Router Architecture Slots Install
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Router Architecture Slots Install as PDF for free.
More details
- Words: 2,905
- Pages: 52
Cisco’s Integrated Services Routers
Thomas Krewedl [email protected] 0664-4234611
Session Number Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
1
Agenda
• Market Trends and Momentum for Services • Cisco Integrated Services Routing Architecture • Cisco’s Integrated Services Routing Portfolio • Wireless Services on the Cisco 2800 & 3800 Series Integrated Services Routers
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
2
MARKET TRENDS AND MOMENTUM FOR SERVICES
Presentation_ID
© © 2004, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
3
Customer Priorities Q. What functions that SHOULD be router-integrated? Firewall VPN Intrusion Detection Anti-Virus Software IP Telephony Compression Content Filtering Caching QoS Streaming Multicasting 0
50
100
150
200
Cisco-Sponsored Yankee Survey: June 03 Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
250 n=331 4
New Router Portfolio That Extends Integrated Services to Businesses of All Sizes • FIRST portfolio engineered for secure, wire-speed delivery of concurrent data, voice and video services • Cisco’s integrated systems approach to embedded services speeds deployment and reduces operating costs and complexity • Founded on more than 20 years of innovation and leadership— FIRST to embed security and voice services into a single routing system Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
5
Cisco’s New Integrated Services Routers New Systems Approach For Services Embedded Security tightly integrated with Voice
3800 series Up to… 5X service density, 7X performance, 4X memory! Backward compatibility with existing router modules for solid investment protection Presentation_ID
Sustained wire-speed performance with concurrent services
Integrated Services Routers
© 2004 Cisco Systems, Inc. All rights reserved.
1800 series
2800 series Industry-leading network availability and resilience 6
The Value of a Systems Approach Tightly Integrated Services Toll-Quality Secure Voice
V3PN (IPSec, QoS, GRE) Deliver latencysensitive data, voice, video traffic across the VPN
(Voice, QoS, sRTP)
Voice
DMVPN (IPSec, NHRP, OSPF) Enables on-demand and scalable full VPN mesh and easy to manage. Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Security
Routing Services
Deliver toll quality IP Telephony over an IP WAN
Network Admission Control (EAP, Radius ACLs) Limits network access to compliant and trusted endpoints 7
Scalable from Small Business to Large Enterprises Right-Sized Router, Right-Sized Requirements
Performance and Services Density
3800 Series 2800 Series FCS Oct 04 Highest Density and Performance for Concurrent Services
1800 Series FCS Sept 04
Embedded, Advanced Voice, Video, Data & Security Services Integrated Security & Data Enterprise Branch
Presentation_ID
FCS Sept 04
© 2004 Cisco Systems, Inc. All rights reserved.
SM Branch
SMB 8
Investment Protection and Migration Path FCS Oct 04 Cisco 3800 Series
FCS Sept 04 Cisco 2800 Series FCS Sept 04 Cisco 1800 Series
Cisco 3700 Series
Presentation_ID
Cisco 2600XM Series
Cisco 1751/ 1760
© 2004 Cisco Systems, Inc. All rights reserved.
Cisco 1721
Cross compatibility with existing router modules Increased default memory Additional DRAM, reduced costs New feature development and additions until IOS 12(5) mainline No EOS for at least 18-24 months Continued software support for 5 years after last sale 9
Cisco’s Integrated Services Routers CISCO 3825 $9500
CISCO 2801 $1995
CISCO 2811 CISCO 3845
$2495
$13000
CISCO 2821 $3895
CISCO 1841 $1395
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
CISCO 2851 $6495
10
18/28/3800 Concurrent Services at Wire Speed 3845 1 T3/E3 CME:240 SRST:720
T3/E3
3825 ½ T3/E3 CME:168 SRST:336 2821 2851 2811 6 T1/E1 2 T1/E1 4 T1/E1 2801 CME:36 CME:48 CME:96 1 T1/E1 SRST:36 SRST:48 SRST:96 CME:24 SRST:24 1841 1 T1/E1
Multiple T1/E1/xDSL
T1/E1/xDSL
Wan Bandwidth Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
11
2800/3800 Platform Overview 70-100kpps 64F/128D DDR
2801 USB
FE FE
HWIC
VWIC
VWIC
130-160kpps 64F/256D DDR
2811 NME
HWIC
HWIC
HWIC
FE
HWIC
HWIC
FE
USB USB
• • • • • • • • • •
Complete New Line of Full Service Branch Access Routers 2-5x Increased routing performance * 2-10x services performance * Concurrent Services running at Wire-Rate Increased Memory Integrated 10/100/1000 LAN, Security and Voice options New Modules (GE, Switch, Voice) New higher speed module technologies NMEs, HWICs, EVMs Supports most current 1700/2600 modules
180-210kpps 64F/256D DDR
2821
280-350kpps 64F/256D
3825 NME
GE GE HWIC HWIC
HWIC HWIC
EVM
NME
200-250kpps 64F/256D DDR
2851 GE GE
HWIC
HWIC
HWIC
HWIC
EVM
USB USB
NME Presentation_ID
HWIC
NME
USB USB
© 2004 Cisco Systems, Inc. All rights reserved.
