Packet200701-part2

Uploaded by: Kowit Meboon
0
0

June 2020
PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA

Overview

Download & View Packet200701-part2 as PDF for free.

More details

Words: 9,031
Pages: 19

Preview
Full text

F E A T U R E

... Self-Defending Network

!"

# $ % &" "' ( ) ""*" +$ ," -$.' !$ "/ 01 (" 2$ % $ 2$ 2%' 3% -$ ) 4 ( # +5 56&" 7 " 89( ":" -$ ) (2%' ") 885' ; ").,"< ) " ,(.( % " 2%' " 88 .,+ " ) " ) ( )" +"' -= 8 -' ". (8 "). , & 837!")) (. 5 . >). "-$ " ) ?"> (. 5 . $ ))1 " (Self-Defending) .,+ ") +". ( -$

")"' "8"8" ( 1 .$ !5 2$7C ==E " (#) +

()) ":"(!"2 3.8$ ?)"' -$)

" > (. $ $C $ " ) -5 . .F 4 3 . 8$ (, 4"G Self-Defending Network ) ++7 . (")

, "-$ 4"G ()" 2 " 4"G1 "" (4"G 22

p22-25_Cisco.pmd

") #&. ":(2 " "' ' + () " 2 " ( ()$ 4"G.,+ ") ") ()

2 " ) / ) ())-' $>7 2$4"G

,+$. >1 "()" )!$8) (policy) -$

(") + 1 "" 4"G / ( , ))!+53% "(" " ! Intrusion Prevention . > ,+ Access Control List (ACL) +$K.# ==M

" -$ (.,+ ")++7 ") #&. ":(9(2 " ) 4"G (. > (2$- $ ") .$ ") 8+ ( 2$75/ 5 (O

2 (. ==M 3% ,+$4 $7 >7 ") (.""' (7 2$ ( 2$ + )4 " G ( 88 + ' ; ) Self-Defending Network $ ! 4"G Cisco Security Management Suite (&"5 5"# 2006 ( ).5 .8 %+ . 2$$" 8 ()$ 5 5) + . !'.,+ ")) K)" ( "

" "-$ Cisco Security Manager ( Cisco Security Monitoring, Analysis, and Response System (MARS) " ' 7 ( 2$7 (+ " 3% ,+$" / ) >7$) " &7

PACKET CISCO SYSTEMS 2007

22

25/1/2550, 11:39

"' 3.8$" (&"4"G Cisco ASA 5500 Series Adaptive Security Appliance 5500 3% >5 ())$".,+ ") . 2(' $.)" ") !5 )) IPSec + 5 SSL -$ $".7 .>% 5,000 3.!"

-' 4$7 7 (. >=M8) ")-= (-. (Intrusion Prevention System) 5 )" ")!$)3.8$-= ( -. " "' -$ 8 ( ,4 Cisco Security Manager 3% ()

(.(.) " !

( ") ==M ( ( +% Instant Messaging " ' ( ,-$ -' Cisco Security Manager "' 4$77 . > ( =M7 !"'--$ Cisco ASA, " IOS Software, -= PIX, .! Catalyst + 5$3. 8$ ) $ 2 " -$ 3% Cisco Security Manager ( 8) & )" ")!$8) 5 +$ 8). >>7 ) [ (+

8- ,$ 8)+$2$")( 3% !+$ (2 4$7 7 ( . $ ;"2 8)

?7$2 (- (.)[<+ .5. -2$

(+ -C !" 4$ 7 "

4"G Cisco Security Management Suite ? " ' ' 4$7 7 . >!$ Cisco Security Manager ( =M7 !"(8)-

/ ! $.2-$ $" 3% $ +$" >8-=2$ 5 () 8)' "' &7 $ Cisco Security Manager (8)" ") 2$ ) (+. !" 5 3), + 5-==1") $ .2 5 M "' (2" 8) Cisco Security Manager 8"8"C 2( Cisco Security Manager =M "' 7 Cisco Security MARS !" 4.2 (01 ( (+ + " ) )) - $(,#, "" ) >7$ 8. [<+ ) ( +(. 2$)

[<+ PACKET CISCO SYSTEMS 2007

p22-25_Cisco.pmd

23

25/1/2550, 11:39

23

FEATURE

"' / " ! Cisco Security MARS ) 7)) 22$74) 3 42 5 5' (. "(

!52$.7 ==M 4 (8$ 7)) 22$7"' " 3% ) !'" Cisco Security MARS (,+$M M + 5M.$ . 2$7 ^^ $# #.""' . $4"G+'. >".7 >$ ") 5 " $ (8! -$ ") ( 2%' ? 4$77 ))" %+ $ . ." Firewall Log 2 Cisco Security MARS ( $ .5)..+ 4$7 7 . >5 Log )

""' 5 7O

) $- 8+ Cisco Security Manager 5 7`2

,+$+ "' >7)" % Log -$C !" ?4$7 7 " . >." $-2 +-$ " 3% .)" (%

, (")!" (!+$ (+"$-2[<+) ( "- 2 -$ !" C

... ! 1++% 2 "*4"G " : "2 3.8$ 5 ,3% 7))!$ ( Cisco ASA 5500 Series Adaptive Security Appliance !" 7.1 .

