Cisco®offers a full portfolio of products with which to build a network that is fully converged end to end. Having this broad scope requires Cisco to understand the unique requirements of each of these places in the network and how they must all work. With the introduction of the new Cisco Catalyst®6500 Supervisor Engine 32 Programmable Intelligent Services Accelerator (PISA) and the Cisco 7201 Router, Cisco expands its WAN services aggregation portfolio with offerings that help ensure business success through the consistent, secure, and optimized delivery of advanced technologies and services.
The Network: The Platform To Achieve Business Success
Today's businesses are faced with many challenges, including the desire to both globalize and localize, along with the need to improve productivity. These and other challenges translate to new and increased demands on the network. According to a recent survey1, the top priorities for senior executives worldwide include network availability, end-to-end security, and application performance.
Addressing these challenges requires a fully converged end-to-end network. The advantages of such a network are many: rapid reaction to new business requirements, reduced complexity and costs, and consistent service levels and capabilities across the network. So why has everyone not already implemented a fully converged end-to-end network? The simple answer is that doing so can be difficult and expensive.
Although many companies have networks that are in varying states of convergence, achieving full convergence end to end is something only few claim to have achieved. The same recent survey indicates that the top reasons for this hesitation are security, complexity, cost of implementation, and interruption in service.
What today's businesses need is a flexible, cost-effective architecture that enables the secure, consistent delivery of services to all places in the network. The WAN/MAN solution plays a primary role by providing optimized connectivity throughout the enterprise.
The New WAN: End-To-End Services
A fully converged end-to-end network makes it possible to centralize applications and distribute access to any endpoint as needed. With such a network, enterprises can link hundreds or even thousands of branch offices to headquarters, enable access to data and applications in milliseconds all over the world, enable real-time collaboration among multiple sites, and provide high-quality voice and video to all locations, all while protecting all traffic with a consistent security policy. Beyond that, this network can also be used to extend the same secure, consistent services to teleworkers and partners through the Internet or extranet.
To support a fully converged network, a WAN solution must provide a number of elements. It must act not only as the aggregation point for WAN connectivity, but also as the aggregation point for all services that are extended to the branch users, including security and voice/video over IP, as well as optimized access to mission-critical applications and data. In short, it must deliver services to branch users with the same quality and performance afforded to campus users, which requires application intelligence. This means that the WAN devices must have the ability to recognize important application traffic streams and treat them accordingly.
Although the WAN goals might be fairly consistent from one business to the next, the method of implementation can vary greatly. The number and size of branches are two variables, as well as the volume and type of traffic to be handled. Budgets and existing investments are factors. Architectural approach is also a consideration: some companies might want to view the WAN as an extension to their campus network, whereas others might desire greater logical and physical separation between the two.
Moreover, some might want to deliver services in an integrated services model, whereas others might want to use a service appliance model. The difference is in the approach to the distribution of the services.
• In the integrated services model, a central device can be used to deliver multiple services, such as security and voice.
• In the appliance model, separate devices are deployed in the network to provide each service, such as a security appliance that includes firewall, intrusion detection, and other risk mitigation services.
Both models are viable options; however, the integrated services model offers advantages such as reduced capital and operating expenses, as well as improved traffic handling.
Regardless of implementation, the goal of a fully converged end-to-end network remains the same: consistent, secure, and optimized service delivery.
End-to-End Convergence
Your network is not an island. Most networks today include a headquarters campus with a data center and an increasing number of branches, all connected over a wide-area network. These network entities: the campus, data center, branch and WAN, make up what Cisco terms the "places in the network." Just as the geographic scope of the network is increasing, so too are the services it must provide. Networks today must provide support for converged intelligent services that enable secure anywhere, anytime collaboration.
Cisco provides an end-to-end converged network, composed of systems specifically designed to address the unique needs of each of these places in the network. With Cisco network systems, intelligent network services, such as QoS and encryption, are consistently supported and preserved across the entire network, enabling the same secure, high-quality service delivery regardless of whether the user is at headquarters or in a local branch.