HWIC
HWIC GE USB USB HWIC GE SFP
400-500kpps 64F/256D
3845 USB USB
HWIC
HWIC
HWIC
GE
HWIC
GE SFP
NME
NME
NME
NME
12
CISCO’S INTEGRATED SERVICES ROUTING ARCHITECTURE
Presentation_ID
© © 2004, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
13
NEW Architecture-Core/Memory DRAM
Flash
CPU PCI
Current
Flash RTC
DRAM
CPU ASIC NEW
DRAM/Flash
256M EDO/48M Up to 4X the density
Processor Real Time Clock
Up to 40Mbps
Custom ASIC
N/A
Presentation_ID
N/A
© 2004 Cisco Systems, Inc. All rights reserved.
Up to 250Mbps Time-of-day on system power up. Necessary for certificates Module Integration communication (HWIC, NM, AIM, DSPs,etc…) 14
NEW Architecture-WICs/Network Modules Flash DRAM CPU PCI
WIC WIC
RTC
FE
DSP
FE
VPN
DRAM
NM
CPU
ASIC
GE GE
Current
EVM
AIM In-line Power
USB USB HWIC HWIC HWIC HWIC
AIM
AIM In-line Power
Flash
NME New
Up to 4 NMs (400Mbps aggregate) Up to 4-NME (up to 1.2Gbps aggregate) Up to 3 WICs (8Mbps shared) External Device for Inline Power (exception 3700 Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Up to 4 HWICs (800Mbps aggregate) Internal Inline Power (up to 360W) 15
NEW Architecture-AIMs/USB/LAN Interfaces Flash DRAM CPU PCI
WIC WIC
Flash RTC
FE
DSP
FE
VPN
DRAM
CPU
ASIC
AIM
AIM NM
In-line Power
HWIC HWIC HWIC HWIC GE GE EVM
AIM
NME
In-line Power Current
USB USB
NEW
Single/Dual FE
Dual FE/GE, Optional GE SFP HWIC
1-2 AIMs No USB ports
1-2 AIMs – Higher speed 1-2 USB ports per chassis
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
16
NEW Architecture-Security Flash DRAM
WIC WIC
CPU PCI
RTC
FE
DSP
FE
VPN
DRAM
CPU
ASIC
AIM
AIM NM
In-line Power Requires AIM
© 2004 Cisco Systems, Inc. All rights reserved.
USB USB HWIC HWIC HWIC HWIC GE GE EVM
AIM In-line Power
Current
Presentation_ID
Flash
NME
NEW
Built-in VPN or AIM DES/3DES/AES128,192,256 17
NEW Architecture-Voice Flash DRAM CPU
WIC WIC FE
PCI
FE
RTC DSP VPN
DRAM
CPU
ASIC
AIM
AIM In-line Power
NM
Requires Voice NM Dedicated DSPs TDM switching 3700 only
USB USB HWIC HWIC HWIC HWIC GE GE EVM
AIM In-line Power
Current
Presentation_ID
Flash
NME
NEW
HWICs support VICs and EVM slot Shared DSP slots on MB TDM switching supported in 2800/3800 series
© 2004 Cisco Systems, Inc. All rights reserved.
18
CISCO’S INTEGRATED SERVICES ROUTING PORTFOLIO
Presentation_ID
© © 2004, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
19
New Cisco 3845 Router Power + 802.3af Power + 802.3af USB USB
VPN
AIM
HWIC HWIC HWIC HWI C NME NME
NME/HWIC Slots Onboard DSP Slots
X X
NME NME
AIM
GE SFP
GE D D
XD XD
4 single-wides /4 single-wides Can accommodate up to 2 EVMs in any NME slot 4
Internal Power Supplies
1-2 (AC, AC+IP, DC), RPS support
VPN Tunnels
2500 (AIM), or 700 (VPN on-board)
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
20
New Network Module and WIC Slot Types NM
i.e16ESW
NME
i.e EVM-HD-xxx
NME-X
Future Use
NMD
i.e. 36ESW
NME-XD HWIC Presentation_ID
removable slot dividers
Future Use
HWIC-D © 2004 Cisco Systems, Inc. All rights reserved.
21
New Cisco 3825 Router
Power + 802.3af NME NME
VPN
X X
NME/HWIC Slots Onboard DSP Slots
D HWIC
HWIC
GE
HWIC
HWIC
GE
AIM XD USB USB SFP
2 single-wides /4 single-wides Can accommodate up to 1 EVM in any NME slot 4
Internal Power Supplies VPN Tunnels Presentation_ID
AIM
© 2004 Cisco Systems, Inc. All rights reserved.
