Overblog Follow this blog
Administration Create my blog
Cisco & Cisco Network Hardware News and Technology

Posts with #cisco & cisco network tag

RV340W Dual WAN Gigabit VPN Router with Wireless

July 20 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Routers, #Networking, #Cisco & Cisco Network, #Technology

With the new Cisco RV340W's intuitive user interface, you'll have your Internet access set up and running in minutes.

It is easy-to-use, flexible, high-performance, and durable which makes this well suited for small businesses.

The RV340W extends the basic capabilities of Cisco RV routers:

  • Dynamic web filtering helps enable business efficiency and security when connecting to the web.
  • Client and application identification allow Internet access policies for end devices and cloud applications, helping to ensure performance and security.
  • 4 Gigabit LAN ports facilitate high-speed connectivity of your network devices.
  • The RV340W has integrated 802.11ac Gigabit Wi-Fi for your mobile devices.

The Cisco RV340W can also boost employee productivity and overall network performance. It can limit Internet surfing to appropriate site categories and can eliminate unwanted network traffic.

Features and Benefits

  • 2 WAN ports (RJ-45) allow load balancing and resiliency
  • 4 LAN ports (RJ-45) provide high-performance connectivity
  • Integrated 802.11ac WLAN access point with external antennas (Wave 2 MU-MIMO)
  • 2 USB ports support a 3G/4G modem or flash drive
  • Flexible VPN functionality for secure interconnectivity
  • Support for the Cisco AnyConnect Secure Mobility Client, ideal for remote access by mobile devices
  • Dynamic web filtering, enabling business efficiency and security while connecting to the Internet
  • Client and application identification that allows Internet access policies for end devices and Internet applications, to help ensure performance and security

 

Cisco RV340W Dual WAN Gigabit Wireless AC VPN Router-Ordering Information

Type

Model/Product ID

Description

Security license

LS-RV34X-SEC-1YR=

RV Security – 1 year: Enables dynamic web filter/Internet security and Application Visibility and Client identification (no license required for a 90-day trial period)

AnyConnect Server license

LS-RV-ACS-25-1YR=

RV AnyConnect Server – 1 year: Upgrade to 25 tunnels

Increases the number of supported tunnels from 2 to 25

Depending on the user device, an AnyConnect Secure Mobility User Client license is required. Recommended: L-AC-PLS-LIC=. To download the AnyConnect client from Cisco.com, you also need a support contract

Regional SKU

RV340W-A-K9-NA

USA, Canada, Mexico, and the rest of LATAM

Regional SKU

RV340W-E-K9-G5

EU, Vietnam, Ukraine, Saudi Arabia, UAE, Egypt, Qatar, Kuwait, Israel, Hong Kong, Indonesia, Malaysia, Philippines, Singapore, Thailand, South Africa

Regional SKU

RV340W-C-K9-IN

India

Regional SKU

RV340W-E-K9-AU

Australia, New Zealand

 

More Related

Cisco RV340W VPN Router, For Any Small-business Network that Requires…

How to Install your Cisco RV340W and Launch the Web-based Device Manager?

The New Cisco RV Series VPN Routers-RV340, RV345

Cisco 809 Industrial ISR vs. 829 Industrial ISR

Read more

New Catalyst 9000 Switches for a Changing World

July 11 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Switches - Cisco Firewall, #IT, #Technology, #Data Center, #Cisco & Cisco Network, #Cisco Technology - IT News

Cisco switches are constantly learning, constantly adapting, constantly protecting in your data center, core, or edge.

This is the new era in networking. The Network. Intuitive.

Now here comes the Cisco Catalyst 9000 Series.

Cisco’s new Catalyst 9000 switches, switching for a changing world, constantly adapt to help you solve new challenges.

  • Their integrated security helps you address ever-changing threats.
  • They simplify management of your evolving mobility, Internet-of-Things (IoT), and cloud requirements.

There are three series in Catalyst 9000 family:

Catalyst 9300 Series: The Catalyst 9300 Series is our top fixed-access enterprise network switch series, stacking to 480 Gbps.

Catalyst 9400 Series: Cisco’s leading modular-access switches for enterprise, the Catalyst 9400 Series supports up to 9 Tbps.

Catalyst 9500 Series: The Catalyst 9500 Series is the industry’s first fixed-core 40-Gbps switch for the enterprise.

More fast questions and answers help you learn more about the new Catalyst 9000 Series.

Cisco Catalyst 9000 network features and services (common to all Cisco Catalyst 9000 Switches)

Q: What feature sets do the Cisco Catalyst 9000 Switches support?

A: The Cisco Catalyst 9000 Series Switches support the packaging of features into Essentials and Advantage packages. The details of the features in each package are listed in the data sheets–link provided below in the Pricing and Ordering section.

Q: What programmability capabilities are available on the Cisco Catalyst 9000?

A: The Cisco Catalyst 9000 opens a completely new paradigm in network configuration, operation, and monitoring through network automation. The Cisco automation solution is open, standards-based, and extensible across the entire network lifecycle of a network device.

• Device provisioning: Through Plug-and-Play (PnP), Zero-Touch Provisioning (ZTP), and Preboot Execution (PXE)

• Configuration: Model-driven operation through open Application Programming Interfaces (APIs) over NETCONF, Python Scripting

• Customization and monitoring: Streaming telemetry

• Upgrade and manageability: In-Service Software Upgrade (ISSU), patchability, and config/replace

Q: What management capabilities are available for the Cisco Catalyst 9000?

A: You can manage it using the Cisco IOS Software Command-Line Interface (CLI), using Cisco Prime® Infrastructure 3.1.7 DP13, Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM), onboard Cisco IOS XE Software Web User Interface (WebUI), Simple Network Management Protocol (SNMP), or Netconf/YANG.

Q: Is there an onboard web GUI on the Cisco Catalyst 9000?

A: Yes. An onboard web GUI is available.

Q: What is the purpose of the blue beacon LED on the Cisco Catalyst 9000?

A: The blue beacon LED is common across the Cisco Catalyst 9000 Series Switches to simplify the operations. It makes chassis identification easier when several such switches are mounted on racks. A remote administrator can enable the LED to blink to help the local operator quickly locate the chassis. The local operator presses the mode button to acknowledge.

Q: What is the maximum number of VRF instances that I can configure on a Cisco Catalyst 9000?

A: The maximum number of VRFs that you can configure on a Cisco Catalyst 9000 is 256.

Q: What is Cisco’s direction for wireless?

A: Cisco believes that the best solution for a wired or wireless network is achieved when integrated into SD-Access, Cisco’s lead architecture for the next-generation enterprise network. This solution delivers consistency with wired infrastructure around policy, segmentation, orchestration and automation, and assurance. This new architecture delivers the best experience for mobility, guest, IoT, multicast services, and overall network performance with its distributed data plane and centralized control-plane architecture.

Q: What wireless support is provided with the Cisco Catalyst 9000 platforms?

A: Cisco Catalyst 9000 products are instrumental in supporting the following wireless capabilities in the SD-Access architecture:

• Connect access points and integrate them into the SD-Access fabric. The switch integrates with the fabric control plane (LISP), thereby providing reachability for the access points and clients in the fabric.

• Deliver macro (VRF) and micro (Scalable Group Tag (SGT) [SGT] group-based) segmentation to the access points to deliver end-to-end policies.

• Can terminate guest VXLAN traffic, so there is no need for a dedicated guest anchor controller.

The support for wireless capability at launch will be together with the AireOS 8.5 Controller running on an Cisco 8540 Wireless Controller, Cisco 5520 Wireless Controller, or Cisco 3504 Wireless Controller appliance with the Cisco Catalyst platforms functioning as Fabric Edge and Fabric Border nodes.

 

Q: What are the SD-Access wireless capabilities?

A: The new Cisco Catalyst 9000 Series switches provide a complete solution for Campus with Cisco AireOS Conrollers and Wave 2 access points.

Q: What are the advantages of integrating wireless in the SD-Access fabric architecture?

A: • Highest performance and scale: Distributed data-plane forwarding in hardware distributed in the network paired with the large control-plane scale offered by the dedicated controller appliances.

• Best guest: You don’t need a dedicated guest anchor controller in the Demilitarized Zone (DMZ): Traffic is sent directly to the fabric border to exit the fabric. Also, there is no sub-optimal traffic forwarding such as from an access point to a foreign controller and on to a guest anchor controller.

