Overblog Follow this blog
Administration Create my blog
Cisco & Cisco Network Hardware News and Technology

Posts with #networking tag

Cisco ASA 5500-X Series Migration Options-ASA 5555-X, ASA 5525-X & ASA 5515-X

March 8 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #IT, #Cisco Switches - Cisco Firewall

Product Migration Options-ASA 5550 to ASA 5555-X, ASA 5520 to ASA 5525-X, ASA 5510 to ASA 5515-X

Most of Cisco ASA 5500 Models have been announced end-of-life and end-of-sale, such as the ASA 5505, ASA 5510, ASA 5520, ASA 5540, and ASA 5550. Cisco ASA users and customers are encouraged to migrate to the newer Cisco ASA 5500-X Series of next-generation firewalls (NGFW), which includes the ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, ASA 5555-X and so forth.

 

In the following tables we will share the main Product Comparisons of ASA 5500 Models and the new ASA 5500-X models, which include the ASA 5550 and ASA 5555-X, ASA 5520 and ASA 5525-X, ASA 5510 and ASA 5515-X

ASA 5550 vs. ASA 5555-X

Feature

Cisco ASA 5550 Adaptive Security Appliance

Cisco ASA 5555-X Adaptive Security Appliance

Next-Generation Firewall

No

Yes

Application Visibility and Control Service

No

Yes

Web Security Service

No

Yes

IPS Service

No

Yes (Does not require separate hardware module)

Content Security Service

No

Similar functionality available through Cloud Web Security (formerly known as ScanSafe)

Firewall Throughput (Max)

1.2 Gbps

4 Gbps

IPS Throughput (Max)

Not Applicable

1.3 Gbps

VPN Throughput (Max)

425 Mbps

700 Mbps

Connections (Max)

600,000

1,000,000

Connections Per Second

33,000

50,000

Integrated I/O

8 GE Copper and 1 FE

8 GE Copper + Dedicated GE Copper Management Port

Expansion I/O

Not Available

6-port GE Copper, or 6-port GE SFP

CPU

Single Core

Multiple Cores

Memory

4 GB

16 GB

Dual Power Supplies

No

Yes

IPS Accelerator hardware

No

In-built hardware accelerator for both default and custom signatures

Hardware support for 2048-bit certificates

No

Yes

 

ASA 5540 to Cisco ASA 5545-X

Feature

Cisco ASA 5540 Adaptive Security Appliances

Cisco ASA 5545-X Adaptive Security Appliance

Next-Generation Firewall

No

Yes

Application Visibility and Control Service

No

Yes

Web Security Service

No

Yes

IPS Service

Yes (Requires separate Hardware module)

Yes (Does not require separate hardware module)

Content Security Card Module

Available

Similar functionality available through Cloud Web Security (formerly known as ScanSafe)

Firewall Throughput (Max)

650 Mbps

3 Gbps

IPS Throughput (Max)

650 Mbps

900 Mbps

VPN Throughput (Max)

325 Mbps

400 Mbps

Connections (Max)

400,000

750,000

Connections Per Second

25,000

30,000

Dual Power Supplies

No

Yes

Integrated I/O

4GE Cu + 1FE

6GE Cu

Expansion I/O

4-port GE Cu or 4-port GE SFP

6-port GE Cu or 6-port GE SFP

CPU

Single-core

Multiple cores

Memory

2GB

12GB

Hardware support for 2048-bit certificates

No

Yes

 

Migration Options-ASA 5520 to ASA 5525-X

The Cisco ASA 5525-X offers increased throughput, better interface density, and the ability to run services like IPS, AVC (Application Visibility and Control), WSE (Web Security Essentials), etc., without requiring a separate hardware module. Additionally, the ASA 5525-X includes a hardware chip to speed up IPS signature execution (for both default and custom signatures).

Refer to the table below for a detailed comparison between the ASA 5520 and ASA 5525-X. Customers can also upgrade to the Cisco ASA 5545-X, which provides the option of dual power supplies in addition to better performance and scaling.

Product Comparisons-ASA 5520 vs. ASA 5525-X

Feature

Cisco ASA 5520 Adaptive Security Appliance

Cisco ASA 5525-X Adaptive Security Appliance

Next-Generation Firewall

No

Yes

Application Visibility and Control Service

No

Yes

Web Security Service

No

Yes

IPS Service

Yes (Requires separate Hardware module)

Yes (Does not require separate hardware module)

Content Security Card Module

Yes

Similar functionality available through Cloud Web Security (formerly known as ScanSafe)

Firewall Throughput (Max)

450 Mbps

2 Gbps

IPS Throughput (Max)

450 Mbps

600 Mbps

VPN Throughput (Max)

225 Mbps

300 Mbps

Connections (Max)

280,000

500,000

Connections Per Second

12,000

20,000

Integrated I/O

4 GE Copper + 1 FE

8 GE Copper

Expansion I/O

4-port GE Cu or 4-port GE SFP

6-port GE Copper or 6-port GE SFP

CPU

Single Core

Multiple Cores

Memory

2 GB

8 GB

IPS Accelerator hardware

No. All signatures run on IPS Security Module CPU.

In-built hardware accelerator for both default and custom signatures

Hardware support for 2048-bit certificates

No

Yes

 

Migration Options-ASA 5510 to ASA 5515-X

The Cisco ASA 5512-X and ASA 5515-X offer increased throughput, better interface density, and the ability to run services like IPS, AVC (Application Visibility and Control), WSE (Web Security Essentials), etc., without requiring a separate hardware module. Customers can choose the ASA 5512-X if they do not want high availability, which comes as a default option on the ASA 5515-X.

Note that there is a license on the ASA 5512-X that enables high availability, should that be required later.

Product Comparisons: ASA 5510 vs. ASA 5515-X

Feature

Cisco ASA 5510 Adaptive Security Appliance

Cisco ASA 5515-X Adaptive Security Appliance

Next-Generation Firewall

No

Yes

Application Visibility and Control Service

No

Yes

Web Security Service

No

Yes

IPS Service

Yes (Requires separate Hardware module)

Yes (Does not require separate hardware module)

Content Security Service

Yes (Requires separate Hardware module)

Similar functionality available through Cloud Web Security (formerly known as ScanSafe)

Firewall Throughput (Max)

300 Mbps

1.2 Gbps

IPS Throughput (Max)

300 Mbps

400 Mbps

VPN Throughput (Max)

170 Mbps

250 Mbps

Connections (Max)

100,000

250,000

Connections Per Second

9,000

15,000

Integrated I/O

2GE Copper and 3FE

6 GE Copper

Expansion I/O

4-port GE Copper, or 4-port GE SFP

6-port GE Copper 6-port GE SFP

CPU

Single core

Multiple cores

Memory

1 GB

8 GB

Hardware support for 2048-bit certificates

No

Yes

USB thumb drive support

No

Yes (can be used to store logs and configuration files)

 

More Related…

Migration to Cisco NGFW

Does Cisco ASA 5500-X Series Support Both IPS and AVC/WSE in One Box?

EoS and EoL Announcement for the Cisco ASA 5512-X and ASA 5515-X

Read more

How to Order Cisco ASR 1000 Series Aggregation Services Routers?

March 6 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Routers

The Cisco ASR 1000 Series (Cisco ASR 1000 Series Aggregation Services Routers) consists of nine platforms:

  • Cisco ASR 1001-X Router
  • Cisco ASR 1001-HX Router
  • Cisco ASR 1002-HX Router
  • Cisco ASR 1002-X Router
  • Cisco ASR 1004 Router
  • Cisco ASR 1006 Router
  • Cisco ASR 1006-X Router
  • Cisco ASR 1009-X Router
  • Cisco ASR 1013 Router

All models use the innovative and powerful Cisco Flow Processor and support the same feature set based on the Cisco IOS XE Operating System.