1 (AC, AC+IP, DC), RPS support 2000 (AIM), or 500 (VPN on-board) 22
New Cisco 2851/2821 Router Power + 802.3af
VPN
GE GE HWIC HWIC HWIC HWIC NME
Presentation_ID
D
EVM
AIM USB USB
EVM
X
GE GE HWIC HWIC HWIC HWIC NME
AIM
XD
USB USB
X
© 2004 Cisco Systems, Inc. All rights reserved.
23
New Cisco 2811/2801 Router
Power + 802.3af USB
Presentation_ID
FE
FE FE
HWIC HWIC HWIC HWIC
NME
FE
VPN HWIC
© 2004 Cisco Systems, Inc. All rights reserved.
AIM VWIC HWIC
USB USB
AIM VWIC
24
2800 Comparison
2801 2811 2821 2851 NME / Dedicated EVM Slot 0/0 1/0 1/1 1/1 HWIC 2 4 4 4 Onboard DSP Slots 2 2 3 3 Onboard LAN 2 FE 2 FE 2 GE 2 GE Internal Power Supply/RPS support 1/No 1/Yes 1/Yes 1/Yes VPN Tunnels (VPN on-board/AIM) 100/800 150/1800 250/1800 300/1800
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
25
New Cisco 1841 Router Power
USB
VPN FE FE
AIM HWIC HWIC
The only Desktop form factor model HWIC Slots
2 single-wides
Onboard DSP Slots Internal Power Supply VPN Tunnels
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
None, Data Only 1 (AC only), no RPS support 800 (AIM), or 100 (VPN on-board)
26
Cisco Access Router Interface Cards and Modules • Supports 90+ existing NM, WIC/VIC/VWIC, AIM • Flexible expansion (HWIC NME, EVM), additional concurrent services • Updated Cisco Access Router Quick Reference Guide
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
27
High-Speed WAN Interfaces New 9 & 4 port Etherswitch HWICs
• Support in 1800/2800/3800 • Low density L2 switching • Supports standards based POE (802.3af) with optional inline power supply Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
28
High-Speed WAN Interfaces New Gigabit Ethernet HWIC
• Offers Optical and Copper connectivity without NM occupancy • Support in 2811, 2821, 2851 & 3800 only
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
29
Extended Voice Module (EVM-HD) EM 1
EM 0
New RJ21 Connector
• EVM (voice/fax expansion modules) supports highdensity FXS, FXO, Analog-DID and BRI ports • Baseboard: EVM-HD-8FXS/DID • Expansion Modules: EM-HDA-8FXS
EM-HDA-3FXS/4FXO
EM-4BRI-NT/TE
EM-HDA-6FXO
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
30
Removing Compact Flash (CF) Removing CF
1
1. Press ejector button and arm extends 2. Push ejector arm in and CF comes out
2 Installing CF 6. Ejector arm pushed in 7. Insert CF into slot and push in
• Storage of IOS image, SDM, CME files, VLAN, etc… • Do not remove CP from operating router Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
31
Integrated Power Supply
Field Replaceable AC/DC and AC+POE Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
32
PVDM2 Installation
1. Angle PVDM into slot to seat Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
33
PVDM2 Installation
Removal order: PVDM2 PVDM1 PVDM0
Installation order: PVDM0 PVDM1 PVDM2
To remove Prey open tabs on both sides
2. Push up and snap into place Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
34
NME Slot
Align NME with grooves Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Removable slot dividers 35
Wireless Services on the Cisco 2800 & 3800 Series Integrated Services Routers
Presentation_ID
© © 2004, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
36
Outline • Wireless Services on Routers Cisco Integrated Services Routers Wireless Services for Branch Offices Fast, Secure Mobility Survivable Local Authentication Scalability Feature Sets
• Future Services – SWAN support Rogue Detection Assisted Site Surveys
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
37
Wireless Services Integrated With Wired Infrastructure HQ / CAMPUS
BRANCH 1 W
Catalyst 6500 Series WLSM
LAN core & WAN
Catalyst 6500 Series WLSM
W
LAN access layer with per-switch wireless VLANs
W
LAN access layer
Wide Area Network (Intranet)
BRANCH 2 Cisco 3800 & 2800 Routers W LAN with site-wide wireless VLANs
Guest
Presentation_ID
Phone Employee © 2004 Cisco Systems, Inc. All rights reserved.
38
Wireless Services – Fast Secure Mobility for Voice, Video, VPN ACS
WLSE W
LAN core & WAN LAN access layer with per-switch wireless VLANs
W
W
LAN access layer
Wide Area Network (Intranet)
Layer 3
W LAN with site-wide wireless VLANs
Layer 3 Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Layer 2
Fast secure mobility (as little as 50ms) maintains latency-sensitive connections
39
Wireless Services – Fast Secure Mobility for Voice, Video, VPN • Fast secure mobility enables wireless clients to maintain voice, video, VPN connections when moving between access points • Mobility time is reduced from ~500ms to as low as 50ms through WDS-based authentication for the handoff No need to go back to the ACS server across the WAN for authentication again (note that the initial authentication still requires access to the ACS server)
• Supported with: Cisco Aironet Access Points, and Cisco Aironet or Cisco Compatible client devices that support the Cisco Centralized Key Management protocol and Cisco LEAP
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
40
Wireless Services – Survivable Local Authentication ACS
WLSE
ACS Failure
W
Survivable Local Authentication
LAN core & WAN
Survivable Local Authentication
W
W
LAN access layer with per-switch wireless VLANs
Backup Switch & WLSM
LAN access layer
Wide Area Network (Intranet)
WAN Failure
W
Survivable Local Authentication
LAN with site-wide wireless VLANs
Guest
Presentation_ID
Phone Employee © 2004 Cisco Systems, Inc. All rights reserved.