• Best mobility: IP addressing is simpler; there is one subnet for the entire wireless SSID across the network, and no hairpin of traffic when roams occur.

• Simple operation: Operation is simple because wired and wireless are treated the same and operated together; they have common policies and controller-based automation.

• Wired innovations applied to wireless: First-hop security innovations available for wired can also be applied to wireless; for example, Dynamic ARP Inspection (DAI), IP Source Guard (IPSG), and DHCP Snooping.

• Segmentation across wired and wireless:

-The virtual network now passes all the way to wired as well as wireless devices.

-This segmentation is important for separation of certain devices from others, such as IoT and building automation devices connected over wireless.

-It is also important for security reasons to reduce attack the surface; if someone gets into a segment, the person can move only within that segment.

-Because segmentation is handled by the fabric, the number of SSIDs can be limited.

• Best multicast:

-The solution offers the best performance of distributed replication in hardware across the network.

These switches truly deliver the best of wired and wireless together.

 

More Related

The New Catalyst 9000 Switches Simplify IoT & Cloud Requirements

Why Migrate to the Cisco Catalyst 9400 Series Switches?

http://www.router-switch.com/Price-cisco-wireless-ap-cisco-wlan-controller_c60

Read more

FAQ for the Cisco 860 and 880 Migration

June 23 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Routers, #Networking, #IT, #Cisco & Cisco Network

When you choose to migrate to the new Cisco 860 and 880 Series routers, what features and performance you should know? In the following part, we summarize several questions and answers for the Cisco 860 and 880 Series Integrated Services Routers helping you migrate to new Cisco 860 and 880 Series options smoothly.

 

Q. What is the platform power consumption for the C881W, C886W, and C887W?

A. Please refer to the following Table for platform power consumptions for the C881W, C886W, and C887W.

C881W, C886W, and C887W Platform Power Consumption

Product Part Number

Power consumption without PoE

Power Consumption with PoE

C881W

12W

48W

C886W

22W

58W

C887W

22W

58W

Q. What is the performance with services for Cisco 860 and 880 Series ISRs?

A. The performance with services for Cisco 860 Series ISRs is 4 Mbps, and the performance with services for Cisco 880 Series ISRs is 8 Mbps.

Q. What are the default memory and memory upgrade options for Cisco 860VAE, C880W, and C880G Series ISRs?

A. Please refer to Table below for default memory and memory upgrade options for Cisco 860VAE, 880W, and 880G Series ISRs.

Default Memory and Memory Upgrade Options for Cisco 860VAE, 880W, and 880G

Product Part Number

Default Memory DRAM

Memory Upgrade Option

CISCO860VAE

256 MB

None

C880W

512 MB

None

C880G

512 MB

1 GB (max)

Q. What PoE daughter card does the C880 ISR use?

A. The C880 ISR uses a 30W 2-port PoE daughter card that is directly powered from the 12-VDC power supply of the host motherboard. It replaces the 4-port daughter card formerly used on Cisco 880 Series routers, which required a separate external -48-VDC power supply. No separate external -48-VDC power supply is required on C880 Series routers.

Q. How many PoE ports are supported on C880W Series ISRs?

A. C880W Series ISRs support 2 ports with PoE on Fast Ethernet 0 and Fast Ethernet 1. They are 802.3af-complaint, and they support 15.4W per port.

Q. Can I use the PoE daughter card from Cisco 880 Series ISRs on the C880W Series ISRs?

A. The PoE daughter card used on Cisco 880 Series routers cannot be used on C880W routers. Even though they have the same connector to the motherboard, they have different power specifications. The PoE daughter card used on Cisco 880 Series routers requires a separate external -48-VDC power supply, whereas the PoE daughter card on the C880W takes power directly from the motherboard, and no separate external power supply is required.

Q. Do the Cisco 860VAE, C880W, and C880G Series ISRs support Cisco Virtual Office?

A. Cisco Virtual Office is supported on C880W and C880G Series ISRs. The license with part number CVO800-CFG is required during the ordering process. Cisco 860VAE Series routers do not support Cisco Virtual Office at this time.

Q. Do Cisco 860VAE, C880W, and C880G Series ISRs support Cisco Wide Area Application Service Express (Cisco WAAS Express)?

A. Please refer to following Table for Cisco WAAS Express support on Cisco 860VAE, C880W, and C880G Series routers.

Cisco WAAS Express Support on Cisco 860VAE, 880W, and 880G Routers

Product Part Number

Cisco WAAS Express Optimized Bandwidth

Maximum TCP Connections

Cisco WAAS Express Features

CISCO860VAE

Not supported

-

-

C880W

1.5 Mbps

30

Lite feature (No DRE, CIFS, SSL, or HTTPS)

C880G

1.5 Mbps

75

Full featured

Q. Do Cisco 860VAE, C880W, and C880G Series ISRs support Cisco ScanSafe?

A. Cisco 860VAE, C880W, and C880G Series ISRs support the Cisco ScanSafe connector in any universal Cisco IOS Software images with security feature set (SEC) licenses. The connector securely redirects HTTP and Secure HTTP (HTTPS) traffic. There is no need for client or agent software to be installed on each laptop or desktop, so any routers anywhere in your network can act as a secure managed cloud security gateway. Cisco ScanSafe allows easy deployment with no additional hardware and can integrate into any proxy server configuration.

Q. What are the maximum-transmission-unit (MTU) sizes for different DSL interfaces on Cisco 860 and 880 Series ISRs?

A. Please refer to Table below for MTU sizes for different DSL interfaces on Cisco 860VAE and 880 Series ISRs.

MTU Sizes for Different DSL Interfaces on Cisco 860VAE and 880 Series Routers

Product Part Number

MTU for ATM Mode (bytes)

MTU for PTM Mode (bytes)

MTU for ATM or EFM Mode (bytes)

CISCO860VAE

2038

2038

-

CISCO887VA/CISCO886VA

C887VA/C886VA

1530

1600

-

C888EA

-

-

1940

Q. What are the MTU sizes for different Ethernet interfaces on Cisco 880 Series ISRs?

A. Please refer to the following Table for MTU sizes for different Ethernet interfaces on Cisco 860VAE and 880 Series ISRs.

MTU Sizes for Different Ethernet Interfaces on Cisco 860VAE and 880 Series Routers

Product Part Number

MTU for Fast Ethernet Layer 2 Ports (bytes)

MTU for Gigabit Ethernet Layer 2 Ports (bytes)

MTU for Fast Ethernet or Gigabit Ethernet Layer 3 Ports (bytes)

CISCO860VAE

1518

1518

4075

CISCO880 series/C880 series

1600

-

9216

Q. What new 3G plus DSL models are available in C880 Series ISRs?

A. Four new 3G plus DSL models are available: C886VAG, C887VAG, C887VAMG, and C888EG. Please refer to the data sheet “Cisco 880G Series Integrated Services Router with Embedded 3.7G” for more details.

Q. What cellular modems are integrated in the C880G Series ISRs?

A. There are two different types of carriers. One type supports third-generation Partner Project (3GPP) HSPA+, HSPA, Universal Mobile Telecommunications Service (UMTS), Enhanced Data rates for Global Evolution (EDGE), and General Packet Radio Service (GPRS), and the other supports 3GPP2 EVDO RevA/Rev0 and 1xRTT. Two cellular modems support 3GPP2: MC8705 and MC8795V, and one cellular modem supports 3GPP2: MC5728V.

Q. What is the cellular modem form factor in C880G Series ISRs?

A. The external 3G ExpressCard socket on Cisco 880G Series routers has been replaced by an internal PCIe mini-card slot on C880G Series routers. The external ExpressCard modems, therefore, have been replaced by the internal PCIe mini-card cellular modems.

Q. What is the function of the mini-USB port in C880G Series ISRs?

A. C880G Series routers have a mini-USB type B port that enables the modem to be connected to a PC and run PC-based modem provisioning and the carrier customization tool.

Q. Do the C880G Series ISRs support the Diagnostic Monitoring (DM) port?

A. C880G Series routers have removed the Diagnostic Monitoring port from the chassis front faceplate. The remote Diagnostic Monitoring function is required to collect the modem Diagnostic Monitoring log.

