Catalyst 6500 management tool on the way

Cisco last month gave customers a sneak peek at a new network management tool for deploying multiple network functions on the Catalyst 6500 platform.

The Integrated Services Device Manager for the Catalyst 6500 will give users one interface for configuring intrusion detection, VPN, firewall and Layer 4 to Layer 7 switching capabilities on a Catalyst 6500 switch chassis. Even though the company has offered security and acceleration blades for its flagship switch for more than a year, management of these blades in a switch has been scattered.

The Catalyst 6500 is Cisco's top enterprise switch chassis, and supports Layer 2 to Layer 7 switching, 10/100/1000M bit/sec and 10G Ethernet, and a variety of security modules. The company has shipped more than 180,000 chassis, and has made $11.4 billion in revenue from the product since its introduction in 1999.

"This is something Cisco had to do," says Zeus Kerravala, an analyst with The Yankee Group. "Management tools embedded in [Cisco] switches have been poor to fair, at best, in terms of functionality." He says that different modules in the Catalyst 6500 in the past had to be managed "blade by blade," which could leave networks prone to configuration errors.

The software lets users graphically configure and view configuration settings for the various application blades available for the Catalyst 6500, which include firewall, intrusion-detection systems (IDS), Layer 4 to Layer 7 switching and VPN termination. In the past, these blades had to be managed as individual network appliances that happened to be running in the Catalyst chassis.

The software detects new modules that are inserted in the chassis. Users can view settings of all blades installed and set up network configurations between blades in the chassis and on individual modules.

This could involve assigning IP addresses for the modules, separating a firewall or VPN module in a separate virtual LAN subnet, or applying security rules to the modules.

The software also lets users check the IOS commands that will be sent to each module before they are sent. Before settings are pushed to the hardware, a pop-up screen shows the command-line instructions, which can be sent, revised or canceled through the interface.

Additionally, the software includes a wizard setup mode, which lets users to set up firewall, IDS, VPN, multilayer switching and other functions with pre-set templates. This involves going through a series of check-box screens that ask questions about the desired network setup and utilization characteristics of the network.

The Integrated Services Device Manager will be available for free with new Catalyst 6500 switches in the first half of this year, the company says. Cisco also says it will integrate management functions in the software with other device management platforms, such as Cisco's VPN/Security Management Solution software for managing networks of Cisco firewall, IDS and VPN equipment.

Read more about infrastructure management in Network World's Infrastructure Management section.