41
Wireless Services – Survivable Local Authentication • The wireless LAN can survive a variety of failures: WAN Link Failures – through dial backup & local authentication ACS Server Failures – through local authentication
• During a loss of connectivity to the ACS server: Clients already connected to the network maintain their WLAN access New clients trying to authenticate to the network are authenticated by the local authentication server
• Supported with: Cisco Aironet Access Points, and
Presentation_ID
Cisco Aironet or Cisco Compatible client devices that support the Cisco Centralized Key Management protocol and Cisco LEAP © 2004 Cisco Systems, Inc. All rights reserved.
42
Wireless Services – Scalable for Branch Offices of All Sizes
Cisco 3845 Cisco 3825 Cisco 3745 Cisco 3725 Cisco 2851 Cisco 2821 Cisco 2811 Cisco 2691 Cisco 2600XM Cisco 2801 Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Access Points Supported 100 APs
Local Authentication Client Database 1000 clients
50
500
25 20
250 200
10
100
5
50 Future 43
Wireless Services – Feature Sets Supported IOS 12.3(11)T or later IOS Advanced Enterprise Services feature set (K9) IOS Advanced IP Services feature set (K9) IOS Advanced Security feature set (K9) IOS SP Services feature set (K9) IOS Enterprise Services feature set (K9)
Wireless Services
Note – The above feature sets include the wireless services – no additional feature License is required. Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
44
Outline • Wireless Services on Routers Cisco Integrated Services Routers Wireless Services for Branch Offices Fast, Secure Mobility Survivable Local Authentication Scalability Feature Sets
• Future Services – SWAN support Rogue Detection Assisted Site Surveys
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
45
Wireless Services – RM Aggregation for Rogue Detection ACS
WLSE W Rogue AP
LAN core & WAN
W
LAN access layer with per-switch wireless VLANs
W
LAN access layer
Wide Area Network (Intranet) RM Aggregation
W LAN with site-wide wireless VLANs RM
RM
Guest
Presentation_ID
Phone Employee © 2004 Cisco Systems, Inc. All rights reserved.
Rogue Access Point
RM
46
Wireless Services – Radio Management Aggregation for Site Surveys 1. CiscoWorks WLSE instructs APs to measure and report the Radio Frequency (RF) environment and pushes optimal RF configurations to APs 2. CiscoWorks WLSE uses measurements from a client as it walks the perimeter of the coverage area to further fine-tune RF coverage
W
WLSE
CiscoWorks WLSE controls the process
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
47
Wireless Services – Roadmap
Benefit WDS with fast, secure layer 2 roaming IEEE 802.1X (backup) local authentication for LEAP clients Access point support (minimum release) RM aggregation WLSE support
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Security, Fast Mobility High Availability AP1100, AP1200 compatible Rogue Detection, Site Survey, SWAN
Router-IOS 12.3(11)T
Future Releases
AP-IOS 12.3 (11)JA
AP-IOS Fluorine Spring’05 12.3(6th)T, WLSE 3.0
48
New IOS Software Architecture in 12.3 Simplified Image Selection
Advanced Enterprise Services
• Simplifies options (from 44 to 8)
NAC•
SSH
“Advanced Security” replaces: IP/FW/IDS
Advanced IP Services NAC SSH
Enterprise Services
IP FW
IP Plus IPSec IP/FW/IDS/IPSec SSH
• Security features Network Admission Control
Advanced Security SSH NAC
SP Services SSH
Enterprise Base
IP Voice IP Base Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
IOS Firewall Intrusion Prevention
SSH
DMVPN, AES SSH and SNMPV3 (DES) • As you step up, all features below are inherited • www.cisco.com/go/fn 49
Cisco 1800/2800/3800 Release Plan • 3800, 2800, 1800 Platforms Announcement: External Announcement – Sept 14, 2004
• For 1800/2800 Platforms: T train release – 12.3(8)T Target CCO date 9/13/2004 Target Orderability date – 9/16/2004 Target FCS date - End of Sept 2004
• For 3800 Platforms: T train release - 12.3(11)T Target CCO date – Oct 2004 Target FCS Oct 2004
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
50
Q and A
Presentation_ID
© © 2004, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
51
Presentation_ID
© © 2003, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
52
Thomas Krewedl [email protected] 0664-4234611
Session Number Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
1
Agenda
• Market Trends and Momentum for Services • Cisco Integrated Services Routing Architecture • Cisco’s Integrated Services Routing Portfolio • Wireless Services on the Cisco 2800 & 3800 Series Integrated Services Routers
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
2
MARKET TRENDS AND MOMENTUM FOR SERVICES
Presentation_ID
© © 2004, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
3
Customer Priorities Q. What functions that SHOULD be router-integrated? Firewall VPN Intrusion Detection Anti-Virus Software IP Telephony Compression Content Filtering Caching QoS Streaming Multicasting 0
50
100
150
200
Cisco-Sponsored Yankee Survey: June 03 Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
250 n=331 4
New Router Portfolio That Extends Integrated Services to Businesses of All Sizes • FIRST portfolio engineered for secure, wire-speed delivery of concurrent data, voice and video services • Cisco’s integrated systems approach to embedded services speeds deployment and reduces operating costs and complexity • Founded on more than 20 years of innovation and leadership— FIRST to embed security and voice services into a single routing system Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
5
Cisco’s New Integrated Services Routers New Systems Approach For Services Embedded Security tightly integrated with Voice
3800 series Up to… 5X service density, 7X performance, 4X memory! Backward compatibility with existing router modules for solid investment protection Presentation_ID
Sustained wire-speed performance with concurrent services
Integrated Services Routers
© 2004 Cisco Systems, Inc. All rights reserved.
