Overblog Follow this blog
Administration Create my blog
Cisco & Cisco Network Hardware News and Technology

Cisco Delivers New Enterprise Collaboration Solutions

October 28 2013 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco News

Cisco will boost its enterprise collaboration stack with products designed to simplify the way companies secure communications, interact with external parties and manage their collaboration tools.

At its annual Collaboration Summit event, Cisco announced the next phase of its vision for collaboration, which focuses on delivering innovations that embrace the modern workspace and enable users to work smarter and more efficiently from virtually anywhere. Cisco designed the new solutions specifically with the goal of making it easier for teams to instantly connect communicate and collaborate–so people can respond faster and make decisions more quickly. Tailor-made for the increasingly mobile and distributed workforce, these new innovations are simple to use, are highly intuitive and make collaboration easy to scale across organizations of all sizes. 

“Collaboration tools are old and broken,” said Rowan Trollope, senior vice president and general manager of Cisco’s Collaboration Technology Group, during a meeting with reporters prior to today’s announcement.

Younger workers demand and expect collaboration tools—including IM, presence, video conferencing, audio chats, IP telephony and Web meetings—to be readily available anytime and anywhere, so Cisco is doubling down on mobility and cloud computing.

“You haven’t seen anything yet,” Trollope said, adding that the products being unveiled represent “a new direction for collaboration at Cisco.”

A Bevy of New Offerings

One of the products is the Cisco Expressway, a gateway that secures real-time collaboration, including voice, IM and video communications without requiring device registration, account setup or passwords.

Cisco Expressway, part of the company’s Collaboration Edge Architecture, uses Transport Layer Security and works with Cisco product families like Jabber and TelePresence. Expressway will be available in December. Expressway remote and mobile access for Jabber will be included at no additional cost in Cisco Unified Workspace license bundles.

Another new product is Jabber Guest, which plugs into Expressway and lets companies provide secure, controlled access to their enterprise collaboration systems to external parties like partners, contractors and customers.

For example, Jabber Guest lets companies usher in outsiders via a link on an IM or through a button on their website, so that, say, a tech support representative can communicate with a customer through video conference and screen share via a browser or mobile device. Jabber Guest will be available in January. Pricing will be announced then and will be based on the number of concurrent “guest” sessions the customer wants to have available.

Cisco will also unveil a new technology called Intelligent Proximity, designed to make it easy for employees to link their mobile phones with their desk phones

Cisco will also unveil a new technology called Intelligent Proximity, designed to make it easy for employees to link their mobile phones with their desk phones so that they can switch calls in progress back and forth, and export contacts and call histories from the mobile phones. The first Cisco phone to gain this functionality will be the Android-based DX650 Smart Desk Phone.

The first implementation of Intelligent Proximity uses Bluetooth, but it will later employ an as-yet-unannounced Cisco technology that will further simplify the linking of devices, according to Trollope. The Intelligent Proximity for the DX650 will be delivered via a free firmware upgrade in November.

For IT administrators, Cisco has enhanced Prime Collaboration, giving it a centralized management console to control most Cisco collaboration products, including servers, desk phones and client software, monitor system health and provision users’ own devices. It will be available in November.

Cisco is also announcing the second generation of its TelePresence MX300 endpoint, whichCisco-TelePresence-MX300.jpg is a stand-mounted, high-definition (1080p) display with a camera, four-way conferencing capability, an industrial “sleek” design and simple assembly requirements, according to the company. Available in December, its list price starts at $23,900.

On the low end, Cisco unveiled the IP Phone 7800 Series for midmarket customers that offers what the company describes as “superior audio quality” with low power consumption. It will be available this month and cost $255.