-$ $ 1 " 1 ""

! !$ $!" " ' ' ASA 5500 Series (+$5 4 !" -$ Anti-X, VPN, IPS ( Firewall 7))

":" 4$77 $ 8 = 4$ 7 " 8. ( , 88 ":"2 3.8$ ?ASA 5500 Series !"'+( .,+ ")

+#1 2 4$7!$ 7 .> 2( !" Anti-X +(.,+ ")

. 5 1 +$ $" . !"-.+(.,+ ")

" 5 3 = ( 5/ &: (. $ !" -= (+(")

$ . >2 Cisco PIX FirewallC .3= Anti-X 3% -$ )" )

Cisco Security and Control Security Services Module (CSC-SSM) !+$ ASA 5500 Series . >1 "' ++$ $ "-$ ! - +"' (.+% 2 + 5- "" )>% " $ 8 " (! - ". . =M!! + 5 URL " ) ( " $8 (! $8 " + 5 . ) 9("' ())' ()) % . > 7-+$" )2$7."=M!! + 5 . 8 $7 -> % 48+-=+ 5 8 - ". "). (8 , .4 " ,) (2$>% )-3

-") 5 -$ (. #

! Anti-X " # $#% “Anti-X !" # $ % & '" ($)$ "” *+ ! !, .$+( /*0+1 " / ** #%*$ " “#%*$)$. Trend Micro InterScan Security Suite " 2** " " % ), PIX ) 3 3 $ 3%4 "( "&#% 5 5 Anti-X 2+/#% + ) " 60. %67 ) 8

#% + " $ 5 " / ) " & “09 $” .*: $ $+%)$3 8 2 . $( $ 32$” &62 / 3 Anti-X +0&9$% " “Store-andForward” 2 22 File-Based 9" *$

()$3%(++""&+ " ++0"" & $.&$( 9$ &62 / !% Anti-X +0+ 2 0,,; $"3!!20 * 2*2 <%= $ 3 Levels 3 4 +1$ 3 :302%6 &2%6 $"+1$ 3 &<%% "5 $

24

p22-25_Cisco.pmd

Cisco ASA 5500 Series !" (

")-$ "' 4$7!$ .> ( !58 (+ / 2 4$7 !$ " , .> "' . >. $ !5 SSL VPN 4- 3= 8+ .7 5 8"8" " ' / - + 5. $ !5 IPSec VPN 4- 3= " ' 5 7 $ ' ASA 5500 Series " ." ) . ()) Clientless VPN ) 3% (8!89(")4$7 - !$ 5 2 ! ) :" 2 7$ " " 7= + 5 )$ 2 " 8 !" 7.1 '>7"*+$ ") !5 SSL VPN ( IPSec VPN -$>% 2,500 3.!" $" 3% >% 5 ([ )" !" . "). 5,000 3.!"$) >% .)" ( 8+2$7 ,+$

")

PACKET CISCO SYSTEMS 2007

24

25/1/2550, 11:39

4$7 !$ -$ $">% +"+5 >" , 35' ( .,+ " ) SSL ( IPSec $ . 4$ 7 " 4"G 2 3.8$ ?. >( ,2 =F " ) 4$7 !$ 2 Cisco ASA ")" 22%'C !" 7.1 ( $8 Cisco Secure Desktop 3% ,+$ ": " SSL - (!$32 8$)x." + 5= 8 Cisco Secure Desktop ( + 3= '- ". 5 "' " ASA 5000 Series (M !5 SSL VPN (+ Cisco Secure Desktop ) 8 " +" 3.!" !5 ( $ +$4$7 !$+3.!""' / + 5 5 2 Cisco Secure Desktop . >)" ") !$ 8) !5 -$ " . $ +" )3.!" ()) ($ 8 -8!$" #% "*8 ( 8+ 2 .+ ";^ ..)" . $ Clientless VPN . . ? (8! $ <" !$ . " + 5 . # ( "' ) 7$+$2$>% " ))2 -$ 88' 2$""))) 3 -$ ,+$ .,+ ")) (!5 2$ C

()) (1 "2$7 . 4$7!$-+$$ 7 5 8 .) 5 !$2 + 5- +-! (2$ +".")2$7 $, "2$7"' ' 5 )3.!" .. ' 88 Clientless VPN 2 3.8$" ") !$ !"/ 4

!"3 = Citrix Metaframe

")2 3.8$8-$ 8+3= - ( ,+$ $!$ !" / -$ 2%' "' " !.

, 2"$ ")3= 5 / ) 5 3- $ $ =F . 2 Cisco ASA 5500 Series !" 7.1 -$ ()) Safe Caching .,+ ")4$7!$ ) 3% 4$7 !$ " -$ (8! ! ! +$ ) !" , 2%' 8 "-$+ 5 .# ( )) 3 +(,4$7

( ")*+ ' , Cisco Adaptive Security Device Manager & $ /

!% 8 (22".$( (!% ) "" +0 /

9% /6 (Device) /

9%*2 (Policy) 0 /

9%**3* (Topology) % $ / 9% /6+0 /6 0 *2 / 6 "5 % 3 )$ / 9%*2+0*2 "8 2& $$2 $ =/%+)$ 0/$

/

9%**3*+0 . !% 02 # .$( ( !% % 3 *2)$ 02"8 "9"& /

9%*2 .$((!% + *2 2&9$3 !22 Clientless $$2 $ % 3 )2 Cisco ASA 5500 Series # 1 $ +9 " 3 !05 $

)-$!$. - -$ )"'4$7!$" M!$ ())'-$7 $% 8 Cisco Secure Desktop , "8$" . -)-$! +% ASA 5500 Series $ =F SSL VPN ( Cisco Secure Desktop " K+$+4"G Cisco Integragted Services Router 3 . 800, 1800, 2800, ( 3800 >% IOS 3 . 7200 ( 7301 3% ") !5 $"-$ "' 10 >% 150 3.!" %

!$ ASA 5500 Series !" 7 . >" ' 87 Anti-X (CSCSSM) 2$--$ 5 1 .)7 )) ?1+8 2 ()) 1 " -$ 5 " ()) ":"+$+( .")$

# !$ $ - 5 1 # " / ( 3")3$2 ())- 8 . > ") ()4$7) ())-$C " ?- 2 1 " "' ()) ": " " ! +$ () , # (. # 2%'8 2 ".

.5.

