Cracking the code –
Cisco Switching for
Campus Networks
Demystified
January 12, 2011
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
1
• Jimmy Ray Purser
Chief Geek, TechWiseTV
• Kevin Skahill
Director, Catalyst 3K & 2K
• Hasan Siraj
Sr. Manager, Catalyst 6500
• Qiang Huang
Sr. Manager, Catalyst 4500
• Balaji Sivasubramanian
Sr. Manager, Nexus 7000
• Rob Sloan
Host
2
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
2
• Network Architecture
• Cisco Switching Lines
• Borderless Networks
• Case Studies
• Questions
3
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
3
CORE
• Scalability & performance
• Network simplification and consolidation
• Highest availability
• Options for WAN Integration
DISTRIBUTION
• Streamlined management with virtualized switches
• Secure segmentation of diverse user traffic
• Continuous operations
• CapEx savings with integrated virtualized modules
• Integrated wired and wireless
ACCESS
• Easy deployment and management of switches, end points
• Intelligent, high performance delivery of rich media
• Uninterrupted user connectivity
• Integrated security with role-based policies, encryption
• Deep visibility into network usage and malicious attacks
• Lower energy costs of connected devices and facilities
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
4
Catalyst 6500
Nexus 7000
Cisco IOS Consistency
NX-OS capabilities
Two Terabit Ready
Highest Scalability of
10GE/40GE/100GE
Borderless Services
Modules
Resiliency
(Hitless ISSU)
Virtual Switching
System
• Core outside data center
• VPLS/MPLS
• WAN services
© 2010 Cisco and/or its affiliates. All rights reserved.
Virtual Device
Contexts
Decision
Criteria
• Core inside data center
• High 10GE density
• VDC & OTV
Cisco Confidential
5
DISTRIBUTION
Catalyst 6500
Catalyst 4500E
Catalyst 3750X
Scalable, rich BN
Services, GE/10GE
aggregation,
optimized for small
sites or space/power
constrained spaces
© 2010 Cisco and/or its affiliates. All rights reserved.
Flexible modular
system with 848Gbps
capacity and
competitive feature set
for mid-sized GE/10GE
distribution and
collapsed
access/distribution
designs
Cisco’s flagship
Catalyst offering
richest services,
highest scalability,
unmatched resiliency
and unparalleled
investment protection
for distribution
Cisco Confidential
6
ACCESS
Catalyst 3750-X,
3560-X
Catalyst 2960-S
Catalyst Compact
Switches
Competitive feature
set, Smart Operations
with baseline
Borderless Services
Market leading fixed
feature set, resiliency,
upgradeability and full
Borderless Services
Catalyst 4500E
Market leading
modular access with
full BN services,
superior scalability &
resiliency, operational
simplicity, investment
protection
Market leading feature
set, Smart Operations
and full Borderless
Services optimized for
outside the wiring
closet
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
7
• Network Architecture
• Cisco Switching Lines
• Borderless Networks
• Case Studies
• Questions
8
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
8
Infrastructure Scalability
Foundation Services
• 15 Terabit Scalability
• 512 10 Gigabit ports/ 1500 GE
ports
• 7.68 Tpps (L2), 1.92 Tpps (L3)
• 1 Million Routes
• Dense 40GbE/100GbE ready
•Link Level Encryption (802.1ae)
•Layer 3 services (L3 MPLS*, GRE, VRF,
•IPv6, BFD)
•Superior operational management
(Netflow v9, EEM, ERSPAN ,
SmartCallHome, ACL Dry Run, Wireshark)
Nexus 7000
Innovations
• Device Consolidation and Collapse layers
• Award winning IP-based interconnect
• Scalable layer 2 via Fabric Path – No STP
• Support Nexus 2000 Fabric Extenders for
simple management up to 1500 ports
• Loss Less Ethernet
Operational Continuity
•Mission Critical Availability
•Zero pack loss In-service upgrade
•Graceful systems operations
•Integrated lights-out management
•NX-OS Completely modular and Flexible
Break Through Scale and Flexibility
© 2010 Cisco and/or its affiliates. All rights reserved.
* Roadmap
Cisco Confidential
9
Scale
•
•
•
•
•
Foundation Services
2 Terabit Readiness
528 GE ports*
92 linerate 10GE ports*
1000 VRF’s, 1M routes
40 Gig Ready
Catalyst 6500-E Chassis
• Extended Lifecycle of 7-10 years
• Forward and backward compatible
Service Modules
•
•
•
•
•
Integrated Wireless
Firewall Services
Network Analysis
Intrusion Prevention
IPSec
•
•
•
•
•
•
• Virtual Switching
• MPLS, VPLS, GRE, VRF
• IPv6 Leadership
• NSF/SSO, ISSU, BFD
• Netflow v9 (v6, Mcast, MPLS)
• EEM, GOLD, ERSPAN
• SmartCallHome)
Borderless Services
Security (TrustSec, CoPP, uRPF)
MediaNet (IPSLA, Multicast, Deep Buffers)
Green (EnergyWise)
Application (NAM, Netflow, Adv QoS)
Mobility (WiSM, Location, 802.11n)
Borderless Services Node
Designed to Deliver Borderless Services for Next 10 Years
© 2010 Cisco and/or its affiliates. All rights reserved.
