Professional Documents
Culture Documents
Presentation_ID
14
15
3. Need shared nomenclature for security policies between network and server admin
vCenter Physical Switch Interface
16
Industrys most advanced virtual switch for VMware vSphere Standards based interoperates with all IEEE 802.1Q switching platforms Built on Cisco NX-OS
VM
VM
VM
VM
VM
VM
VM
VM
Feature and operational consistency across physical and virtual networks Provides advanced switching features Network team manages virtual network No change for server administration
Host
Hypervisor
Hypervisor
Host
Policy-Based VM Connectivity
2010 Cisco and/or its affiliates. All rights reserved.
Switching Security
L2 Switching, 802.1Q Tagging, VLAN Segmentation, Rate Limiting (TX) IGMP Snooping, QoS Marking (COS & DSCP), Class-based WFQ* Policy Mobility, Private VLANs w/ local PVLAN Enforcement Access Control Lists (L24 w/ Redirect), Port Security Dynamic ARP inspection, IP Source Guard, DHCP Snooping Automated vSwitch Config, Port Profiles, Virtual Center Integration Optimized NIC Teaming with Virtual Port Channel Host Mode
Provisioning
Visibility Management
2010 Cisco and/or its affiliates. All rights reserved.
VMotion Tracking, NetFlow v.9 w/ NDE, CDP v.2 VM-Level Interface Statistics Policy-based SPAN & ERSPAN* Virtual Center VM Provisioning, Cisco Network Provisioning, CiscoWorks
1000V VSM x 1
VM
VM
VM
VM
VM
VM
VM
1000V VEM
vSphere
1000V VEM
vSphere
Server
1000V VSM x 4
Server
19
Feature Comparison
Network Team manages the switch hardware Installation like a standard Cisco switch NX-OS high availability of VSM VEM running on vSphere 4 Enterprise Plus Nexus 1000V features and scalability NX-OS high availability of VSM VEM running on vSphere 4 Enterprise Plus Nexus 1000V features and scalability
View VM-level Interface Statistics Packet Capture and Decodes Historical Reporting and Trending
ERSPAN
NAM Virtual Blade on Nexus 1010
vCenter
NetFlow
21
Secure segmentation with zone-based firewall VM-level granularity with context-aware rules Virtual Network Management Center: Policy-based centralized management
BUSINESS BENEFITS
Operational simplicity
Deployment flexibility
Consistent security policy compliance and auditing
22
Tenant_A
DB DB server server
23
VM context aware rules Establish zones of trust Policies follow vMotion Efficient, Fast, Scale-out SW
24
VM Context
Security Team
vCenter
Server Team
VNMC
Virtual Network Management Center
Security Profile
28
32 Fixed SFP+ Ports Line Rate Hardware Capable of 1/10GE Traditional Ethernet *, Fibre Channel over Ethernet, and 8/4/2/1G Native Fibre Channel
* 1G Support NOW available with 5.0(3)N1(1)
16p SFP+ Ethernet Ports 8p Eth + 8p Native FC 16p Unified Ports Front of the Switch
30 30
48 Fixed SFP+ Ports Line Rate Hardware Capable of 1/10GE Traditional Ethernet *, Fibre Channel over Ethernet, and 8/4/2/1G Native Fibre Channel
* 1G Support NOW available with 5.0(3)N1(1)
8p Eth + 8p Native FC
16p Unified Ports Front of the Switch
N55-M16UP
16 Unified Ports Ports can be configured as either Ethernet or Native FC Ports Ethernet operation at 1/10 Gigabit Ethernet Fibre Channel operation at 8/4/2/1G Uses existing Ethernet SFP+ and Cisco 8/4/2G and 4/2/1G FC Optics
Minimum software required: 5.0(3)N1(1)
Flexibility ANDSimplicity
Cisco Nexus 5500 Platform Cisco All Rights Reserved 32
$5,000
$5,000
Nexus 5596UP
33
Model
Form Factor Uplink Ports Uplink Transceivers Supported Host Facing Ports
Nexus 2224TP
1 RU 2 x 10GbE SFP+
Nexus 2248TP
1 RU 4 x 10GbE SFP+
Nexus 2232PP-10G
1 RU 8 x 10GbE SFP+
Copper CX-1 (passive): 1m, 3m, 5m. (active ) 7M,10M Optical: FET (Nexus 2200 platforms), SR, LR [distance limited to 300m] 24 x 100/1000Base-T RJ45 48 x 100/1000Base-T RJ45 N/A 1.72 x 17.3 x 17.7in 110W Yes Yes 1536 FEX GbE Ports per Nexus 7000 32 x SFP/SFP+ (1/10G) (note: 1GE SFP support in 4.2(1)N2(1)) Yes ( for Nexus 7000 On future line module) 1.72 x 17.3 x 17.7 in 270W Yes Yes 1024 FEX 10GbE Ports per Nexus 7000
FCoE Dimensions Operational Power Supports FET Multiple PortChannel member ports on a FEX Scalability 32 FEX per Nexus 7000
N/A 1.72 x 17.3 x 17.7in 95W Yes Yes 768 FEX GbE Ports per Nexus 7000
35
Nexus 7000 and NX-OS 9, 10 & 18 Slot Chassis 15+ Terabit System (18 Slot) Unified Fabric Modular NX-OS Device Virtualization Hitless ISSU Highest Availability Ethernet Switch and Director Class SAN
Supervisor 10G Ethernet M Series 32 Port SFP+ 10G - XL 8 Port X2 10G - XL 1G Ethernet M Series 48 Port 10/100/1000 -XL 48 Port 1G - XL 10G Ethernet F Series DCB/FabricPath/FCoE 32 Port SFP+ 10G
Linecard Modules
Cisco NX-OS Multi-protocol Operating System Data Center Network Manager (DCNM)
Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.
