Overblog Follow this blog
Administration Create my blog
Cisco & Cisco Network Hardware News and Technology

Posts with #cisco technology - it news tag

Introducing Cisco Unified Communications 11.x and 10.x Licensing

August 9 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco License, #Cisco Technology - IT News, #Cisco & Cisco Network

Cisco Unified Communications 11.x and 10.x Licensing

Cisco Unified Communications 11.x and 10.x Licensing

Description of UCL Levels

Description of UCL Levels

Cisco Unified Communications 11.x and 10.x licensing is here!

Cisco Unified Communications 11.x and 10.x licensing has three levels

Cisco Unified Workspace Licensing (UWL) Meetings Edition

This edition is a complete unified communications and video solution. It includes all features in the Standard Edition plus Personal Multiparty Plus unlimited video conferencing – including the new Cisco Meeting Server as well as Cisco TelePresence Server and Conductor, Cisco WebEx Meetings Server on-premises conferencing, session management, and contact center capabilities.

Cisco UWL Standard Edition

Built on the reliable Cisco Unified Communications Manager platform, this edition includes call control, voice messaging, Cisco Expressway, and soft clients. Instant messaging and presence are also included as a perpetual license on premises.

Cisco User Connect Licensing (UCL) Enhanced and Enhanced Plus

A per-user license for the following individual Cisco Unified Communications applications:

• Cisco Unified Communications (including instant messaging and presence and Cisco Jabber desktop and mobile clients)

• Cisco Unity Connection

• Cisco Business Edition

Licensing Options for the Way You Work

Your business isn’t like any others. That’s why we offer a variety of software licensing options to meet your needs, regardless of the size of your business, the way your employees work, and the tools you need.

Depending on the type and number of devices you require, UCL is available in Essential, Basic, Enhanced, and Enhanced Plus versions.

Essential UCL and Basic UCL: User-based licenses for individual Cisco Unified Communications products. Each includes applications server software and user licensing for a single device supported by the Essential UCL or Basic UCL functions. These licenses also provide on-premises instant messaging clients and presence software for the entire organization.

• Enhanced UCL and Enhanced Plus UCL: User-based licenses for individual Cisco Unified Communications products that support Cisco’s entire portfolio of user devices. They each include a soft client, applications server software, and user licensing. Enhanced UCL covers a single device, and Enhanced Plus allows for two. The licenses also provide on-premises instant messaging clients and presence software for the entire organization. Table 1 describes the four levels of UCL.

What Is Cisco Unified Workspace Licensing? Cisco UWL provides the most popular bundles of Cisco collaboration applications and services in a cost-effective, simple package. Licensed per user, it includes:

• Application server software

• User license

• Soft clients

Cisco Software Support Service is required to access technical support, minor updates, and major software upgrades.

Licensing Requirements

The requirements for Cisco UWL are as follows:

• UWL Meetings Edition licensing requires a minimum of 25 users; the Standard Edition has a minimum of 1 user.

• You can mix UCL with UWL Standard and Meetings Editions.

• A 1-year Cisco Software Support Service (SWSS) contract is required. These contracts can be coterminous upon renewal.

Info from http://www.cisco.com/c/dam/en/us/products/collateral/unified-communications/unified-communications-licensing/C45_523902_11_9_licensing_aag_v5a_1.pdf

More Cisco Licensing Topics

Updated: About Cisco ISR G2 SEC and HSEC Licensing FAQ

Cisco ONE Software Licensing Program

Overview of Cisco Unified Communications 11.x and 10.x Licensing Portfolio

Overview of Cisco Unified Communications 11.x and 10.x Licensing Portfolio

Read more

802.11ac Wave 2’s Impact is World Wide, WHY?

July 13 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Wireless - Cisco Wireless AP, #Cisco & Cisco Network, #Cisco Technology - IT News

802.11ac Wave 2’s Impact is World Wide

802.11ac Wave 2’s Impact is World Wide

802.11ac Wave 2 APs

802.11ac Wave 2 APs

Everyone says I love 802.11ac Wave 2. The Impact of 802.11ac Wave 2 is World Wide, Why? We also talked about the 802.11ac Wave 2 and 802.11ac Wave 2 Access Points a lot.

Yes, make no mistake the affect of the 802.11ac Wave 2 standard is going to be global and won’t just affect specific business areas.

One key part of Wave 2 802.11ac technology that helps keep your organization ahead of the capacity crunch is multi-user MIMO (MU-MIMO).

(MU-MIMO allows an access point to transmit to multiple clients at the same time, instead of sending data to a single client at a time. These parallel transmissions improve RF efficiency when client devices also support 802.11ac Wave 2.)

With Muti-User MIMO (MU-MIMO), 802.11ac Wave 2 clients are on and off the network so fast allowing for more legacy clients to be served. Plus 802.11ac Wave 2-enabled smart phones, laptops and tablets, will jump on the 5Ghz band leaving the 2.4GHz bands for older devices.

With the higher speeds of 802.11ac Wave 2, it takes a lot less time to transmit data than it did with previous Wi-Fi standards. This preserves battery life on Wave 2 clients. That means in the long run, updating your wireless network to 802.11ac Wave 2 standards will provide a better user experience for your users.