The Cisco WAN Services Aggregation Portfolio
To address the needs of today's businesses as they strive to achieve a fully converged end-to-end network, Cisco offers an extensive WAN and MAN aggregation platform portfolio, which includes Cisco Catalyst 6500 Series Switches as well as the Cisco 7600 and 7200 Series Routers. This portfolio provides the flexibility to deliver a comprehensive set of highly secure, concurrent, and integrated services in a variety of deployments. (See Figure 1.)
Figure 1. Cisco WAN Services Aggregation Platforms
Cisco Catalyst 6500 Series Switches
Often thought of as the flagship of Cisco switches, the Cisco Catalyst 6500 Series Switches have evolved into a modular switch and router, which offer high port density and WAN routing in a single chassis, resulting in a high-performance solution for WAN services aggregation. This option is particularly appropriate to enterprises that want to take the architectural approach of extending their campus network. It offers the benefits of consistent features across both the campus network and WAN edge, as well as the very practical advantage of parts sparing.
Enterprise WAN features, such as high availability, quality of service (QoS), and security, together with Cisco IOS® Software modularity offer investment protection in the LAN that extends to the WAN. Cisco IOS Software modularity boosts operational efficiency and minimizes downtime through evolutionary software infrastructure advancements. By enabling modular Cisco IOS Software subsystems to run in independent processes, this innovation:
• Minimizes unplanned downtime through self-healing processes
• Simplifies software changes through subsystem In-Service Software Upgrades (ISSU)
• Enables process-level, automated policy control by integrating Embedded Event Manager (EEM)
Additionally, Cisco Catalyst 6500 leadership in integrated virtualized services such as firewalls, intrusion prevention solutions, IP Security (IPsec) VPNs, and deep packet inspection enables consistent end-to-end deployments in a virtualized network, which further reduces operational costs.
The newest addition to the Cisco Catalyst 6500 family is the Cisco Catalyst Supervisor Engine 32 PISA, which is well suited for enterprise WAN edge deployments. The PISA on the Supervisor Engine 32 PISA provides hardware acceleration of stateful application intelligence to provide application identification and classification at multigigabit speeds. It also provides support for flexible packet matching (FPM), which enables day-zero worm and virus mitigation, also at multigigabit speeds. Support for these intelligent services, coupled with the support for 256k routes and interface support from T1 to OC-48 with shaping, makes the Supervisor Engine 32 PISA an ideal platform for WAN aggregation deployments.
Additionally, equipped with PFC3B, the Supervisor Engine 32 PISA provides feature and performance compatibility with the Cisco Catalyst 6500 Supervisor Engine 32. It offers advanced hardware-accelerated IP services such as Multiprotocol Label Switching (MPLS), IPv6, Network Address Translation (NAT), generic routing encapsulation (GRE) tunneling, access control lists (ACLs), rate limiting, and advanced QoS to enable network administrators to build feature-rich networks from the campus through the WAN, as illustrated in Figure 2.
Figure 2. Cisco Catalyst Supervisor Engine 32 PISA: Campus to WAN
Alternatively, the Supervisor Engine 32 PISA can be combined with some number of service modules in one of the smaller Cisco Catalyst 6500 chassis to form a service appliance. For example, the hardware-accelerated services on the PISA, along with service modules such as the firewall services module and intrusion detection services (IDS) module, can be deployed together as a security appliance. A dual Supervisor Engine 32 PISA configuration can be used for high availability. These advanced services can then be distributed in the network over the integrated eight-port Gigabit Ethernet uplinks or two-port 10 Gigabit Ethernet uplinks from the Supervisor Engine 32 PISA.
Cisco 7600 Series Routers
Cisco 7600 Series Routers are the largest Cisco aggregation routers and are particularly well suited for service providers and very large enterprises that require high speeds and high density. The Cisco 7600 Series combines optical WAN/MAN networking and high-volume Ethernet aggregation with a focus on the delivery of high-touch services for the IP and MPLS edge.