Cisco ASR 1000 Series Aggregation Services Routers

The latest additions to the Cisco ASR 1000 Series are the Cisco ASR 1002-HX Router and the Cisco ASR 1001-HX Router. Both new routers support up to 100 Gbps in a 2-rack-unit (2RU) and 60 Gbps in a 1-rack-unit (1RU) form factor, respectively. The ASR 1002-HX has 8 built-in 10 Gigabit Ethernet (GE) ports and 8 1 GE ports, with the Ethernet port adapter (EPA) slot for expansion. The ASR 1001-HX has 4 built-in 10 GE ports, 8 1 GE ports, and 4 configurable 10 GE or 1 GE ports.

The Cisco ASR 1000 Series Route Processor 3 is the newest addition to the modular control plane engines in the Cisco ASR 1000 Series. The Route Processor 3 adds more options for higher performance, memory, and storage to the ASR 1000 Series.

The Cisco ASR 1000 Series supports Cisco IOS XE Software, a modular operating system with modular packaging, feature velocity, and powerful resiliency.

The Cisco ASR 1000 Series Embedded Services Processors (ESPs), which are based on Cisco Flow Processor technology, accelerate many advanced features such as crypto-based access security; Network Address Translation (NAT), thread defense with Cisco Zone-Based Firewall (ZBFW), deep packet inspection (DPI), Cisco Unified Border Element (CUBE), and a diverse set of data-center-interconnect (DCI) features. These services are implemented in Cisco IOS XE Software without the need for additional hardware support.

Cisco ASR 1000 Series routers sit at the edge of your enterprise data center or large office connecting to the WAN, as well as in service provider points of presence (POPs).

The Cisco ASR 1000 Series will benefit the following types of customers:

● Enterprises experiencing explosive network traffic as mobility, cloud networking, and video and collaboration usage increase: Cisco ASRs consolidate these various traffic streams and apply traffic management and redundancy properties to them to maintain consistent performance among enterprise sites and cloud locations.

● Network service providers needing to deliver high-performance services, such as DCI and branch-office server aggregation, to business customers: Service providers can also use the multiservice routers to deploy hosted and managed services to business and multimedia services to residential customers.

● Existing Cisco 7200 Series Router (end-of-sale) customers looking for simple migration to a new multiservice platform that delivers greater performance with the same design.

The Cisco ASR 1000 Series Routers carry a modular yet integrated design, so network operators can increase their network capacity and services without a hardware upgrade. With flexibility in the number of connections, speed maximums, and price, you don’t have to under- or overprovision for any network location.

Alternatively, you also have the option to buy “-X” and “-HX” models, so you can increase throughput by simply purchasing upgrade licenses as you grow to increase your network speed dynamically.

Software Licensing

Software feature licenses are required to activate services on Cisco ASR 1000 Series Routers. Currently, two types of feature licenses are available. Certain services require only a right-to-use (RTU) license, whereas other services require both an RTU license and one or more number-of-sessions licenses. All the licenses on the Cisco ASR 1000 Series are honor-based, meaning that the licenses are not enforced through a product activation or license key.

For Cisco ASR 1000 Routers, one of the following five packages is required:

  • Cisco ASR 1000 IOS XE UNIVERSAL - NO PAYLOAD ENCRYPTION
  • Cisco ASR 1000 IOS XE UNIVERSAL
  • Cisco ASR 1000 IOS XE UNIVERSAL WITHOUT Lawful Intercept
  • Cisco ASR 1000 IOS XE UNIVERSAL - NO PAYLOAD ENCRYPTION WITHOUT Lawful Intercept

To enable a set of required features, one of the following three technology packages is required:

  1. ◦ Cisco ASR 1000 IP Base License
  2. ◦ Cisco ASR 1000 Advanced IP Services License
  3. ◦ Cisco ASR 1000 Advanced Services License

Ordering Information

To ensure that you order the correct Cisco ASR 1000, you must first know the answers to the following questions:

● Is this deployment for a service provider or an enterprise network?

● Do you have a form factor requirement? How many rack units (RUs) do you need?

● What total throughput do you need in the router?

● Do you need hardware or software redundancy?

● What types of interfaces do you need, and how many?

1. What services need to be enabled, and how many services do you need to be running concurrently?

Cisco ASR 1000 Series High-Level Overview and Part Numbers

This section gives a brief overview of the Cisco ASR 1000 Series Router components.

● Chassis

  1. ◦ The chassis houses all of the router components.

● Processor modules

  • ◦ Cisco ASR 1000 Series Route Processors: Route processors provide advanced routing features and also monitor and manage other resources on the router. They comprise the memory, hard disk, and USB flash memory token.
  • ◦ Cisco ASR 1000 Series Embedded Services Processor (ESP): Based on the Cisco QuantumFlow Processor, the ESP performs forwarding, network security, deep packet inspection, firewalling, data center interconnect, and many other advanced features.

● Interfaces and modules

  1. ◦ Cisco ASR 1000 Series Shared Port Adapters (SPAs): These media modules connect to a variety of service provider and enterprise media types. All SPAs connect to the Cisco ASR 1000 Series Routers through the SPA interface processor (SIP) modules.
  2. ◦ Cisco ASR 1000 Series SPA Interface Processors (SIPs): The SIPs house and interconnect up to 4 SPAs each, depending on the router model.
  3. ◦ Cisco ASR 1000 Series Ethernet Line Cards (ELCs): ELCs come in two different types: two 10G and twenty 1G, and six 10G. Both of these Ethernet line cards have built-in SIP.
  4. ◦ Cisco ASR 1000 Series Modular Interface Processor (MIP): 100-Gbps carrier card to house and interconnect up to 2 Ethernet port adapters
  5. ◦ Cisco ASR 1000 Series Ethernet Port Adapters (EPAs): EPAs connect to the Cisco ASR 1000 Series routers through the MIP modules.

● Cisco IOS XE Software images

  1. ◦ Software feature licenses are required to turn on services on Cisco ASR 1000 Series Routers. Currently, two types of feature licenses are available. Certain services require only a right-to-use (RTU) license, whereas other services require both a RTU license and one or more number-of-sessions licenses. All the licenses on the Cisco ASR 1000 Series are honor-based and are not enforced through a product activation key (PAK).
  2. ◦ For ASR 1000 Series routers, one of the following packages is required:
  3. ◦ Cisco ASR 1001 IOS XE UNIVERSAL - NO PAYLOAD ENCRYPTION
  4. ◦ Cisco ASR 1001 IOS XE UNIVERSAL
  5. ◦ Cisco ASR 1001 IOS XE UNIVERSAL without Lawful Intercept
  6. ◦ Cisco ASR 1001 IOS XE UNIVERSAL - NO PAYLOAD ENCRYPTION without Lawful Intercept

● To enable a set of required features, one of the following three technology packages is required:

  1. ◦ Cisco ASR 1000 IP BASE license
  2. ◦ Cisco ASR 1000 Advanced IP Services license
  3. ◦ Cisco ASR 1000 Advanced Services license

● Cisco IOS XE Software feature licenses

  1. ◦ Certain functions supported on the Cisco ASR 1000 Series require feature licenses.
  2. ◦ All Cisco ASR 1000 feature and performance upgrade licenses are honor-based; that is, they are not enforced through a Product Activation Key (PAK). Note: Prior to Cisco IOS XE Software Release 3.7S, performance upgrade licenses that are required to upgrade the Cisco ASR 1001 from 2.5 to 5 Gbps or the Cisco ASR 1002-X from 5 to 10 to 20 to 36 Gbps are enforced through a PAK. Similarly, prior to Cisco IOS XE Software Release 3.6S, technology package licenses are enforced through a PAK.

● Cisco ASR 1000 application part numbers

  • ◦ When ordering a Cisco ASR 1000 Series Router, please choose the application part number from Table 1 that most closely matches the type of deployment for the Cisco ASR 1000 Series Router. Note: Although you must make a selection, your choice of application part number has no effect on the Cisco ASR 1000 Series Routers. This part number is used only for Cisco internal tracking purposes in order to better understand the customer use cases for the platform.

To place an order, visit the Cisco Commerce Workspace.