Now, let’s look at why 802.11ac Wave 2’s Impact is World Wide.

Schools need to support 802.11ac Wave 2 because more and more students are bringing devices to class. And it’s not to sneak a peek at the latest Taylor Swift video; educators are using tablets and other mobile devices as part of the education process. While additional devices and apps that will consume bandwidth are a big reason for the upgrade, it’s not the only thing. Schools need an 802.11ac Wave 2 network that can:

• Support up-to-the minute notification on mobile devices.
• Detect externally launched attacks and insider threats.
• Automatically adapts to environment changes for optimal performa
nce.

Whether you’re a small coffee shop or a large department store, it’s not just your workers that need exemplary Wi-Fi, customers demand this service too. Cisco Aironet Access Points are great tools to gather data in order to understand customer traffic patterns and behaviors, prioritizing your business-driving apps and better protecting the privacy of your business. Your customers need to be able to jump on a network too and:

• Connect to a custom guest access network (which can be used as another advertising venue).
• Be able to find the things that they want, quicker.
• Adapt to flash crowds during sales eve
nts.

In the old days, putting out an array of stale donuts in the morning and offering travelers a bed for the night was the peak of hospitality luxury. Those days are long gone as guests are now a bit savvier than they once were and expect a multitude of high-end services. One of these services is a robust wireless network. If you’re in the hospitality game, you need an 802.11ac Wave 2 compliant network because:

• It delivers mobile check-in, key lock and room control
• It quickly deploys wireless access for conventions and social gatherings
• It adapts to crowd surges during high volume of registra
tion

Where Does Cisco Fit In?

That third bullet brings me to one of the most amazing things about the Cisco Aironet Access Points, and that are the innovations that only Cisco delivers:

Flexible Radio Assignment automatically adjusts radio bands to better serve the environment. A Cisco Aironet Access Point deployed in a hotel lobby can handle a crowd of people armed with mobile devices frantically looking to get settled in their rooms. Flexible Radio Assignment automatically triggers the access point to shift from the dual radios operation at 2.4GHz and 5GHz to both radios offering 5GHz.
• Cisco CleanAir remediates device impacting interference
• Optimized Roaming intelligently connects the proper access point as people move
Multi-Gigabit Uplinks provides faster wired network offload on existing Ethernet

Your Cisco 802.11ac Wave 2 access points aren’t static. They offer investment protection via the ability to expand along with your organization with three ports located on the Cisco Access Point. A smart antenna port allows you to add either another antenna be it of the Stadium Panel, Directional or Location variety. A built-in module port is perfect for connecting hardware such as a video surveillance device. While a USB port allows you to add a Bluetooth capabiities.

Preparing for 802.11ac Wave 2 is not a one-sized-fits-all solution. Cisco has a wide access point portfolio that offers different solutions to fit different situations. The Cisco Aironet 1830 and 1850 Series Access Points are perfect fits for small to medium-sized businesses. These devices offer the functions and features of an enterprise-level access point and they are the lowest cost 802.11ac Wave 2 AP on the market today.

For mission-critical organizations, look no further that Cisco Aironet 2800 Series Access Point. More robust than the Cisco Aironet 1830 and 1850 Access Points, the 2800 Series is built for large sized organizations. Rounding out the portfolio is the Best-in-Class solution: the Cisco Aironet 3800 Access Point. This product is targeted specifically for larger areas such as stadiums and arenas.

More Related…

Go On, All the Benefits of 802.11ac Wave 2

Cisco Mobility Express Solution Release Notes

New Cisco Aironet 1830 Series APs-Gigabit Wi-Fi Has Fully Arrived

Key Questions to Help you Know Cisco 802.11ac Wave 2

Migrating to Wave 2? …Definitely

Read more

Three Steps to Ignite Your Enterprise Digital Journey

July 7 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco & Cisco Network, #Cisco News, #Cisco Technology - IT News

What’s new? The network is an informational highway of intelligence, but today’s static infrastructure can’t see the intelligence. The first step in addressing this issue is increasing visibility into the network with insights and analytics. Next is automating network services to make it easy to deploy, manage and maintain.

Cisco’s new network innovations address both challenges, and include:

Insights and Experiences:

  • Cisco Connected Mobile Experience (CMX) 10.2.2 – a software update with new features and enhancements for better customer engagement, operations and streamlined guest experiences
  • Cisco Aironet 1560 Series Outdoor Access Point – Cisco’s first outdoor Access Point that extends 802.11ac Wave 2 Wi-Fi to high-density environments, the foundation to enable CMX for your outdoor environments.
  • Cisco Catalyst 3650 Multigigabit Switch – a new Catalyst Multigigabit technology (based on NBASE-T standards) switch with up to 48 ports (12 MGig) and UPOE up to 60w for voice, video, and data performance assurance

Automation and Assurance:

  • ASR 1001-HX and ASR 1002-HX– new fixed –HX chassis that offer WAN edge high availability and resiliency with Service Level Agreement (SLA) assurance in a small form factor.
  • Cisco Unified Compute Services (UCS) E-Series – new 6-core single-wide compute blade for ISR 4000 with enhanced processing, memory and storage for 2x more app hosting.
  • 3rd Party App Hosting on ISR 4000 & ASR 1000 Cisco now supports KVM-based application hosted as container on Cisco Enterprise Routers, providing more choices and openness support for 3rd party or custom application.