Original News from http://www.pcworld.com/article/2057100/cisco-beefs-up-enterprise-collaboration-tools.html

More Related Cisco News:

Cisco Boosts Enterprise Collaboration Tools for the Modern Workspace

Read more

Cisco Nexus 3100: Next-gen Merchant Silicon-based ToR Switch Series

October 22 2013 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

Cisco expanded its line of merchant silicon-based, top-of-rack data center switches with its new Nexus 3100 series.nexus-3100.png

Like other switches in this family, including the Nexus 3000 and 3500 series, the Nexus 3100 is a low-latency, high-density Layer 2 and Layer 3 switch. And because it is based on merchant silicon, the Nexus 3100 series does not support FabricPath, Cisco's TRILL-based Layer 2 mulit-pathing technology, or Cisco's fabric extender technology. In other words, like previous Nexus 3000 switches, the Nexus 3100 is not a part of Cisco's FabricPath-based data center fabric strategy.

Instead, Cisco is positioning the Nexus 3100 as a top-of-rack device for enterprises that require high-density, low-latency, top-of-rack switches that can be deployed in a leaf-spine architecture using conventional Layer 3 protocols.

Cisco also said the Nexus 3100 will support a variety of software-defined networking (SDN) capabilities, including its onePK SDN interface, virtual extensible LAN and OpenFlow 1.0. Cisco did not specify if or when it will start supporting the newer OpenFlow 1.3 specification.

Cisco didn't announce when the new switch will start shipping, but promised more details would be available "in the coming weeks."

The Nexus 3100 comes in two flavors. The Nexus 3132Q is a 2.56 Tbps switch that ships with 32 ports of 40 Gigabit Ethernet (GbE). The Nexus 3172PQ is a 1.44 Tbps switch with 48 10 GbE ports and 6 40 Gbps ports. Cisco claimed these switches will support Layer 3 in-service software upgrades. Although it claimed the switches will be ultra-low latency, Cisco has not published exactly how low that latency will be.

Cisco Nexus 3132Q vs. Cisco Nexus 3172PQ

Cisco Nexus 3132Q vs. Cisco Nexus 3172PQ

Cisco envisions two use cases for the Nexus 3100 series, according to Jimmy Shah, product manager at Cisco. First, the switches can serve as server access switches, particularly as leaf switches in a leaf-spine data center network. Second, the Nexus 3132Q, with its high-density 40 GbE ports, can serve as a pizza-box spine switch in the same leaf-spine environment.

Cisco's Nexus 3000 switches were seen by many experts as a response to rival Arista Networks' success in selling merchant silicon-based, ultra-low latency switches into financial trading firms. Cisco is calling the Nexus 3100 line the second generation of those switches.

"This is a big step up from the Nexus 3064," Shah said. "We see a lot of our 3064 customers transitioning to this product. If I'm building a new data center and I'm looking for the densest 10 Gb switch, then the 3100 becomes a great choice based on these hardware and software features."

Refer to http://searchnetworking.techtarget.com/news/2240206672/Cisco-Nexus-3100-Next-gen-merchant-silicon-based-ToR-switch-series

More Related Cisco Topics:

Cisco Will Raise Catalyst Switch Prices by Up to 67%

Cisco Released Wave 2-Ready 802.11ac Access Point and Catalyst 3650

Cisco Nexus 3100, Ready to Support VMware NSX?

Cisco to Unveil New Catalyst Access Switch to Converge Wired&Wireless Networking

Cisco Catalyst 6800: New Name, Same Game

Read more

Multiple Vulnerabilities in Cisco Products Could Cause Remote Denial of Service

October 18 2013 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco & Cisco Network

Multiple vulnerabilities have been discovered in several Cisco products, including Cisco Adaptive Security Appliance (ASA) 5500 Series, Cisco Catalyst 6500 Series ASA and Firewall Services Module (FWSM), Cisco 7600 Series Routers ASA and FWSM, Cisco ASA 1000V Cloud Firewall, as well as Cisco 1000 Series Aggregation Services Routers (ASR) running Cisco IOS XE. These products provide firewall, intrusion prevention, remote access, and other services. Successful exploitation of these vulnerabilities could result in denial of service conditions or reboot of the affected device.