Cisco 7600 Series Routers provide features crucial to WAN aggregation, such as high availability and QoS, coupled with carrier-class performance. Recent enhancements to the Cisco 7600 Series Routers include:
• ISSU Phase I: Based on Nonstop Forwarding/Stateful Switchover (NSF/SSO), ISSU for Cisco 7600 Series Routers Phase I implements Enhanced Fast Software Upgrade (eFSU) and allows users to upgrade or downgrade from one major or maintenance release to another with only a short system outage. ISSU Phase I enables rapid software upgrades for new line cards, new power supplies, new features, or bug fixes.
• Dual-priority queues: In Cisco IOS Software, the existing low-latency queuing (LLQ) functionality has been enhanced with the introduction of multilevel priority queuing (MPQ). This extension brings a second priority queue for latency-sensitive traffic. MPQ enables differentiation between two types of traffic with strict latency requirements. For example, a QoS policy using MPQ can provide isolation between real-time voice and real-time video traffic while still meeting their latency targets.
• Route Switch Processor 720: The Cisco 7600 Series Route Switch Processor 720 (RSP 720) is specifically designed to deliver high scalability, performance, and fast convergence required for today's and tomorrow's demanding voice, video, data, and mobility (quadruple-play) services. It uses the same high-performance 720-Gbps crossbar switch fabric as that used by the Cisco Catalyst 6500 Series Supervisor Engine 720 and combines it with a new, revised, and application-specific integrated circuit (ASIC)-based forwarding engine. This single module delivers 40 Gbps of switching fabric capacity per slot. With hardware-enabled forwarding for IPv4, IPv6 Unicast and Multicast, and MPLS, the Cisco RSP 720 can provide high-speed central forwarding with rich packet processing features such as ACLs, QoS, and MPLS VPNs.
• Circuit Emulation over Packet Port Adapters: The Cisco 7600 Series CEoP SPA enables the imitation of a physical communication link across a Packet network. This allows network administrators to use their existing IP/MPLS network to provide leased-line emulation services or to carry data streams or protocols that do not meet the format requirements of other multiservice platform interfaces.
Cisco 7200 Series Routers
With more than 350,000 installed in networks across the globe, Cisco 7200 Series Routers are among the most widely-deployed aggregation routers. The Cisco 7200 Series is a very cost-effective option for the enterprise WAN, delivering exceptional performance (up to 2 mpps), versatility, and feature-richness in a compact form factor. Cisco 7200 Series Routers support a wide variety of WAN interfaces, including Ethernet, DS0 to OC-3/STM1, packet over SONET (POS), and ATM, and a wide variety of VPNs, including Layer 2 and Layer 3 VPNs, accelerated IPsec VPNs, MPLS, and Group Encrypted Transport VPNs (GET VPNs).
The newest edition to the Cisco 7200 Series is the Cisco 7201 Router. The Cisco 7201 provides performance comparable to the that of the Cisco 7200VXR NPE-G2 Router but in a smaller form factor and with low power consumption. It includes four native Gigabit Ethernet ports and provides performance of up to 2 mpps in Cisco Express Forwarding, double that of the Cisco 7301 Router. The Cisco 7201 Router also includes support for GET VPNs, which are highly scalable, and support for enhanced IP-IP Gateway, which aids in providing application intelligence.
• Cisco Group Encrypted Transport is a next-generation WAN VPN solution that defines a new category of VPN, one that does not use traditional point-to-point tunnels. This new security model introduces the concept of "trusted" group member routers, which use a common security methodology that is independent of any point-to-point relationship. By eliminating point-to-point tunnels, Cisco Group Encrypted Transport VPNs can scale much higher while accommodating multicast applications and instantaneous branch-to-branch transactions.
• Cisco IOS Software Session Border Controller support: IP-to-IP Gateway is designed to meet enterprise and service provider Session Border Controller needs and to facilitate simple and cost-effective connectivity between independent VoIP and video networks. Direct IP interconnections between VoIP networks lower costs, lower latency, improve voice quality, and offer greater flexibility to support emerging services when compared with public-switched telephone network (PSTN) or time-division multiplexing (TDM) interconnections.