What are the challenges Cisco is helping you overcome?

The roadmap to a digital network may seem simple, but there are significant challenges that must be overcome. With these new network innovations customers can tackle:

  • WAN Edge Challenges–The WAN is the fabric that connects users to apps and things. It also is the central point between the enterprise core and its edges—from the core to campus/HQ, branches, cloud and fog or among enterprise private data centers. The WAN edge must balance between performance, visibility, and security to ensure the best user experience (i.e. quality of voice, video, and data).
  • Branch Challenges–The branch is the first node of connection for users and guests to apps and things, as well as the first line of defense to nullify a threat. Given its small IT footprint and often remote locations, the branch challenges include application experience, connectivity, management and automation, threat detection and defense.
  • Customer Experience Challenges–To deliver a personalized customer experience, two integral steps must happen in tandem: (i) ubiquitous and robust connection, indoors and outdoors, and (ii) user, app, and device intelligence.

How will the new innovations help customers?

This is always a question we ask ourselves when rolling out any new technology. Focusing on real business outcomes for your enterprise, Cisco and our DNA approach is built on three design principles.

  • Services-centric to give enterprises the freedom to run services and applications when, where, and how they want it across the WAN and branch. Outcome: Faster service delivery.
  • Software-driven by virtualizing and optimizing applications and network functions for effective deployment on any platform: physic, virtual, or a mix of both. Outcome: Freedom of choice.
  • Automation of devices, apps and services for greater agility. Outcome: Less human errors.

Cisco DNA is the future of the network. These innovations allow you to reach greater network agility and achieve real business outcomes.

Reference from http://blogs.cisco.com/enterprise/ignite-your-enterprise-digital-journey-in-three-steps

More Related…

The Time of Multigigabit, Cisco’ s New Campus LAN Switches

Tailoring the Correct Cisco Outdoor 1560 Access Point for You

Cisco and DNA approach is built on three design principles

Cisco and DNA approach is built on three design principles

Read more

Cisco Industrial Ethernet 1000 Series Switches, How It Works?

July 1 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Cisco Technology - IT News

Cisco Industrial Ethernet 1000 Series Switches' ROLE

Cisco Industrial Ethernet 1000 Series Switches' ROLE

Cisco Industrial Switches have a big family, including the Cisco IE 2000, IE 3000, IE 4000 and IE 5000 Series Switches and the new IE 1000 Series.

The Cisco Industrial Ethernet 1000 Series---Lightly Managed Switches for Industrial Environments

The Cisco Industrial Ethernet 1000 (IE1000) Series Switches enable industrial network connectivity where traditional unmanaged switches lack the required performance and do not offer visibility and control.

Cisco IE1000 is a lightly managed Layer 2 switch designed for industrial users to better achieve productivity and network reliability, a primary element to business success.

The traditional industrial Ethernet switch of the past was a DIN rail unmanaged switch with few Ethernet ports to interconnect various nodes, including computer, HMI, PLC, I/O, drive, and sensors. The main challenge when deploying unmanaged switches is that it is difficult to monitor and troubleshoot issues that impact operational productivity. The IE1000 offers basic management for QoS, and security along with monitoring capability, which are essential in industrial environments.

The Cisco IE1000 Series has the option of Power over Ethernet (PoE) applications. Cisco IE1000 switches are designed to meet IEEE 802.3af (PoE) and 802.3at (PoE+) standards for network devices such as wireless access points, IP surveillance cameras, display monitors, and PoE-enabled industrial devices. One benefit of a PoE network solution is that it reduces the time and cost of having power cabling or outlets installed by certified electricians. The IE1000 PoE series is for industry users that seek flexible, low-cost, and easy-to-use installation solutions.

How It Works

As soon as you power up the IE1000, you can access the switch using a web browser to start the network connectivity. The IE1000 boots within 30 seconds from power up. It also allows you to monitor traffic flows, and Ethernet port utilization. You can administratively shut down or block unwanted devices in case of safety or security concern.

You can prioritize traffic on a per-port basis to assure that the critical traffic is delivered end to end with priority. In addition, the Cisco IE1000 transports industrial protocol traffic such as Ethernet/IP, PROFINET, and Modbus/TCP without extra provisioning. The support of SNMP, alarm relay, and syslog allows you to uncover errors before the network stops totally.

Solution Highlights and Capabilities

The Cisco IE1000 Series Switches support the features and capabilities sufficient for industrial usage, including:

Port density: 5, 6, 8, and 10

• FE copper or GE fiber uplink ports

• 4 or 8 Fast Ethernet downlinks

• Up to 8 PoE/PoE+ ports

• Data load optimization with VLAN awareness

IGMP and DHCP snooping

• Web GUI-based provisioning and monitoring with no need for extensive IT knowledge

• High reliability and five-year hardware warranty

Benefits

• Minimized downtime: troubleshoot, monitor, and diagnose with Web-based GUI tool.