To get started with the Cisco ASR 1000 Series, refer to the detailed product part numbers and descriptions in the following tables:

● Table 6: Chassis

● Table 7: Processor Modules

● Table 8: Interfaces and Modules

For software image, feature and upgrade license, and more details about the Cisco ASR 1000 Series bundles and how to order the Cisco ASR 1000 Series, refer to the Cisco ASR 1000 Ordering Guide.

Table6.  Ordering Information for Cisco ASR 1000 Series Chassis

Product Number

Product Description

Cisco ASR 1000 Series Chassis

ASR1001-X

Cisco ASR 1001-X System, Crypto, 6 built-in GE, Dual P/S

ASR1001-X=

Cisco ASR 1001-X System, Crypto, 6 built-in GE, Dual P/S, Spare

ASR 1001-HX

Cisco ASR1001-HX System, 8x10GE+8x1GE, 2xP/S, optional crypto

ASR 1001-HX=

Cisco ASR1001-HX System, 8x10GE+8x1GE, 2xP/S, optional crypto, spare

ASR1002-HX

Cisco ASR 1002-HX System, 4x10GE+4x1GE built-in, Dual P/S, optional crypto

ASR1002-HX=

Cisco ASR 1002-HX System, 4x10GE+4x1GE built-in, Dual P/S, optional crypto, spare

ASR1002-X

Cisco ASR 1002-X System, Crypto, 6 Built-In GE, Dual P/S

ASR1002-X=

Cisco ASR 1002-X System, Crypto, 6 Built-In GE, Dual P/S, Spare

ASR1004

Cisco ASR 1004 Chassis, Dual P/S

ASR1004=

Cisco ASR 1004 Chassis, Dual P/S, Spare

ASR1006

Cisco ASR 1006 Chassis, Dual P/S

ASR1006=

Cisco ASR 1006 Chassis, Dual P/S, Spare

ASR1006-X

Cisco ASR 1006-X Chassis

ASR1006-X=

Cisco ASR 1006-X Chassis, Spare

ASR1009-X

Cisco ASR 1009-X Chassis

ASR1009-X=

Cisco ASR 1009-X Chassis, Spare

ASR1013

Cisco ASR 1013 Chassis, Redundant P/S

ASR1013=

Cisco ASR 1013 Chassis, Redundant P/S, Spare

Cisco ASR 1000 Series USB Memory Options

MEMUSB-1024FT

1 GB USB Flash Token for Cisco ASR 1000 Series

MEMUSB-1024FT=

1 GB USB Flash Token for Cisco ASR 1000 Series, Spare

 

Table7.  Ordering Information for Processor Modules

Product Number

Product Description

Cisco ASR 1000 Series Embedded Services Processor

ASR1000-ESP20

Cisco ASR 1000 Embedded Services Processor, 20 Gb

ASR1000-ESP20=

Cisco ASR 1000 Embedded Services Processor, 20 Gb, Spare

ASR1000-ESP40

Cisco ASR 1000 Embedded Services Processor, 40 Gb

ASR1000-ESP40=

Cisco ASR 1000 Embedded Services Processor, 40 Gb Spare

ASR1000-ESP100

Cisco ASR 1000 Embedded Services Processor, 100 Gb

ASR1000-ESP100=

Cisco ASR 1000 Embedded Services Processor, 100 Gb Spare

ASR1000-ESP200

Cisco ASR 1000 Embedded Services Processor, 200 Gb

ASR1000-ESP200=

Cisco ASR 1000 Embedded Services Processor, 200 Gb Spare

Cisco ASR 1000 Series Route Processor

ASR1000-RP2

Cisco ASR 1000 Route Processor 2

ASR1000-RP2=

Cisco ASR 1000 Route Processor 2, Spare

ASR1000-RP3

Cisco ASR 1000 Route Processor 3

ASR1000-RP3=

Cisco ASR 1000 Route Processor 3, Spare

ASR1000-RP3-32G-2P

Cisco ASR1000 RP3 w/ 32 GB, 2 Pack

ASR1000-RP3-64G-2P

Cisco ASR1000 RP3 w/ 64 GB, 2 Pack

 

Table8. Ordering Information for Interfaces and Modules

Product Number

Product Description

Cisco ASR 1000 Series SPA Interface Processor and Ethernet Line Cards

ASR1000-SIP40

Cisco ASR 1000 SPA Interface Processor 40

ASR1000-SIP40=

Cisco ASR 1000 SPA Interface Processor 40, SPARE

ASR1000-6TGE

Cisco ASR 1000 Fixed Ethernet Line Card, 6X10GE

ASR1000-6TGE=

Cisco ASR 1000 Fixed Ethernet Line Card, 6X10GE, Spare

ASR1000-2T+20X1GE

Cisco ASR 1000 Fixed Ethernet Line Card, 2X10GE + 20X1GE

ASR1000-2T+20X1GE=

Cisco ASR 1000 Fixed Ethernet Line Card, 2X10GE + 20X1GE, Spare

ASR1000-MIP100

Cisco ASR 1000 Ethernet Line Card, 100 Gb Modular Interface Processor

ASR1000-MIP100=

Cisco ASR 1000 Ethernet Line Card, 100 Gb Modular Interface Processor, spare

EPA-1X100GE

Cisco ASR 1000 1x100GE Ethernet Port Adapter

EPA-1X100GE=

Cisco ASR 1000 1x100GE Ethernet Port Adapter, spare

EPA-CPAK-2X40GE

Cisco ASR 1000 2x40GE Ethernet Port Adapter (breakout cable)

EPA-CPAK-2X40GE=

Cisco ASR 1000 2x40GE Ethernet Port Adapter (breakout cable), spare

EPA-10X10GE

Cisco ASR 1000 10x10GE Ethernet Port Adapter

EPA-10X10GE=

Cisco ASR 1000 10x10GE Ethernet Port Adapter, spare

EPA-18X1GE

Cisco ASR 1000 18x1GE Ethernet Port Adapter

EPA-18X1GE=

Cisco ASR 1000 18x1GE Ethernet Port Adapter, spare

Reference from http://www.cisco.com/c/en/us/products/collateral/routers/asr-1000-series-aggregation-services-routers/datasheet-c78-731632.html

More Related Topics

The New Cisco ASR 1009-X & Cisco ASR 1006-X Router

The New Cisco ASR 1001-X Router

Cisco ASR 1000 Series Can Help Solve…

Read more

Cisco Aironet 1850 Series Access Points-Gigabit Wi-Fi Has Fully Arrived

February 14 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Wireless - Cisco Wireless AP

Designed for small and medium-sized networks, the1850 Series delivers the performance you need for the ongoing proliferation of Wave 2 (the latest Wi-Fi technology you should try) as well as support for older Wi-Fi devices.

With 802.11ac Wave 2, the Aironet 1850 Series provides a data rate of up to 1.7 Gbps on the 5-GHz radio, more than triple the rates offered by today’s high-end 802.11n access points. It also enables a total aggregate dual-radio data rate of 2.0 Gbps, providing the necessary foundation for enterprise and service provider networks to stay ahead of the performance and bandwidth expectations and needs of their wireless users.

Gigabit Wi-Fi Has Fully Arrived with the Aironet 1850 Series Access Points

How It Works

 

 

 

 

 

 

 

 

 

 

Compare 1850 Series Models

More Related:

NEW Cisco Aironet 1850 Series Access Points Focus on Wave 2 Wifi

New Cisco Aironet 1830 Series APs-Gigabit Wi-Fi Has Fully Arrived

Go On, All the Benefits of 802.11ac Wave 2

Read more

LiFi vs. WiFi-Basic Difference between LiFi and WiFi

February 8 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Technology - IT News

In the last article, we told what Li-Fi is and what LiFi system basics are. It seems a cool technology in network communication? Compared to today’s popular Wi-Fi, can you tell some difference between them? In this article we list some main differences between LiFi and WiFi. Which one is better? Let’s check.

