured through the NETCONF protocol
Super Virtual Fabric (SVF) Working as the parent node to vertically virtualize downlink switches and APs as one device for management
Supports a two-layer client architecture
iPCA Directly coloring service packets to collect real-time statistics on the number of lost packets and packet loss ratio
Collection of statistics on the number of lost packets and packet loss ratio at network and device levels
Management and Maintenance iStack
Virtual Cable Test
SNMP v1/v2c/v3
Network management system (NMS) and Web management
System logs and multi-level alarms
802.3az Energy Efficient Ethernet (EEE)
Dying Gasp upon power-off
Operating Environment Operating temperature: 0°C to 45°C
Relative humidity: 5% to 95% (non-condensing)
(W x D x H)
442.0 mm x 420.0 mm x 44.4 mm
When a 1,150W power module is installed, it extrudes out from the chassis. Therefore, the total depth of the switch changes to 507 mm
Input Voltage AC rated voltage: 100V to 240V, 50 Hz/60 Hz
Maximum voltage range: 90V to 264V, 47 Hz/63 Hz
Power Consumption < 172.7W < 183.3W Without PD: < 188.74W
With PD: < 1,739W (PD: 1,440W)
without PD: < 188.74W
with PD: < 1,036W (PD: 740W)

Ordering Information

S5700-HI Series Switches

S5720-HI Series Switches

  • 03021PHQ, S5720-32C-HI-24S-AC, 24 Gig SFP,8 of which are dual-purpose 10/100/1,000 or SFP,4×10 Gig SFP+,with 2 interface slots, with 600W AC power supply
  • 02317345, S5720-56C-PWR-HI-AC1, 48 Ethernet 10/100/1,000 PoE+ ports, 4 x 10 Gig SFP+, with 2 interface slots, with 600W AC power supply
  • 02319959, S5720-56C-HI-AC, 48 Ethernet 10/100/1,000 ports, 4 x 10 Gig SFP+, with 2 interface slots, with 600W AC power supply
  • 03022MDR, S5720-56C-PWR-HI-AC, 48 Ethernet 10/100/1,000 PoE+ ports, 4 x 10 Gig SFP+, with 2 interface slots, with 1,150W AC power supply
  • 4 x 10 Gig SFP+ Interface Card (used in S5720-HI series)
  • 350W DC Power Module
  • 580W AC Power Module
  • 600W AC Power Module
  • 1,150W AC PoE Power Module
  • Resource-ES1SWL512AP0-WLAN Access Controller AP Resource License-512AP (used in S5720-HI series)
  • Resource-ES1SWL128AP0-WLAN Access Controller AP Resource License-128AP (used in S5720-HI series)
  • Resource-ES1SWL64AP00-WLAN Access Controller AP Resource License-64AP (used in S5720-HI series)
  • Resource-ES1SWL16AP00-WLAN Access Controller AP Resource License-16AP (used in S5720-HI series)
  • Resource-ES5SF4512K00-FIBv4 Resource License-128K (used in S5720-HI series)
  • Resource-ES5SF4128K00-FIBv4 Resource License-512K (used in S5720-HI series)
  • Function-S5700-ES5FEA1-ES5SSVFF0000-SVF Function License (used in S5720-HI series)

About Us

As a world leading Huawei networking products supplier, Hong Telecom Equipment Service LTD(HongTelecom) keeps regular stock of Huawei S5300/ S2300/ S9300/ S1700/ S2700/ S5700/S6720/ S7700/ S9700/ S12700 all cards at very good price, also Hong Telecom Equipment Service LTD ship to worldwide with very fast delivery.

Leave a Reply