Table 1 compares WAN aggregation services platforms.
Table 1. Comparison of WAN Aggregation Services Platforms
Cisco Catalyst 6500 with PISA
Cisco 7600
Cisco 7200
Processing
Up to 15 mpps
Up to 30 mpps
Up to 2 mpps
Backplane Capacity
Up to 32 Gbps*
Up to 720 Gbps
Up to 2 Gbps
Connectivity
Up to OC-192/STM64
Up to OC-192/STM64
Up to OC-12/STM4
WAN Routing Protocols
Static, RIP, OSPF, IS-IS, eBGP, EIGRP
Static, RIP, OSPF, IS-IS, eBGP, EIGRP
Static, RIP, OSPF, IS-IS, eBGP, EIGRP
Secure Communications
• IPSec VPN (up to 15 Gbps),
• MPLS VPN,
• DMVPN
• IPSec VPN (Up to 15 Gbps),
• MPLS VPN,
• DMVPN
• IPSec VPN (Up to 280 Mbps)
• MPLS VPN
• DMVPN
• GET VPN
Flexible Packet Matching
Yes, in hardware
Yes, in software
Yes, in software
Network-Based Application Recognition
Yes, in hardware
Yes, in software
Yes, in software
WAN Optimization
• WAAS**
• OER
• WAAS**
• OER
• WAAS**
• OER
IPv6
Yes, in hardware
Yes, in hardware
Yes, in software
Availability Software Features
ISSU, NSF/SSO
ISSU, eFSU, NSF/SSO
NSF/SSO
* Capacity quoted is for Cisco Catalyst 6500 with PISA. The Cisco Catalyst 6500 Series Supervisor Engine 720 offers the same capacity as the Cisco 7600 Series Routers.
** Cisco Catalyst 6500 Series interoperates with WAAS.
Moving Your Network and Business Forward
To achieve and maintain business success, today's businesses require a network that provides consistent, secure, and optimized delivery of advanced technologies and services to all places in the network.
Cisco has the end-to-end solutions, expertise, best practices, and support to help customers transform their networks into business services platforms.
Cisco offers a full portfolio of products with which to build a network that is fully converged end to end. The primary devices in each of these places (from the campus to the branch, through the WAN) support a common set of technologies so that services are intelligently delivered across the entire network.
Cisco has a long history of providing leading-edge WAN solutions. With its continued commitment to innovation, Cisco enhances its WAN services aggregation portfolio with the new Cisco Catalyst 6500 Supervisor Engine 32 PISA and the Cisco 7201 Router.
The enhanced Cisco WAN services aggregation portfolio provides flexible solutions, designed to address the end-to-end service intelligence goals common to all enterprise WANs, with a variety of implementation choices to accommodate the unique capacity, architecture, and budget requirements of each business.
Cisco WAN Aggregation Portfolio
Cisco Catalyst 6500 Series Switches
Cisco Catalyst 6500 Series Switches offer the new Supervisor Engine 32 PISA, which adds line-speed deep packet inspection in support of flexible packet matching, stateful application intelligence, and other functions. Cisco Catalyst 6500 Series Switches offer interfaces at up to 10 Gigabit Ethernet rates and manage one million routes.
Cisco 7600 Series Routers
Cisco 7600 Series Routers can be used by large enterprises or by service providers who want to offer integrated networks to their customers. The Cisco 7600 Series supports LAN interfaces up to the 10 Gigabit Ethernet rate, manages one million routes, and performs security functions at wire speed.
Cisco 7200 Series Routers
Cisco 7200 Series Routers can handle traffic at up to 2 mpps, offer some 60 different types of interfaces, and support many types of VPNs. The new Cisco 7201 Router supports the newest, Cisco GET VPNs, which simplify security and routing for mesh, MPLS, IPsec, and other networks.
1Source: Economist Intelligence Unit/AT&T survey, June 2006.