Q. Do the C880G Series ISRs support the National Marine Electronics Association (NMEA)?

A. C880G Series routers support NMEA. A virtual serial port is implemented to export NMEA format GPS data to external NEMA 2.0-compliant user applications.

Q. How do I configure NMEA on C880G Series ISRs?

A. To enable NMEA GPS data streaming, C880G Series routers have introduced two new command-line interfaces (CLIs): cdma|gsm gps modem standalone and cdma|gsm gps nmea. A virtual serial port has been implemented in the Cisco IOS Software to export NMEA-formatted GPS data. If end users connect the router to a Microsoft Windows-based PC through an Ethernet connection COM port emulation software is required on the PC side to emulate the COM port over the Ethernet link.

Q. What NMEA sentences do the C880G Series ISRs support?

A. C880G cellular modems support the following NMEA sentences: GGA, GSA, GSV, RMC, and VTG.

Q. How many SIM card slots do the C880G Series ISRs support?

A. C880G Series routers support two SIM card slots, which allow cellular modem failover to the secondary SIM card to continue service when the modem loses services to the primary SIM card.

Please refer to the Cisco 819 Integrated Service Router Q&A and “ Configuring Cisco EHWIC and 880G for 3.7G (HSPA+)/3.5G (HSPA)” for more information about how to use and configure dual-SIM.

Q. Is dual-SIM supported on CDMA 3GPP2 based C880G Series ISRs?

A. C880G CDMA 3GPP2 Series routers do not support the SIM card; therefore, the dual-SIM feature is not supported on these routers.

Q. How do I send, display, delete, and archive SMS on C880G Series ISRs?

A. C880G Series routers have an SMS function that enables the routers to send and receive SMS messages. This feature also enables the routers to save and store the SMS messages in an FTP server. SMS is enabled by default. You can send, display, delete, and archive SMS through the router CLI.

Q. Is encapsulation ppp supported by C880G Plus 7 Series ISRs?

A. No. C880G Plus 7 Series routers support encapsulation slip by default.

Q. What is Direct IP on C880G Plus 7 Series ISRs?

A. C880G Series routers are integrated with a Sierra Wireless MC8705 cellular modem that is running under Direct IP mode to maintain HSPA+ data throughput. Direct IP is a Sierra Wireless proprietary framing protocol used to transfer data between the host platform and the modem. Direct IP framed data have a dedicated USB connection, meaning the host can still send AT commands after the direct IP data session is established. Cisco IOS Software sets encapsulation to SLIP based on the data link protocol between the host and the modem.

Q. What WLAN antenna options are available for C880W Series ISRs?

A. All C880W Series routers embed three dual-band 2.4- or 5-GHz Planar inverted-F antenna (PIFA)-type omnidirectional antennae. External swivel-mount dipole antennae are no longer used. Antennae are attached to the cover of the chassis and covered by the front bezel, and U.FL-type RF connectors attach to the radio.

Q. Do the Cisco 880 WLAN Series routers have removable WLAN antennae?

A. Only Cisco 881 WLAN Series routers have removable swivel-mount dipole antennae. Other products in these routers have captive default dipole antennae. Removal of them and support for other types of external WLAN antenna is not supported by Cisco.

More info from http://www.cisco.com/c/en/us/products/collateral/routers/800-series-routers/qa_c67_458826.html

More Related

Cisco 860 and 880 Migration Options

Cisco 800 Series Router Migration Option

Upgrade Your Cisco Routers

The New Cisco RV Series VPN Routers-RV340, RV345

Cisco 809 Industrial ISR vs. 829 Industrial ISR

The “Always On” ISR 4000 Will Replace the Popular Cisco 1900/2900/3900 Series

Cisco’s IoT Part-The IR809, Cisco’s Smallest Multimode 3G and 4G LTE Wireless Router

Cisco’s IoT Part-The Cisco 829 Industrial Integrated Services Routers

Read more

Cisco ASA FirePOWER Management Options

May 26 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #IT, #Technology, #Data Center, #Cisco & Cisco Network, #Cisco Switches - Cisco Firewall

In the book Cisco Next-Generation Security Solutions: All-in-one Cisco ASA Firepower Services, NGIPS, and AMP (it was written by Omar Santos), the author shared more contents about the Design of Cisco ASA with FirePOWER Services.

Now in the following part we selected some chapters that were shared with you: Cisco ASA FirePOWER Management Options

There are several options available for network security administrators to manage the Cisco ASA FirePOWER module. The Cisco ASA FirePOWER module provides a basic command-line interface (CLI) for initial configuration and troubleshooting only. Network security administrators can configure security policies on the Cisco ASA FirePOWER module using either of these methods:

  • Administrators can configure the Cisco Firepower Management Center hosted on a separate appliance or deployed as a virtual machine (VM).
  • Administrators can configure the Cisco ASA FirePOWER module deployed on Cisco ASA 5506-X, 5508-X, and 5516-X using Cisco’s Adaptive Security Device Manager (ASDM).

Figure 1 shows a Cisco ASA with FirePOWER Services being managed by a Cisco Firepower Management Center (FMC) in a VM.

Cisco ASA with FirePOWER Services Managed by a Cisco Firepower Management Center

 

In Figure 1 the Cisco Firepower Management Center manages the Cisco ASA FirePOWER module via its management interface. The following section provides important information about configuring and accessing the Cisco ASA FirePOWER module management interface.

Accessing the Cisco ASA FirePOWER Module Management Interface in Cisco ASA 5585-X Appliances

In the Cisco ASA 5585-X, the Cisco ASA FirePOWER module includes a separate management interface. All management traffic to and from the Cisco ASA FirePOWER module must enter and exit this management interface, and the management interface cannot be used as a data interface.

The Cisco ASA FirePOWER module needs Internet access to perform several operations, such as automated system software updates and threat intelligence updates. If the module is managed by the Firepower Management Center, the FMC is the one that needs to have Internet access to perform those tasks.

Figure 2 shows an example of how you can physically connect the Cisco ASA FirePOWER module management interface to be able to reach the Internet via the Cisco ASA interface.

Cisco ASA 5585-X FirePOWER Module Management Interface

 

In Figure 2, the Cisco ASA 5585-X has two modules:

  • A module running Cisco ASA software
  • A module running FirePOWER Services

The Cisco ASA is managed via the interface named management 0/0 in this example. This interface is configured with the IP address 192.168.1.1. The Cisco ASA FirePOWER module is managed via the interface named management 1/0, configured with the IP address 192.168.1.2. The Cisco ASA FirePOWER module is being managed by a virtual Cisco Firepower Management Center. Both interfaces are connected to a Layer 2 switch in this example.

NOTE: You can use other cabling options with the Cisco ASA FirePOWER module management interface to be able to reach the Internet, depending on how you want to connect your network. However, the example illustrated in Figure 4 is one of the most common scenarios.

In order for the Cisco ASA FirePOWER module management interface to have an Internet connection, the default gateway of the Cisco ASA FirePOWER module is set to the Cisco ASA management interface IP address (192.168.1.1 in this example). Figure 3 illustrates the logical connection between the Cisco ASA FirePOWER module management interface and the Cisco ASA management interface.

Cisco ASA FirePOWER Module Management Interface

 

Accessing the Cisco ASA FirePOWER Module Management Interface in Cisco ASA 5500-X Appliances

In the rest of the Cisco 5500-X appliances, the management interface is shared by the Cisco ASA FirePOWER module and the classic Cisco ASA software. These appliances include the Cisco ASA 5506-X, 5506W-X, 5506H-X, 5508-X, 5512-X, 5515-X, 5516-X, 5525-X, 5545-X, and 5555-X appliances.

Figure 4 shows a Cisco ASA 5516-X running Cisco ASA FirePOWER Services.

Cisco ASA 5500-X FirePOWER Module Management Interface

 

In Figure 4, the management interface is used by the Cisco ASA FirePOWER module. The management interface is configured with the IP address 10.1.2.2. You cannot configure an IP address for this interface in the Cisco ASA configuration. For the ASA 5506-X, 5508-X, and 5516-X, the default configuration enables the preceding network deployment; the only change you need to make is to set the module IP address to be on the same network as the ASA inside interface and to configure the module gateway IP address. For other models, you must remove the ASA-configured name and IP address for management 0/0 or 1/1 and then configure the other interfaces as shown in Figure 5.