1800 series
2800 series Industry-leading network availability and resilience 6
The Value of a Systems Approach Tightly Integrated Services Toll-Quality Secure Voice
V3PN (IPSec, QoS, GRE) Deliver latencysensitive data, voice, video traffic across the VPN
(Voice, QoS, sRTP)
Voice
DMVPN (IPSec, NHRP, OSPF) Enables on-demand and scalable full VPN mesh and easy to manage. Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Security
Routing Services
Deliver toll quality IP Telephony over an IP WAN
Network Admission Control (EAP, Radius ACLs) Limits network access to compliant and trusted endpoints 7
Scalable from Small Business to Large Enterprises Right-Sized Router, Right-Sized Requirements
Performance and Services Density
3800 Series 2800 Series FCS Oct 04 Highest Density and Performance for Concurrent Services
1800 Series FCS Sept 04
Embedded, Advanced Voice, Video, Data & Security Services Integrated Security & Data Enterprise Branch
Presentation_ID
FCS Sept 04
© 2004 Cisco Systems, Inc. All rights reserved.
SM Branch
SMB 8
Investment Protection and Migration Path FCS Oct 04 Cisco 3800 Series
FCS Sept 04 Cisco 2800 Series FCS Sept 04 Cisco 1800 Series
Cisco 3700 Series
Presentation_ID
Cisco 2600XM Series
Cisco 1751/ 1760
© 2004 Cisco Systems, Inc. All rights reserved.
Cisco 1721
Cross compatibility with existing router modules Increased default memory Additional DRAM, reduced costs New feature development and additions until IOS 12(5) mainline No EOS for at least 18-24 months Continued software support for 5 years after last sale 9
Cisco’s Integrated Services Routers CISCO 3825 $9500
CISCO 2801 $1995
CISCO 2811 CISCO 3845
$2495
$13000
CISCO 2821 $3895
CISCO 1841 $1395
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
CISCO 2851 $6495
10
18/28/3800 Concurrent Services at Wire Speed 3845 1 T3/E3 CME:240 SRST:720
T3/E3
3825 ½ T3/E3 CME:168 SRST:336 2821 2851 2811 6 T1/E1 2 T1/E1 4 T1/E1 2801 CME:36 CME:48 CME:96 1 T1/E1 SRST:36 SRST:48 SRST:96 CME:24 SRST:24 1841 1 T1/E1
Multiple T1/E1/xDSL
T1/E1/xDSL
Wan Bandwidth Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
11
2800/3800 Platform Overview 70-100kpps 64F/128D DDR
2801 USB
FE FE
HWIC
VWIC
VWIC
130-160kpps 64F/256D DDR
2811 NME
HWIC
HWIC
HWIC
FE
HWIC
HWIC
FE
USB USB
• • • • • • • • • •
Complete New Line of Full Service Branch Access Routers 2-5x Increased routing performance * 2-10x services performance * Concurrent Services running at Wire-Rate Increased Memory Integrated 10/100/1000 LAN, Security and Voice options New Modules (GE, Switch, Voice) New higher speed module technologies NMEs, HWICs, EVMs Supports most current 1700/2600 modules
180-210kpps 64F/256D DDR
2821
280-350kpps 64F/256D
3825 NME
GE GE HWIC HWIC
HWIC HWIC
EVM
NME
200-250kpps 64F/256D DDR
2851 GE GE
HWIC
HWIC
HWIC
HWIC
EVM
USB USB
NME Presentation_ID
HWIC
NME
USB USB
© 2004 Cisco Systems, Inc. All rights reserved.