* Roadmap
Cisco Confidential
10
Borderless Services
Scalability
• Cisco TrustSec
• Medianet
• EnergyWise
• Deep Application visibility
with Flexible NetFlow
• 848Gbps Switching Capacity
(48G/Slot)
• 384 PoEP ports, 200 GE
ports, 100 10GE ports
Cisco Catalyst 4500E
• Extended Lifecycle of 7-10 years
• Forward and backward compatible
Operation Simplicity
• Validated borderless system design
• Limited Lifetime Warranty for access
• Automation for provisioning & diagnostics
• Backward & forward investment protection
• Common image for access & distribution
Switching Innovations
• Sub-10 msec ISSU
• Next-generation PoEP, EEE
• IOS XE open application
platform
Designed to Deliver Borderless Services for Next 10 Years
© 2010 Cisco and/or its affiliates. All rights reserved.
* Roadmap
Cisco Confidential
11
StackPower
• Adaptable—―pool of
power‖ across the stack
• Power Flexibility and
sustainability
• ―Zero-footprint‖ RPS
• Intelligent power shedding
• Supports mix of AC/DC
Enhanced Limited
Lifetime Warranty
StackWise Plus
Catalyst 3750-X
• 24/48 10/100/1000 ports
w/ FRU uplinks
• 4 G or 2 10G SFP+ uplink modules
• Limited Lifetime Coverage
• NBD advance hardware replacement
• 90-days 8x5 Cisco Technical
Assistance Center (TAC) support
• Software Policy provides updates and
bug fixes for Base IOS images
• 64 Gbps stacking
• Automated Config &
Management
• Fault-tolerant, Bidirectional stack
interconnection
• Single Network Instance
Switching Innovations
• Data Encryption: 802.1ae & MKA
• Full 802.3at PoE+ Support – 30W/port on
all ports in one RU
• Modular Uplinks: Upgradability, Services
• FRU Dual Redundant PS & Fans: supports
mix of AC/DC power supplies in a stack
Unmatched Resiliency, Features and Borderless Services
© 2010 Cisco and/or its affiliates. All rights reserved.
* Roadmap
Cisco Confidential
12
FlexStack
• FlexStack: optional
Module - Up to 4
switches in a stack
• Hot Swappable with two
wire-speed 10G ports
• Unified management,
control, and data plane
Enhanced Limited
Lifetime Warranty
EnergyWise
• Cross-Catalyst energy
management protocol
• Optimize power usage
• Report power/cost savings
• 2960-S consumes 57%
less energy than industry
standard
Catalyst 2960-S
• 24/48 10/100/1000 ports
• 4 G or 2 10G SFP+ fixed uplinks
• Limited Lifetime Coverage
• NBD advance hardware replacement
• 90-days 8x5 Cisco Technical
Assistance Center (TAC) support
• Software Policy provides updates and
bug fixes for Base IOS images
Competitive Features
• 802.3at PoE+ capable
• Fixed power supply options enabling
varying levels of PoE capability
• Zero touch deployments with Smart Install
• Auto configuration with Auto Smart Ports
Cisco Features and Quality at Aggressive Price
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
13
Compact Form Factor
• Ideal for unique use cases
outside the wiring closet:
• Retail Checkout Stations
• Hotel Suite/Cruise Cabin
• Casino Floor
• Classroom/Dormroom
• Island Workspace
Enhanced Limited
Lifetime Warranty
Unique Features
• Powered via PoE+ (power
supply optional)
• Pass through PoE for end
devices
• Uplink & Downlink Data
Encryption: 802.1ae & MKA
Catalyst 3560-C and 2960-C
• 8/12 10/100 or 10/100/1000 ports
• 2 Dual-purpose 10/100/1000BaseT and SFP uplink
• Limited Lifetime Coverage
• NBD advance hardware replacement
• 90-days 8x5 Cisco Technical
Assistance Center (TAC) support
• Software Policy provides updates and
bug fixes for Base IOS images
Smart Operations
• Zero touch deployments with Smart Install
• Auto configuration with Auto Smart Ports
• Single point of management with Smart
Configuration
• Debug diagnostics and system health
checks with Smart Troubleshooting
Cisco Features and Quality in Compact Form Factor
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
14
• Network Architecture
• Cisco Switching Lines
• Borderless Networks
• Case Studies
• Questions
15
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
15
Future-Proof With Investment Protection
Architecture for Agile Delivery of the Borderless Experience
Borderless End-Point/User Services
Borderless
Policy,
Management
and Smart
Services
Secure:
End-to-end encryption
Integrated Securely, Reliably, Seamlessly: AnyConnect
with investment protection
Protection
Infrastructure
Borderless Network Services
Mobility:
Reliable:
Motion
Unrivaled
Availability
App
Performance:
Green:
Security:
No switch TrustSec
downtime,App Velocity
EnergyWise
Voice/
Video:
Medianet
planned or unplanned
Switching
Routing
Wireless
Seamless:
End-to-End
Unified
Network
Access
Easier to deploy, manage
and
realize the full
potential
Campus
Extended
of the
network Enterprise
Fabric
Security
Extended
Cloud
Optimization
PROFESSIONAL SERVICES:
Realize the Value of Borderless Networks Faster
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
16
The Cornerstone of Borderless Networks
Unrivaled Simplified
portfolio
install &
breadth operations
End-to-end
infrastructure protection
Integrated security
Virtual traffic isolation
and access control
© 2010 Cisco and/or its affiliates. All rights reserved.