• Improved network resiliency: spanning tree enables network link redundancy and fast link recovery.

• Increased network security: port security allows disabling ports to control what gets connected to the network.

• Critical traffic prioritization: guaranteed delivery of mission critical end devices traffic.

• Reduced overall TCO: VLANs allow for logical segmentation in a single switch, which reduces total number of switches needed.

Use Case Examples

• Machine builders: Connects complex I/O and automation gears

• Panel builders and panel shops: for electricians to manage Ethernet connectivity.

• PoE solution for smart cities: Connects Wi-Fi access points and IP camera in locations without flexible power outlet or in spaceconstrained roadside cabinets.

More Related…

New Industrial Switches-Cisco IE 2000 Series

Cisco Industrial Ethernet 1000 Series Switches

Cisco Industrial Ethernet 1000 Series Switches

Cisco IE 1000 Series Switches Configurations

Cisco IE 1000 Series Switches Configurations

Read more

Mix Cisco Access Points? It’s Okay

June 8 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Technology - IT News, #Cisco Wireless - Cisco Wireless AP

Don’t Sweat the Small Stuff: It’s Okay to Mix Cisco Access Points

Don’t Sweat the Small Stuff: It’s Okay to Mix Cisco Access Points

FCC 14-30 is a hot topic these weeks. In early June 2016, the FCC published FCC 14-30 Order, which now allows the use of three additional channels (120, 124, and 128) as well as other power adjustment and updated DFS regulations. Cisco’s compliance with new rules requires the assignment of hardware to a regulatory domain, indicating which rules the device complies.

In the following part, let’s read the reviews written by Jim Florwick (a member of the Technical Marketing Engineering team for Cisco's Wireless Business Unit). He talked about Why “It’s Okay to Mix Cisco Access Points”

Don’t Sweat the Small Stuff: It’s Okay to Mix Cisco Access Points

The new –B regulatory domain was designed to take the place of –A so that access points will be compliant with the FCC 14-30 Order. Per the FCC order, access points shipped before June 1, 2016 are grandfathered to adhere to –A requirements. Access points shipped after the June 1 date must meet the –B requirements. This includes changes in DFS detection requirements, which must re-certify according to the new rules.

I’ve been hearing from a lot of customers who don’t want to mix the two regulatory domains in their networks. But there simply is no reason not to do so.

There are a few nice things in a –B access point that aren’t available in an –A access point. Things that we all want: more 5 GHz channels and more power in U-NII 1. However, other than those minor changes, the –B and –A access points are the same. There are absolutely no operational issues in running both –A and –B on the same controller or controllers.

For example, let’s say you’re adding some access points or building out a new area – and you mix –A and –B access points, what will happen in terms of operations?

If the new channels aren’t added to the DCA list—and by default, they are not—they will not be assigned to any of the –B capable access points. If the new channels are added to the DCA list, it will only be assigned to the –B access points. This won’t be a problem as the clients will still use 120, 124, 128 where it’s available.

I have been in this industry for a long time and I’m not aware of any clients that support U-NII 1, 2, 3 that have failed in these channels. If, for some reason this does happen, simply remove the channels. No harm, no foul.

That leaves different allowed transmit (TX) power. There will be no issues here either – since TPC still works the same as it always has. The Cisco access point product line still operates with a mix of allowed powers in the 5 GHz UNII bands under the –A rules. The Neighbor Discovery Protocol is normalized for this reason and Radio Resource Management (RRM) works just fine. There are no known issues with mixing –B and –A radios in the same air on the same controller. If a user wants to stay consistent about power implications, simply set TPC Max to enforce max power to –A globally and in RF Profiles when in use.

In the last sentence I talked about consistency, and there are a lot of customers—myself included—that just don’t like the idea of a mixing anything. I go so far as to stay away from milkshakes and just eat ice cream cones, when I want a cool treat. But the reality is this is not like mixing Cisco Aironet 1130 and Aironet 3700 Access Points in the same room. Once your –A and –B access points are plugged in and running no one would ever know that a mix existed.

We don’t have operational hiccups absorbing this change like some of our other competitors. At Cisco, we’ve been running mixed environments in Alpha production networks since the Cisco AP 1810 was in development—and that’s a fair amount of time to find irregularities and observe errors. Cisco Mobility Express is built on a –B access point, and supports the –A access points. These devices have been tested over thousands of hours and work as expected.

There is really no reason other than just the perception of a mix to be worried. With that being said, I’m heading down to the ice cream shop and enjoying a frosty milkshake. I hear that they’re really great!

To read the entire Product Bulletin, click here. To read the entirety of Cisco’s response, click here.

…The original article from http://blogs.cisco.com/wireless/dont-sweat-the-small-stuff-its-okay-to-mix-cisco-access-points

More Cisco Wireless Topics you can read here: http://blog.router-switch.com/category/technology/wireless/

Read more

What is the Cisco Intelligent Branch?

