Posts with #cisco technology - it news tag
What the Cisco Software-Defined Access (SD-Access) Services can do for you? Accelerate your journey to the new network with SD-Access Services
By automating day-to-day tasks such as configuration, provisioning, and troubleshooting, SD-Access reduces the time it takes to adapt the network, improves issue resolution, and reduces the impact of security breaches. This results in significantly simpler operations and lower costs.
The core components that make up the SD-Access solution are:
● Cisco DNA Center
● Cisco Identity Services Engine (ISE)
● Network platforms: See the following Table
SD-Access Use Cases: Building on the foundation of industry-leading capabilities, SD-Access can now deliver key business-driven use cases that truly realize the promise of a digital enterprise while reducing total cost of ownership.
Security and segmentation
● Onboard users with 802.1X, Active Directory, and static authentication
● Group users with Cisco TrustSec (security group tags)
● Automate VRF configuration (lines of business, departments, etc.)
● Traffic analysis using AVC and NetFlow is further enhanced using Encrypted Traffic Analytics (ETA)
● Reduced time to provision network segmentation and user groups
● Foundation to enforce network security policies
● Ability to detect and intercept threats at line rate (not samples) from the center to the last mile, including all devices on the network edge
● Single point of definition for wired and wireless users ● Seamless roaming between wired and wireless
● Distributed data plane for wireless access
● Simplified guest provisioning for wired and wireless
● Management of wired and wireless networks and users from a single interface (Cisco DNA Center)
● Ability to offload wireless data path to network switches (reduce load on controller)
● Scalable fabric-enabled wireless with seamless roaming across campus
● Define specific groups for guest users
● Create policy for guest users’ resource access (such as Internet access)
● Simplified policy provisioning
● Time savings when provisioning policies
● Segment and group IoT devices
● Define policies for IoT group access and management
● Device profiling with flexible authentication options
● Simplify deployment of IoT devices
● Reduce network attack surface with device segmentation
Monitoring and troubleshooting
● Multiple data points on network behavior (syslog, stats, etc.)
● Contextual data available per user and device
● Significantly reduce troubleshooting time
● Use rich context and analytics for decision making
Cloud/data center integration
● Identity federation allows exchange of identity between campus and data center policy controllers
● Administrator can define user-to-application access policy from a single interface
● End-to-end policy management for the enterprise
● Identity-based policy enforcement for optimized ACL utilization
● Flexibility when enforcing policy at campus or data center
● Create a single fabric across multiple regional branch locations
● Use Cisco routers as fabric border nodes
● Simplified provisioning and management of branch locations
● Enterprisewide policy provisioning and enforcement
SD-Access 1.0 Hardware and Software Compatibility Matrix
Catalyst 3850 and 3650 Series Switches
Catalyst 4500E Series Switches (Sup8E, Sup9E)
IOS XE 16.6.1
IOS XE 16.6.1
IOS XE 16.6.1
IOS XE 3.10.0E
Fabric border and control plane
Catalyst 3850 Series Fiber Module
Catalyst 6807-XL Switch (Sup6T, Sup2T)
Catalyst 6500 Series Switches
Catalyst 6880-X Switch
Catalyst 6840-X Switch
Nexus 7700 Switch (Sup 2E, M3 line cards only)
4000 Series Integrated Services Routers
ASR 1000 Series Aggregation Services
Cloud Services Router (CSR) 1000V (control plane only)
IOS XE 16.6.1
IOS XE 16.6.1
IOS 15.4(1)SY2 IOS 15.4(1)SY2 IOS 15.4(1)SY2 IOS 15.4(1)SY2 NxOS 8.2(1)
IOS XE 16.6.1
IOS XE 16.6.1
IOS XE 16.6.1
Catalyst 3560-CX Series
Catalyst Digital Building Series
802.11 Wave 2 access points: Aironet 1800, 2800 and 3800 Series
802.11 Wave 1 access points: Aironet 1700, 2700 and 3700 Series
Cisco 3504, 5520 and 8540 Series Wireless Controllers
AireOS 126.96.36.199 AireOS 188.8.131.52 AireOS 184.108.40.206
● Wave 1 access points won’t support the following functions when deployed for SD-Access: IPv6, Application Visibility and Control (AVC), NetFlow.
● A device cannot act as fabric edge and fabric border at the same time.
● A device can act as fabric border and fabric control plane at the same time
More info about the Cisco Software-Defined Access you can read here:
- DNA Center is a better way to manage your network. Offers centralized, intuitive management that make it fast and easy to design, provision, and apply policy across your entire network environment.
- Software-Defined Access. The industry’s first policy-based automation from the edge to the cloud takes a logical, policy-based approach that deploys and secures services and adapts to changes faster.
- Analytics and Assurance. Abstracts network insights by collecting data from the network using the Network Data Platform and then identifies service-impacting issues before users do while enabling faster troubleshooting.
- Encrypted Traffic Analytics (ETA). Enhances the ability of the Cisco network to act as a sensor and uncovers threats hidden in encrypted traffic using network analytics (without decryption). These threats are viewed within the Stealthwatch Management Console. ETA enhances the ability of the Cisco network to act as a sensor.