Futureproofed
network
Scaling rich media visibility
and control
No switch downtime—
planned or unplanned
End-to-end
network availability
Cisco Confidential
17
Reliable, Seamless
The Cornerstone of Borderless Networks
• End-to-end infrastructure protection
Cisco Integrated Security Features – Patented
Encrypt at the port level from access to data center – MACsec
Behavior-based detection of malicious traffic – Flexible NetFlow
Protection against worms, rogue apps – Control Plane Policing
Drop traffic from invalid sources – uRPF
• Integrated security
Integrated firewall, IPS, and VPN service modules
Simplifies operations with fabric integration
• Virtual traffic isolation and access control
Deploy multiple logical networks on one physical infrastructure
Increase manageability and reduce costs by reducing footprint
Simplifies mergers, acquisitions and compliance – VRF-lite
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
18
Secure,
Seamless
The Cornerstone of Borderless Networks
• Scaling rich media visibility and control
Superior buffer architecture for optimized media delivery
Intelligent QoS policy assignment – AutoQoS
• No switch downtime—planned or unplanned
Continuous operations in the event of failure – VSS
Upgrade software while the switch is running – ISSU
Industry-leading fixed platform resiliency – StackWise+
Power pooling for fail-proof power in a stack – StackPower
Introduce new line cards without upgrading OS – IOS XE
• End-to-end network availability
Rapidly re-converge failed connections – BFD, Flex Links
Fast physical fault detection – UDLD
Software diagnosis of cable faults – TDR, DOM
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
19
Secure, Reliable,
The Cornerstone of Borderless Networks
• Unrivalled portfolio breadth
Configuration options for every requirement
Consistent Cisco IOS interface across lines
• Simplified deployment & operations
Proactively solve network problems – GOLD, EEM, CallHome
Faster switch, client deployment – SmartInstall, Auto SmartPorts
SBA Design Guides, Cisco Validated Designs speed deployment
• Future-proofed network
Only vendor with easy migration to 10 GbE – SFP+ Shipping
Power over Ethernet Plus and NG PoE+
Simplified software enhancements with Universal IOS Image
Seamless transition to IPv6 – supported in hardware since 2003
Protect your investments in training, management and hardware
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
20
• Network Architecture
• Cisco Switching Lines
• Borderless Networks
• Case Studies
• Questions
21
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
21
Architecture for Agile Delivery of the Borderless Experience
Borderless End-Point/User Services
Why Energy Efficiency?
• Meet your goals for cost and
carbon emission reduction
Infrastructure
Securely, Reliably, Seamlessly: AnyConnect
Borderless
Policy,
Management
and Smart
Services
Borderless Network Services
• Satisfy regulatory requirements
Mobility:
Motion
Green:
EnergyWise
App your Voice/
• Leverage
network to increase
Performance:
Video:
visibility
and change behavior
App Velocity
Security:
TrustSec
Medianet
Switching
Impact of Reducing
Energy Consumption
Routing
• Walgreen’s—saved 30%
Unified
Access
Campus
Fabric
• Google—saved
25%
Extended
Extended
Enterprise
Cloud
• NetApp—saved
$2M
Wireless
Security
Optimization
PROFESSIONAL SERVICES:
Realize the Value of Borderless Networks Faster
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
22
Cisco EnergyWise
Case Study
Business Need
• Lower network operational
• Located onNetworked
the west side
of London.
