HP's strategy conjures up memories of Cisco Systems' successful Architecture for Voice, Video, and Integrated Data (Avvid), which was introduced in September 2000. Like Avvid, HP's strategy defines a single network that is multiservice running voice, data, and video.
Additionally HP's new design preaches security and mobility and focuses on the use of network applications, such as VoIP.
Brice Clark, worldwide director of strategy for HPS' ProCurve Networking business, said security and mobility are "urgent needs for enterprises".
"Enterprises want to add more intelligence to the edge of their networks to manage security and deploy new applications," he added. "Networks today are supporting a broader range of data, not just databases."
Under the strategy, a network can be secured and a user's access to network services and resources can be personalised all the way from the device where a PC or other client device meets the network.
Companies will be able to prioritise voice conversations and video sessions all the way across the network using HP edge switches that can recognise types of traffic that need special treatment.
This kind of capability has been located on relatively expensive devices at the core of a Lan. HP wants to let companies easily define network rules and enforce them on affordable hardware.
Two key pieces of the strategy are Radius (Remote Authentication Dial-In User Service) technology for authenticating users, and the IEEE 802.1x standard for port-based access control.
A central database holds information about what groups the user belongs to and what resources he or she should be able to access. When a user logs in to the network, the switch will get information from the central database that is then translated into specific network commands that the switch uses to configure the port.
HP already offers an AAA (authentication, authorisation, and accounting) server that could be used for these profiles, but the information also could be attached to an Oracle human resources database, for example.
With network privileges enforced at each port, unauthorised users get cut off right at the edge of the network. Administrators will also be able to set up special profiles for visiting partners or customers who want to use the Lan but shouldn't see everything on it.
The idea is to shift from giving users network rights based on where they are, such as at a certain port where the PC is always plugged in, to giving them rights based on who they are - even if they're accessing the network from a remote location.