June 1 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Technology - IT News, #Cisco & Cisco Network

Intelligent Branch Foundational Components

Intelligent Branch Foundational Components

What is the Cisco Intelligent Branch? What does it can do for you?

Now Business is going digital, and customers expect multiple ways of interacting with you.

Your competitors are delivering personalized in-store content to visitors over Wi-Fi, such as coupons and sales alerts. Some offer remote consultations and demonstrations.

Staying in the game requires the ability to execute your own creative digital solutions quickly.

You can do exactly that with the Cisco Intelligent Branch, an all-in-one, powerful digital network platform. Use it to deliver digital experiences in stores and at branch offices, where 90 percent of today’s business revenue is generated.1 Deliver differentiating services and new business offers with guest Wi-Fi, rich media content, and cloud applications.

Benefits from the Cisco Intelligent Branch

For Lines of Business:

• Create an immersive digital experience for your workforce and customers.

• Improve mobile, social, and online engagement with customers.

• Gather actionable insights that allow you to build new business offerings.

For IT:

• Get an ownership cost advantage with a pay-as-yougrow model.

• Protect your investment through license portability.

• Get operational simplicity and automated management.

• Gain a scalable and resilient infrastructure for digital business needs.

One Platform, Many Functions

The Cisco Intelligent Branch combines key IT capabilities in a small-footprint, zero-touch deployment platform that’s SD-WAN ready. It consists of a modular Cisco 4000 Series Integrated Services Router (ISR) running the Cisco Unified Computing System™ E-Series server blade. You can add on network services – wireless LAN, WAN optimization, security, and more – so you can easily activate, change, and replace the functions as your business grows. The Cisco Intelligent Branch works with whatever type of wired or wireless WAN you have.

Intelligent Branch Foundational Components

Cisco 4000 Series ISR

• Integrated Cisco UCS E-Series server blade

• Cisco Intelligent WAN (IWAN) architecture

Add-On Network Services

Cisco Virtual Wide Area Application Services (vWAAS) WAN optimization

• Cisco IOS Software Zone-Based Firewall

• Cisco FirePower Virtual Intrusion Prevention System (IPS)

• Cisco Virtual Wireless Controller

• Cisco Adaptive Security Virtual Appliance (ASAv)

Use this technology foundation with cloud-based software-as-aservice (SaaS) applications to increase your business agility. You can also use the network as a sensor to protect your business from attack with embedded security. All while gathering intelligence about your users that lets you create new, personalized business offerings and revenue opportunities.

Use Cases

Here are a few sample scenarios for the Cisco Intelligent Branch:

• The bank branch: No mortgage advisor available? Set the customer up with an advisor in another location using telepresence.

• The retail store: Shoppers need help? Use a kiosk and a remote advisor to provide advice. Showcase an e-catalog and enable mobile point of sale on an associate’s tablet. Customers won’t have to stand in long lines anymore.

• The classroom: Stream HD video to students’ tablets so they can attend live classroom sessions from anywhere. Students can also collaborate with each other and with instructors more engagingly in real time, increasing student comprehension.

• The traditional branch office: Use wireless WAN connections to quickly deploy pop-up sites. Empower employees with superior cloud application performance. Increase customer loyalty with mobile and virtual experiences.

“Digital mastery requires companies to acquire, build, and deploy new technology services at speeds that used to be unthinkable. – Digital Predator or Digital Prey?”

Info from http://www.cisco.com/c/dam/en/us/products/collateral/routers/4000-series-integrated-services-routers-isr/at-a-glance-c45-736379.pdf

More Related Cisco Network Topics

Migrating to Cisco 4000 Series ISR…Benefits You Get

Read more

Introducing Cisco DNA (Digital Network Architecture)

April 19 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Technology - IT News, #Cisco & Cisco Network, #Cisco News

Cisco DNA-5 Principles

Cisco DNA-5 Principles

Network Evolution for the Digital Era

Network Evolution for the Digital Era

The Digital Network Architecture (DNA) building blocks and their programmable interfaces.

The Digital Network Architecture (DNA) building blocks and their programmable interfaces.

Watch this video for an overview on Cisco Digital Network Architecture.

Raakhee Mistry (Marketing Manager, has been with Cisco for over 12 years, serving in product management, partner program and solutions marketing roles.) collected the different audiences’ responses to Cisco Digital Network Architecture. She pointed out: Analysts agree that Cisco DNA is a Game Changer. Yes. The New Cisco DNA is a Game Changer for the Digital Era.

Cisco DNA is short for Digital Network Architecture. The Cisco Digital Network Architecture is a platform that will give our customers both a roadmap to digitization and a path to recognize immediate benefits of network automation, assurance and security. Cisco released it at Cisco Partner Summit 2016.

Cisco DNA complements Cisco’s market leading, data center based Application Centric Infrastructure (ACI) technology by extending the policy driven approach and software strategy throughout the entire network: from campus to branch, wired to wireless, core to edge.

Cisco DNA is delivered within the Cisco ONE Software family, enabling simplified software-based licensing, and helping with investment protection and flexibility.