We know that Li-Fi is the short form of Light Fidelity and Wi-Fi is the short form of Wireless Fidelity. LiFi uses light for data transmission while WiFi uses electro-magnetic waves at radio frequencies for data transmission. Due to less interference incurred by light compare to radio frequency waves, it is used in more dense environments.

LiFi covers distance of about 10 meters while WiFi covers about 30 meters. Both provides almost same data transfer rate. Let us understand Li-Fi internet and Wi-Fi internet network architectures.

Figure-1: Li-Fi internet

The figure-1 depicts Li-Fi internet network architecture. As shown in the figure there are two major components in Li-Fi internet viz. LED Lamp and Li-Fi Dongle.

• As shown lamp driver is connected with internet on one end and with LED lamps on the other end. Streaming content from internet are pushed to the LED lamps through Lamp driver software.

• LED lamps are placed at different locations as per requirement in the office or home premises for multiple users.

• Li-Fi dongle is used in order to use Li-Fi internet services by various users. As shown Person#1 is browsing internet in Laptop, Person#2 in tablet and Person#3 in smartphone.

• As shown LiFi dongle is composed of photodetector, amplification & processing and applications for different types of data.

• All the LED lamps can be swithed on and off using a power button switch provided.

• Li-Fi internet provides very fast data rate at 1 Gbps speed.

Figure-2: Wi-Fi internet

 

• The figure-2 depicts Wi-Fi internet network architecture.

• As shown in the figure there are two major components in WiFi internet viz. WiFi router and WiFi dongle or WiFi Stations.

• WiFi router is connected with ADSL modem or Cable modem. This modem is connected with network of internet service provider.

• WiFi router works on multiple bands (e.g. 2.4 or 4.9 or 5 GHz) as per requirement. It converts internet data packets into wifi compliant signals at above bands. WiFi works on IEEE 802.11 standards.

• These EM waves are received by WiFi dongles or Stations connected with IP compliant devices. Hence WiFi internet is used by various clients as shown in the figure-2.

In the following table we will list the basic difference between LiFi and WiFi technologies.

Feature Comparison: LiFi vs. WiFi

Lifi is not the replacement of wifi technology. It can be considered as incredible companion of the wifi technology. It operates between 380 nm to 780 nm optical range. LiFi is used to exchange data incredibly rapidly and securely at much lower power level compare to WiFi.

Products Based on Li-Fi Technology | Li-Fi products

There are various li-fi products such as lamps, Kits, LiFi smartphone etc. The vendors and OEMs of LiFi products are also mentioned.

LiFi Kit

OLEDCOMM is a world leader in LiFi products which includes LiFi routers, LiFi hubs, LED drivers, LED lamps and complete kit for lighting system. There are several LiFi kits developed by OLEDCOMM. The kit contains following :
• LED Lamps
• Tablet with Android
• Dongle to use with LiFi Smartphone
• Software library
• location based application for LED Lamps.

Panasonic LiFi Lamp

Panasonic has range of LiFi LED Lamps.
Model: LFS4000PA1 PANASONIC LIFI LAMP

Popular LiFi products with Vendors

Following are the popular LiFi products and their leading vendors.

Info & Reference from

http://www.rfwireless-world.com/Terminology/LiFi-vs-WiFi.html

http://www.rfwireless-world.com/Vendors/LiFi-products.html

More Related

Introduction to LiFi Internet

Read more

Introduction to LiFi Internet

February 6 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Technology - IT News

Do you hear of Li-Fi? Maybe you are familiar with Wi-Fi in today’s network world, but you may not know much about the new Li-Fi.

What’s the Li-Fi?

LiFi is the short form of "Light Fidelity". It works on the principle of Visible Light Communication (i.e. VLC). The network is also referred as VPAN or VLC Personal Area Network. The VLC transmits data by intensity modulation. It uses LEDs and Laser diodes (or photo detectors) at transmit and receive ends respectively. It works in 380 nm to 780 nm optical band which is visible light and hence the name VLC.

The VLC standard or VPAN standard defines three classes of devices viz. infrastructure, mobile and vehicle. These devices operate in one of the three topologies mentioned below. The different device has different coverage range, data rate and other requirements.

In this article we will share the LiFi tutorial that covers LiFi system basics. This LiFi tutorial covers LiFi network architecture, LiFi protocol stack, LiFi PHY, LiFi MAC, LiFi bands, LiFi modulation types (OOK, VPPM, CSK).

LiFi Network Topologies

It works in three modes as mentioned above in the figure above. In star topology, communication is established between central controller (i.e. coordinator) and devices. In peer to peer topology, one of the devices should become coordinator at the time of establishing association.

Each device or coordinator has unique 64 bit address. Device can use 16 bit address also upon request at the time of establishing association with coordinator.

LiFi Protocol Stack

 

The figure above depicts protocol stack used in a typical VPAN device. As shown protocol stack consists of PHY, MAC and upper layers.

Physical layer houses light transceiver. PHY switch housed in PHY layer interfaces with optical SAP which connects it to the optical medium. The optical medium composed of one or multiple optical sources or optical detectors (e.g. laser diodes or photodiodes).

MAC layer provides channel access for all types of data and control message transmissions.

Upper layer consists of network layer and application layer. Network layer takes care of providing network configuration, network manipulation, message routing etc. Application layer takes care of providing intended functionality as needed by the VPAN or LiFi device.

DME (Device Management Entity) is also supported by LiFi or VPAN network architecture. It makes interfacing between dimmer and PHY/MAC a reality.

LiFi PHY

There are three types of physical layer configurations supported in VLC or LiFi System Viz. PHY-I, PHY-II, PHY-III. Different rates can be achieved in different configurations. They can be used indoor or outdoor.
Refer LiFI PHYSICAL LAYER.

LiFi MAC

MAC layer takes care of resource management i.e. allocation of channels, IDs as well as entire network management. Refer LiFi MAC LAYER.

LiFi Modulation Types-OOK, VPPM, CSK

There are different modulation schemes used in different physical layer modes. OOK stands for On Off Keying, VPPM stands for Variable Pulse Position Modulation and CSK stands for Color Shift Keying.
READ MORE.

Applications of LiFi or VLC system

 

There are many applications of LiFi or VLC system as lighting and data communications. Typical among them are lighting, signboards, street lights, vehicles and traffic signals or lights. The figure mentions emerging application of LiFi for internet data communication. It has also become popular due to wide adoption of IoT based technologies.
READ MORE.

Benefits of LiFi System

Following are the benefits of LiFi system:

• It transfers data very rapidly.

• It transfers data securely as it can be used in Line of Sight mode of optical signal. It does not pierce through the walls and hence it cannot be easily intruded by hackers.

• It uses much low power for transmission compare to other systems such as WiFi.

Note: Information provided on this page is derived from IEEE 802.15.7-2011 draft version. The standard describes PHY layer and MAC layer of Short Range Wireless Optical Communication using Visible Light. The standard is also referred as VPAN or VLC-PAN. Here 'V' or 'VLC' stands for Visible Light Communication. Pls. refer latest standard specifications published time to time by IEEE for any updates.

Info & Reference from http://www.rfwireless-world.com/Tutorials/LiFi-tutorial.html

What do the Audiences say about the new Li-Fi?

Shabaz202khan Jun 8, 2016

Lifi is nowhere near to become Wifi's alternative. There a huge difference between their working hence, application areas. Wifi is a lot more flexible to use than Lifi. It can be used parallel with wifi but there's no way it will replace wifi completely.

Here are some facts to support my upper statement. No matter how fast or secure Lifi is, there are still few drawbacks and limitations that may stop it from becoming a true alternative to existing wifi. Let me write a few-

1. Range and Line of Sight: This one is pretty common. Lifi requires a direct line of sight to work efficiently; your signal can be interrupted by almost any obstacle lying between you and your lifi source. Light can't pass through walls, hence, your signal is restricted to the room only; where the light can't reach. If you move out of sight of LED, you lose connectivity.

