Cisco blade boosts security control
New Catalyst 6500 blade improves wiring closet security; 7200 series gets smaller
By
Phil Hochmuth
,
Network World
, 04/30/2007
- Share/Email
- Tweet This
- Print
Cisco this week released a new Supervisor module for the Catalyst 6500 switch, aimed at injecting traffic security at the wiring closet layer of a LAN.
Slideshow: Take a closer look at Cisco's latest, plus what competitors have in store
Biotech firm plans all-Catalyst 6500 net
Cisco's Supervisor Engine 32 with Programmable Intelligence Services Accelerator (PISA) is a blade for Catalyst 6500 switches
deployed in wiring closets. The vendor says the device can provide in-line packet inspection for all traffic flows at the LAN edge without introducing
latency. The blade can filter out, or squeeze down, bandwidth of undesirable applications such as peer-to-peer. It can also reserve bandwidth for critical protocols for VoIP or enterprise applications, the company says.
The Supervisor Engine 32 PISA is a 32Gbps switch fabric for Catalyst 6500s deployed in wiring closets and connecting large
groups of users to a corporate LAN. (While usually associated with the LAN core and data center, Catalyst 6500s are used in wiring
closets in about 25% of the product's installed base, Cisco estimates). The module includes Layer 2-7 packet processors, which
can inspect traffic and block or divert harmful traffic flows, such as viruses and worms. It also can rate-limit traffic for
non-essential applications, such users' personal instant messaging or VoIP applications (AOL, Googletalk, Skype and so on). Cisco says its new blade does these tasks without introducing any latency in the path between the LAN edge and
the rest of the network.
The Supervisor Engine 32 PISA is being examined at PDL BioPharma, a Freemont, Calif.-based biotech company, which is considering
the blade for the LAN that will go into a new facility currently under construction. PDL BioPharma uses some Catalyst 6500s
in its wiring closets, but will expand this to all wiring closets in the new facility, says Luis Chanu, global network & security
architect, at PDL BioPharma.
"The main thing we're looking at getting out of the new PISA modules is the flexible packet matching," he says. The ability
to allocate specific types of bandwidth for certain applications would be a benefit. Security is another one, he adds. "If
there is a virus outbreak it would be really nice to utilize flexible packet matching to isolate the virus, or maybe throttle
it back to protect the network."
The network at PDL BioPharma has a constant stream of data from its research labs, which use disk space and CPU power on machines
all over the LAN to process and store data produced by the company's research. This is another area the company could utilize
the PISA technology, Chanu says. "We'd like to mark that data at a lower priority then our standard end-user desktop traffic,"
he adds.
Cisco switch users have deployed access control lists (ACLs) for traffic filtering or blocking in the past, but that method
does not go deep enough to identify new types of applications. Cisco's Network Based Application Recognition (NBAR) technology in IOS has also been used in the past to accelerate or block certain traffic types. Cisco says the new Supervisor
blade provides more advanced filtering than ACLs, and better performance than NBAR technology.
Partner Content
Simplify Your Branch Infrastructure
Learn how to simplify your branch infrastructure while dramatically increasing app performance with Citrix Branch Repeater.
Download the Free Info Kit
Next-Gen Load Balancing
Free Guide: "Next Gen Load Balancing: 8 Things You Need to Handle Today's Network Traffic" shows you the functionality needed in your next load balancer.
Download the Free Guide
Accelerate Your Web Apps by up to 5x
Free Guide: "The Secret to Getting Maximum Speed from your Web Applications."' Learn how you can deliver Web apps up to 5x faster.
Download the Free Guide
Comments (1)
Cisco blade boosts security controlBy Anonymous on April 30, 2007, 5:09 pmTake a closer look at how Cisco blades boost security and then let us know what YOU think! See slides.
Reply | Read entire comment
View all comments