NOTE: The management interface is considered completely separate from the Cisco ASA, and routing must be configured accordingly.

The Cisco ASA FirePOWER module default gateway is configured to be the inside interface of the Cisco ASA (10.1.2.1), as illustrated in Figure 5.

Cisco ASA 5500-X FirePOWER Module Default Gateway

 

If you must configure the management interface separately from the inside interface, you can deploy a router or a Layer 3 switch between both interfaces, as shown in Figure 8. This option is less common, as you still need to manage the ASA via the inside interface.

Cisco ASA 5500-X FirePOWER Module Management Interface Connected to a Router

 

In Figure 6, the Cisco ASA FirePOWER module default gateway is the router labeled R1, with the IP address 10.1.2.1. The Cisco ASA’s inside interface is configured with the IP address 10.1.1.1. The Cisco ASA FirePOWER module must have a way to reach the inside interface of the ASA to allow for on-box ASDM management. On the other hand, if you are using FMC, the Cisco ASA FirePOWER module needs to have a way to reach the FMC.

Reference from http://www.ciscopress.com/articles/article.asp?p=2730336&seqNum=3

More Related

How to Deploy the Cisco ASA FirePOWER Services in the Internet Edge, VPN Scenarios and Data Center?

The Most Common NGFW Deployment Scenarios

Cisco ASA with FirePOWER Services

How to Start a Cisco ASA 5585-X Series?

Read more

Choose the Right Enterprise Campus and Branch Switch

January 23 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Switches - Cisco Firewall, #Cisco & Cisco Network

Do you need to...

Manage switches in the cloud?

Simplify and scale virtual networking?

Use your network to strengthen security?

Gain pervasive visibility into your infrastructure?

Digitize your Audio Video network?

Get a platform for extreme industrial environments?

Build carrier-class cloud services?

Check the Cisco Switch Family to find the right one for your needs.

Lead SwitchIt is the best-in-class switch that has high-end differentiated set of features in a given category. This switch has the most differentiation compared to competitors in that category.

Base SwitchIt is the entry level switch in the given category. Also called the foundation switch, it has a lower price and limited feature set, but still better than competitors.

Cisco Catalyst Switch Portfolio

Functionality Based: Campus Access Switches

Functionality

Switch

Wired & Wireless (Modular)

Lead: Catalyst 4500E with Supervisor Engine 8-E

Wired & Wireless (Stackable)

Lead: Catalyst 3850 (Up to 50 APs, 2000 Clients)

Base: Catalyst 3650 (Up to 25 APs, 1000 Clients)

Gigabit Ethernet (Modular)

Lead: Catalyst 4500E with Supervisor Engine 8-E

Base: Catalyst 4500E with Supervisor Engine 7L-E

Gigabit Ethernet (Stackable)

Lead: Catalyst 3850

Base: Catalyst 3650, Catalyst 2960-X/XR

Gigabit Ethernet (Instant Access)

Lead: Catalyst 6800ia

Gigabit Ethernet (Cloud Managed)

Lead: Meraki MS Series

Fast Ethernet (Stackable)

Lead: Catalyst 2960-SF

Fast Ethernet (Standalone)

Lead: Catalyst 2960-SF

Base: Catalyst 2960-Plus

8/12 port Gigabit Ethernet (Standalone)

Lead: Catalyst 3560-C

8/12 port Fast Ethernet (Standalone)

Lead: Catalyst 2960-C

 

Functionality Based: Branch Access Switches

Functionality

Positioning

Wired & Wireless (Modular)

Lead: Catalyst 4500E with Supervisor Engine 8-E

Wired & Wireless (Stackable) (Converged Access is the Recommended Deployment Mode)

Lead: Catalyst 3850 (Up to 50 APs, 2000 Clients) Base: Catalyst 3650 (Up to 25 APs, 1000 Clients)

Gigabit Ethernet (Modular)

Lead: Catalyst 4500E with Supervisor Engine 8-E Base: Catalyst 4500E with Supervisor Engine 7L-E

Gigabit Ethernet (Stackable)

Lead: Catalyst 3850

Base: Catalyst 3650, Catalyst 2960-X/XR

Gigabit Ethernet (Cloud Managed)

Lead: Meraki MS Series

Fast Ethernet (Stackable)

Lead: Catalyst 2960-SF

Fast Ethernet (Standalone)

Lead: Catalyst 2960-SF

Base: Catalyst 2960-Plus

8 port Gigabit Ethernet (Standalone)

Lead: Catalyst 3560-C

8/12 port Fast Ethernet (Standalone)

Lead: Catalyst 2960-C

 

Functionality Based: Campus Backbone Switches

Functionality

Positioning

1/10/40/100 Gigabit Ethernet (Modular)

Lead: Catalyst 6807-XL

Base: Catalyst 6500-E with Supervisor Engine 2T

1/10/40 Gigabit Ethernet (Standalone)

Lead: Catalyst 6880-X (semi-modular) Base: Catalyst 4500-X

1/10 Gigabit Ethernet (Modular)

Lead: Catalyst 6500-E with Supervisor Engine 2T

Base: Catalyst 4500E with Supervisor Engine 8-E

1 Gigabit Ethernet (Standalone)

Lead: Catalyst 4500-X

Base: Catalyst 3850 Fiber

 

Campus Access Switches Upgrade Path

From Existing Switch

To New Switch

Catalyst 2900XL, 2948-G, Any 2950, 2970, Any non-X 2960

Lead: Catalyst 3650

Base: Catalyst 2960-X/XR

Catalyst 3500XL, Any 3550, Any 3560, Any 3750

Lead: Catalyst 3850

Base: Catalyst 3650

Catalyst 4500 non-E Any Catalyst 4500 without Supervisor Engine 8-E or 7L-E

Lead: Catalyst 4500E with Supervisor Engine 8-E Base: Catalyst 4500E with Supervisor Engine 7L-E

Any Catalyst 6500 non-E or E in Access

Lead: Catalyst 4500E with Supervisor Engine 8-E Base: Catalyst 4500E with Supervisor Engine 7L-E, Catalyst Instant Access

 

Campus Backbone Switches Upgrade Path

 

THE COMPLETE FAMILY

Campus and Branch Access Switches

Enterprise Campus Switch Family

Positioning

Catalyst 2960-CX & 3560-CX

Lead: Gigabit Ethernet (GbE) and Multigigabit Ethernet (mGig) managed switches are ideal for high-speed data connectivity, Wi-Fi backhaul, and Power over Ethernet (PoE+) connectivity in places where space is at a premium.

Catalyst 2960-Plus

Base: standalone access switch for Fast Ethernet

Catalyst 2960-SF

Lead: standalone/stackable access switch for Fast Ethernet with PoE+ (Compared to 2960-Plus, Offers Stacking, PoE+)

Meraki MS Series

Cloud managed virtually stackable access switch for Gigabit Ethernet with PoE+

Catalyst 2960-X/XR

Base: stackable access switch for Gigabit Ethernet with PoE+

Catalyst 3650

Base: stackable access switch for wired-wireless convergence and Fast / Gigabit Ethernet with PoE+

Catalyst 3850

Lead: stackable access switch for wired-wireless convergence with UPOE/PoE+ (Compared to 3650, Offers 3x stacking bandwidth - 480G and 2x AP’s - 50, Modular uplinks and StackPower)

Lead: stackable access switch for Gigabit Ethernet with PoE+ (Compared to 2960-X, Offers Medianet, Enhanced Security, Application Visibility & Control, Resiliency, 6x stacking bandwidth (480G)0

Catalyst 4500E with Supervisor Engine 7L-E

Base: modular access switch for Fast/Gigabit Ethernet with UPOE/PoE+

Catalyst 4500E with Supervisor Engine 8E

Lead: modular access switch for wired-wireless convergence and Fast/Gigabit Ethernet with UPOE/PoE+ (Compared to Sup 7L-E, Offers Built-in wireless controller, 1.7x switching capacity (928G), 2x uplinks (8x10G))

Base: modular backbone switch for 1/10G

 

Campus Backbone Switches

Enterprise Campus Switch Family

Positioning

Catalyst 6800ia

Lead: stackable access switch for Catalyst 6800/6500 with Catalyst Instant Access (Simplification of access with centralized configuration, management and operations using Catalyst 6K backbone switch)

Catalyst 3750-X Fiber

Base: stackable backbone switch for 1G

Catalyst 4500-X

Lead: standalone backbone switch for 1G (Compared to 3750-X Fiber, Offers VSS, 2x ports (40x1G), 2x uplinks (8))

Base: standalone backbone switch for 1/10/40G (up to 40x10G ports)

Catalyst 6500-E with Supervisor Engine 2T

Lead: modular backbone switch for 1/10G (MPLS, EVN, Service Modules)

Base: modular backbone switch for 1/10/40/100G

Catalyst 6807-XL

Lead: modular backbone switch for 1/10/40/100G (up to 880G/slot, 11.4 Tbps switching, All 6500 features, service modules)

Catalyst 6880-X

Lead: standalone backbone switch for 1/10/40G (with up to 80x10G or 20x40G ports)

Reference from http://www.cisco.com/c/dam/global/es_mx/partners/sell/switchit/pdfs/47492_switching_poster_april_3.pdf

More Related…

How to Choose a Fibre Switch?