2. Cost: As I already told above, you need to be strictly in direct sight of LED to use it efficiently, meaning you may need at least one device for each of your sitting places in your house. And you also need an individual lifi receiver for each of your device that you want to use the internet on. Plus the fact that you may need to rewire your house too as the lifi LED will need ethernet wire to produce work. The cost is going to be way more than normal Wifi.

Juan Gonzalez

Comcast already use Wi-Fi with speeds over 2GBps, faster than the one you are talking. But, but, I belive that I read that Li-Fi is able to get over 200 GBps, so I think you need to update your information about this matter.

Read this http://www.telegraph.co.uk/technology/apple/iphone/12107410/Future-iPhones-could-feature-Li-Fi-a-technology-100-times-faster-than-Wi-Fi.html

RobStow

If 1Gbps is 100 times faster than your WiFi, that implies a slow10 Mbps WiFi.

I just transferred, via WiFi, a 3.909 GB rar file from my desktop to my laptop. That took 961 seconds ... which means I got about 32.5 Mbps *REAL* transfer rate. The modem/router from my ISP is about 2 years old and my laptop and desktop are both about 3 years old: might the file transfer have gone faster with newer/better hardware?

More reviews you can read here:

http://www.ibtimes.co.uk/lifi-internet-first-real-world-usage-boasts-speed-100-times-faster-wifi-1530021

http://www.ibtimes.co.uk/lifi-internet-breakthrough-224gbps-connection-broadcast-led-bulb-1488204

More topics related to internet you can read here: http://blog.router-switch.com/category/internet-2/

Read more

Choose the Right Enterprise Campus and Branch Switch

January 23 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Switches - Cisco Firewall, #Cisco & Cisco Network

Do you need to...

Manage switches in the cloud?

Simplify and scale virtual networking?

Use your network to strengthen security?

Gain pervasive visibility into your infrastructure?

Digitize your Audio Video network?

Get a platform for extreme industrial environments?

Build carrier-class cloud services?

Check the Cisco Switch Family to find the right one for your needs.

Lead SwitchIt is the best-in-class switch that has high-end differentiated set of features in a given category. This switch has the most differentiation compared to competitors in that category.

Base SwitchIt is the entry level switch in the given category. Also called the foundation switch, it has a lower price and limited feature set, but still better than competitors.

Cisco Catalyst Switch Portfolio

Functionality Based: Campus Access Switches

Functionality

Switch

Wired & Wireless (Modular)

Lead: Catalyst 4500E with Supervisor Engine 8-E

Wired & Wireless (Stackable)

Lead: Catalyst 3850 (Up to 50 APs, 2000 Clients)

Base: Catalyst 3650 (Up to 25 APs, 1000 Clients)

Gigabit Ethernet (Modular)

Lead: Catalyst 4500E with Supervisor Engine 8-E

Base: Catalyst 4500E with Supervisor Engine 7L-E

Gigabit Ethernet (Stackable)

Lead: Catalyst 3850

Base: Catalyst 3650, Catalyst 2960-X/XR

Gigabit Ethernet (Instant Access)

Lead: Catalyst 6800ia

Gigabit Ethernet (Cloud Managed)

Lead: Meraki MS Series

Fast Ethernet (Stackable)

Lead: Catalyst 2960-SF

Fast Ethernet (Standalone)

Lead: Catalyst 2960-SF

Base: Catalyst 2960-Plus

8/12 port Gigabit Ethernet (Standalone)

Lead: Catalyst 3560-C

8/12 port Fast Ethernet (Standalone)

Lead: Catalyst 2960-C

 

Functionality Based: Branch Access Switches

Functionality

Positioning

Wired & Wireless (Modular)

Lead: Catalyst 4500E with Supervisor Engine 8-E

Wired & Wireless (Stackable) (Converged Access is the Recommended Deployment Mode)

Lead: Catalyst 3850 (Up to 50 APs, 2000 Clients) Base: Catalyst 3650 (Up to 25 APs, 1000 Clients)

Gigabit Ethernet (Modular)

Lead: Catalyst 4500E with Supervisor Engine 8-E Base: Catalyst 4500E with Supervisor Engine 7L-E

Gigabit Ethernet (Stackable)

Lead: Catalyst 3850

Base: Catalyst 3650, Catalyst 2960-X/XR

Gigabit Ethernet (Cloud Managed)

Lead: Meraki MS Series

Fast Ethernet (Stackable)

Lead: Catalyst 2960-SF

Fast Ethernet (Standalone)

Lead: Catalyst 2960-SF

Base: Catalyst 2960-Plus

8 port Gigabit Ethernet (Standalone)

Lead: Catalyst 3560-C

8/12 port Fast Ethernet (Standalone)

Lead: Catalyst 2960-C

 

Functionality Based: Campus Backbone Switches

Functionality

Positioning

1/10/40/100 Gigabit Ethernet (Modular)

Lead: Catalyst 6807-XL

Base: Catalyst 6500-E with Supervisor Engine 2T

1/10/40 Gigabit Ethernet (Standalone)

Lead: Catalyst 6880-X (semi-modular) Base: Catalyst 4500-X

1/10 Gigabit Ethernet (Modular)

Lead: Catalyst 6500-E with Supervisor Engine 2T

Base: Catalyst 4500E with Supervisor Engine 8-E

1 Gigabit Ethernet (Standalone)

Lead: Catalyst 4500-X

Base: Catalyst 3850 Fiber

 

Campus Access Switches Upgrade Path

From Existing Switch

To New Switch

Catalyst 2900XL, 2948-G, Any 2950, 2970, Any non-X 2960

Lead: Catalyst 3650

Base: Catalyst 2960-X/XR

Catalyst 3500XL, Any 3550, Any 3560, Any 3750

Lead: Catalyst 3850

Base: Catalyst 3650

Catalyst 4500 non-E Any Catalyst 4500 without Supervisor Engine 8-E or 7L-E

Lead: Catalyst 4500E with Supervisor Engine 8-E Base: Catalyst 4500E with Supervisor Engine 7L-E

Any Catalyst 6500 non-E or E in Access

Lead: Catalyst 4500E with Supervisor Engine 8-E Base: Catalyst 4500E with Supervisor Engine 7L-E, Catalyst Instant Access

 

Campus Backbone Switches Upgrade Path

 

THE COMPLETE FAMILY

Campus and Branch Access Switches

Enterprise Campus Switch Family

Positioning

Catalyst 2960-CX & 3560-CX

Lead: Gigabit Ethernet (GbE) and Multigigabit Ethernet (mGig) managed switches are ideal for high-speed data connectivity, Wi-Fi backhaul, and Power over Ethernet (PoE+) connectivity in places where space is at a premium.

Catalyst 2960-Plus

Base: standalone access switch for Fast Ethernet

Catalyst 2960-SF

Lead: standalone/stackable access switch for Fast Ethernet with PoE+ (Compared to 2960-Plus, Offers Stacking, PoE+)

Meraki MS Series

Cloud managed virtually stackable access switch for Gigabit Ethernet with PoE+

Catalyst 2960-X/XR

Base: stackable access switch for Gigabit Ethernet with PoE+

Catalyst 3650

Base: stackable access switch for wired-wireless convergence and Fast / Gigabit Ethernet with PoE+

Catalyst 3850

Lead: stackable access switch for wired-wireless convergence with UPOE/PoE+ (Compared to 3650, Offers 3x stacking bandwidth - 480G and 2x AP’s - 50, Modular uplinks and StackPower)

Lead: stackable access switch for Gigabit Ethernet with PoE+ (Compared to 2960-X, Offers Medianet, Enhanced Security, Application Visibility & Control, Resiliency, 6x stacking bandwidth (480G)0

Catalyst 4500E with Supervisor Engine 7L-E

Base: modular access switch for Fast/Gigabit Ethernet with UPOE/PoE+

Catalyst 4500E with Supervisor Engine 8E

Lead: modular access switch for wired-wireless convergence and Fast/Gigabit Ethernet with UPOE/PoE+ (Compared to Sup 7L-E, Offers Built-in wireless controller, 1.7x switching capacity (928G), 2x uplinks (8x10G))