HWIC
HWIC GE USB USB HWIC GE SFP
400-500kpps 64F/256D
3845 USB USB
HWIC
HWIC
HWIC
GE
HWIC
GE SFP
NME
NME
NME
NME
12
CISCO’S INTEGRATED SERVICES ROUTING ARCHITECTURE
Presentation_ID
© © 2004, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
13
NEW Architecture-Core/Memory DRAM
Flash
CPU PCI
Current
Flash RTC
DRAM
CPU ASIC NEW
DRAM/Flash
256M EDO/48M Up to 4X the density
Processor Real Time Clock
Up to 40Mbps
Custom ASIC
N/A
Presentation_ID
N/A
© 2004 Cisco Systems, Inc. All rights reserved.
Up to 250Mbps Time-of-day on system power up. Necessary for certificates Module Integration communication (HWIC, NM, AIM, DSPs,etc…) 14
NEW Architecture-WICs/Network Modules Flash DRAM CPU PCI
WIC WIC
RTC
FE
DSP
FE
VPN
DRAM
NM
CPU
ASIC
GE GE
Current
EVM
AIM In-line Power
USB USB HWIC HWIC HWIC HWIC
AIM
AIM In-line Power
Flash
NME New
Up to 4 NMs (400Mbps aggregate) Up to 4-NME (up to 1.2Gbps aggregate) Up to 3 WICs (8Mbps shared) External Device for Inline Power (exception 3700 Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Up to 4 HWICs (800Mbps aggregate) Internal Inline Power (up to 360W) 15
NEW Architecture-AIMs/USB/LAN Interfaces Flash DRAM CPU PCI
WIC WIC
Flash RTC
FE
DSP
FE
VPN
DRAM
CPU
ASIC
AIM
AIM NM
In-line Power
HWIC HWIC HWIC HWIC GE GE EVM
AIM
NME
In-line Power Current
USB USB
NEW
Single/Dual FE
Dual FE/GE, Optional GE SFP HWIC
1-2 AIMs No USB ports
1-2 AIMs – Higher speed 1-2 USB ports per chassis
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
16
NEW Architecture-Security Flash DRAM
WIC WIC
CPU PCI
RTC
FE
DSP
FE
VPN
DRAM
CPU
ASIC
AIM
AIM NM
In-line Power Requires AIM
© 2004 Cisco Systems, Inc. All rights reserved.
USB USB HWIC HWIC HWIC HWIC GE GE EVM
AIM In-line Power
Current
Presentation_ID
Flash
NME
NEW
Built-in VPN or AIM DES/3DES/AES128,192,256 17
NEW Architecture-Voice Flash DRAM CPU
WIC WIC FE
PCI
FE
RTC DSP VPN
DRAM
CPU
ASIC
AIM
AIM In-line Power
NM
Requires Voice NM Dedicated DSPs TDM switching 3700 only
USB USB HWIC HWIC HWIC HWIC GE GE EVM
AIM In-line Power
Current
Presentation_ID
Flash
NME
NEW
HWICs support VICs and EVM slot Shared DSP slots on MB TDM switching supported in 2800/3800 series
© 2004 Cisco Systems, Inc. All rights reserved.
18
CISCO’S INTEGRATED SERVICES ROUTING PORTFOLIO
Presentation_ID
© © 2004, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
19
New Cisco 3845 Router Power + 802.3af Power + 802.3af USB USB
VPN
AIM
HWIC HWIC HWIC HWI C NME NME
NME/HWIC Slots Onboard DSP Slots
X X
NME NME
AIM
GE SFP
GE D D
XD XD
4 single-wides /4 single-wides Can accommodate up to 2 EVMs in any NME slot 4
Internal Power Supplies
1-2 (AC, AC+IP, DC), RPS support
VPN Tunnels
2500 (AIM), or 700 (VPN on-board)
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
20
New Network Module and WIC Slot Types NM
i.e16ESW
NME
i.e EVM-HD-xxx
NME-X
Future Use
NMD
i.e. 36ESW
NME-XD HWIC Presentation_ID
removable slot dividers
Future Use
HWIC-D © 2004 Cisco Systems, Inc. All rights reserved.
21
New Cisco 3825 Router
Power + 802.3af NME NME
VPN
X X
NME/HWIC Slots Onboard DSP Slots
D HWIC
HWIC
GE
HWIC
HWIC
GE
AIM XD USB USB SFP
2 single-wides /4 single-wides Can accommodate up to 1 EVM in any NME slot 4
Internal Power Supplies VPN Tunnels Presentation_ID
AIM
© 2004 Cisco Systems, Inc. All rights reserved.
1 (AC, AC+IP, DC), RPS support 2000 (AIM), or 500 (VPN on-board) 22
New Cisco 2851/2821 Router Power + 802.3af
VPN
GE GE HWIC HWIC HWIC HWIC NME
Presentation_ID
D
EVM
AIM USB USB
EVM
X
GE GE HWIC HWIC HWIC HWIC NME
AIM
XD
USB USB
X
© 2004 Cisco Systems, Inc. All rights reserved.