The IT networking industry continues to demand knowledgeable professionals to help manage, secure and optimize their network infrastructure. Networking jobs can be found worldwide in exciting industries such as fashion, sports, and entertainment. Research indicates that a certification is second only to a four year college degree as a way to qualify people for positions and certifications were rated to be the top criteria in being able to determine an applicant's qualifications.

Cisco Digital Network Architecture Benefits

  • Insights. The network touches all things digital – users, devices, applications, sensors and cloud – and networking professionals are in a unique position to help their organizations capture insights in real time that allows businesses to make better decisions instantly and deliver better experiences.
  • Automation. This area is centered on IT speed and simplicity. Today’s networking professionals are CLI jockeys, but that will offer less value as time goes on. The network is evolving to software with software-defined networking, open APIs, network function virtualization and more. These new technologies provide networking IT with unprecedented agility that helps IT deliver business requirements faster and can free up cycles to support more strategic projects for their organization.
  • Security. While digital technologies have opened up new opportunities, they have also introduced a level of risk. As we see the proliferation of mobile devices and cloud adoption, the network perimeter is evolving and the attack surface has the potential to grow significantly. To combat that risk, networking professionals will be able to offer the business a new approach to inject security pervasively through the network, which can be the sensor and enforcer of security threats.

More Related…

Cisco DNA is a Game Changer for the Digital Era?

Happy Birthday, Cisco ONE Software!

Cisco Boosts IOS XR Software Solutions…for ‘Cloud-Scale’ Networking

Cisco Mobility Express Solution Release Notes

Cisco ONE Software Licensing Program

Cisco ACI, What is It?

Read more

Using DHCP and DHCP Option 82

March 30 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco & Cisco Network, #Cisco Technology - IT News

DHCP Option 82 Operation

DHCP Option 82 Operation

DHCP is short for Dynamic Host Configuration Protocol. We know that DHCP is used in LAN environments to dynamically assign host IP addresses from a centralized server, which reduces the overhead of administrating IP addresses.

I’ve read an article “DHCP Snooping and DHCP Snooping Configuration” that is about a CCIE’s experience. In that article it also shares the DHCP Option 82 concept.

In this article we will share some info of using the DHCP Option 82.

DHCP also helps conserve limited IP address space because IP addresses no longer need to be permanently assigned to client devices; only those client devices that are connected to the network require IP addresses. The DHCP relay agent information feature (option 82) enables the DHCP relay agent (Catalyst switch) to include information about itself and the attached client when forwarding

DHCP requests from a DHCP client to a DHCP server. This basically extends the standard DHCP process by tagging the request with the information regarding the location of the requestor. (See the Figure “DHCP Option 82 Operation”)

...

The following are key elements required to support the DHCP option 82 feature:

• Clients supporting DHCP

• Relay agents supporting option 82

• DHCP server supporting option 82

The relay agent information option is inserted by the DHCP relay agent when forwarding the client-initiated DHCP request packets to a DHCP server. The servers recognizing the relay agent information option may use the information to assign IP addresses and to implement policies such as restricting the number of IP addresses that can be assigned to a single circuit ID. The circuit ID in relay agent option 82 contains information identifying the port location on which the request is arriving.

Note:

1. The DHCP option 82 feature is supported only when DHCP snooping is globally enabled and on the VLANs to which subscriber devices using this feature are assigned.

2. DHCP and the DHCP option 82 feature have not been validated in the lab for EttF version 1.1. At this time, Cisco recommends considering only DHCP with option 82 for the application servers at level 3.

Reference from http://www.cisco.com/c/en/us/td/docs/solutions/Verticals/EttF/EttFDIG/ch3_EttF.pdf

More Related…

Five Things You Should Know About DHCP Snooping

How to Configure DHCP Snooping

How to Configure DHCP Snooping in a Cisco Catalyst Switch

DHCP Option 150 & DHCP Option 66

DHCP Relay on the Nexus7000/NXOS vs. IP Helper on the 6500/IoS

Read more

Is It Cisco ClientLink 4.0 or ClientLink 3.0?

March 23 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Wireless - Cisco Wireless AP, #Cisco Technology - IT News

Optimize Your Mixed-Client Wi-Fi Network

Optimize Your Mixed-Client Wi-Fi Network

The Cisco ClientLink Advantage

The Cisco ClientLink Advantage

Mobile devices are so popular today, which range from laptops, tablets, smartphones to others. And now all kinds of mobile device types now connect to your wireless LAN. All these mobile devices might use a mix of new and old Wi-Fi technologies – 802.11ac, 802.11n, and 802.11a connections – for access. To keep the older and slower clients from impeding the performance of newer and faster 802.11ac Wave 1 and 2 connections, there is Cisco ClientLink.

ClientLink is a beamforming capability built into Cisco Aironet wireless LAN access points. When the access point (AP) concentrates signals toward the receiving client, that client is better able to “hear” the AP’s transmission, so throughput is greater. ClientLink also enhances performance in the uplink (client-to-AP) direction, so that the AP can also better hear the client communications. The result is improved performance in both directions.