"' ( "' +$ " !$ !"(2$7-$2%' 3% $ () " '!+$ (+"!$

1 # ( ,#

&' • Security Management Suite cisco.com/go/security_management • Cisco ASA 5500 Series cisco.com/go/asa • Cisco Adaptive Security Device Manager cisco.com/go/asdm

PACKET CISCO SYSTEMS 2007

p22-25_Cisco.pmd

25

25/1/2550, 11:39

25

AT A GLANGE New wiring closet requirements Cisco Catalysts switches Preparing for next-generation services

I N F R A S T R U C T U R E SWITCHING

Wiring Closet Switch !"# ! $! %!$&

!& & '()&? *

¾

(Network Edge) ! "#$%& '** +, (Wiring Closet) ! %*- .% & .%/&0"%*1&,". $2 3 * . % &1/$% &! ."45$ 2 6 . **7$%8, , * $+% % '"

9 $%, '*+%'"&. . $%&.%/* & +*: Marie Hattar ; ,%*%1&<= /*& Product and Technology Marketing Organization 36 % 9.6 , +$% !%& !.%/.% & / % ! % - $;&5&+"< +,! *, & : 96*,"&-+/*& 2 ' . % 3 "> ??@ + +: Fred Weiller -&*AB,%*%1&<= /*& 36 % 9, ' .% & &, ! ; ! .%/,2 %,1-".'% /3?"> ,--, ! '6? $8 Cisco Unified Communications "> : &8 8 '$% ! * . % - . * ; 2 , $ 6*,,, $+<1*/-,& & & ! 9;%& +,& %8 .% & .,%' ! 3 $

88 "%*1&, .%/"/71 & .% & ' , &! - / % , *; 7+-, *,: Hattar % 9/I/ &! +<' 8 +, "> & *: $ Weiller + , "%, '" 8 - & .$%, "4--+ & & ! *'* &.8 &.% & Client/ServerBased 3 '% ; () '",& 3? . % $8*3 .%/.% & $% &! -/ % 2 '* ./$-&*??@ $8 /& 0"%*1& , -/'* & $ & . % "> $5 . +,%& ! ' , $ ;&5 * & 26

p26-28_Cisco.pmd

PACKET CISCO SYSTEMS 2007

26

25/1/2550, 11:41

VoIP ! " #$ %%& '() *(+,-" ,./(+ +0$ 12 ", + - * ,#$ 3

97 * 8 /$ +% ,8 $"# : Weiller % 9+"<A 4K + ,*,L

-! /.* % *6 --&6, '6? .%/.% & "/1"/ 8 $%8,& ! . ,.%/',: 8 '.% & $2 $% ! ' ; $*.% * $; $ / , '6? 1 $ &! +<1 (Quality-of-Service $8 QoS) *%*% /I/ &! . -+< . $ / & .%/""R .% & ;&5, ,* $ ; '* "R $, - "> "4 - -& , % ;- A4K "> , ,

-&V 36 + , ,+ $-/-<",,& . + '*. 8 &%8 7+- /&0 "%*1& , . "/ 7 1 .% & .%//* "X& % *%/, &

Weiler % ;*.3 (Routed Access) 36' 9 8 ;7+- 8"> +*,*"R$, ?#- 8 $ .%/*.3"> $

& ! : * ,2 *.38+<& & 66% & ! . + , 3 "> "/ * . *.3; $* 8 $ 2 '* 6*, %?[\ 8 1"' 200 %% 1/ &*

- ! *.3,& "> Transparent - ' /*+ * $,+ * / & .
* . % -/'*& *.3-/ ,%*,+ , ."45$.%/% % 8 -* .3; 66%.& *, ' Open Shortest Path First (OSPF) Enhanced Interior Gateway Routing Protocol (EIGRP) , *, $ 9 ,*, % ?@ $; .3 %, ,: Weiller % 93!;, $%, '

*, Cisco Catalyst + "4--+& & Layer 3 ! , "@* & -: % 36,$ &* - *.3 8 San Antonio Water System (SAWS) 0& ;&* !;, $"/

$ % 3 . 6 6 %&q3& SAWS Hot Standby Router Protocol (HSRP) "> &-&*/ Failover &.3%,.%/* & %, 6*, '* 8.3 & * & (Dual-Homed) ."%, $6$%*&! $* , % *, & ! 9* ,.% & & & , . **7! &% - "< &'*: Darrin Gannaway V +6 SAWS % 9."4--+&

!& EIGRP .%//-,6$%*'",& % & 2 .$%/8 "/6,

$ &&'*& :

!"# $%&

+, "/&"> * "R & "> 1&,+ 6*, * $2 "4--+& +,-;"> & +

&! -/"/*,"R & 1&,

+%),-.: Cisco Catalyst 4500 Series Cisco Catalyst 4500 Series 7% , 8-$ + ,$ * /*,(

90$ / +- * ,+ Catalyst 4500 1 +*', $ #$ / !/(+' * $ /1+:0 $ ,*(* $ 13 *', /(; 802.1X, NAC (Network Admission Control) 1 1 E