- Network Data Platform collects data from the network, normalizes that data and then sends it to DNA Center to be viewed in the Assurance screen.
- Cisco Catalyst 9000 Series is the first purpose-built platform designed for Cisco DNA. An open and programmable platform with integrated support for wireless and IoT devices. It extends our existing wireless, switch and routing DNA-ready infrastructure.
Cisco DNA is a trending solution that matters for your organization. Why? With Cisco DNA, you get the benefits like this:
- Innovate faster by delivering differentiated experiences through contextual insights
- Achieve greater business agility with faster network services provisioning
- Lower costs with reduced network installation time
- Reduce risk with faster threat detection
- Protect investment with license portability and access to ongoing innovations
Cisco Digital Network Architecture (DNA) is an open, programmable architecture that turns business intent into business results.
Most Cisco routers, switches and wireless systems shipping today support Cisco DNA now or with a software update. And with Cisco ONETM Software, you can continue to protect your investments and benefit from new architecture innovations that can be activated through software.
The Main Cisco Digital Network Architecture Products and Solutions
Read more: Cisco DNA Products and Solutions
The Cisco DNA-Ready Products
The foundation for the Cisco Digital Network Architecture (Cisco DNA) is the world’s most modern network infrastructure. This infrastructure gives you innovative wired, wireless and router solutions, combined with a robust architecture, DNA.
With it, you can create and apply policies over the entire network with a few clicks and have the ability to diagnose past issues.
As data traffic is expected to grow exponentially, Cisco’s innovation with switching, wireless and routing provides a solid foundation that enables Cisco DNA.
You can roll out new services and applications more easily for the best possible experience with Cisco DNA. And policy compliance can be automated on a per-user-group basis.
The Cisco DNA-ready routing products combine two unique features that speed up the time it takes to deploy your branch office. With the Cisco Intelligent WAN (IWAN) app with the APIC-EM, IT can automate the provisioning of multiple branch offices and provide intelligent path selection and application control—with minimal programming and customization. These capabilities will simplify and streamline your network operations, reducing costs and saving time.
Cisco DNA-ready router products:
• Cisco Cloud Service Router 1000v and Cisco Integrated Services Virtual Router
• Cisco Meraki MX
The Cisco switching products offer a function called Unified Access Data Plane Application-Specific Integrated Circuit (UADP ASIC) for wired and wireless convergence. This feature enables converged wired and wireless access for operational simplicity and scale.
Cisco DNA-ready switching products:
• Cisco Catalyst 3650 and 3850 Series
• Cisco Catalyst 4500E Series + Supervisor 8E
• Cisco Catalyst 6500 Series + Supervisor 6T
• Cisco Catalyst 6800 Series
• Cisco Nexus 7700+M3 Card
• Cisco Meraki MS
An exclusive function that the Cisco Aironet Access Points offer is Flexible Radio Assignment. This feature allows the access point to automatically adjust the network when client surges occur.
Cisco DNA-ready wireless products:
• Cisco Aironet 3800 Series
• Cisco Aironet 2800 Series
• Cisco Aironet 1800 Series
• Cisco 8540 Wireless Controller
• Cisco 5520 Wireless Controller
• Cisco Meraki MR
Is Your Network Ready for the New Era? Cisco announced its new Catalyst series switches-the Catalyst 9000 Series, introducing an entirely new era of networking. The Network. Intuitive.
There are three series in the new Catalyst 9000 switch family:
1. Catalyst 9300 Series (LAN Access Switches): the top fixed-access enterprise network switch series, stacking to 480 Gbps.
2. Catalyst 9400 Series (LAN Access Switches): the leading modular-access switches for enterprise, the Catalyst 9400 Series supports up to 9 Tbps.
3. Catalyst 9500 Series (LAN Core and Distribution Switches): the industry’s first fixed-core 40-Gbps switch for the enterprise.
In this article we will talk about the new Catalyst 9300 Series, the Next Level of the Market-Leading Fixed Access Switching Platform.
Will the Catalyst 9300 replace the Catalyst 3850 Series? Definitely, it is the best replacement for the Catalyst 3850 Series. Why? Let’s check the more detailed features of the Cisco Catalyst 9300 Series.
Switch models and configurations
The Cisco Catalyst 9300 Series is made up of seven different switch models. Any of the models can be used together in a stack of up to eight units.
The Table below lists port scale and power details for the Cisco Catalyst 9300 Series models.
Cisco Catalyst 9300 Series Switch configurations
Total 10/100/1000 or Multigigabit Copper Ports
Default AC Power Supply
Available PoE Power
24 Cisco UPOE
48 Cisco UPOE
24 Multigigabit Cisco UPOE (100 Mbps or 1, 2.5, 5, or 10 Gbps)
The Cisco Catalyst 9300 Series Switches support optional network modules for uplink ports. The default switch configuration does not include the network module. When you purchase the switch, you can choose from the network modules described in the following Table.