How Much You Know about the Cisco Catalyst Switches?

Cisco Switches, Stack Please!

Read more

When is the Best Time to Choose Buy Cisco IP Phone 7800 Series?

January 16 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco IP Phones, #Networking, #Cisco & Cisco Network

When is the Best Time to Choose Buy Cisco IP Phone 7800 Series? If your business is considering migration to the cloud, you’ll enjoy the investment protection and flexible deployment options available with the 7800 Series.

All models support deployment options including on-premises, Cisco Spark for cloud delivery, and hybrid configurations, and are planned for testing on select hosted third-party call control platforms.

The Cisco IP Phone 7800 Series phones are not only budget-friendly endpoints, but they can also help you save on operating costs.

They are Power over Ethernet (PoE) Class 1 rated, helping you optimize port availability in your wiring closets when deployed. In addition, the Cisco EnergyWise Power Save Plus option on the 7821, 7841, and 7861 models reduces power consumption by up to 60 percent in off-work hours.

Cisco IP Phone 7800 Series Overview

The Cisco IP Phone 7800 Series includes the following four models: Cisco IP Phone 7811, 7821, 7841, and 7861.

• Cisco IP Phone 7811: A single-line endpoint designed for common areas and knowledge workers with occasional to light voice communications needs. It comes with a 3.28-inch (83-mm), high-resolution monochrome display and a speakerphone. It also has an IEEE 10/100 integrated switch to support a local PC. Wideband audio is available via purchase of an optional wideband handset. Cisco IP Phone 7811 supporting one line (available in charcoal only)

• Cisco IP Phone 7821: Building on the 7811, the 7821 is a two-line endpoint for knowledge workers and managers, on-premises or remote, who have light to moderate voice communications needs. Contact center agents that support small call-queue environments could also have interest. It comes with two dedicated programmable line and feature keys, a 3.5-inch (89-mm) backlit display, and support for third-party headsets. Wideband audio comes standard on the handset, headset, and speakerphone. Cisco IP Phone 7821 supporting two lines (available in charcoal and white)

• Cisco IP Phone 7841: Adding to the features of the 7821, the 7841 is a four-line endpoint for knowledge workers, administrative staff and managers, and contact center agents and supervisors, whether onpremises or remote, with moderate to active voice communications needs. It comes with four dedicated programmable line and feature keys. The 7841 includes an IEEE 10/100/1000 integrated switch to support a co-located PC. Cisco IP Phone 7841 supporting four lines (available in charcoal and white)

• Cisco IP Phone 7861: A 16-line endpoint with programmable line and feature keys for administrative staff, managers, contact center agents and supervisors who require active voice communications support. It comes with a paper label insert that you can locally print to customize its line and feature key labels. The 7861 includes an IEEE 10/100 integrated switch. Cisco IP Phone 7861 supporting sixteen lines (available in charcoal and white)

1 Vendor platforms targeted for testing include Asterisk, Broadsoft, Gamma, Metaswitch, Ring Central, and 8x8. Additional platforms may be supported based on RFC compliance. Traditional telephony platforms from Avaya/Nortel, Siemens/Unify, NEC, Mitel, and ShoreTel are not planned for support. For further details on platform availability and timing, contact your Cisco or authorized partner representative.

More Features and Benefits of the Cisco IP Phone 7800 Series

Graphical display:

  • White backlit, greyscale, 3.5” 396×162 pixel-based display on the IP Phone 7821, 7841 and 7861.
  • Non-backlit, greyscale, 3.28” 384×106 pixel-based display on the IP Phone 7811.
  • Provide scrollable access to calling features and text-based XML applications.

Handset:

  1. The handset is a standard wideband-capable audio handset (connects through an RJ-9 port) for the IP Phone 7821, 7841 and 7861.
  2. The default handset is a standard narrowband-capable audio handset (connects through an RJ-9 port) for the IP Phone 7811, and wideband on handset is available with purchase of additional wideband handset.
  3. The handset is hearing aid-compatible (HAC) and meets Federal Communications Commission (FCC) loudness requirements for the Americans with Disabilities Act (ADA). You can achieve Section 508 loudness requirements by using industry-standard inline handset amplifiers such as Walker Equipment W-10 or CE-100 amplifiers. The dial pad is also ADA-compliant.
  4. The narrowband handset (for the IP Phone 7811) produces a magnetic field that attracts small metallic objects such as pins and staples. To avoid possible injuries do not keep small metallic objects close to the handset.

Headset: The analog headset jack is a standard wideband-capable RJ-9 audio port for the IP Phone 7821, 7841, and 7861.

Backlit Indicator:

  • The phone supports backlit indicators for the audio path keys (handset, headset and speakerphone), select key, line keys, and message waiting.
  • Headset key is not available on the IP Phone 7811.

Volume control

● A volume-control toggle provides easy decibel-level adjustments of the handset, monitor speaker, and ringer.

Full duplex speakerphone

● Full-duplex speakerphone allows gives you flexibility in placing and receiving calls. For added security, the audible dual tone multifrequency (DTMF) tones are masked when the speakerphone mode is used.

Bezel:

  1. The IP Phone 7821, 7841 and 7861 include a default black bezel (replaceable), and an optional silver bezel is also available separately.
  2. The IP Phone 7811 is available with a black bezel.

Dual-position foot stand

  1. The display is easy to view and the buttons and keys are easy to use. The two-position foot stand supports viewing angles of 30 degrees and 45 degrees; you can remove the foot stand for wall mounting, with mounting holes located on the base of the phone. (IP Phone 7821, 7841 and 7861)
  2. Only 1 foot-stand position (45 degrees) is supported on the IP Phone 7811.

Wall-mountable

● The phone can be installed on a wall using optional wall-mount kit (available separately).

Electronic hook switch

● The hookswitch can be controlled electronically with a third party headset connected to the auxiliary port for the IP Phone 7821, 7841, and 7861.

 

Power Features

IEEE PoE class 1

● The phone supports IEEE 802.3af PoE (Class 1); power consumption does not exceed 3.84 watts.

Cisco power cube 3

● This power cube is used as a standard Cisco IP Phone Power Supply for non-PoE deployments.

Cisco power injector

● The IP Phone 7811, 7821 and 7861 are compatible with Cisco Unified IP Phone Power Injector (CP-PWR-INJ), and 7841 is compatible with Cisco Aironet Power Injector (AIR-PWRINJ5=).

Call-Control Support

Cisco Unified Communications Manager

● 8.5.1

● 8.6.2

● 9.1.2

● 10.x and later

Cisco Business Edition 6000

● 8.6.2

● 9.1.2

● 10.x and later

Cisco Hosted Collaboration Solution

● 8.6.2 and later (using supported UCM versions above)

Cisco Unified Survivable Remote Site Telephony

● 8.x and later

Licensing: The Cisco IP Phone 7811 and 7821 require a Basic User Connect License (UCL) in order to connect to Cisco Unified Communications Manager. The Cisco IP Phone 7841 and 7861 require an Enhanced User Connect License (UCL) in order to connect to Cisco Unified Communications Manager.

The Main IP Phone 7800 Series Models

More ordering info you can check here: http://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7800-series/data-sheet-c78-729488.html

More Related…

New: Quick Start Guide-Cisco IP Phone 7800 Series for Third-Party Call Control

How to Save Power on Cisco IP Phones?