.$ (* 3 * /(+ - "$ 8 ,! #3 / 8" ,: F

" Catalyst 4500 +G 9% $ #$ / !,- 9 ,! ( # Control Plane Policing $ H 9 8- 8(/ (:-81 Denial-of-Service (DoS) ,!( Dual Supervisor +*', Nonstop Forwarding Stateful Switchover , :/ 8(+$ , , ,! 8/ ++ 50 /(+ $ ,+- 0 +; 8%, :+ +1/ ,!( -+$ . " Catalyst 4500 ,*', Power over Ethernet (PoE) 1$ ! %%H 15.4 * '$ #$ * , , QoS ,!( 1 ! ,! O/ , %%& 3 , 8 , 1 , #$ ; 10 Catalyst 4500 7 % $ #(* / 3 / / + +* *$ *

PACKET CISCO SYSTEMS 2007

p26-28_Cisco.pmd

27

25/1/2550, 11:41

27

INFRASTRUCTURE SWITCHING

(Perimeter Defense) (Identity-Based Trust and Identity Management) !" # $ %& '*+ ,$,.+$! $!/! !% 0%%1# ! ,.+ ! #$2 !./ ! !

+ %3 ! %!, %& 24! !0%. 45+ 4 + 2 ! !"# 5+ SAWS %0# #"'2,.+!"# Gannaway " 2* 4 0 2 #

%&% $,.+ 4 !!./ 6!.# 5+ / 2!%7 !,.+ Layer 2 #$,99:,.+ $# " 2 ; + $! %;* 2, ! $; ,/ $ "# #" '2 0

%& .*/! 42 ;! ACL (Access Control List) !"'2 0, ,99: . ! !./ $

+ ,99: . <

' ( ((

2$ !5!+ = ,. + . 2>?#$"'2! $!./ !. $4! 02 # #2# QoS '* + 2 # Cisco Catalyst 2 ; 0 !$ $ 44!#$ = $ $ 2* #$ $ ! !"# ! 4. "2 ; ,4#0 # #

,.+44!$!/!# 2

/ "# $%& '(&) *+ ,$# *

& Cisco Discovery Tool (cisco.com/go/ partner-discovery) '2 $3) (&) &'+ #45) #4%&) %$6 74839) , 3 ',$# : ;* ,

";5 $2>?+ #$ ,.+ .0&4.,+ ,/ !"# $ $ !%1# $!! '* + ;* !"# '' ! *!/ #$,!. #&H !#$ = ,.'+ 2 !*!/ $ $! >! 2 !%#$ !9: ! 5&4

!J (Intelligent Power Management) " $ ,> !!!"# %3!%$ 2 " 2> Gannaway !" # ,.+ . $ */ ! ;5 %3 ! 4 #" '2 6%E 0 ! ,0 2+ ! 2&4 $ $ #52 # Layer 3 " !4*+ 4,!.#"'2 5!! < Gannaway $ ,.,+ . ! % !9: >0 0%!"# $ 300 # !!/ % 25 ;* 30 %'"!# ,..

(* $! !!"# SAWS .44!@0,.+ 2>?# !* + '* + .5+ $ Maximo 6 !%3!44! ,.+&! @2 =< Gannaway $ 6 ! $ $ %E ! ! @ $ < ! 2;!!./ >%3!# Advanced QoS 45+ %! $,99: Maximo ,/ ,99: 4.9! $ . !$ # "'2 2 #!# 4# EIGRP '*+ 2! 2!0! Unequal Cost 6 / $# ,99:#$ = ! @,$! < Gannaway @ 6#$ EIGRP 2 ; %#$ $$!./ $ 2<

)

!,.+ %2!#" + $ %&,.+

!# 0 20 $ 4#9 Cisco Catalyst #$ = !#/ #$!2$ !!!"# %!;* # 0 2 28

p26-28_Cisco.pmd

6 5+ 2 ;$!./2 ! 0 ,.+,> !#$!5+ $20 %V&0 4$ !!"# < Weiler $ 20% 6!/! 5+ 2+ $

$ !%1 # ! 4@,%.+ 1545!/ X! 2 !" $ '* + $ 4. %%0 44!,.+0 $,$ !!/ %:2 0 ## / 44! $= ,/ #!!./!# ! 2 ; 2 # '*+ >%3! $ + !# 0 20 $ ,.+ $ % # ! ' 2 2!2 ##&H,.+!$2! $: Cisco Catalyst 3560 3750 Series 2> /!45/!X! Cisco Catalyst 4500 Series 2> 2 *!/ Cisco Catalyst 6500 Series %3!2 ## '"!# 2> !2 20

PACKET CISCO SYSTEMS 2007

28

25/1/2550, 11:41

AT A GLANGE New wiring closet requirements Cisco Catalysts switches Preparing for next-generation services

I N F R A S T R U C T U R E O P T I C A L

Cisco IP over DWDM Network Convergence

! " #$%&' ( ) +,! %$" !",-+ (Network Convergence) !" !,,0 1 %&' % 223 -, 41 223 ,- $5! ) 6 IPTV (,- 2 7 7& " ,8$ -" ' !-5 9 5 : ) Frame Relay !" ATM "#$ !, --" MPLS (Multiprotocol Label Switching) % , 8$ " ) ' 0 !" 8$ 6 % + , 8" !,,0 ! " $%&'+5

»˜

DWDM ! "#$% &'

('