- Uplink modules supported on all 9300 Series copper models
- Online Insertion and Removal (OIR) supported on all uplink modules
Network module numbers and descriptions
9300 Series 4x 1G Network Module
9300 Series 8x 10G Network Module
9300 Series 2x 40G Network Module
9300 Series 4x Multigigabit Network Module
Please note: Existing 3850 network modules are also supported in the Catalyst 9300 Series platforms.
The Cisco Catalyst 9300 Series Switches support dual redundant power supplies. The switches ship with one power supply by default, and the second power supply can be purchased when the switch is ordered or at a later time. If only one power supply is installed, it should always be in power supply bay #1. The switches also ship with three field-replaceable fans.
Table3 lists the different power supplies available in these switches and available PoE power.
Table3. Power supply models
Default Power Supply
Available PoE Power
24-port data switch
48-port data switch
24-port PoE+ switch
48-port PoE+ switch
24-port Cisco UPOE switch
48-port Cisco UPOE switch
24-port Multigigabit Cisco UPOE switch
490W – Support in Open IOS-XE 16.6
Power supply requirements for PoE and PoE+
24-Port PoE Switch
48-Port PoE Switch
PoE on all ports (15.4W per port)
1 PWR-C1-1100WAC or 2 PWR-C1-715WAC
PoE+ on all ports (30W per port)
1 PWR-C1-1100WAC or 2 PWR-C1-715WAC
2 PWR-C1-1100WAC or 1 PWR-C1-1100WAC and 1 PWR-C1-715WAC
Power supply requirements for Cisco UPOE
24-Port UPOE Switch
48-Port UPOE Switch
24-Port Multigigabit UPOE Switch
Cisco UPOE (60W per port) on all ports (24-port switch) or up to 30 ports (48-port switch)
1 PWR-C1-1100WAC and 1 PWR-C1-715WAC
● Perpetual PoE: With Perpetual PoE, the PoE power is maintained during a switch reload. This is important for IoT endpoints such as PoE-powered lights, so that there is no disruption during switch reboot.
● Fast PoE: When power is restored to a switch, PoE starts delivering power to endpoints without waiting for the operating system to fully load, thereby speeding up the time for the endpoint to start up.
Cisco Catalyst 9300 Series Switches run on Open IOS XE 16.5.1a release or later. This software release includes all the features listed earlier in the Platform Benefits section.
- Up to 8 Switches can be stacked together using back stacking cables
- All 9300 models are supported in the stack
- All the switches in the stack should run the same IOS and License
- Mixed stacking between 9300 and 9300 is not supported
Cisco Catalyst 9300 Series StackPower
“Zero-Footprint” RPS Deployment
• Provides RPS functionality with Zero RPS Footprint
• Pay-as-you-grow architecture–similar to the Data Stack
• 1+N Redundancy with Inline Power
• Up to 4 Switches in a StackPower Ring
• Multiple StackPower Possible within one Data Stack
• Up to 9 Switches in a star topology with XPS
Mapping Between Cisco Catalyst 3850 and 9300
Catalyst 9300 24-port data only switch
Catalyst 9300 24-port PoE+ switch
Catalyst 9300 24-port UPOE switch
Catalyst 9300 24-port mGig and UPOE switch
Catalyst 9300 48-port data only switch
Catalyst 9300 48-port PoE+ switch
Catalyst 9300 48-port UPOE switch
Learn More: Why Migrate to Cisco Catalyst 9300 Switches?
Cisco switches are constantly learning, constantly adapting, constantly protecting in your data center, core, or edge.
This is the new era in networking. The Network. Intuitive.
Now here comes the Cisco Catalyst 9000 Series.
Cisco’s new Catalyst 9000 switches, switching for a changing world, constantly adapt to help you solve new challenges.
- Their integrated security helps you address ever-changing threats.
- They simplify management of your evolving mobility, Internet-of-Things (IoT), and cloud requirements.
There are three series in Catalyst 9000 family:
Catalyst 9300 Series: The Catalyst 9300 Series is our top fixed-access enterprise network switch series, stacking to 480 Gbps.
Catalyst 9400 Series: Cisco’s leading modular-access switches for enterprise, the Catalyst 9400 Series supports up to 9 Tbps.
Catalyst 9500 Series: The Catalyst 9500 Series is the industry’s first fixed-core 40-Gbps switch for the enterprise.
More fast questions and answers help you learn more about the new Catalyst 9000 Series.
Cisco Catalyst 9000 network features and services (common to all Cisco Catalyst 9000 Switches)
Q: What feature sets do the Cisco Catalyst 9000 Switches support?
A: The Cisco Catalyst 9000 Series Switches support the packaging of features into Essentials and Advantage packages. The details of the features in each package are listed in the data sheets–link provided below in the Pricing and Ordering section.
Q: What programmability capabilities are available on the Cisco Catalyst 9000?
A: The Cisco Catalyst 9000 opens a completely new paradigm in network configuration, operation, and monitoring through network automation. The Cisco automation solution is open, standards-based, and extensible across the entire network lifecycle of a network device.