Cisco IP Phone 7861 vs. Cisco IP Phone 7841 vs. Cisco IP Phone 7821

What’s New on Cisco IP Phone 8800 Series

New: Cisco Wireless IP Phone 8821

Cisco Unified IP Phones 9900, Transform How You Collaborate

How to Use a Cisco Unified IP Phone 8831?

Read more

Deploying Cisco ASA FirePOWER Services in the Data Center

January 3 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Networking, #Cisco & Cisco Network, #Cisco Technology - IT News

The Data Center is a one of popular words in network communication. And it can be definited as a very complex world.

The Data Center not only provides a rich set of services and architectures but also hosts the crown jewels of an organization. It is extremely important to maintain visibility of everything that is happening in the data center.

The concept of “north-to-south” and “east-to-west” is often used in describing the types of communication (or flow) within and to the outside of the data center:

  • North-to-south describes communication between end users and external entities.
  • East-to-west describes communication between entities in the data center.

The following Figure illustrates the concepts of north-to-south and east-to-west communication.

 

The data center has many different high-throughput and low-latency requirements, in addition to increased high-availability requirements. In addition, automated provisioning and control with orchestration, monitoring, and management tools are crucial.

The data center architecture consists of three primary modular layers with hierarchical interdependencies:

  • Data center foundation: This is the primary building block of the data center, on which all other services rely. Regardless of the size of the data center, the foundation must be resilient, scalable, and flexible to support data center services that add value, performance, and reliability. The data center foundation provides the computing necessary to support the applications that process information and the seamless transport between servers, storage, and the end users who access the applications.
  • Data center services: These services include infrastructure components to enhance the security of the applications and access to critical data. They also include virtual switching services to extend the network control in a seamless manner from the foundation network into the hypervisor systems on servers to increase control and reduce operational costs (as well as other application resilience services).
  • User services: These services include email, order processing, and file sharing or any other applications in the data center that rely on the data center foundation and services, like database applications, modeling, and transaction processing.

The Figure below illustrates some of the components of the data center services architecture.

 

Examples of the data center service insertion components include the following:

  • Firewalls (In the example illustrated in the Figure above, Cisco ASAs with FirePOWER modules are deployed.)
  • Intrusion prevention systems (IPS)
  • Application delivery features
  • Server load balancing
  • Network analysis tools (such as NetFlow)
  • Virtualized services deployed in a distributed manner along with virtual machines
  • Traffic direction with vPath and Nexus 1000v
  • Application Centric Infrastructure (ACI) automated framework components for service insertion

In the case of virtualized environments, the Cisco ASAv (virtual machine) can be deployed to protect VM-to-VM communication. The Cisco ASA FirePOWER module in these environments is not supported, as the Cisco ASAv is just a virtual machine. Cisco FirePOWER virtual machines running network AMP can be deployed in those scenarios.

NOTE: The Cisco ASAv supports both traditional tiered data center deployments and the fabric-based deployments of Cisco ACI environments. The Cisco ASAv can also be deployed in cloud environments like Amazon Web Services (AWS).

The Cisco ASA with FirePOWER modules can be deployed in geographically dispersed cluster environments.

The following Figure shows an example in which four Cisco ASAs with FirePOWER modules are deployed in two separate sites (site A and site B).

 

In the example illustrated in the Figure above, the cluster of four Cisco ASAs is fully extended between the two data centers, using the cluster control links (CCL) operating at Layer 2 with a latency of less than 10 milliseconds. A single spanned EtherChannel for transient data is used on the cluster side. The local data links are also configured with EtherChannels at the switch pairs on each site.

TIP: The data VLANs between the switches are not extended to prevent network loops.

The Article from http://www.ciscopress.com/articles/article.asp?p=2730336&seqNum=12

More Related…

NGFW-Cisco ASA with FirePOWER Services

ASA 5506-X/SecurityPlus, 5506W-X & 5506H-X, Cisco ASA with FirePOWER Services, What’s New Here?

How to Start Cisco Firepower 9300 ASA Security Module?

Find Your Cisco’s Next-Generation Firewalls

Read more

What do the Small Office Routers-Cisco 800 Series Deliver for You

December 21 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Routers, #Cisco & Cisco Network

Updates: Cisco 800 Series Routers Overview

Looking for best-in-class routing, built-in voice, application visibility, and more? Need a router you can deploy at remote branch locations or at your home office? Need a machine-to-machine deployment for the Internet of Things (IoT)?

You can get the Cisco 800 Series Routers. The 800 Series Routers have all in one box. It is ideal for offices with 10 to 50 users. Yes, you can say: “Small office routers deliver big performance.”

Cisco 800 Series models include the 860 Series, 880 Series (the most popular one), 810 Series, 800M Series, 890 Series (the higher performance series).

 

What Benefits You can get from Setting Up Network with Cisco 800 Series?

  1. Diverse WAN connectivity: Enable a variety of WAN technologies, including xDSL, Ethernet, 3G and 4G, and fiber. The series offers a range of performance levels to meet your needs.
  2. Voice, video, wireless, and data in one box: Get voice connectivity and video traffic, and provide Wi-Fi. It's all in a single box, so you can cut capital expenditures.
  3. Enterprise-grade security: 800 Series routers provide encryption, VPN, firewall, and URL filtering (cloud web security). That helps you safeguard your customers and data.
  4. Compact and quiet: These routers come in a small form factor for easy placement. They have a fanless design for quieter operation.

Compare the Hot Cisco 800 Models: Cisco 812 vs. 819 vs. 860VAE vs. 881 vs. 880VA vs. 888 vs. 880G

Cisco 800 Series Routers

812

819

860VAE

881

880VA

888

880G

Use Case

Typical deployment

Integrated wireless solutions (cellular plus Wi-Fi) for service providers and enterprises

Machine to machine and ruggedized small form-factor cellular deployments

Enterprise teleworker or service provider managed CPE

Small branch, retail, or managed CPE

Small branch, retail, or managed CPE

Small branch, retail, or managed CPE

Small remote office or ATM with cellular backup WAN

 

Typical number of users

1 executive up to 20 employees

1-20 remote teleworkers

1-10 enterprise teleworkers

1 executive up to 20 employees

1 executive up to 20 employees

1 executive up to 20 employees

1 executive up to 20 employees

 

Performance positioning

Up to 15 Mbps

Up to 15 Mbps

Up to 10 Mbps

Up to 15 Mbps

Up to 15 Mbps

Up to 15 Mbps

Up to 15 Mbps

 

WAN

Ethernet

Gigabit Ethernet 10/100/1000

Gigabit Ethernet 10/100/1000

Gigabit Ethernet 10/100/1000

Fast Ethernet 10/100

-

-

Fast Ethernet 10/100

 

VDSL2/ADSL2+

-

-

Multimode VDSL2, ADSL2+, ADSL2 & ADSL1

-

Multimode VDSL2, ADSL2+, ADSL2 & ADSL1

-

Multimode VDSL2, ADSL2+, ADSL2 & ADSL1

 

SHDSL

-

-

-

-

-

Multimode EFM/ATM SHDSL

Multimode EFM/ATM SHDSL

 

Fiber

-

-

-

-

-

-

-

 

3G/4G LTE

3.7G HSPA+ or 3G EVDO

3.5G/3.7G HSPA+ or 3G EVDO or LTE

-

3.5G/3.7G HSPA+ or 3G EVDO

3.7G HSPA + or 3G EVDO

3.7 HSPA+

3.5G/3.7G HSPA+ or 3G EVDO

 

Serial

-

Cisco 12:1 Smart serial

-

-

-

-

-

 

LAN

Ports

-

4

5

4

4

4

4

 

802.11 wireless

Dual-band concurrent 2.4/5.0 GHz 802.11n Wi-Fi with DFS/CleanAir (Q4CY2012)

Dual-band concurrent 2.4/5.0 GHz 802.11n Wi-Fi with DFS/CleanAir (Q4CY2012)

Dual-band concurrent 2.4/5.0 GHz 802.11n Wi-Fi (Q1CY2013)

2.4 GHz 802.11n integrated antenna; dual-band concurrent 2.4/5.0 GHz 802.11n Wi-Fi with DFS/CleanAir (Q4CY2012)

2.4 GHz 802.11n integrated antenna; dual-band concurrent 2.4/5.0 GHz 802.11n Wi-Fi with DFS/CleanAir (Q4CY2012)

2.4 GHz 802.11n integrated antenna

Dual-band concurrent 2.4/5.0 GHz 802.11n Wi-Fi with DFS/CleanAir (Q4CY2012)