By comparison, many competing 802.11ac-capable APs offer uplink-only enhancements, from client to access point. Many 802.11ac-capable AP suppliers also base their downlink enhancements on the optional transmit beamforming (TxBF) feature in 802.11ac, which requires TxCBF support in the client device to operate. Cisco ClientLink technology is unique in offering both uplink and downlink performance improvements, and it doesn’t require any special capabilities in the client device to work.

ClientLink works with all client technologies. It makes sure each client type always operates at the best possible rate, as determined by the 802.11 access technology supported, network conditions, and the distance of the client from the Wi-Fi AP. ClientLink helps maintain maximum client rates even at cell boundaries, when clients are farthest away from the AP.

How to Get the Most from 802.11ac?

The 802.11ac standard inherently provides performance increases compared with earlier 802.11 technology versions. But because 802.11-based equipment is backward-compatible with older versions of the standard, it pays to run a mixed-client network to get the most out of your device investments. At the same time, however, your older clients can delay communications for the faster 802.11ac clients, hindering 802.11ac performance benefits.

Cisco ClientLink overcomes this issue for more reliable mobile experiences. In Aironet 802.11ac APs, ClientLink uses four transmit antennas to focus transmissions in the direction of the Wi-Fi client, surpassing the industry norm. This support improves downlink signal-to-noise ratio (for better client “hearing”) and boosts the data rate over range so you can reduce coverage holes and enhance overall system performance. Table 1 illustrates the Cisco performance advantages of using ClientLink technology.

You get beamforming enhancements across your entire client population of new and old devices: Cisco ClientLink beamforming works with all client types, and IEEE-standard transmit beamforming (TxBF) is also built into all Cisco Wi-Fi-Certified 802.11ac access points to benefit the 802.11ac clients that support it.

ClientLink also works with multiuser multiple input, multiple output (MU-MIMO), part of the 802.11ac standard that enables concurrent transmissions between an AP and multiple 802.11ac client devices that also support MU-MIMO. As a result, Cisco ClientLink can now also provide performance boosts across a mixture of 802.11ac, 802.11 n, and 802.11a clients to further benefit your entire wireless network.

The wireless difference is in the implementation details. Turn to Cisco ClientLink-enhanced APs to get best performance from all Wi-Fi clients on your network.

From http://www.cisco.com/c/dam/en/us/products/collateral/wireless/aironet-3600-series/at_a_glance_c45-691984.pdf

More Related Cisco Wireless Topics…

Cisco Aironet Series 3700 vs. AP 3600 Series

New Cisco Aironet 802.11n G2 Series Indoor AP: Cisco AP 2700 and AP 3700 Series

A Full Overview of the Recent Cisco NPI Launch

What a Cisco Mobility Express Bundle!

Go On, All the Benefits of 802.11ac Wave 2

More here…http://blog.router-switch.com/category/technology/wireless/

Read more

IPv6 Feature Support on the Cisco ASA Firewall

November 12 2015 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Technology - IT News, #Cisco Switches - Cisco Firewall

It is well known that Cisco ASA series supports IPv6 and it can be setup very easily and quickly. In the following part it focuses on a basic ASA setup for a native IPv6 network. As you will see, there are very few commands required to have your ASA firewall join an IPv6 ready network.

Here is a quick way to configure up your ASA firewall for IPv6 connectivity.

BASIC CONFIGURATION

Step 1

In this step we assign a link local address to the interface. There are 2 ways to assign a link local address to the interface

Step 1.1.

Configure the interface to generate a link local address from its MAC address.

interface GigabitEthernet 0/0

no shutdown

nameif inside

ipv6 enable

When you enter IPv6 enable, a link local address is automatically generated (this is based on your mac address).

Step 1.2.

Configure a link local address manually.

interface GigabitEthernet 0/0

no shutdown

nameif inside

ipv6 address <ipv6-address> link-local

Using the above command you can assign a link local address to the interface manually.

You can verify the link local address by executing the “show ipv6 interface” command.

Step 2

Next we have to assign the global address to the interface. There are 2 ways of doing this.

Step 2.1.

You can manually assign a global IPv6 address to the interface.

interface GigabitEthernet 0/0

ipv6 address 2001::db8:2:3::1/64

With the IPv6 address command above, you are manually specifying the global IPv6 address for the interface. You can specify more than one IPv6 addresses for the interface using the command.

Step 2.2.

You can configure the interface to obtain the address automatically using stateless address autoconfiguration.

interface GigabitEthernet 0/0

ipv6 address autoconfig

Enabling stateless autoconfiguration on the interface configures IPv6 addresses based on prefixes received in Router Advertisement messages.

NOTE: There was a defect (CSCuq62164) in the ASA software that caused the ASA to not assign an address if it received a RA message with both the M and A flags set. This has been fixed in 9.3(1) release and hence we recommend this version if you intend to use SLAAC for configuring the address on ASA interfaces.

Step 3

Verify IPv6 configuration.