PACKET CISCO SYSTEMS 2007

p29-32_Cisco.pmd

29

25/1/2550, 11:44

29

INFRASTRUCTURE O P T I C A L

- ( 53,- 8$ !" % , #", 77% 6$" -,05 5 :5 !" IP/MPLS % + 5< , 7& ' -% ! ! % ( (#&-% %$"+ " ( Long Haul) +, %&' 1(-1-" SONET/SDH ,' , 5< " !"6=> 90 SONET !" SDH " 5< --", % %$" !" 50: 1!" 6(#( , 1&1 TDM (Time-Division Multiplexing) ' ' SONET/SDH 8,6 3 +,! &, 223 " 6 ( 6 T1/E1 ( T3/E3) +5$" 5K 223 $

: " " 1 $"

( %$" : " !" 5< "+

, QK , !" 223 =$ "

DWDM --" DWDM (Dense Wavelength-Division Multiplexing) +, , 1( 1 5 %$"-% ! ! $ %&' -,6 0" 1" 7"(! " ) 6"( ! , -% %$" + " !"-% ! ! % ( , 8$ !" % , $# "7('5 1 #& " 5 223 +1 1%&' +,! IP/ MPLS Router, SONET/SDH ADM (Add/Drop Multiplexing) !" , - 1(' X DWDM 7& ,'

, #& 523 $ 677 '&+ !5" '8$ !" % , 1

+ 1", % !"

, '

5< +5 1( ) +, 50: 1 1 4' -7"$6 ,) 6 DWDM & ( +% 0 !" %' ! " ",-% ! ! % ( 5< " ( 8$ 5:$: !" POP (Point of Presence) ! " '6 5< 30

p29-32_Cisco.pmd

) -" 27 & !"! +%%8,1" , 5<1 => ( +% % - %, ( # ' -, 5 !"+#& -" ' 8$ 1& -7"$6 ! " & +8 0 OAM&P (Operations, Administration, Maintenance, and Provisioning) , ' -% ! ! 6 & X ITU G.709 " +1 , Core Layer !" Aggregation Layer 7& 5< 223 +1 0 !" 10 0 5^ 1 223 ! 5< % SONET/SDH &! , 5< -, 41 - 27 0 5 9 ) %&' 8" 5 5K 223 (Traffic Protection) # !" 27% 8 "+ 6 , 6 G.709 Framing !" FRR (Fast ReRoute) +,!" ( -% ! ! % ( 8$ 6 5-6 - ", " 7 ECMP (Equal Cost MultiPath) 7& $ !1"2 / 6 6 , ' & "( % 223 +1 6( #(+,!"50: 18 DWDM ) -,+ 1 " 5 +5

ºÃÔËÒÃáººáÂ¡ ËÃ×Í¤ÇºÃÇÁ´Õ? ) * Cisco IPoDWDM ##+' (, -(' ( * ./% ( 0.1* ( #$$ 0( 2 ( .1* ( ' ( 34 , -( - (IP) "34 #- - '% $ $ OAM&P Cisco CRS-1 " MSTP 0/'(( + (% (#34 (0(( " #34 .' ( #*:/ '

0 2 ( #-0"#;.;/ " +(<=( , (' .:" 0 2 ( (#, ; " +(<=(, (- 2 " 3 " CRS-1 '( $ $ . Cisco IPoDWDM %.( '( )<- -, (- % .@'- -% $(" .1* ( B ./% ' TL-1, CORBA " Simple Network Management Protocol (SNMP) # ('# 0"("!1 XML, CLI " HTTP/S (:., (- $1* (#; $(0 2 ( 1*'* #)< , -(1'* (- "# -.)#( ($ MSTP (: ( , -( $' +(./%) 0 2(#-'* MSTP ". DWDM ((' ((

PACKET CISCO SYSTEMS 2007

30

25/1/2550, 11:44

) * Cisco IPoDWDM <J(- .#-' K CRS-1 " +:# ( $ ROADM $ #"' ((. '- ' @- ' )) '0(# )- # #* *(' ',

Cisco IP over DWDM ,(0 2005 7- +,5 =-7"$6 IP over DWDM (IPoDWDM) 7& 65-6 88 j ,! +1!" DWDM " 1( ", 6 1 6( #( % !" 1 ) ! "$ $ 5 = ' +5#& 27-,$" 10 0 4 1 (10 Gigabit Ethernet Tunable WDMPHY) !" 27-,$" 40-Gbit/s DWDM & 1 (OC768c/STM-256c Tunable WDMPOS) Cisco CRS-1 Carrier Routing System , OC-768c/STM-256c Tunable WDMPOS 6 ,$ " !1 => $1 %$" $,#& 40 -% ! 10 % 10 Gigabit Ethernet Tunable WDMPHY 6 Cisco CRS-1 # 6( 10 Gbit/s DWDM $ !"+, 1 OAM&P 7&" > " SONET/SDH , -,$"'$ %$"!# # ITU C-Band 6 !" 5 50 j7 !" Enhanced Forward Error Correction (EFEC) % %$"-,5 = +,+ ",#& 1,000 -" % - 7- 1 27 -,$"!5 6 Catalyst !" 7 7600 +,! Cisco DWDM XENPAK 10GBASE Ethernet !" Cisco DWDM

Gigabit Interface Converter (GBIC) 0 '' #,'6 27 -,$"' +$ , -,+ 53,6 ( !" +,-,6 "( (Wavelength) 1 32 6 "( ! 27-,$" % +, X % ITU " ' !"6%7- 6( % DWDM ,'Q^% - !" ! " +, -,+1&1 5 5 , !1 ! ' " ' !" $%-7"$6 IPoDWDM +1 Cisco ONS 15454 Multiservice Transport Platform (MSTP) 7& --1-"%-% DWDM +,' ! Point-to-Point !" Ring ' 8 #% 6 ! % +58 Reconfigurable Optical Add/Drop Multiplexer (ROADM) , ) " !1"2' ( !8 ,' !"6 IPoDWDM " ,

-7"$ 6 IPoDWDM %7- #", 1&1 5 !1 POP +, 8" 8 6( 5 POP , 6 Short-Reach Optic "( 1,310 - ( ( Gray Light) Long-Reach ( Colored Light % $ POP 8 10-Gbit/s SONET/SDH 7&" 1" 78 DWDM " ! !