Base: modular backbone switch for 1/10G

 

Campus Backbone Switches

Enterprise Campus Switch Family

Positioning

Catalyst 6800ia

Lead: stackable access switch for Catalyst 6800/6500 with Catalyst Instant Access (Simplification of access with centralized configuration, management and operations using Catalyst 6K backbone switch)

Catalyst 3750-X Fiber

Base: stackable backbone switch for 1G

Catalyst 4500-X

Lead: standalone backbone switch for 1G (Compared to 3750-X Fiber, Offers VSS, 2x ports (40x1G), 2x uplinks (8))

Base: standalone backbone switch for 1/10/40G (up to 40x10G ports)

Catalyst 6500-E with Supervisor Engine 2T

Lead: modular backbone switch for 1/10G (MPLS, EVN, Service Modules)

Base: modular backbone switch for 1/10/40/100G

Catalyst 6807-XL

Lead: modular backbone switch for 1/10/40/100G (up to 880G/slot, 11.4 Tbps switching, All 6500 features, service modules)

Catalyst 6880-X

Lead: standalone backbone switch for 1/10/40G (with up to 80x10G or 20x40G ports)

Reference from http://www.cisco.com/c/dam/global/es_mx/partners/sell/switchit/pdfs/47492_switching_poster_april_3.pdf

More Related…

How to Choose a Fibre Switch?

How Much You Know about the Cisco Catalyst Switches?

Cisco Switches, Stack Please!

Read more

When is the Best Time to Choose Buy Cisco IP Phone 7800 Series?

January 16 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco IP Phones, #Networking, #Cisco & Cisco Network

When is the Best Time to Choose Buy Cisco IP Phone 7800 Series? If your business is considering migration to the cloud, you’ll enjoy the investment protection and flexible deployment options available with the 7800 Series.

All models support deployment options including on-premises, Cisco Spark for cloud delivery, and hybrid configurations, and are planned for testing on select hosted third-party call control platforms.

The Cisco IP Phone 7800 Series phones are not only budget-friendly endpoints, but they can also help you save on operating costs.

They are Power over Ethernet (PoE) Class 1 rated, helping you optimize port availability in your wiring closets when deployed. In addition, the Cisco EnergyWise Power Save Plus option on the 7821, 7841, and 7861 models reduces power consumption by up to 60 percent in off-work hours.

Cisco IP Phone 7800 Series Overview

The Cisco IP Phone 7800 Series includes the following four models: Cisco IP Phone 7811, 7821, 7841, and 7861.

• Cisco IP Phone 7811: A single-line endpoint designed for common areas and knowledge workers with occasional to light voice communications needs. It comes with a 3.28-inch (83-mm), high-resolution monochrome display and a speakerphone. It also has an IEEE 10/100 integrated switch to support a local PC. Wideband audio is available via purchase of an optional wideband handset. Cisco IP Phone 7811 supporting one line (available in charcoal only)

• Cisco IP Phone 7821: Building on the 7811, the 7821 is a two-line endpoint for knowledge workers and managers, on-premises or remote, who have light to moderate voice communications needs. Contact center agents that support small call-queue environments could also have interest. It comes with two dedicated programmable line and feature keys, a 3.5-inch (89-mm) backlit display, and support for third-party headsets. Wideband audio comes standard on the handset, headset, and speakerphone. Cisco IP Phone 7821 supporting two lines (available in charcoal and white)

• Cisco IP Phone 7841: Adding to the features of the 7821, the 7841 is a four-line endpoint for knowledge workers, administrative staff and managers, and contact center agents and supervisors, whether onpremises or remote, with moderate to active voice communications needs. It comes with four dedicated programmable line and feature keys. The 7841 includes an IEEE 10/100/1000 integrated switch to support a co-located PC. Cisco IP Phone 7841 supporting four lines (available in charcoal and white)

• Cisco IP Phone 7861: A 16-line endpoint with programmable line and feature keys for administrative staff, managers, contact center agents and supervisors who require active voice communications support. It comes with a paper label insert that you can locally print to customize its line and feature key labels. The 7861 includes an IEEE 10/100 integrated switch. Cisco IP Phone 7861 supporting sixteen lines (available in charcoal and white)

1 Vendor platforms targeted for testing include Asterisk, Broadsoft, Gamma, Metaswitch, Ring Central, and 8x8. Additional platforms may be supported based on RFC compliance. Traditional telephony platforms from Avaya/Nortel, Siemens/Unify, NEC, Mitel, and ShoreTel are not planned for support. For further details on platform availability and timing, contact your Cisco or authorized partner representative.

More Features and Benefits of the Cisco IP Phone 7800 Series

Graphical display:

  • White backlit, greyscale, 3.5” 396×162 pixel-based display on the IP Phone 7821, 7841 and 7861.
  • Non-backlit, greyscale, 3.28” 384×106 pixel-based display on the IP Phone 7811.
  • Provide scrollable access to calling features and text-based XML applications.

Handset:

  1. The handset is a standard wideband-capable audio handset (connects through an RJ-9 port) for the IP Phone 7821, 7841 and 7861.
  2. The default handset is a standard narrowband-capable audio handset (connects through an RJ-9 port) for the IP Phone 7811, and wideband on handset is available with purchase of additional wideband handset.
  3. The handset is hearing aid-compatible (HAC) and meets Federal Communications Commission (FCC) loudness requirements for the Americans with Disabilities Act (ADA). You can achieve Section 508 loudness requirements by using industry-standard inline handset amplifiers such as Walker Equipment W-10 or CE-100 amplifiers. The dial pad is also ADA-compliant.
  4. The narrowband handset (for the IP Phone 7811) produces a magnetic field that attracts small metallic objects such as pins and staples. To avoid possible injuries do not keep small metallic objects close to the handset.

Headset: The analog headset jack is a standard wideband-capable RJ-9 audio port for the IP Phone 7821, 7841, and 7861.

Backlit Indicator:

  • The phone supports backlit indicators for the audio path keys (handset, headset and speakerphone), select key, line keys, and message waiting.
  • Headset key is not available on the IP Phone 7811.

Volume control

● A volume-control toggle provides easy decibel-level adjustments of the handset, monitor speaker, and ringer.

Full duplex speakerphone

● Full-duplex speakerphone allows gives you flexibility in placing and receiving calls. For added security, the audible dual tone multifrequency (DTMF) tones are masked when the speakerphone mode is used.

Bezel:

  1. The IP Phone 7821, 7841 and 7861 include a default black bezel (replaceable), and an optional silver bezel is also available separately.
  2. The IP Phone 7811 is available with a black bezel.

Dual-position foot stand

  1. The display is easy to view and the buttons and keys are easy to use. The two-position foot stand supports viewing angles of 30 degrees and 45 degrees; you can remove the foot stand for wall mounting, with mounting holes located on the base of the phone. (IP Phone 7821, 7841 and 7861)
  2. Only 1 foot-stand position (45 degrees) is supported on the IP Phone 7811.

Wall-mountable

● The phone can be installed on a wall using optional wall-mount kit (available separately).

Electronic hook switch

● The hookswitch can be controlled electronically with a third party headset connected to the auxiliary port for the IP Phone 7821, 7841, and 7861.

 

Power Features

IEEE PoE class 1

● The phone supports IEEE 802.3af PoE (Class 1); power consumption does not exceed 3.84 watts.

Cisco power cube 3

● This power cube is used as a standard Cisco IP Phone Power Supply for non-PoE deployments.

Cisco power injector

● The IP Phone 7811, 7821 and 7861 are compatible with Cisco Unified IP Phone Power Injector (CP-PWR-INJ), and 7841 is compatible with Cisco Aironet Power Injector (AIR-PWRINJ5=).