 

Voice

-

-

-

4 FXS , 1 FXO, 1 BRI

4 FXS, 2 BRI

-

-

 

PoE

-

-

-

2 port integrated PoE

2-port integrated PoE

2-port integrated PoE

2-port integrated PoE

 

Software Features

Routing protocols

RIPv1, v2, BGP, OSPF, EIGRP

RIPv1, v2, BGP, OSPF, EIGRP

RIPv1, v2, BGP

RIPv1, v2, BGP, OSPF, EIGRP

RIPv1, v2, BGP, OSPF, EIGRP

RIPv1, v2, BGP, OSPF, EIGRP

RIPv1, v2, BGP, OSPF, EIGRP

 

IPv6

Yes

Yes

Yes

Yes

Yes

Yes

Yes

 

Advanced IP services

Default

Default

No

Upgradeable

Upgradeable

Upgradeable

Default

 

Video/medianet

Ready

Ready

No

Ready

Ready

Ready

Ready

 

Security

VPN support

GETVPN, DMVPN included

GETVPN, DMVPN included

Easy VPN, IPsec VPN on highly secure router

GETVPN, DMVPN with license

GETVPN, DMVPN with license

GETVPN, DMVPN with license

GETVPN, DMVPN included

 

ScanSafe

Ready

Ready

Ready, Secure Router

Ready

Ready

Ready

Ready

 

IPsec tunnels

20

20

10

20

20

20

20

 

SSL VPN

With license

With license

No

With license

With license

With license

With license

 

Content filtering

With license

With license

No

With license

With license

With license

With license

 

Application Experience

Integrated WAN optimization - Cisco WAAS Express

1.5 Mbps optimized; 50 TCP connections, license included with all 812 models

1.5 Mbps optimized; 50 TCP connections, included with 819H or with license for 819

No

1.5 Mbps optimized; 30-75 TCP connections; with license

1.5 Mbps optimized; 30-75 TCP connections; with license

1.5 Mbps optimized; 30-75 TCP connections; with license

1.5 Mbps optimized; 30-75 TCP connections; with license

 

Application Visibility and Control (AVC)

No

No

No

No

No

No

No

 

IOS high-availability features

Yes

Yes

No

Yes

Yes

Yes

Yes

 

Physical Attributes

Maximum dimensions

2.01 x 8.95 x 9.49 in.

1.73 x 7.7 x 8.1 in.

1.75 x 9.5 x 9.0 in

1.9 x 12.8 x 10.4 in

1.9 x 12.8 x 10.4 in

1.9 x 12.8 x 10.4 in

1.9 x 12.8 x 10.4 in

 

Maximum weight

4 lb (1.8 kg)

3.2 lb (1.5 kg)

5.5 lb (2.5 kg)

5.5 lb (2.5 kg)

5.5 lb (2.5 kg)

5.5 lb (2.5 kg)

5.5 lb (2.5 kg)

 

Fanless

Yes

Yes

Yes

Yes

Yes

Yes

Yes

 

Optional hardened form factor

No

Yes

No

No

    

More Resources such as models’ data sheet, End-of-Sale notices, Q&A, Case Studies, etc. you can read here http://www.cisco.com/c/en/us/products/routers/800-series-routers/index.html

 

More Related:

Cisco 800 Series ISR Naming

 

Read more

Fat, Thin, and Fit APs in WLAN Network

December 20 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Wireless - Cisco Wireless AP, #Networking, #Cisco & Cisco Network

You should hear of the Fat, Thin, and Fit APs. What are they?

The terms thin and fat have been applied to WLAN access points (APs) in many different ways.

  • Some vendors use thin AP to refer to entry-level/residential-grade products with few advanced features, in comparison to fat APs rich with enterprise network features like VLAN tagging and SNMP-based management.
  • Some use thin AP to refer to products that can't be configured or used on their own, but instead are part of a WLAN switching system that governs both setup and operation. In this case, a fat AP is any stand-alone AP, no matter how extensive that AP's feature set.
  • Some use thin AP to refer to products that offload selected tasks to an upstream server -- for example, communicating with 802.1X Authentication Servers, generating encryption keys, acting as a VPN gateway, or re-routing traffic for cross-network mobility. In comparison, any of these tasks could be performed directly on a fat AP, without relying on an upstream server.

In the autonomous architecture, the WTPs (Wireless Termination Point) completely implement and terminate the 802.11 function so that frames on the wired LAN are 802.3 frames. Each WTP can be independently managed as a separate network entity on the network. The access point in such a network is often called a Fat AP.

FAT APs in Autonomous WLAN Network Architecture

 

During the initial stages of WLAN deployment, most APs were autonomous APs, and manageable as independent entities in the network. During the past few years, centralized architectures (discussed next) with ACs and WTPs have gained popularity. The primary advantage of the centralized architecture is that it provides network administrators with a structured and hierarchical mode of control for multiple WTPs in the enterprise.

Centralized Architecture

The centralized architecture is a hierarchical architecture that involves a WLAN controller that is responsible for configuration, control, and management of several WTPs. The WLAN controller is also known as the Access Controller (AC). The 802.11 function is split between the WTP and the AC. Because the WTPs in this model have a reduced function as compared to the autonomous architecture, they are also known as Thin APs. Some of the functions on the APs are variable, as discussed in the following section.

Thin APs in Centralized WLAN Network Architecture

 

Distributed Architecture

In the distributed architecture, the various WTPs can form distributed networks with other WTPs through wired or wireless connections. A mesh network of WTPs is one example of such an architecture. The WTPs in the mesh can be linked with 802.11 links or wired 802.3 links. This architecture is often used in municipal networks and other deployments where an outdoor component is involved. This article does not address the distributed architecture.

WTP Functions Fat, Thin, and Fit APs

To understand the autonomous and centralized architecture, it is useful to look at the functions performed by the APs. We start with the Fat APs, which form the core of the autonomous architecture, followed by the Thin APs, which were specified as part of the WLAN switch- or controller-based centralized architecture. The article will then outline the functions of a new variant called the Fit AP, an optimized version of the AP for centralized architectures.

Fat Access Points

Figure1 shows an example of an autonomous network with a fat access point. The AP is an addressable node in the network with its own IP address on its interfaces. It can forward traffic between the wired and wireless interfaces. It can also have more than one wired interface and can forward traffic between the wired interfaces similar to a Layer 2 or Layer 3 switch. Connectivity to the wired enterprise can be through a Layer 2 or Layer 3 network.

It is important to understand that there is no backhauling of traffic from the Fat AP to another device through tunnels. This aspect is important and is addressed when discussing the other AP types. In addition, Fat APs can provide router-like functions such as the Dynamic Host Configuration Protocol (DHCP) server capabilities.

Management of the AP is done through a protocol such as the Simple Network Management Protocol (SNMP) or the Hypertext Transfer Protocol (HTTP) for Web-based management and a Command-Line Interface (CLI). To manage multiple APs, the network manager has to connect to each AP through one of these management schemes. Each AP shows up on the network map as a separate node. Any aggregation of the nodes for management and control has to be done at the Network Management System (NMS) level, which involves development of an NMS application.

Fat APs also have enhanced capabilities such as Access Control Lists (ACLs), which permit filtering of traffic for specific WLAN clients. Another significant capability of these devices is configuration and enforcement of Quality of Service (QoS)-related functions. For example, traffic from specific mobile stations might need to have a higher priority than others. Or, you might need to insert and enforce IEEE 802.1p priority or Differentiated Services Code Point (DSCP) for traffic from mobile stations. In summary, these APs act like a switch or router in that they provide many of the functions of such devices.

The downside of such APs is complexity. Fat APs tend to be built on powerful hardware and require complex software. These devices are expensive to install and maintain because of the complexity. Nevertheless, the devices have uses in smaller network installations.

Some Fat AP installations still use a controller at the back end for control and management functions. These controllers lead to a slightly scaled-down version of the Fat AP, called, not surprisingly, a Fit AP, discussed later.