• Device provisioning: Through Plug-and-Play (PnP), Zero-Touch Provisioning (ZTP), and Preboot Execution (PXE)
• Configuration: Model-driven operation through open Application Programming Interfaces (APIs) over NETCONF, Python Scripting
• Customization and monitoring: Streaming telemetry
• Upgrade and manageability: In-Service Software Upgrade (ISSU), patchability, and config/replace
Q: What management capabilities are available for the Cisco Catalyst 9000?
A: You can manage it using the Cisco IOS Software Command-Line Interface (CLI), using Cisco Prime® Infrastructure 3.1.7 DP13, Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM), onboard Cisco IOS XE Software Web User Interface (WebUI), Simple Network Management Protocol (SNMP), or Netconf/YANG.
Q: Is there an onboard web GUI on the Cisco Catalyst 9000?
A: Yes. An onboard web GUI is available.
Q: What is the purpose of the blue beacon LED on the Cisco Catalyst 9000?
A: The blue beacon LED is common across the Cisco Catalyst 9000 Series Switches to simplify the operations. It makes chassis identification easier when several such switches are mounted on racks. A remote administrator can enable the LED to blink to help the local operator quickly locate the chassis. The local operator presses the mode button to acknowledge.
Q: What is the maximum number of VRF instances that I can configure on a Cisco Catalyst 9000?
A: The maximum number of VRFs that you can configure on a Cisco Catalyst 9000 is 256.
Q: What is Cisco’s direction for wireless?
A: Cisco believes that the best solution for a wired or wireless network is achieved when integrated into SD-Access, Cisco’s lead architecture for the next-generation enterprise network. This solution delivers consistency with wired infrastructure around policy, segmentation, orchestration and automation, and assurance. This new architecture delivers the best experience for mobility, guest, IoT, multicast services, and overall network performance with its distributed data plane and centralized control-plane architecture.
Q: What wireless support is provided with the Cisco Catalyst 9000 platforms?
A: Cisco Catalyst 9000 products are instrumental in supporting the following wireless capabilities in the SD-Access architecture:
• Connect access points and integrate them into the SD-Access fabric. The switch integrates with the fabric control plane (LISP), thereby providing reachability for the access points and clients in the fabric.
• Deliver macro (VRF) and micro (Scalable Group Tag (SGT) [SGT] group-based) segmentation to the access points to deliver end-to-end policies.
• Can terminate guest VXLAN traffic, so there is no need for a dedicated guest anchor controller.
The support for wireless capability at launch will be together with the AireOS 8.5 Controller running on an Cisco 8540 Wireless Controller, Cisco 5520 Wireless Controller, or Cisco 3504 Wireless Controller appliance with the Cisco Catalyst platforms functioning as Fabric Edge and Fabric Border nodes.
Q: What are the SD-Access wireless capabilities?
A: The new Cisco Catalyst 9000 Series switches provide a complete solution for Campus with Cisco AireOS Conrollers and Wave 2 access points.
Q: What are the advantages of integrating wireless in the SD-Access fabric architecture?
A: • Highest performance and scale: Distributed data-plane forwarding in hardware distributed in the network paired with the large control-plane scale offered by the dedicated controller appliances.
• Best guest: You don’t need a dedicated guest anchor controller in the Demilitarized Zone (DMZ): Traffic is sent directly to the fabric border to exit the fabric. Also, there is no sub-optimal traffic forwarding such as from an access point to a foreign controller and on to a guest anchor controller.
• Best mobility: IP addressing is simpler; there is one subnet for the entire wireless SSID across the network, and no hairpin of traffic when roams occur.
• Simple operation: Operation is simple because wired and wireless are treated the same and operated together; they have common policies and controller-based automation.
• Wired innovations applied to wireless: First-hop security innovations available for wired can also be applied to wireless; for example, Dynamic ARP Inspection (DAI), IP Source Guard (IPSG), and DHCP Snooping.
• Segmentation across wired and wireless:
-The virtual network now passes all the way to wired as well as wireless devices.
-This segmentation is important for separation of certain devices from others, such as IoT and building automation devices connected over wireless.
-It is also important for security reasons to reduce attack the surface; if someone gets into a segment, the person can move only within that segment.
-Because segmentation is handled by the fabric, the number of SSIDs can be limited.
• Best multicast:
-The solution offers the best performance of distributed replication in hardware across the network.
These switches truly deliver the best of wired and wireless together.
For all kinds of customers, what can they expect from Cisco in 2017? In the following article, Zeus Kerravala (the founder and principal analyst with ZK Research, and provides a mix of tactical advice to help his clients in the current business climate.) listed the main points that users and clients expect from Cisco in 2017.
- Cisco will take a chunk of the security market. The security market is easily the most fragmented of all of the IT submarkets. It’s currently a $75 billion market, with no single vendor having anywhere close to double-digit share. Cisco, in particular, has fumbled around in security for years with different initiatives and architectures that have been ineffective.
Times are different today. As I pointed out in an earlier post, Cisco has never been positioned better in the security industry, and the company is finally using its greatest asset—its dominance in the network—to create tangible differentiation. Look for 2017 to be the year it breaks away from the competition and takes a chunk of the security share.