PACKET CISCO SYSTEMS 2007

p29-32_Cisco.pmd

31

25/1/2550, 11:44

31

INFRASTRUCTURE O P T I C A L

' " ' 8 Demultiplex !"5K % $ 5 ,!$ 7& ! 5"$5 ! 5<+22K !" +22K 5< ! Short-Reach ( ' OEO Conversion) , & 1(5K 8 % +55 SONET/SDH CrossConnect ( !16 1 !" +5' , (#$ 6+5 POP ! #,+5 !, 5 , Cisco CRS-1 !" ROADM MSTP +5' 6 5 , : 5 5 " (!161 !" +6 5<!" & 6 ", 6 "+, #&" 50 1 ", 7 7 % +, 50: 1

", 7 7 % -,6 - 7"$ 6 IPoDWDM %7- #", 6 59 ) ! 8$ !" 0 % , +, 7& +6 5 ,! 6'' 6", 6+22K !" 1('$! " ( POP ' 1& 5 6'" ",- ,, 8" 6( #(%&' !" 6 > 5 " 5< ' 8$ "( ",: , ! " -, ,$ ! "' " !" 5 " % 5< & (,$

!! (,?) -,7- +, 1 ( (

6 59 %&' 1( , !8 ,' !" 59 - #& ! " ! & ( (( " ' "( ! 1 DWDM 8 +5 5" 5 " 7&! , ! +%$5 ! 223 ,) 5< !8" ' 5"!5"% 7 6 1 23" (5 OADM % +5 POP 5< !!" !" 7, $

,6 ! ( 6 MSTP 8$ !" % , # % 1 ,' (! +% "( ! + "+, 1( ( +% % ( 7 5"+5+,

32

p29-32_Cisco.pmd

!"# #$#%&' ()!*!+ 2^ 6 IPoDWDM Cisco CRS-1 ," X ITU G.709 Optical Transport Network (OTN) 7&

#% 6( SONET/ SDH $5! 1 27 6' " DWDM -, , ' Cisco CRS-1 & # QK , %$"!' , 5" 1( ( : 1" ( : 1!," j ,! (5^( ) +, -,0 -, Forward Error Correction (FEC) 5 Cisco CRS-1 +, ( , %8, 1" , %$"$ %, 50 "" 5 23 ( 6 FRR) % 1( "%$" " " " 7& 5< " ": 223

, 6 #' 5 +, ( ( , ) "+ Failover SONET/SDH ( 6 2- j, FEC 6 Cisco IPoDWDM (EFEC) $ FEC + X G.709 (GFEC) -,8,$ !$ " # , 27 % 6 EFEC 7& DWDM 27% Cisco CRS-1 #$ +5+,+ "#& 5 1,000 -" (621 +") -,+1& 5 7- 5<8$8" ! +,% ,' - 5" 27-,$"% 7- Digital Optical Monitoring (DOM) 7& 5< X " ," 27 6 % #& !" QK 1 ) % 5 %$" -, ,$!" - = DOM QK !"! +%5^

%5 %$" 6 " 1( +, ($,

Í‹Ò¹à¾ÔÁè àμÔÁ • Cisco IPoDWDM Solution for IP NGN cisco.com/packet/182_7b1 • Cisco CRS-1 Carrier Routing System cisco.com/packet/182_7b2 • Cisco ONS 15454 Multiservice Transport Platform cisco.com/packet/182_7b3

PACKET CISCO SYSTEMS 2007

32

25/1/2550, 11:44

S E R V I C E

P R O V I D E R S

Cisco SCE

“!"#” %&'( Plala Networks ) * *+,-!

º‹

! " #$ % $ & ' ' ( ) ! *+ #% ,!

- &.%& & /,% 1 0 2

23 , 2 3 3 ! 3 ! 3 $3 3 ,' ' )' 4 3%2

%5 2'3 3%%6 3!./, ,'' 227%3 ' 012 ( Plala Networks *+ !6 21%

,! 28!.32% '6 2 $ 2 ' 2 !: & % ; )3 , % /< ,,

Plala ! & ! 3 ,8 2 ! 8$ " ' ! 3% ! .% 7., $ ,2 :+ ) % !! & *+ " * 6

%2,!

/6 8+ 4 % 2 #$ & % ) 8+ 3%'' / 2/,%%, :% 6 2" @ 2'! " @ ! ,3#$ &' 2%! !: &< 53 0128 Plala ' Cisco Service Control Engine (SCE) 2020 /@@G (Access Aggregation Points) 8#$ &%,/6)$) %4 ( I G ;Net Barrier Basic< *+ $ 3 3 , 3.

Plala !" #$ % &' () #* + # ,& " - .