SYSTEMS AFFECTED:

Cisco Adaptive Security Appliance (ASA) Software for:

Cisco Firewall Services Module (FWSM) Software for:

Cisco IOS XE Software for:

  • Cisco 1000 Series Aggregation Services Routers (ASR)

RISK:

Government:

  • Small government entities: High
  • Large and medium government entities: High

Businesses:

  • Large and medium business entities: High
  • Small business entities: High

 

Home users: N/A

 

DESCRIPTION:

Multiple Cisco products are vulnerable to a remote Denial of Service condition. The details of each vulnerable Cisco product are provided below.


Cisco Adaptive Security Appliance (ASA) 5500 Series, Cisco Catalyst 6500 Series ASA and Firewall Services Module (FWSM), Cisco 7600 Series Routers ASA and FWSM, Cisco ASA 1000V Cloud Firewall

 

To exploit these vulnerabilities, an attacker needs to create a specially crafted packet that will cause a denial of service condition when processed by the appliance. Affected versions of Cisco ASA and FWSM software will vary depending on the specific vulnerability.

 

The details of the vulnerabilities are as follows:

  • Cisco ASA and Cisco FWSM are prone to a remote denial-of-service vulnerability because they fail to properly process an incoming IKE version 1 message. An attacker can exploit this vulnerability by sending a crafted IKE message, causing a reload of an affected device, denying service to legitimate users. Switching to IKE version 2 will mitigate this vulnerability. This issue is being tracked by Cisco Bug IDs CSCub85692 and CSCud20267 (CVE-2013-1149).
  • Cisco FWSM for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is prone to a denial-of-service vulnerability due to the incorrect processing of URLs. Specifically, this issue occurs when clients make requests through the auth-proxy feature. An attacker can exploit this issue to cause a vulnerable device to reload, triggering a denial-of-service condition. Disabling AAA for network access control and HTTP(S) listening ports to authenticate network users, if feasible, will mitigate this vulnerability. This issue is tracked by Cisco Bug ID CSCtg02624 (CVE-2013-1155).
  • Cisco Adaptive Security Appliance (ASA) is prone to a remote denial-of-service vulnerability. Specifically, this issue occurs in the URL processing code of the authentication proxy feature. An attacker can exploit this vulnerability by sending a crafted URL, causing a reload of an affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCud16590 (CVE-2013-1150).
  • Cisco Adaptive Security Appliance (ASA) is prone to a remote denial-of-service vulnerability due to an implementation error in the code that validates the digital certificates used during authentication. An attacker can exploit this issue by using a crafted certificate to trigger an authentication operation on an affected device, causing a reload of an affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuc72408 (CVE-2013-1151)
  • Cisco Adaptive Security Appliance (ASA) is prone to a remote denial-of-service vulnerability that occurs in the DNS inspection engine code. Specifically, this issue occurs because of improper processing of certain fields in DNS messages. An attacker can exploit this issue by sending a crafted DNS message, causing a reload of an affected device, denying service to legitimate users. Disabling DNS inspection, if feasible, will mitigate this vulnerability. This issue is being tracked by Cisco Bug ID CSCuc80080 (CVE-2013-1152).

 

Cisco IOS XE Software for Cisco 1000 Series Aggregation Services Router (ASR).

To exploit these vulnerabilities, an attacker needs to create a specially crafted packet that will cause a denial of service when processed by the software. Affected versions of Cisco IOS XE Software for 1000 Series ASR will vary depending on the specific vulnerability.