- Cisco breaks away in collaboration. Collaboration at Cisco has had its ups and downs over the past few years, but the company now pointed in the right direction. Spark was launched as a Slack-like team collaboration tool, but in actuality, it’s much more than that. It’s a fully integrated cloud, hardware and software experience that can deliver seamless, easy-to-use experiences on a mobile phone, desktop or meeting room. Expect Cisco to continue to innovate around Spark and create its next wave of growth in collaboration.
- The data center gets a shot in the arm with an acquisition. The Unified Computing System (UCS) carried the data center business unit at Cisco for years. Recently, though, the growth of the product has slowed. In fact, this past quarter saw the data center revenue fall 3 percent.
UCS is a great product, but the compute industry is shifting to hyperconverged infrastructure (HCI). Cisco’s current offering, HyperFlex, is an OEM from SpringPath, and channel feedback has been that they would prefer Cisco to own the product rather than OEM it. The OEM allows Cisco to dip its toe in the water, and in 2017 Cisco will jump in with both feet by acquiring SpringPath, which will stimulate data center growth.
- Expect Cisco to focus on analytics. When one thinks of analytics, the name Cisco is rarely top of mind. However, analytics is becoming a core component of Cisco’s strategy. Not only is it at the core of the recently announced Tetration product, but it is also fundamental to the company’s differentiation in security, Internet of Things, network operations and collaboration. Expect to see Cisco do more analytics on more network data to differentiate its offering from the many smaller competitors that can’t match its footprint.
- Cisco will push its engineer base to learn new skills. Markets transition. That’s a fact. And when then do, the engineers who work with the technology need to change their skills. Most vendors don’t see the transition, won’t admit its happening or don’t want to upset their engineer base by forcing them to change. And that always ends up being a disaster.
Think of engineers who worked with mainframes, Token Ring, TDM voice, SNA and other trends. Most are gone, as are the vendors that sold the stuff.
One of Cisco’s competitive advantages is its huge base of engineers, many of whom are steeped in the way networking was done. Based on my discussions with Cisco executives, including Jeanne Dunn, who runs Cisco’s learning group, I believe Cisco wants to disrupt its engineer base and have them learn new skills—such as automation, data sciences, programming and business skills. Some won’t like the changes to the certification requirements, but the fact is Cisco engineers need to start developing skills for the digital era.
- Executive churn will slow down. Since Robbins took the helm, there has been a steady churn at the executive level, including Kelly Ahuja, Rob Soderberry and the famed “MPLS” group—just to name a few.
I believe Robbins’ team is set now. And while there might be the odd departure here and there, this is the team he’s going to run with.
One question I’ve been asked is if the company would replace the recently departed CTO Zorawar Biri Singh. I believe engineering is in the best hands they can be under the co-leadership of Rowan Trollope (IoT and applications) and David Goeckeler (networking and security), and the structure will stay as is. Get used to the faces at the top; they should be sticking around for a while.
One thing that will remain the same at Cisco is the company’s commitment to changing the world. Cisco’s former CEO, John Chambers, had a great desire to have Cisco make the world a better place. As I pointed out earlier this year, Robbins has picked up the Corporate Social Responsibility (CSR) ball and is running with it faster than ever.
The world is becoming increasingly digitized, and many of the digital enablers—such as IoT, cloud and mobility—are network centric. The coming year presents Cisco a great opportunity to flex its enormous networking muscles and move into the next wave of growth.
The original article from http://www.networkworld.com/article/3148784/lan-wan/what-to-expect-from-cisco-in-2017.html
More Cisco News and Reviews
Extend the role of the router to an application delivery platform with Cisco Integrated Services Router Generation 2 and Cisco ASR 1000 Series Aggregation Services Routers with Application Experience (AX).
This integrated solution includes Cisco Application Visibility and Control and Cisco Wide Area Application Services.
AX provides application services that:
- Deliver business applications faster
- Reduce bandwidth costs and latency by more than 50 percent
- Simplify IT management
In addition, Cisco AX:
- Delivers exceptional user experiences by meeting application-specific requirements
- Helps securely connect users to applications deployed anywhere at scale
- Provides application-level visibility and control of all passing traffic without probes
- Validates application response time and network readiness
Cisco AX offers a powerful suite of application services at up to 30 percent lower cost than standalone WAN optimization appliances. It also provides more capabilities, such as:
- Networkwide visibility to over 1000 applications
- Granular control on application prioritization and path control
- Enterprise-class optimization that increases application performance up to 70 percent
- Industry-leading security services, including VPN and threat defense
With the option to add Cisco UCS E-Series server blades and Cisco Cloud Connectors to Cisco ISR-AX, you can build a complete virtualized application platform in one branch router.