2 8!+

, #$ 6 Plala Networks 3 ,#$/ => System Development and Network Engineering ;0// #$ %%!', 2'6%.' % 2 $ 2 8:+* PACKET CISCO SYSTEMS 2007

p33-35_Cisco.pmd

33

25/1/2550, 11:46

33

SERVICE PROVIDERS

@K/%$ &% #$&% 2. / * 3 , ' 2 %2,! 3 ,!% &%

/2 &%2% / Plala !: & SCE 2020 /6 - & 3 5 8 3.. & %4 .' 2#$ &% !: & / K 2003 Plala Networks *+ / "

!. $ .+. /!$! 1 > 3# -). 2 % , 8 3 Plala Cisco SCE 1010 Service Control Engine (2' $/ ) &' SE 100) .'!'! %@@G ,) # $ &%!%:+ 3.$ . (P2P) 3 ,)3 5 ! 3 %/6 & 3 58@@G 2 % ; Cisco Service Control Engine !:/ ,!!).3 3&3 5%5< & 1 ,& #/$ 3#

O 8 Plala %

Application-Level SCE 2020 SCE 2020 Q ,# )-R'5!62 2 /, &5 /,2 '2 3. .' , . % " * !3 3!*/ P2P 2'' 4 *+ . 2 %

34

p33-35_Cisco.pmd

/, :+3.. & 6 %$ 8 !. ;, ! :, .

% 900 & 3%& Port-Based %4 / :+. 8 !$ 8$ Layer 7 &% @@G 83.. & P2P 2' VoIP< Y@ #/$ % 5 / SCE 8 *! !81 > % ; ' / . 2%4 !%

&2 8. /$ !626!

2' Port-Hopping /+"

/,!'% 3.. & & &3 5%$ 2 %8 $ ' 2 Layer 7< ;.%3.. & % P2P 2' 2 & . 80 *+/7.,!62 HTTP 8-, 3.. & ' 4 2 &2 8. %/ 3%3 &%

<

Net Barrier Basic

;SCE 2020 /,3 ,/6 3 58#$&% 3% , & ] (Policy) @@G 83.. & %4 %&% SCE 2020 !:/6 3 5!62 !%@ P2P .

%3 53 %@@G VoIP 2' *+ /,!, 2 !$4 < Y@ 5 ; / SCE 2020 O8

'( / + .0 1 Plala 2 1'+#* Cisco SCE 2020 )0* .- ) 5 1 6 '( 7"*

#*1 ' Management Server 0 )." * 8. SCE ' Management Server 0*1 %0..& 1 6 '( 7"* #* 9&'( )06* &+ % %

PACKET CISCO SYSTEMS 2007

34

25/1/2550, 11:46

ÃÒ¡°Ò¹á¢ç§á¡Ã‹§ Ê‹ÍÙ ¹Ò¤μ·ÕÂè §Ñè Â×¹ %+#8)0* Plala Network %.' Cisco SCE 2020: • – Plala & !+'+-( '.(.,-(, 6 1"$ %. 8.9 SCE 2020 9 .( ;'..( ,1 '& % P2P • ! "#$ – .'( Net Barrier Basic ( - '' < ! ' )0* .'(+ &5 1 !" '%7)0* 0 #$ % & • " !&' # ( – )0*&'&-)+(+0 )9

#* 1"$ #* + )01* + # 9.%& #' '%7 < 09.

• $)$ !! – . 7( ' SCE 2020 )9 Plala & !'-1 9 1 + 9& '( )0* + &+%%. % 1 . '

@@G , ] ' < ;SCE 2020 !:! /6! 2 + ! ./- 8$ Application-Layer *+ 6 2" / , @@G 2 8.%<$ !+Y Y , #$ / 3#

.^ ,8 Plala % ;2 /+!: 2!: , 6 %% ' *+ " 0//!61 6 2 $ . /<

,,! Plala ( ) # $ & 2 8+ . , Cisco SCE 1010 & SCE 2020 'K 2005 *+ / @@G 8#$ &%,/6)$) 3 ,&' % Management Server ($)., ) ,& 5 % ;0 / / . 3 !8 /, 3 #$ & 8

3 / *@ &' % SCE /,62 , #$ &% (3.3!/, ) 3 ,!%% *8#$ &% SCE 2020 .' / #$ &%!% < Cisco SCE 2020 /, 2 #$&% @G $&

3 ' / SCE 2020 !:8$ .3!/ % $ #$ &%3 3 &

#$ &%3 ,3.. & # $ &% &%$ -!

& % 2 SCE 2020 6! Net Barrier Basic / $3 3 ,3. 3 %#$ &% 3#$ &% /,% *@3!62 !61 @ @K / $ 3 /,

8 :+ * /2'*' 4 '2%2,!

!%

3. /,//.b % &: + %8$ 3 ,! . 6/ / @G 2 % / ,6 4 % 2# $ &!$ + 3 ,%7 !: ,8 ; 3% *' Cisco SCE 1010 3 5 . % 6 %$3 < Y , % ;0// & SCE 2020 %.%/, 38-,G & @G $3 3 , 3. %$ < ., / , ! : 3 ,/ ,3! @@G :+! @ . 3: 3 6 +:+ 8 " -R Cisco SCE 2020 !:/,,$3 3 ,.b %&:+ 3 ,! ;

-..b %!! &% @@G 8 -!$4< Y@5 ;!. ! : # O@@G ' 3 3/' 2 #$ &% %' %$ 8 2 2 3 3 / ** % " <

! "# $%&

,2 :+ !6 1 8, ( )8 Plala .!/$ / , O Information Security Management System / ! BRS (www.brsltd.org) 3 , Privacy Mark / ! JIPDEC ,O1 > *+ 2 % , 2( I 2 ,

6 / ( ) 2!$ 8+ 0// $ !8 Plala 2 3 , Plala .6!% $ /1 82 3 ;22 8 Net Barrier Basic ' ( )8 .' Q @3 %#$ &%

3% / 3 #$ & :