23
New Cisco 2811/2801 Router
Power + 802.3af USB
Presentation_ID
FE
FE FE
HWIC HWIC HWIC HWIC
NME
FE
VPN HWIC
© 2004 Cisco Systems, Inc. All rights reserved.
AIM VWIC HWIC
USB USB
AIM VWIC
24
2800 Comparison
2801 2811 2821 2851 NME / Dedicated EVM Slot 0/0 1/0 1/1 1/1 HWIC 2 4 4 4 Onboard DSP Slots 2 2 3 3 Onboard LAN 2 FE 2 FE 2 GE 2 GE Internal Power Supply/RPS support 1/No 1/Yes 1/Yes 1/Yes VPN Tunnels (VPN on-board/AIM) 100/800 150/1800 250/1800 300/1800
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
25
New Cisco 1841 Router Power
USB
VPN FE FE
AIM HWIC HWIC
The only Desktop form factor model HWIC Slots
2 single-wides
Onboard DSP Slots Internal Power Supply VPN Tunnels
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
None, Data Only 1 (AC only), no RPS support 800 (AIM), or 100 (VPN on-board)
26
Cisco Access Router Interface Cards and Modules • Supports 90+ existing NM, WIC/VIC/VWIC, AIM • Flexible expansion (HWIC NME, EVM), additional concurrent services • Updated Cisco Access Router Quick Reference Guide
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
27
High-Speed WAN Interfaces New 9 & 4 port Etherswitch HWICs
• Support in 1800/2800/3800 • Low density L2 switching • Supports standards based POE (802.3af) with optional inline power supply Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
28
High-Speed WAN Interfaces New Gigabit Ethernet HWIC
• Offers Optical and Copper connectivity without NM occupancy • Support in 2811, 2821, 2851 & 3800 only
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
29
Extended Voice Module (EVM-HD) EM 1
EM 0
New RJ21 Connector
• EVM (voice/fax expansion modules) supports highdensity FXS, FXO, Analog-DID and BRI ports • Baseboard: EVM-HD-8FXS/DID • Expansion Modules: EM-HDA-8FXS
EM-HDA-3FXS/4FXO
EM-4BRI-NT/TE
EM-HDA-6FXO
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
30
Removing Compact Flash (CF) Removing CF
1
1. Press ejector button and arm extends 2. Push ejector arm in and CF comes out
2 Installing CF 6. Ejector arm pushed in 7. Insert CF into slot and push in
• Storage of IOS image, SDM, CME files, VLAN, etc… • Do not remove CP from operating router Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
31
Integrated Power Supply
Field Replaceable AC/DC and AC+POE Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
32
PVDM2 Installation
1. Angle PVDM into slot to seat Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
33
PVDM2 Installation
Removal order: PVDM2 PVDM1 PVDM0
Installation order: PVDM0 PVDM1 PVDM2
To remove Prey open tabs on both sides
2. Push up and snap into place Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
34
NME Slot
Align NME with grooves Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Removable slot dividers 35
Wireless Services on the Cisco 2800 & 3800 Series Integrated Services Routers
Presentation_ID
© © 2004, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
36
Outline • Wireless Services on Routers Cisco Integrated Services Routers Wireless Services for Branch Offices Fast, Secure Mobility Survivable Local Authentication Scalability Feature Sets
• Future Services – SWAN support Rogue Detection Assisted Site Surveys
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
37
Wireless Services Integrated With Wired Infrastructure HQ / CAMPUS
BRANCH 1 W
Catalyst 6500 Series WLSM
LAN core & WAN
Catalyst 6500 Series WLSM
W
LAN access layer with per-switch wireless VLANs
W
LAN access layer
Wide Area Network (Intranet)
BRANCH 2 Cisco 3800 & 2800 Routers W LAN with site-wide wireless VLANs
Guest
Presentation_ID
Phone Employee © 2004 Cisco Systems, Inc. All rights reserved.
38
Wireless Services – Fast Secure Mobility for Voice, Video, VPN ACS
WLSE W
LAN core & WAN LAN access layer with per-switch wireless VLANs
W
W
LAN access layer
Wide Area Network (Intranet)
Layer 3
W LAN with site-wide wireless VLANs
Layer 3 Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Layer 2
Fast secure mobility (as little as 50ms) maintains latency-sensitive connections
39
Wireless Services – Fast Secure Mobility for Voice, Video, VPN • Fast secure mobility enables wireless clients to maintain voice, video, VPN connections when moving between access points • Mobility time is reduced from ~500ms to as low as 50ms through WDS-based authentication for the handoff No need to go back to the ACS server across the WAN for authentication again (note that the initial authentication still requires access to the ACS server)
• Supported with: Cisco Aironet Access Points, and Cisco Aironet or Cisco Compatible client devices that support the Cisco Centralized Key Management protocol and Cisco LEAP
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
40
Wireless Services – Survivable Local Authentication ACS
WLSE
ACS Failure
W
Survivable Local Authentication
LAN core & WAN
Survivable Local Authentication
W
W
LAN access layer with per-switch wireless VLANs
Backup Switch & WLSM
LAN access layer
Wide Area Network (Intranet)
WAN Failure
W
Survivable Local Authentication
LAN with site-wide wireless VLANs
Guest
Presentation_ID
Phone Employee © 2004 Cisco Systems, Inc. All rights reserved.