And Cisco ISR-AX includes:
- Cisco Application Visibility and Control (AVC), with NBAR2, QoS, and PfR
- WAN optimization - Cisco Wide Area Application Services (WAAS)
- Security, including firewall, IP Security (IPsec) and SSL VPN
- Cisco Services-Ready Engine (SRE) Modules or Max RAM (optional: UCS E-Series)
The Cisco ASR1000-AX is available on the ASR 1000 Series and includes:
- Cisco Application Visibility and Control (AVC), with NBAR2, QoS, and PfR
- WAN optimization - Cisco Virtual Wide Area Application Services (vWAAS) and Cisco AppNav
- Security, including firewall, IP Security (IPsec) and SSL VPN
- 5 Gbps Performance
Cisco announced the end-of-sale Cisco Small Business 300 Series Managed Switches (Select Models). The last day to order the affected product(s) is May 31, 2017. Customers will continue to receive phone support from the Cisco Small Business Support Center (SBSC) as shown in Table1 of the EoL bulletin.
- Table1 describes the end-of-life milestones, definitions, and dates for the affected product(s).
- Table2 lists the product part numbers affected by this announcement. For customers with active product warranties, support will be available as stated in the product warranty terms and conditions.
Table1. End-of-Life Milestones and Dates for the Cisco Small Business 300 Series Managed Switches (Select Models)
End-of-Life Announcement Date
The date the document that announces the end-of-sale and end-of-life of a product is distributed to the general public.
March 1, 2017
The last date to order the product through Cisco point-of-sale mechanisms. The product is no longer for sale after this date.
May 31, 2017
End of Phone Support:
The last date to receive phone support as part of the product warranty. After this date, all phone support services for the product are available with additional charges or support fees. In some cases, support may not be available.
May 31, 2018
Last Ship Date:
The last-possible ship date that can be requested of Cisco and/or its contract manufacturers. Actual ship date is dependent on lead time.
August 29, 2017
End of SW Maintenance Releases Date:
The last date that Cisco Engineering may release any final software maintenance releases or bug fixes. After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software.
May 31, 2018
Last Date of Support:
The last date to receive applicable service and support for the product as entitled by active service contracts or by warranty terms and conditions. After this date, all support services for the product are unavailable, and the product becomes obsolete**. Warranty duration is based on product ship dates; refer to warranty terms and conditions for details.
May 31, 2022
HW=Hardware OS SW=Operating System Software App. SW=Application Software
Table2. Product Part Numbers Affected by This Announcement
End-of-Sale Product Part Number
Replacement Product Part Number
Replacement Product Description
SF300-24MP 24-port 10/100 Max PoE Managed Switch
SG300-28MP 28-port Gigabit Max-PoE Managed Switch
SF300-24MP 24-port 10/100 Max PoE Managed Switch
SG300-28MP 28-port Gigabit Max-PoE Managed Switch
SF302-08MPP 8-port 10/100 Max PoE+ Managed Switch
SG300-10MPP 10-port Gigabit Max PoE+ Managed Switch
SG300-28SFP 28-port Gigabit SFP Managed Switch
Cisco SG550XG-24F 24-Port 10G SFP+ Stackable Managed Switch
SF 300-08 8-port 10/100 Managed Switch
SG300-10 10-port Gigabit Managed Switch
SF 302-08 8-port 10/100 Managed Switch with Gigabit Uplinks
SG 300-10 10-port Gigabit Managed Switch
SF 300-48 48-port 10/100 Managed Switch with Gigabit Uplinks
Cisco SF350-48 48-port 10/100 Managed Switch
Product Migration Options: Service prices for Cisco products are subject to change after the product End-of-Sale date. The Cisco Takeback and Recycle program helps businesses properly dispose of surplus products that have reached their end of useful life. The program is open to all business users of Cisco equipment and its associated brands and subsidiaries. For more information, go to: http://www.cisco.com/web/about/ac227/ac228/ac231/about_cisco_takeback_recycling.html.
For More Information
For more information about the Cisco End-of-Life Policy, go to:
**For more information about the Cisco Product Warranties, go to:
To subscribe to receive end-of-life/end-of-sale information, go to:
EoL and EoS News from
More Cisco EoL and EoS News you can read here:
When your enterprises or organization are going to choose the Cisco ASR 1000 Series, you should know these Cisco ASR 1000 Series Enterprise and Service Provider Applications.
Cisco ASR 1000 Series routers sit at the edge of your enterprise data center or large office connecting to the WAN, as well as in service provider points of presence (POPs). The Cisco ASR 1000 Series will benefit the following types of customers:
- Enterprises experiencing explosive network traffic as mobility, cloud networking, and video and collaboration usage increase: Cisco ASRs consolidate these various traffic streams and apply traffic management and redundancy properties to them to maintain consistent performance among enterprise sites and cloud locations.
- Network service providers needing to deliver high-performance services, such as DCI and branch-office server aggregation, to business customers: Service providers can also use the multiservice routers to deploy hosted and managed services to business and multimedia services to residential customers.
- Existing Cisco 7200 Series Router (end-of-sale) customers looking for simple migration to a new multiservice platform that delivers greater performance with the same design.
Tables2 and Table3 describe enterprise and service provider application examples, respectively.
Table2. Cisco ASR 1000 Series Enterprise Applications
WAN edge: Guarantee high-priority applications by creating a virtual “glass ceiling” for lower-priority applications. Improve user experiences.