Devices
• 16,000 students and employees for both
graduate and post-graduate education
costs
• Social responsibility
Results
• Reduced energy costs
by £90,000 per year
• Reduced carbon footprint
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
23
Case Study
—Simon Furber,
Network Manager, Brunel University
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
24
Architecture for Agile Delivery of the Borderless Experience
Borderless End-Point/User Services
What is impact of a
security breach or
compliance violation?Securely, Reliably, Seamlessly: AnyConnect
Borderless
• Security breach, overall: Borderless Network Services
Policy,
Average—$3.4M
Management
App
and Smart
Maximum—$31M*
Performance:
Mobility:
Green:
Security:
Services
App Velocity
Motion
EnergyWise
TrustSec
• PCI DSS violation:
Average—$1.3M**
Infrastructure
Voice/
Video:
Medianet
Routing
• HIPPA violation:
Average—$1.1M**
• Reduces productivity,
Unified
impacts reputation
Access
Switching
Wireless
Security
Campus
Extended
Extended
Optimization
Fabric
Enterprise
Cloud
* 2009 Annual Study: Cost of Data Breach; Ponemon Institute
** State of IT (in) Security 2010; Aberdeen Group
PROFESSIONAL SERVICES:
Realize the Value of Borderless Networks Faster
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
25
Case Study
Business Need
• Extremely resilient network
• Secure transactions
• Future proof for virtual
• A world leading asset management
company with more than US$63B
in assets
• 1,584 Employees
• 16 offices Globally
desktops
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
26
Case Study
Business Need
• Extremely resilient network
MACsec
onfor
Catalyst
Switches
Catalyst
4500E
Flexible
all
NetFlow
locations
and can
use 802.1x to consistently authenticate
users and devices
• Future proof for virtual
desktop power support
• Secure transactions
Results
• Resiliency with ISSU
• PoE-plus available for all
ports
• End-to-end security with
investment protection
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
27
Case Study
—Steve Brookman,
Global Head of Communications,
Man Investments
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
28
Architecture for Agile Delivery of the Borderless Experience
Borderless End-Point/User Services
How are organizations
using
video today?*
Borderless
Policy,
Management
and Smart
Services
• Video Conferencing:
62%
Securely, Reliably,
Seamlessly: AnyConnect
• Employee Training:
54%Network Services
Borderless
• Video Surveillance: 45%
App
• Meeting
Performance:
Mobility: Playback:
Green: 41%
Security:
Motion
EnergyWise
TrustSec
App Velocity
What will your switches need to
adapt for video?
Infrastructure
Voice/
Video
Medianet
Switching
Routing
• Consistent quality of service
Wireless
• Scalable multicast
Extended
Extended
• Guaranteed
bandwidth
Access
Campus
Security
Extended
Enterprise
• Proactive network optimization
Extended
Cloud
Optimization
* IDC, March 2010
PROFESSIONAL SERVICES:
Realize the Value of Borderless Networks Faster
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
29
Case Study
Business Need
• High quality video delivery
Voice
and VideoEmployees
Deployment
• 100,000+
• 94+ Countries
• 600+ Offices
• Easy management / video
deployment and
troubleshooting
© 2010 Cisco and/or its affiliates. All rights reserved.
Unparalleled Quality of Service
Cisco Confidential
30
Case Study
Business Need
IndustryMediaTrace
RSVP-TE
Leading Multicast
• High quality video delivery
• Easy management / video
deployment and
troubleshooting
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
31
Case Study
Business Need
Voice and Video Deployment
• High quality video delivery
• Easy management / video
deployment and
troubleshooting
Results
• Bandwidth reservation for
quality delivery
• Auto discovery of endpoints
• MediaTrace to identify media
trouble spots
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
32
Case Study
—Rami Mazid,
VP IT Cisco
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
33
Server
Farm
Business
Goals
Deploy network services rapidly and
securely on a flexible, multi-tenant
switching platform
Borderless
Networks
Solution
Catalyst 6500 Switches (Core and
Distribution), Catalyst 3560 Switches
(Access), MPLS-VPN
Business
Results
 Simplicity with a seamless platform
for virtualized transport of data,
voice and future IP Surveillance
Services
 Improved service levels with high
availability
 OpEx and CapEx reduction
Cisco® Catalyst®
6500 Core
Sensors
Cisco Catalyst
6500 Distribution
Cisco Catalyst
3560/E Access
PLCs
HMIs
Robotics
Cisco Wireless
Access Points
Airline Counters
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Wireless
Access Points
Laptop
Clients
Cisco
IP Telephones
Office
Workstation
Clients
Fire
Badge
Readers
Video
Surveillance
HVAC
Control
Lighting
Control
Retail Stores
Cisco Confidential
34
• Network Architecture
• Cisco Switching Lines
• Borderless Networks
• Case Studies
• Questions
35
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
35
Thank you.