 

The details of the vulnerabilities are as follows:

  • Improper handling of fragmented IPv6 multicast and IPv6 MVPN traffic by Cisco 1000 Series ASR with ASR1000-ESP40 or ASR1000-ESP100 may allow an attackers to cause a reload of the affected devices, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCtz97563 and CSCub34945 (CVE-2013-1164).
  • Improper handling of specific L2TP packets by Cisco 1000 ASR may allow an attackers to cause a reload of the affected devices, denying service to legitimate users. Repeated attacks will result in a sustained denial of service. This issue is being tracked by Cisco Bug ID CSCtz23293 (CVE-2013-1165).
  • Improper handling of packets by Cisco 1000 Series ASR configured for bridge domain interface (BDI) may allow attackers to cause a reload of the affected devices, denying service to legitimate users. Repeated attacks will result in a sustained denial of service. This issue is being tracked by Cisco Bug ID CSCtt11558 (CVE-2013-1167).
  • Improper handling of a large number SIP packets by Cisco 1000 Series ASR when configured for VRF-aware NAT and SIP ALG may allow an attackers to cause a reload of the affected devices, denying service to legitimate users. Repeated attacks will result in a sustained denial of service. This issue is being tracked by Cisco Bug ID CSCuc65609 (CVE-2013-1166).

 

RECOMMENDATIONS:

We recommend the following actions be taken:

  • Upgrade vulnerable Cisco products immediately after appropriate testing.
  • Consider migrating from IKE version 1 to IKE version 2.

 

REFERENCES:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000

 

More Related Topics:

Cisco Patches Flaw in Security Appliances, Switches, Routers

Cisco IOS Updates Fix Eight Denial of Service Vulnerabilities

Cisco to Unveil New Catalyst Access Switch to Converge Wired&Wireless Networking

Read more

Cisco Aironet 3700 Series: High-Density Experience

October 14 2013 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Wireless - Cisco Wireless AP

The Cisco Aironet 3700 Series is designed for high-density network environments that use mission-critical, high-performance applications. The Aironet 3700 Series incorporates the High-Density Experience by using an innovative chipset with the best-in-class RF architecture. The Aironet 3700 Series provides three times the performance of current 802.11n based Wi-Fi at a greater distance.

Cisco Aironet 3700 Series Access PointsThe-Aironet-3700-Series.jpg

The industry’s first access point with an integrated 802.11ac Wave 1 radio supporting 4x4 multiple input, multiple output (MIMO) with three spatial streams offers:

  • The industry's first access point with integrated 802.11ac Wave 1 radio to support a 4x4 MIMO with three spatial streams
  • Cisco CleanAir Technology with enhanced 80 MHz channel support
  • Updated Cisco ClientLink 3.0 to boost performance for all clients, including 802.11ac
  • Dual Band 2.4/5 GHz integrated radios to address the growing needs of BYOD and bandwidth demands
  • A modular design that supports Cisco Wireless Security and Spectrum Intelligence, Cisco 3G Small Cells, or future 802.11ac Wave 2

 

Specifications at a Glance

Certified by the Wi-Fi Alliance, Aironet 3700 Series Access Points are offered in two versions:

  • The 3700i model has integrated antennas for typical office deployments
  • The 3700e model requires external dual-band antennas and is for RF-challenging indoor environments

The 3700e model is for RF-challenging indoor environments and requires external dual-band antennas. (For more information about antennas, visit: Antenna Product Portfolio for Cisco Aironet 802.11n Access Points).

http://www.cisco.com/en/US/prod/collateral/wireless/ps7183/ps469/at_a_glance_c45-513837.pdf

More Related Cisco Aironet Access Points Topics:

Cisco Aironet 3700 Series-Meet and Exceed Mission-Critical Wireless Needs

Cisco Enterprise-level Access Points Top Out at Nearly 400Mbps

Cisco 802.11ac Module for the Cisco 3600 Access Point

How to Connect Cisco Wireless Access Point?

Wi-Fi Alliance Announces 802.11ac Certification

Cisco Ushers in the Next Generation in Enterprise Class Wi-Fi Connectivity

Read more

Four Optional Network Modules for Cisco Catalyst Switches

October 11 2013 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Modules - Cisco Cables - Cisco Memory

The Cisco Catalyst 3750-X Series and 3560-X Series Switches support four optional network modules for uplink ports. The 4 optional network modules are C3KX-NM-1G, C3KX-NM-10G, C3KX-NM-10GT and C3KX-SM-10G=.