Example:

show ipv6 interface


inside is up, line protocol is up

IPv6 is enabled, link-local address is fe80::e6c7:22ff:fe84:eb2

Global unicast address(es):

2001:db8:2:3::1, subnet is 2001:db8:2:3::/64

Joined group address(es):

ff02::1:ff00:1

ff02::1:ff84:eb2

ff02::2

ff02::1

ICMP error messages limited to one every 100 milliseconds

ICMP redirects are enabled

ND DAD is enabled, number of DAD attempts: 1

ND reachable time is 30000 milliseconds

ND advertised reachable time is 0 milliseconds

ND advertised retransmit interval is 1000 milliseconds

ND router advertisements are sent every 200 seconds

ND router advertisements live for 1800 seconds

Hosts use stateless autoconfig for addresses.

Step 4 (Optional)

Suppress Router Advertisement messages on an interface.

By default, Router Advertisement messages are automatically sent in response to router solicitation messages. You may want to disable these messages on any interface for which you do not want the security appliance to supply the IPv6 prefix (for example, the outside interface).

Enter the following command to suppress Router Advertisement messages on an interface:

ipv6 nd suppress-ra

Neighbor discovery will continue to be operational even though RA suppression has been configured.

Step 5

Define an IPv6 default route.

ipv6 route outside ::/0 next_hop_ipv6_addr

Using ::/0 is equivalent to “any”. The IPv6 route command is functionally similar to the IPv4 route.

Step 6

Define access-lists.

Using the regular access-list command define the access-lists with IPv6 addresses in them so as to permit the required traffic to flow through the ASA.

Example:

access-list test permit tcp any host 2001:db8::203:a0ff:fed6:162d

access-group test in interface outside

The above is permitting traffic to a specific server 2001:db8::203:a0ff:fed6:162d.

SECURING THE FIREWALL

If you plan to configure autoconfig for the IPv6 global address on the ASA, you should limit the amount of router advertisements (RA) to known routers in your network. This will help prevent the ASA from being auto configured from unknown routers.

access-list outsideACL permit icmp6 host fe80::21e:7bff:fe10:10c any router-advertisement

access-list outsideACL deny icmp6 any any router-advertisement

access-group outsideACL in interface outside

interface GigabitEthernet 0/0

nameif outside

security-level 0

ipv6 address autoconfig

ipv6 enable

The above access-list when applied on the ASA will limit receiving router advertisements (RA) from only the router specified. All other RAs will be denied.

Configuring ASA to help autoconfigure IPv6 addresses on hosts behind the ASA

The hosts in the network behind the ASA might be configured to autoconfigure their IPv6 address. Dynamic address assignment happens in 2 ways on IPv6 networks. It could either be a stateful address assignment or stateless address assignment.

Stateful dynamic address assignment

For stateful address assignment, a DHCPv6 server needs to be configured on the network that can assign address to hosts upon request. ASA currently does not have the ability to host a DHCPv6 server on its interfaces. But the ASA can act as a DHCPv6 relay agent. In order to enable stateful dynamic address assignment to hosts behind the ASA, the DHCPv6 relay agent needs to be configured on the ASA.

To configure the DHCPv6 relay agent the following configuration is needed:

ipv6 dhcprelay server 2001:db8:c18:6:a8bb:ccff:fe03:2701

ipv6 dhcprelay enable inside

The first command specifies the address of a DHCPv6 server to which the DHCP requests are forwarded. The command also accepts an optional interface name that specifies the output interface for the destination. The second command enables DHCP relay on an interface. When DHCP relay is enabled on an interface, all the DHCP requests coming on that interface get forwarded to the configured DHCP server.

Stateless dynamic address assignment

In Stateless Autoconfiguration (SLAAC) the client picks up its own address based on the prefix being advertised by the ASA. The prefix is advertised by means of an IPv6 router advertisement. ASA sends out IPv6 router advertisements by default from any interface on which a global IPv6 address is configured. Additionally, a DHCPv6 relay agent can be configured to point to a DHCPv6 server that can advertise a DNS server address and a domain name only.

IPv6 Prefix delegation

ASA does not support IPv6 prefix delegation yet. If the network behind the ASA requires to be assigned IPv6 addresses based on the prefix delegated by a delegation router, then we need to place an ASA between the provider edge (PE) router and the IPv6 capable customer premise router. The ASA must be in transparent mode. This way the ASA protects the entire IPv6 network, including the infrastructure router, on the customer premises. All ICMP6 traffic must be permitted on the ASA running in transparent mode.

The following must be configured on the ASA:

firewall transparent

interface BVI1

no ip address

ipv6 enable


interface GigabitEthernet0/0

nameif outside

bridge-group 1

security-level 0


interface GigabitEthernet0/1

nameif inside

bridge-group 1

security-level 100


access-list permit_icmp6 extended permit icmp6 any6 any6

access-group permit_icmp6 global

This example uses a link-local IPv6 address on the BVI interface. You can also configure an explicit IPv6 address for in-band management purposes.

The original article was shared from https://supportforums.cisco.com/document/61451/cisco-asa-ipv6-quick-start

More Cisco Firewall & Network Security Topics you can read here...http://blog.router-switch.com/category/reviews/cisco-firewalls-security/

Read more
<< < 1 2 3 4 5 6 > >>