● Applies Modular QoS CLI (MQC) policies on VLANs or tunnels
● Limits an arbitrary collection of low‑priority traffic to a certain bandwidth
● Classifies based on differentiated services code point (DSCP), Network-Based Application Recognition (NBAR), and Cisco IOS Cisco IOS FPM (FPM) into numerous hierarchies, one for high priority and one for low priority
● Implements flexible hierarchies
● Supports 464,000 queues
● Allows all queues to have a minimum, maximum, and excess bandwidth with priority propagation
Multiservice, scalable, and secure headend:
IP Security (IPsec) VPN aggregation scales to meet the new bandwidth demands of service provider IP VPNs.
● Reduces capital expenditures (CapEx) and operating expenses (OpEx) by migrating and consolidating to fewer Cisco ASR 1000 Series Routers
● Protects investment through easy transition to much higher encryption support, offering encryption support of up to 78 Gbps with the 200-Gbps Cisco ASR 1000 Series ESP (ASR1000-ESP200)
● Offers easier management through embedded security services in the Cisco Flow Processor, with no additional service modules or blades required
● Optimized for QoS and IP Multicast applications
● Supports thousands of sites
● Supports 8,000 IPsec tunnels
● Offers up to 78-Gbps encryption performance and up to 200-Gbps noncryptographic throughput support with the Cisco ASR 1000 Series 200-Gbps Embedded Services Processor
Embedded high-speed firewall:
With the Zone-Based Policy Firewall, the Cisco ASR 1000 Series acts as an implicit and complete barrier between any interfaces not members of the same zone. An explicit zone-pair policy must be specified (using Cisco Policy Language; that is, MQC) in each direction between each zone pair. The policy establishes within the router the kind of stateful inspection (Layer 4, Layer 7, or application) and session parameters to apply to each zone pairing.
Example: An explicit policy allowing HTTP and Domain Name System (DNS) to traverse the Internet-demilitarized zone (DMZ) zone boundary would be required.
● The firewall is embedded in the Cisco Flow Processor; no additional service blades or modules are required.
● Multiple gigabits of bandwidth are routed while at the same time the router performs Zone‑Based Policy Firewall and other baseline features such as QoS, IPv4, IPv6, NetFlow, and others.
● The Cisco ASR 1000 Series provides logging of all firewall session states off to network management applications capable of accepting relatively huge amounts of flow data. Third-party applications can handle the session data.
● Provides firewall performance of 2.5 to 200 Gbps, depending on the ESP used
● Offers high-speed logging of 40,000 sessions per second with NetFlow Version 9
Managed CPE: This implementation of branch-office architecture offers powerful investment protection with services and scale.
● Managed customer premises equipment (CPE) helps branch offices route correctly over various types of Ethernet to comply with service-level agreements (SLAs).
● This application encrypts multiple gigabits of bandwidth without any additional service blades or modules.
● Managed CPE optimizes the WAN to route around brownouts in the service provider network to further guarantee mission-critical applications.
● This application offers small form factors (1 rack unit [1RU] for the Cisco ASR 1001-X and ASR 1001-HX and 2RUs for the Cisco ASR 1002-HX and ASR 1002-X Routers), including software modularity and ISSU.
● Note: ISSU is not supported on Cisco ASR 1001-X, ASR 1001-HX, ASR 1002-HX, ASR 1002-X, or ASR 1004. Managed CPE offers accessibility even when the Cisco IOS Software is down.
● Offers first-in-industry software redundancy support, without any additional hardware module, on Cisco ASR 1001-X, ASR 1001-HX, ASR 1002-HX, ASR 1002-X, and ASR 1004; hardware redundancy and ISSU are supported on the Cisco ASR 1006 and ASR 1013.
● Offers powerful firewall and NAT performance of 2.5 to 200 Gbps and 1.8- to 78-Gbps encryption support in addition to WAN optimization and voice features
Table3. Cisco ASR 1000 Series Service Provider Applications
Broadband L2TP Access Concentrator (LAC) or L2TP Network Server (LNS):
The solution offers Layer 2 Tunneling Protocol (L2TP) endpoint-to-tunnel
● The application is ideal for triple-play (data, voice, and video) wholesale deployments.
● It offers integral service delivery.
● Per-user firewall, session border controller (SBC), etc. are supported.
● Provides very high scalability of up to 64,000 subscribers and up to 16,000 tunnels
Service provider edge: Layer 3 VPN (L3VPN) provider edge:
Example: You can deploy the solution at the distributed provider edge or provider edge in global VPN networks for bandwidth demands such as asymmetric DSL (ADSL), T1/E1, STM-1, STM-4, Fast Ethernet, Gigabit Ethernet, etc.
● The application provides integral services in the Cisco Flow Processor.
● It provides encryption, FPM, NBAR, SBC, IP Multicast, etc.