41
Wireless Services – Survivable Local Authentication • The wireless LAN can survive a variety of failures: WAN Link Failures – through dial backup & local authentication ACS Server Failures – through local authentication
• During a loss of connectivity to the ACS server: Clients already connected to the network maintain their WLAN access New clients trying to authenticate to the network are authenticated by the local authentication server
• Supported with: Cisco Aironet Access Points, and
Presentation_ID
Cisco Aironet or Cisco Compatible client devices that support the Cisco Centralized Key Management protocol and Cisco LEAP © 2004 Cisco Systems, Inc. All rights reserved.
42
Wireless Services – Scalable for Branch Offices of All Sizes
Cisco 3845 Cisco 3825 Cisco 3745 Cisco 3725 Cisco 2851 Cisco 2821 Cisco 2811 Cisco 2691 Cisco 2600XM Cisco 2801 Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Access Points Supported 100 APs
Local Authentication Client Database 1000 clients
50
500
25 20
250 200
10
100
5
50 Future 43
Wireless Services – Feature Sets Supported IOS 12.3(11)T or later IOS Advanced Enterprise Services feature set (K9) IOS Advanced IP Services feature set (K9) IOS Advanced Security feature set (K9) IOS SP Services feature set (K9) IOS Enterprise Services feature set (K9)
Wireless Services
Note – The above feature sets include the wireless services – no additional feature License is required. Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
44
Outline • Wireless Services on Routers Cisco Integrated Services Routers Wireless Services for Branch Offices Fast, Secure Mobility Survivable Local Authentication Scalability Feature Sets
• Future Services – SWAN support Rogue Detection Assisted Site Surveys
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
45
Wireless Services – RM Aggregation for Rogue Detection ACS
WLSE W Rogue AP
LAN core & WAN
W
LAN access layer with per-switch wireless VLANs
W
LAN access layer
Wide Area Network (Intranet) RM Aggregation
W LAN with site-wide wireless VLANs RM
RM
Guest
Presentation_ID
Phone Employee © 2004 Cisco Systems, Inc. All rights reserved.
Rogue Access Point
RM
46
Wireless Services – Radio Management Aggregation for Site Surveys 1. CiscoWorks WLSE instructs APs to measure and report the Radio Frequency (RF) environment and pushes optimal RF configurations to APs 2. CiscoWorks WLSE uses measurements from a client as it walks the perimeter of the coverage area to further fine-tune RF coverage
W
WLSE
CiscoWorks WLSE controls the process
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
47
Wireless Services – Roadmap
Benefit WDS with fast, secure layer 2 roaming IEEE 802.1X (backup) local authentication for LEAP clients Access point support (minimum release) RM aggregation WLSE support
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
Security, Fast Mobility High Availability AP1100, AP1200 compatible Rogue Detection, Site Survey, SWAN
Router-IOS 12.3(11)T
Future Releases
AP-IOS 12.3 (11)JA
AP-IOS Fluorine Spring’05 12.3(6th)T, WLSE 3.0
48
New IOS Software Architecture in 12.3 Simplified Image Selection
Advanced Enterprise Services
• Simplifies options (from 44 to 8)
NAC•
SSH
“Advanced Security” replaces: IP/FW/IDS
Advanced IP Services NAC SSH
Enterprise Services
IP FW
IP Plus IPSec IP/FW/IDS/IPSec SSH
• Security features Network Admission Control
Advanced Security SSH NAC
SP Services SSH
Enterprise Base
IP Voice IP Base Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
IOS Firewall Intrusion Prevention
SSH
DMVPN, AES SSH and SNMPV3 (DES) • As you step up, all features below are inherited • www.cisco.com/go/fn 49
Cisco 1800/2800/3800 Release Plan • 3800, 2800, 1800 Platforms Announcement: External Announcement – Sept 14, 2004
• For 1800/2800 Platforms: T train release – 12.3(8)T Target CCO date 9/13/2004 Target Orderability date – 9/16/2004 Target FCS date - End of Sept 2004
• For 3800 Platforms: T train release - 12.3(11)T Target CCO date – Oct 2004 Target FCS Oct 2004
Presentation_ID
© 2004 Cisco Systems, Inc. All rights reserved.
50
Q and A
Presentation_ID
© © 2004, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
51
Presentation_ID
© © 2003, 2004 Cisco Cisco Systems, Systems, Inc. Inc. All All rights rights reserved. reserved.
52
Related Documents
Router Architecture Slots Install
May 2020 1
Taller Slots
October 2019 19
Router
June 2020 15
Router
June 2020 27
Router
November 2019 26