Call-Control Support

Cisco Unified Communications Manager

● 8.5.1

● 8.6.2

● 9.1.2

● 10.x and later

Cisco Business Edition 6000

● 8.6.2

● 9.1.2

● 10.x and later

Cisco Hosted Collaboration Solution

● 8.6.2 and later (using supported UCM versions above)

Cisco Unified Survivable Remote Site Telephony

● 8.x and later

Licensing: The Cisco IP Phone 7811 and 7821 require a Basic User Connect License (UCL) in order to connect to Cisco Unified Communications Manager. The Cisco IP Phone 7841 and 7861 require an Enhanced User Connect License (UCL) in order to connect to Cisco Unified Communications Manager.

The Main IP Phone 7800 Series Models

More ordering info you can check here: http://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7800-series/data-sheet-c78-729488.html

More Related…

New: Quick Start Guide-Cisco IP Phone 7800 Series for Third-Party Call Control

How to Save Power on Cisco IP Phones?

Cisco IP Phone 7861 vs. Cisco IP Phone 7841 vs. Cisco IP Phone 7821

What’s New on Cisco IP Phone 8800 Series

New: Cisco Wireless IP Phone 8821

Cisco Unified IP Phones 9900, Transform How You Collaborate

How to Use a Cisco Unified IP Phone 8831?

Read more

Deploying Cisco ASA FirePOWER Services in the Data Center

January 3 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Networking, #Cisco & Cisco Network, #Cisco Technology - IT News

The Data Center is a one of popular words in network communication. And it can be definited as a very complex world.

The Data Center not only provides a rich set of services and architectures but also hosts the crown jewels of an organization. It is extremely important to maintain visibility of everything that is happening in the data center.

The concept of “north-to-south” and “east-to-west” is often used in describing the types of communication (or flow) within and to the outside of the data center:

  • North-to-south describes communication between end users and external entities.
  • East-to-west describes communication between entities in the data center.

The following Figure illustrates the concepts of north-to-south and east-to-west communication.

 

The data center has many different high-throughput and low-latency requirements, in addition to increased high-availability requirements. In addition, automated provisioning and control with orchestration, monitoring, and management tools are crucial.

The data center architecture consists of three primary modular layers with hierarchical interdependencies:

  • Data center foundation: This is the primary building block of the data center, on which all other services rely. Regardless of the size of the data center, the foundation must be resilient, scalable, and flexible to support data center services that add value, performance, and reliability. The data center foundation provides the computing necessary to support the applications that process information and the seamless transport between servers, storage, and the end users who access the applications.
  • Data center services: These services include infrastructure components to enhance the security of the applications and access to critical data. They also include virtual switching services to extend the network control in a seamless manner from the foundation network into the hypervisor systems on servers to increase control and reduce operational costs (as well as other application resilience services).
  • User services: These services include email, order processing, and file sharing or any other applications in the data center that rely on the data center foundation and services, like database applications, modeling, and transaction processing.

The Figure below illustrates some of the components of the data center services architecture.

 

Examples of the data center service insertion components include the following:

  • Firewalls (In the example illustrated in the Figure above, Cisco ASAs with FirePOWER modules are deployed.)
  • Intrusion prevention systems (IPS)
  • Application delivery features
  • Server load balancing
  • Network analysis tools (such as NetFlow)
  • Virtualized services deployed in a distributed manner along with virtual machines
  • Traffic direction with vPath and Nexus 1000v
  • Application Centric Infrastructure (ACI) automated framework components for service insertion

In the case of virtualized environments, the Cisco ASAv (virtual machine) can be deployed to protect VM-to-VM communication. The Cisco ASA FirePOWER module in these environments is not supported, as the Cisco ASAv is just a virtual machine. Cisco FirePOWER virtual machines running network AMP can be deployed in those scenarios.

NOTE: The Cisco ASAv supports both traditional tiered data center deployments and the fabric-based deployments of Cisco ACI environments. The Cisco ASAv can also be deployed in cloud environments like Amazon Web Services (AWS).

The Cisco ASA with FirePOWER modules can be deployed in geographically dispersed cluster environments.

The following Figure shows an example in which four Cisco ASAs with FirePOWER modules are deployed in two separate sites (site A and site B).

 

In the example illustrated in the Figure above, the cluster of four Cisco ASAs is fully extended between the two data centers, using the cluster control links (CCL) operating at Layer 2 with a latency of less than 10 milliseconds. A single spanned EtherChannel for transient data is used on the cluster side. The local data links are also configured with EtherChannels at the switch pairs on each site.

TIP: The data VLANs between the switches are not extended to prevent network loops.

The Article from http://www.ciscopress.com/articles/article.asp?p=2730336&seqNum=12

More Related…

NGFW-Cisco ASA with FirePOWER Services

ASA 5506-X/SecurityPlus, 5506W-X & 5506H-X, Cisco ASA with FirePOWER Services, What’s New Here?

How to Start Cisco Firepower 9300 ASA Security Module?

Find Your Cisco’s Next-Generation Firewalls

Read more

Fat, Thin, and Fit APs in WLAN Network

December 20 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Wireless - Cisco Wireless AP, #Networking, #Cisco & Cisco Network

You should hear of the Fat, Thin, and Fit APs. What are they?

The terms thin and fat have been applied to WLAN access points (APs) in many different ways.

  • Some vendors use thin AP to refer to entry-level/residential-grade products with few advanced features, in comparison to fat APs rich with enterprise network features like VLAN tagging and SNMP-based management.
  • Some use thin AP to refer to products that can't be configured or used on their own, but instead are part of a WLAN switching system that governs both setup and operation. In this case, a fat AP is any stand-alone AP, no matter how extensive that AP's feature set.
  • Some use thin AP to refer to products that offload selected tasks to an upstream server -- for example, communicating with 802.1X Authentication Servers, generating encryption keys, acting as a VPN gateway, or re-routing traffic for cross-network mobility. In comparison, any of these tasks could be performed directly on a fat AP, without relying on an upstream server.

In the autonomous architecture, the WTPs (Wireless Termination Point) completely implement and terminate the 802.11 function so that frames on the wired LAN are 802.3 frames. Each WTP can be independently managed as a separate network entity on the network. The access point in such a network is often called a Fat AP.

FAT APs in Autonomous WLAN Network Architecture

 

During the initial stages of WLAN deployment, most APs were autonomous APs, and manageable as independent entities in the network. During the past few years, centralized architectures (discussed next) with ACs and WTPs have gained popularity. The primary advantage of the centralized architecture is that it provides network administrators with a structured and hierarchical mode of control for multiple WTPs in the enterprise.

Centralized Architecture

The centralized architecture is a hierarchical architecture that involves a WLAN controller that is responsible for configuration, control, and management of several WTPs. The WLAN controller is also known as the Access Controller (AC). The 802.11 function is split between the WTP and the AC. Because the WTPs in this model have a reduced function as compared to the autonomous architecture, they are also known as Thin APs. Some of the functions on the APs are variable, as discussed in the following section.

Thin APs in Centralized WLAN Network Architecture

 

Distributed Architecture

In the distributed architecture, the various WTPs can form distributed networks with other WTPs through wired or wireless connections. A mesh network of WTPs is one example of such an architecture. The WTPs in the mesh can be linked with 802.11 links or wired 802.3 links. This architecture is often used in municipal networks and other deployments where an outdoor component is involved. This article does not address the distributed architecture.

WTP Functions Fat, Thin, and Fit APs

To understand the autonomous and centralized architecture, it is useful to look at the functions performed by the APs. We start with the Fat APs, which form the core of the autonomous architecture, followed by the Thin APs, which were specified as part of the WLAN switch- or controller-based centralized architecture. The article will then outline the functions of a new variant called the Fit AP, an optimized version of the AP for centralized architectures.

Fat Access Points

Figure1 shows an example of an autonomous network with a fat access point. The AP is an addressable node in the network with its own IP address on its interfaces. It can forward traffic between the wired and wireless interfaces. It can also have more than one wired interface and can forward traffic between the wired interfaces similar to a Layer 2 or Layer 3 switch. Connectivity to the wired enterprise can be through a Layer 2 or Layer 3 network.

It is important to understand that there is no backhauling of traffic from the Fat AP to another device through tunnels. This aspect is important and is addressed when discussing the other AP types. In addition, Fat APs can provide router-like functions such as the Dynamic Host Configuration Protocol (DHCP) server capabilities.