%

%

-8@G $3 2 7., /2' ' 2 3 !% ' 4 1 28& " *+ , !8+ !:! /2 % % 8 <

Í‹Ò¹à¾ÔÁè àμÔÁ • Cisco SCE 2000 Series Service Control Engine cisco.com/packet/182_8b1 • Cisco SCE 2000 Series White Papers cisco.com/packet/182_8b2

PACKET CISCO SYSTEMS 2007

p33-35_Cisco.pmd

35

25/1/2550, 11:46

35

THE LATEST PRODUCTS

Cisco MDS 9513 Multilayer Director Switch 10 ! " isco MDS 9513 Multilayer Director Switch ! "## $$% !&'()* (Consolidate) .' /0 &" 200! 4!"# /.627 "'8 ) #':8" " :0 528 ' "# !=() "$ . 1, 2, 4 ( :0 10 # $ /06.AB2= ( $ Fibre Channel-over-IP (FCIP), SCSI-over-IP (iSCSI) "# Fibre Connection (FICON) !# $ $A !EB

MDS 9513 10

! " #$ %

36

p36-37_Cisco.pmd

PACKET CISCO SYSTEMS 2007

36

25/1/2550, 11:17

JCisco MDS 9513 (6 " (Core Switch) =#$ $($ SAN (Storage-Area Network) =% :!& '() * L Alison Conigliaro-Hubbard ZA B&"Z. / & $ &A2= Cisco MDS 9000 " && $A #. "# "'' =$% #: . MDS 9513 &T!=$ ) "# $ &A . 4 "# 10 # $ 2= MDS 9513 := $B$=) J Z$ "#'0 ' !=7$ "$ :$ 26 2= E MDS L Dan Hersey [ , Data Center, Switching, and Security Technology Group / & $ J'#&A$% :/0 "# ) :="# /0 :$Z ZA ( 2: $ )L ! MDS "B / &:" &A 32 '2= MDS 9509 '( ( 4# Oversubscription /0 0) ( " ^ ' B ' $ $ 2' Backplane # : = B K $.A:!&A MDS 9513 =( $:. "'&A ) " ^0 4 "# 10 # $ "$/ 8 # "#"'' . $!=7$# 2 " $ 1 0 2 # $ ) &A MDS 9513 0 BK! =$ $ Port Bandwidth Reservation /0 !=ZA "A . Line Rate 8/ :=# '(" ^ $:! ! 26

$ &! Role-Based Access Control (RBAC) J MDS 9513 BK Consolidate ($ VSAN % :! "' =0 L Conigliaro-Hubbard $ J"B K = T E 7 = "#8U # W4 VSAN =$ ) : &! &/A ' $)L 2=A' Cisco MDS 9513 & : cisco.com/packet/182_9a1

# ^ 4'($ SAN ^ "#6#$% :$0)$ / &0 'f && Virtual SAN (VSAN) 0)Z ($ SAN =$) :&'() * 4' &:$$B "# = ($"$#!=2 "$#'! Cisco MDS 9513 #A:!= VSAN $ "# = VSAN . 2:B ) ^ j = / "#& (Policy) "$# VSAN !=ZAA""'' : )".)=( PACKET CISCO SYSTEMS 2007

p36-37_Cisco.pmd

37

25/1/2550, 11:17

37

M O V E M E N T

$# %&!&" ' #

MFEC Gold Certified Partner

! & .* !# ' 3A'4.*"Q ' >4+,* 7'3'#' +,*+ 3 :Human NetworkU 3'0 7 : +1 U "2 &, $ 4.4+1 #.* 73

4 4 7'*A 4/93'#" "'7 "3&1 3'#7"# /.4#7.4 :.* + 1 U 4 '7 %, 4 & ; 4 . 4 * +, '9 / 7,',''*9"V, 77.6

( ) ! ("# $% ) & '* CISCO Gold Certified Partner +, "- $ (.) "#/, ! 0 & (,1) , MFEC "# $% "2 3 +"#$ 45# Gold Certified Partner 3* MFEC 647 "2 % 1 &.4% 7 2 7 .6 * "2 3 &,*# Gold Partner *4"2 4 7# 17 7+, ' 7%

"&("& )"*#+ 7!H 4 "#% ( 7 2 ) 7%" KL1*4 4 &,*3'#' ! ("# $% ) & '*, CISCO Premier Certified Partner +, 9 /W "#$ W ( 7 2 .) % ! ' 1 7 & "2 3 &,* ' > ? . 4 "# Premier Certified Partner 7 14 *4"2 4 7 1* &' #'*9 ' 9,' (Manufacturing) 3'#Y' 3

!" !# Premier Certified Partner "

“ ”

7!H ! ("# $ % ) & % "#$3*4 4 # 3 ' ' 1 7 & 7 "2 3 &,*' >?.4 "# Premier Certified Partner 7 13 *4"2 4 4 "#% ( ) 7%" KL1*4 4 &,* 3'#' ! ("# $ % ) & '*, CISCO Premier Certified Partner +, 9; A (.) # 3 ' '1 7 & ( )

! ("# $% ) & & #.* !1 &# ' ,647 + + , 94 +, . :/9*4 74 " 1;3 <$54= 674 ># $6 ,' 9-> ? . *9 7 3 A 1 B9 +4 4 % $3 D1 4 ( 7 3 ) . * "5A$+, . <$54= +, $6";;3'# + 7 %"

PACKET CISCO SYSTEMS 2007

p39_Movement_2.pmd

39

25/1/2550, 11:47

39

Packet200701-part2

Overview

More details

More Documents from "Kowit Meboon"

Ictphetchbury@schd-finalexamination_2-2551

Manual Draft4

Cisco Systems Users Magazine

Color Theory

Packet200701-part2