Thin Access Points

As their name indicates, Thin APs are intended to reduce the complexity of APs. An important motivation for this reduction is the location of APs. In several enterprises, APs are plenum-mounted (and thus in hard-to-reach areas) so that they can provide optimum radio connectivity for end stations. In environments like warehouses, this is even more evident. For such reasons, network managers prefer to install APs just once and not have to perform complex maintenance on them.

Thin APs are often known as intelligent antennas, in that their primary function is to receive and transmit wireless traffic. They backhaul the wireless frames to a controller where the frames are processed before being switched to the wired LAN (see the Figure ‘Thin APs in Centralized WLAN Network Architecture’).

The APs use a (typically secure) tunnel to backhaul the wireless traffic to the controller. In their most basic form, Thin APs do not even perform WLAN encryption such as Wired Equivalence Privacy (WEP) or WiFi Protected Access (WPA/WPA2). This encryption is done at the controller the APs just transmit or receive the encrypted wireless frames, thereby keeping the APs simple and avoiding the necessity to upgrade their hardware or software.

The introduction of WPA2 necessitated encryption on the controller. Although WPA was hardware-compatible with WEP and required only a firmware upgrade, WPA2 was not backward-compatible. Instead of replacing APs across the enterprise, network managers could just backhaul the wireless traffic to the controller where the WPA2 decryption was done, and the frames were sent on the wired LAN.

The protocol between the AP and the controller for carrying the control and data traffic was proprietary. Also, there is no capability to manage the AP as a single entity on the Layer 2/3 network it can be managed only through the controller, to which the NMS can communicate through HTTP, SNMP, or CLI/Telnet. A controller can manage and control multiple APs, implying that the controller should be based on powerful hardware and often be able to perform switching and routing functions. Another important requirement is that the connectivity and tunnel between the AP and the AC should ensure low delay for packets between those two entities.

With Thin APs, QoS enforcement and ACL-based filtering are handled at the controller not a problem because all the frames from the AP have to pass through the controller anyway. Centralized control functions for ACLs and QoS are not new they were implemented in networks with Fat APs too. Such installations have controllers that act as the gateway for managing traffic from APs to the wired network. However, the controller function takes on a new dimension with Thin APs, especially with respect to the data plane and forwarding functions. The controller function subsequently was integrated into Ethernet switches that connected the wireless and wired LANs the motivation for the family of devices known as WLAN switches.

The Wireless MAC architecture in this scenario is known as the Remote MAC architecture. The entire set of 802.11 MAC functions is offloaded to the WLAN controller, including the delay-sensitive MAC functions.

Fit Access Points

Fit APs are gaining in popularity in that they try to take advantage of the best of both worlds that is, the Fat APs and the Thin APs. A Fit AP provides the wireless encryption while using the AC for the actual key exchange. This approach is used for newer APs that use the latest wireless chipsets supporting WPA2. The management and policy functions reside on the controller that connects to multiple APs through tunnels.

Also, Fit APs provide additional functions such as DHCP relay for the station to obtain an IP address through DHCP. In addition, Fit APs can perform functions such as VLAN tagging based on the Service Set Identifier (SSID) that the client uses to associate with the AP (when the AP supports multiple SSIDs).

Two types of MAC implementations are possible with Fit APs, known as the Local MAC and the Split MAC architectures. Local MAC is where all the wireless MAC functions are performed at the AP. The complete 802.11 MAC functions, including management and control frame processing, are resident on the APs. These functions include time-sensitive functions (also known as Real Time MAC functions).

The Split MAC architecture divides the implementation of the MAC functions between the AP and the controller. The real-time MAC functions include functions such as beacon generation, probe transmission and response, control frame processing (for example Request to Send and Clear to Send RTS and CTS), retransmission, and so on. The non-real time functions include authentication and deauthentication; association and reassociation; bridging between Ethernet and Wireless LAN; fragmentation; and so on.

Vendors differ in the type of functions that are split between the AP and the controller, and in some cases, even about what constitutes real time. One common implementation of a Fit AP involves local MAC at the AP and control and management functions at the AP.

Reference from http://www.cisco.com/c/en/us/about/press/internet-protocol-journal/back-issues/table-contents-13/wireless-lan-switches.html

More Related:

Something about the Cisco Wireless APs Supporting Cisco WLC

How Much You Know about Cisco Aironet Access Point?

Cisco Aironet 3802 AP to be Crowned “Wi-Fi Certified”

Read more

Introducing Cisco Software-Defined Storage Solutions

November 23 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco & Cisco Network, #Technology, #IT, #Data Center

Today the Storage plays a more and more important role in the data center: from storing email messages and documents to saving business-critical information, intellectual property, and transaction detail. As businesses continue to become more connected, the old ways of storing and archiving data are changing to accommodate growing amounts of data and demand for anytime, anywhere access to information.

Historically, IT organizations transitioned from systems with individual disk drives to storage arrays that allowed disk drives to be grouped together to form a larger area of capacity. When fast and easy access to more capacity was needed, storage area networks (SANs) and network attached storage (NAS) emerged to deliver capacity over the network. More recently, integrated systems and hyper-converged infrastructure have been added to networks to simplify resource acquisition and deployment and facilitate easy scaling. As companies try to balance storage access, performance, and cost, software-defined storage is becoming more popular, taking this evolution a step farther.

Software-defined storage is the next phase of server virtualization technology, moving beyond virtual machines to virtual data stores. It combines industry-standard x86-architecture servers that are optimized for direct-attached storage (DAS) with a distributed software abstraction layer. This intelligent software transforms systems into a single, logical pool of cost-effective, scale-out storage resources that are easily integrated and managed within your data center.

Cisco Solutions for Software-Defined Storage

Our solutions provide the storage flexibility you need to support growing amounts of data and deliver fast access to information and innovation. You can choose from a variety of systems and expansion cards according to the capacity and performance needs of your users and applications. Our modular approach lets you:

• Reduce risk and complexity: You need confidence that your software-defined infrastructure will work right the first time. Cisco’s collaboration and validation with a large partner ecosystem of software vendors gives you a choice of proven solutions and reference architectures while helping your IT staff integrate storage innovation with your IT processes and business applications at low risk. As a result, you can easily procure the solution you need and accelerate implementation and deployment.

Cisco Solutions Deliver the Foundation for Software-Defined Storage Deployments

Target Environments

  • File, block, and object storage
  • Email servers
  • Collaboration environments
  • Video surveillance archiving
  • Content distribution networks
  • Data protection solutions
  • Private cloud storage

• Gain versatility: The Cisco Unified Computing System (Cisco UCS) portfolio offers a variety of server options for rightsizing your software-defined storage deployments. You can deploy Cisco UCS C-Series Rack Servers to support many common storage scenarios, and use Cisco UCS S-Series Storage Servers when you need highly scalable and available storage infrastructure (Figure 1).

• Scale on demand: You can scale the storage capacity, performance, and protocols used in your software-defined storage infrastructure at your pace and with a smaller increment of scale than with traditional large-scale storage solutions. With the flexibility to choose what to scale and when to scale it, you can start with a small configuration and expand to petabytes of capacity, and you can distribute I/O operations among servers to accelerate I/O operations.

• Improve the efficiency of your IT operations: Cisco UCS Manager provides the automation you need to be efficient. Role- and policybased management makes it easy to deploy terabytes to petabytes of storage capacity in minutes. Cisco UCS service profiles and storage profiles extend these capabilities, allowing you to specify the ways that servers and disk drives should be identified, configured, connected, and used. You can configure hundreds of storage servers as easily as you can configure one, in a repeatable manner.

• Reduce vendor lock-in: Whether you need to support a remote or branch office or a large enterprise data center, our broad ecosystem of partners offers what you need. We work together to test, validate, and document joint solutions so that you can get your softwaredefined storage solutions up and running quickly and with confidence.

Next Steps Call your Cisco sales representative or authorized partner to find out how Cisco UCS solutions can help you create the best software-defined storage solution for your business and applications.

From https://www.cisco.com/c/dam/en/us/solutions/collateral/data-center-virtualization/software-defined-storage-solutions/software-defined-solution.pdf

 

More Related Topics

Cisco’s New Storage Optimized UCS Server-UCS S3260

New Cisco UCS S3260 Storage Server: A Dense and Powerful Server for Scale-out Storage

Cisco UCS S3260-The New Storage Building Blocks

Cisco UCS S3260 Storage Server Big Data and Analytics

Read more
1 2 3 4 5 6 7 > >>