Cisco Catalyst SW HW Refresh
Tech Field Day Video
by Samuel Pasquier
Cisco Catalyst 6500 Series Supervisor Engine 2T
My Thoughts?
All the vendors refresh their product lines from time to time although Cisco has been very quiet regarding the Sup 2T for quite sometime. Was it hard to see the reaction of some delegates? I actually have a Cisco Catalyst 6509 running CatOS – yes it’s in the process of being retired. For years now we were told that the Catalyst 6500 was coming toward it’s end of life and customers should deploy the Nexus 7000. Now it seems Cisco is repositioning itself to protect their market share in the Catalyst 6500 only after it became clear that customers weren’t going to migrate to the Nexus 7000. Instead customers decided to start evaluating all their options including Avaya, Brocade, Juniper, HP, etc.
Securing the Campus with TrustSec
and Security Group Access
The Cisco TrustSec Security Group Access (SGA) architecture builds secure networks by establishing a domain of trusted network devices. Every device in the SGA domain is authenticated by its peer device. Communication on the links between devices in the SGA domain is secured with a combination of encryption, message integrity checks, and data-path replay protection mechanisms. SGA also uses the device and user identity information acquired during authentication to classify the packets as they enter the network. This packet classification is maintained by tagging packets on ingress to the SGA-based network so that they can be properly identified for the purpose of applying security and other policy criteria along the data path. The tag, also called the security group tag (SGT), allows the network to enforce the access control policy by enabling the endpoint device to act upon the SGT to filter traffic.
My Thoughts?
I believe I understood the architecture but what are the benefits over a traditional Network Access Control (NAC) or identity (802.1x) engines which both utilize policy based control?
Cisco UPOE
Tech Field Day Video
by Nikhil Shama
Cisco Universal Power Over Ethernet (Cisco UPOE) Line Cards extend the IEEE 802.3 PoE+ standard to double the power per port to 60 watts. UPOE-enabled ports can be used to deliver power for all current PoE/PoE+ solutions in addition to UPOE devices including VDI clients, IP turrets for financial trading, personal TelePresence systems, and more.
Q & A – http://www.cisco.com/web/learning/le21/le39/docs/tdw127_qa.pdf
My Thoughts?
I already have cooling problems in my ICRs/IDFs, I can’t imagine trying to provide 60W to the end user. I consider myself a typical enterprise (healthcare) customer and I’m still deploying 802.3af with no real plans to deploy 802.3at at this time.
Cisco Catalyst Smart Operations – Smart Install
Tech Field Day Video
DHCP director – http://www.cisco.com/en/US/docs/switches/lan/smart_install/release_12.2_58_se/configuration/guide/tasks.pdf
My Thoughts?
Not sure why I need a DHCP director, why can’t I just use the same DHCP server and PXE server I’m using for everything else in my environment?
Example of Cisco Smart Install – YouTube and PacketPushers post by Matthew Mengel
Application Availability and Control (AVC)
Cisco Application Visibility and Control (AVC) provides a powerful, pervasive, integrated service management solution based on stateful deep packet inspection (DPI). With the Cisco AVC solution, the Cisco ASR 1000 Series Aggregation Service Routers (ASR 1000s) and Cisco Second Generation Integrated Services Routers (ISR G2) can identify applications within the traffic flow. They can then collect various application performance metrics on those applications such as bandwidth use, response time, or latency.
My Thoughts?
I would have liked to ask how AVC goes beyond traditional NetFlow and how it integrates with Cisco Prime Assurance Manager.
Cheers!