What are the exact four optional network modules? Let’s have an overview on them.

C3KX-NM-1G: The module has four 1-Gigabit SFP module slots. Any combination of standard SFP modules is supported. SFP+ modules are not supported. If you insert an SFP+ module in the 1-Gigabit network module, the SFP+ module does not work, and the switch logs an error message.

Figure1: C3KX-NM-1G-1 Gigabit Ethernet Network Module

C3KX-NM-1G-1-Gigabit-Ethernet-Network-Module.jpg

1

Network module

3

LEDs

2

1 Gigabit Ethernet SFP slots

4

Captive screws

C3KX-NM-10G: The module has four slots. Two slots support only 1-Gigabit SFP modules. Two slots support either 1-Gigabit SFP or 10-Gigabit SFP+ modules. (Note:  The GLC-T SFP is not supported on the SFP+ slots of C3KX-NM-10G.) The four slots are grouped as two pairs, with each pair consisting of one SFP slot and one SFP+ slot. Each pair supports either two 1-Gigabit SFP modules or one 10-Gigabit SFP+ module. A 10-Gigabit SFP+ module cannot operate at the same time as the corresponding 1-Gigabit SFP module in the pair.

Figure2: C3KX-NM-10G-10-Gigabit Ethernet Network Module-SFP Ports
C3KX-NM-10G-10-Gigabit-Ethernet-Network-Module-SFP-Ports.jpg

1

Network module

4

LEDs

2

1 Gigabit Ethernet SFP slots

5

Captive screws

3

1 Gigabit or 10 Gigabit Ethernet SFP+ slots

 

 

Supported combinations of SFP and SFP+ modules:

  • Slots 1, 2, 3, and 4 with 1-Gigabit SFP modules
  • Slots 1 and 2 with 1-Gigabit SFP modules and Slot 4 with one 10-Gigabit SFP+ module
  • Slot 2 with one 10-Gigabit SFP+ module and Slots 3 and 4 with 1-Gigabit SFP modules
  • Slot 2 and Slot 4 each with 10-Gigabit SFP+ modules

A 10-Gigabit SFP+ module takes precedence over a 1-Gigabit SFP module except when an SFP module is first inserted in Slot 1 and has link. When you insert an SFP+ module in Slot 2, the SFP in Slot 1 retains link. The SFP+ module in Slot 2 does not operate.

When the SFP module in Slot 1 is shutdown, loses link, or is removed, the SFP+ module in Slot 2 turns on. The SFP module in Slot 1 does not work as long as an SFP+ module is in Slot 2, whether it has link up or not. The same precedence applies to Slots 3 and 4.

C3KX-NM-10GT: This module has two (copper) ports that support speeds of 1Gps or 10Gps.

Figure3: C3KX-NM-10GT-Two Port 10G BaseT Network Module

C3KX-NM-10GT-Two-Port-10G-BaseT-Network-Module.jpg

C3KX-NM-10GT-Two-Port-10G-BaseT-Network-Module02.jpg

C3KX-SM-10G=: This module has two slots that support either 1-Gigabit SFP or 10-Gigabit SFP+ modules (Te1/Gi2 and Te2/Gi4). The service module supports Net Flow and MACSec Uplink Encryption (switch- to-switch encryption between uplinks).

Figure4: C3KX-SM-10G-10G Service Module

C3KX-SM-10G-10G-Service-Module.jpg

1

Service module

2

1-Gigabit or 10-Gigabit Ethernet SFP+ slots

3

LEDs

4

Captive screws

C3KX-NM_BLNK=: The module has no ports.

Figure5: Blank Network Module

Blank-Network-Module.jpg

1

Network module

2

Captive screws

More Related Cisco Network Modules:

Cisco Interface Cards for Cisco 1900, Cisco 2900 and Cisco 3900 Series

GBIC Module, Main Function & Key Features

How to Connect 2 WAN, 1 LAN through a Cisco Router?

Basic Knowledge Related to Popular Cisco Cards and Cisco Modules

Read more