● Offers excellent multicast performance
● Scales to 8,000 Virtual Route Forwarding (VRF) instances, 1 million Label Distribution Protocol (LDP) labels, and 4,000 access control lists (ACLs)
● Supports up to 4 million IPv4 routes
● Supports up to 4 million IPv6 routes
Service provider edge: High-end route reflector:
You can use the solution as a route reflector for bandwidth support of 40 Gbps.
● The application provides high scalability.
● It offers a modular design of the route processor and ESP with hardware and software redundancy.
● Scales up to 29 million IPv4 routes
● Supports 64,000 Layer 3 adjacencies
Next-generation voice and multimedia example: Cisco Unified Border Element Enterprise Edition (ENT Edition):
The SBC application (named Cisco Unified Border Element [ENT Edition]) performs the voice and video gateway functions simultaneously with regular IP data services. No appliance or additional service blade is required. The control protocols and media protocols work transparently within a complex voice architecture. For more information, refer to the CUBE data sheet at http://www.cisco.com/go/cube.
● Secure and authenticated Session Initiation Protocol (SIP) trunk connections enable service providers to offer real-time voice and video services.
● The WAN edge is simpler to manage because there is only one egress and one ingress point for access to Internet or service provider services.
● The control plane is separated from the data-forwarding plane, so the signaling and control processes are separate from media processing.
● The CUBE SBC application can be used for SIP trunk video and/or audio services provided by service providers or for Internet-accessible SIP line-side services to Cisco Unified Communications Manager.
● Facilitates SBC with security, QoS, IPv4, and IPv6 (IP Unicast and IP Multicast simultaneously)
● Supports 16,000 simultaneous voice calls and multimedia data of up to 200 Gbps with accounting, firewall, and call quality enabled
● Integrated with inbox high-availability infrastructure and Dynamic Host Configuration Protocol (DHCP) Relay
In the last article, we told what Li-Fi is and what LiFi system basics are. It seems a cool technology in network communication? Compared to today’s popular Wi-Fi, can you tell some difference between them? In this article we list some main differences between LiFi and WiFi. Which one is better? Let’s check.
We know that Li-Fi is the short form of Light Fidelity and Wi-Fi is the short form of Wireless Fidelity. LiFi uses light for data transmission while WiFi uses electro-magnetic waves at radio frequencies for data transmission. Due to less interference incurred by light compare to radio frequency waves, it is used in more dense environments.
LiFi covers distance of about 10 meters while WiFi covers about 30 meters. Both provides almost same data transfer rate. Let us understand Li-Fi internet and Wi-Fi internet network architectures.
Figure-1: Li-Fi internet
• The figure-1 depicts Li-Fi internet network architecture. As shown in the figure there are two major components in Li-Fi internet viz. LED Lamp and Li-Fi Dongle.
• As shown lamp driver is connected with internet on one end and with LED lamps on the other end. Streaming content from internet are pushed to the LED lamps through Lamp driver software.
• LED lamps are placed at different locations as per requirement in the office or home premises for multiple users.
• Li-Fi dongle is used in order to use Li-Fi internet services by various users. As shown Person#1 is browsing internet in Laptop, Person#2 in tablet and Person#3 in smartphone.
• As shown LiFi dongle is composed of photodetector, amplification & processing and applications for different types of data.
• All the LED lamps can be swithed on and off using a power button switch provided.
• Li-Fi internet provides very fast data rate at 1 Gbps speed.
Figure-2: Wi-Fi internet
• The figure-2 depicts Wi-Fi internet network architecture.
• As shown in the figure there are two major components in WiFi internet viz. WiFi router and WiFi dongle or WiFi Stations.
• WiFi router is connected with ADSL modem or Cable modem. This modem is connected with network of internet service provider.
• WiFi router works on multiple bands (e.g. 2.4 or 4.9 or 5 GHz) as per requirement. It converts internet data packets into wifi compliant signals at above bands. WiFi works on IEEE 802.11 standards.
• These EM waves are received by WiFi dongles or Stations connected with IP compliant devices. Hence WiFi internet is used by various clients as shown in the figure-2.
In the following table we will list the basic difference between LiFi and WiFi technologies.
Feature Comparison: LiFi vs. WiFi
Lifi is not the replacement of wifi technology. It can be considered as incredible companion of the wifi technology. It operates between 380 nm to 780 nm optical range. LiFi is used to exchange data incredibly rapidly and securely at much lower power level compare to WiFi.
Products Based on Li-Fi Technology | Li-Fi products
There are various li-fi products such as lamps, Kits, LiFi smartphone etc. The vendors and OEMs of LiFi products are also mentioned.
OLEDCOMM is a world leader in LiFi products which includes LiFi routers, LiFi hubs, LED drivers, LED lamps and complete kit for lighting system. There are several LiFi kits developed by OLEDCOMM. The kit contains following :
• LED Lamps
• Tablet with Android
• Dongle to use with LiFi Smartphone
• Software library
• location based application for LED Lamps.
Panasonic LiFi Lamp
Panasonic has range of LiFi LED Lamps.
Model: LFS4000PA1 PANASONIC LIFI LAMP
Popular LiFi products with Vendors
Following are the popular LiFi products and their leading vendors.
Info & Reference from