Management of the AP is done through a protocol such as the Simple Network Management Protocol (SNMP) or the Hypertext Transfer Protocol (HTTP) for Web-based management and a Command-Line Interface (CLI). To manage multiple APs, the network manager has to connect to each AP through one of these management schemes. Each AP shows up on the network map as a separate node. Any aggregation of the nodes for management and control has to be done at the Network Management System (NMS) level, which involves development of an NMS application.

Fat APs also have enhanced capabilities such as Access Control Lists (ACLs), which permit filtering of traffic for specific WLAN clients. Another significant capability of these devices is configuration and enforcement of Quality of Service (QoS)-related functions. For example, traffic from specific mobile stations might need to have a higher priority than others. Or, you might need to insert and enforce IEEE 802.1p priority or Differentiated Services Code Point (DSCP) for traffic from mobile stations. In summary, these APs act like a switch or router in that they provide many of the functions of such devices.

The downside of such APs is complexity. Fat APs tend to be built on powerful hardware and require complex software. These devices are expensive to install and maintain because of the complexity. Nevertheless, the devices have uses in smaller network installations.

Some Fat AP installations still use a controller at the back end for control and management functions. These controllers lead to a slightly scaled-down version of the Fat AP, called, not surprisingly, a Fit AP, discussed later.

Thin Access Points

As their name indicates, Thin APs are intended to reduce the complexity of APs. An important motivation for this reduction is the location of APs. In several enterprises, APs are plenum-mounted (and thus in hard-to-reach areas) so that they can provide optimum radio connectivity for end stations. In environments like warehouses, this is even more evident. For such reasons, network managers prefer to install APs just once and not have to perform complex maintenance on them.

Thin APs are often known as intelligent antennas, in that their primary function is to receive and transmit wireless traffic. They backhaul the wireless frames to a controller where the frames are processed before being switched to the wired LAN (see the Figure ‘Thin APs in Centralized WLAN Network Architecture’).

The APs use a (typically secure) tunnel to backhaul the wireless traffic to the controller. In their most basic form, Thin APs do not even perform WLAN encryption such as Wired Equivalence Privacy (WEP) or WiFi Protected Access (WPA/WPA2). This encryption is done at the controller the APs just transmit or receive the encrypted wireless frames, thereby keeping the APs simple and avoiding the necessity to upgrade their hardware or software.

The introduction of WPA2 necessitated encryption on the controller. Although WPA was hardware-compatible with WEP and required only a firmware upgrade, WPA2 was not backward-compatible. Instead of replacing APs across the enterprise, network managers could just backhaul the wireless traffic to the controller where the WPA2 decryption was done, and the frames were sent on the wired LAN.

The protocol between the AP and the controller for carrying the control and data traffic was proprietary. Also, there is no capability to manage the AP as a single entity on the Layer 2/3 network it can be managed only through the controller, to which the NMS can communicate through HTTP, SNMP, or CLI/Telnet. A controller can manage and control multiple APs, implying that the controller should be based on powerful hardware and often be able to perform switching and routing functions. Another important requirement is that the connectivity and tunnel between the AP and the AC should ensure low delay for packets between those two entities.

With Thin APs, QoS enforcement and ACL-based filtering are handled at the controller not a problem because all the frames from the AP have to pass through the controller anyway. Centralized control functions for ACLs and QoS are not new they were implemented in networks with Fat APs too. Such installations have controllers that act as the gateway for managing traffic from APs to the wired network. However, the controller function takes on a new dimension with Thin APs, especially with respect to the data plane and forwarding functions. The controller function subsequently was integrated into Ethernet switches that connected the wireless and wired LANs the motivation for the family of devices known as WLAN switches.

The Wireless MAC architecture in this scenario is known as the Remote MAC architecture. The entire set of 802.11 MAC functions is offloaded to the WLAN controller, including the delay-sensitive MAC functions.

Fit Access Points

Fit APs are gaining in popularity in that they try to take advantage of the best of both worlds that is, the Fat APs and the Thin APs. A Fit AP provides the wireless encryption while using the AC for the actual key exchange. This approach is used for newer APs that use the latest wireless chipsets supporting WPA2. The management and policy functions reside on the controller that connects to multiple APs through tunnels.

Also, Fit APs provide additional functions such as DHCP relay for the station to obtain an IP address through DHCP. In addition, Fit APs can perform functions such as VLAN tagging based on the Service Set Identifier (SSID) that the client uses to associate with the AP (when the AP supports multiple SSIDs).

Two types of MAC implementations are possible with Fit APs, known as the Local MAC and the Split MAC architectures. Local MAC is where all the wireless MAC functions are performed at the AP. The complete 802.11 MAC functions, including management and control frame processing, are resident on the APs. These functions include time-sensitive functions (also known as Real Time MAC functions).

The Split MAC architecture divides the implementation of the MAC functions between the AP and the controller. The real-time MAC functions include functions such as beacon generation, probe transmission and response, control frame processing (for example Request to Send and Clear to Send RTS and CTS), retransmission, and so on. The non-real time functions include authentication and deauthentication; association and reassociation; bridging between Ethernet and Wireless LAN; fragmentation; and so on.

Vendors differ in the type of functions that are split between the AP and the controller, and in some cases, even about what constitutes real time. One common implementation of a Fit AP involves local MAC at the AP and control and management functions at the AP.

Reference from http://www.cisco.com/c/en/us/about/press/internet-protocol-journal/back-issues/table-contents-13/wireless-lan-switches.html

More Related:

Something about the Cisco Wireless APs Supporting Cisco WLC

How Much You Know about Cisco Aironet Access Point?

Cisco Aironet 3802 AP to be Crowned “Wi-Fi Certified”

Read more

Cisco VoIP and Video Phones to Meet a Range of Needs

December 6 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco IP Phones

Do you have an “easy to use” Cisco IP Phone, such as Cisco IP Phone 8800 Series? Cisco always adds new IP Phones-the cost-effective IP communications to replace traditional phones. What are they? There are 4 main types of VoIP and Video Phones to meet your business needs.

The four series include:

  1. Unified SIP Phone 3900 Series
  2. Unified IP Phone 6900 Series
  3. Cisco IP Phone 7800 Series
  4. Cisco IP Phone 8800 Series

 

 

 

 

 

 

 

 

 

 

 

 

 

In today's business environment, your organization must meet the needs of a wide range of endpoint users with different communication styles and distinct workspaces. Some users want to communicate through their desk phones. Others prefer wireless devices. Still others lean toward soft clients.

The portfolio of Cisco IP phones includes user-friendly, full-featured IP phones to meet the needs of your entire organization, in areas ranging from:

  • The company lobby to the desks of your busiest managers
  • The manufacturing floor to the executive suite
  • The home office to the branch location and corporate offices, both small and large

Many Cisco IP Phones in the portfolio deliver new modes of collaboration, such as integrated HD voice, video, web conferencing, USB peripherals for extensibility and Bluetooth.

The portfolio includes:

Single- and Multi-Line VoIP Phones
These support a range of communication needs, from low-use to the most active-use environments

Basic to Full-Featured IP Phones
Our phones use Cisco Collaboration Solutions to cost-effectively meet your corporate objectives and boost profits.

HD Video Communications (Select Models)
See how this helps you reduce your travel costs and speed decision-making

Applications from Cisco Developer Partners
Enjoy a more personalized and productive IP phone experience with an array of business applications.

Your Choice of Deployment Options
Support for on-premises, from the cloud, or use a hybrid deployment of the two, based on your business needs

Centralized Management
Simplify administration with remote access. On some models, employees can register and activate phones themselves.

 

More Topics here:

What’s New on Cisco IP Phone 8800 Series

Updated: Cisco IP Phone 7800 Series

Cisco Unified IP Phones 9900, Transform How You Collaborate

How to Save Power on Cisco IP Phones?

Read more
<< < 1 2 3 4 5 6 7 > >>