38 38
NX-OS Software
51 51
Storage Protocols
VSANs FCIP IVR Zoning FSPF
HA Manager
Future
System Infrastructure
Kernel (Linux)
Based on MDS-9000 Series SAN-OS 3.1 Every process runs in protected memory for fault containment Automatic stateful process restart Modular code only runs in DRAM when invoked
2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential
53 53
Active
OSPF OSPF BGP etc. PIM
Standby
BGP PIM etc.
55 55
Zero Packet Loss when Upgrading and Downgrading the software image - ISSU
http://www.networkworld.com/reviews/2008/090108-test-cisco-switch.html 2009 Cisco Systems, Inc. All rights reserved. Cisco Confidential
56 56
Virtual Switches
One physical switch can act as multiple virtual switches
Reduces the number of physical switches in the network, lowers capex and power Applications Include separating Networks, Isolating Security Domains using the same physical switch
Prod
Extranet DMZ
Note: Should not be used for dual homing high availability. Physical redundancy is more robust
Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.
57 57
Aggregation
Access
58 58
VDC 2
Layer 2 Protocols Layer 3 Protocols
OSPF GLBP
Layer 2 Protocols
VLAN PVLAN STP LACP UDLD CDP 802.1X CTS
Layer 3 Protocols
VLAN OSPF BGP EIGRP PIM GLBP HSRP IGMP SNMP UDLD
PVLAN
STP LACP
CDP
802.1X CTS
BGP
EIGRP PIM
HSRP
IGMP SNMP
Infrastructure Kernel
59 59
Physical Topology
Logical Topology
vPC
60 60
FabricPath
Shipping, Tested and Published Solution Cisco FabricPath enables faster, simpler, flatter data center networks By David Newman, Network World October 25, 2010
http://www.networkworld.com/reviews/2010/102510-cisco-fabricpath-test.html
Impressive performance
Our tests examined FabricPath functionality in five ways. All these involved six Nexus 7010 chassis linked to create one FabricPath network connecting 12,800 emulated hosts.
63 63
IBM HACMP EMS/Legato Automated Availability Mgr NetApp Metro Cluster HP Metrocluster BACnet (building automation/control - http://www.bacnet.org/)
69 69
O T V
Nexus 7000 EBC External
Overlay - A solution that is independent of the infrastructure technology and services, flexible over various inter-connect facilities Transport - Transporting services for layer 2 and layer 3 Ethernet and IP traffic Virtualization - Provides virtual connections, connections that are in turn virtualized and partitioned into VPNs, VRFs, VLANs and Bridge Domain instances
70 70
78 78
79 79
80 80
Three segments: advertising, business service, personal service 7 data centers, new DC to meet growth
81 81
Continuous Operations
High Availability verified Zero Service Disruption Upgrades Virtual Port Channel- improves L2 Availability
Scalability
18-Slot Chassis: 768 GbE and 512 10GbE Port Density. Increased network efficiency. 48p 1Gb Fiber more deployment scenarios
Virtualization
Virtual Device Contexts (VDCs) Consolidate network layers for medium-business Data Center Interconnect Simplified with OTV
82 82
83 83
Disclaimer
Some of the products and features described herein remain in varying stages of development and will be offered on a when-and-if-available basis. The information in this Seminar is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.
84 84
F1 Series I/O Modules 32 port 10G SFP+ (230G/slot) F2 Series I/O Modules 48 port 10G SFP+ w/L3 (480G/slot) 40 port 10G 10G-T w/L3 (400G/slot)
Shipping
Nexus 7000 EBC External
2010
2011
2012
85 85
Delhi (5.2)
Target: June, 2011 Status: EC
Freetown (6.1)
Target: 1H, CY2012 Status: EC
Helsinki
Target: 2013 Status: Planning
1HCY11
2HCY11
1HCY12
2HCY12
1HCY13
Edinburgh (6.0)
Target: Q4, CY2011 Status: EC
Gibraltar
Target: 2H, CY2012 Status: Planning
C97-591706-00
Cisco Confidential
86
Q4CY10
Q1CY11
Q2CY11
Q3CY11
Q4CY11
1HCY12
Cairo (SHIPPING) 5.1 FabricPath and VPC+ F1 Series: 32-port 10G SFP+ I/O module M1 Series: 32-port 10G XL SFP+ I/O module M1 Series: 48-port 10/100/1000 XL I/O module VTP client/server ERSPAN (M1) Nexus 2248T (FEX)
Edinburgh (EC)
Target Q4CY11
Freetown (EC)
Target 1HCY12
9-slot Nexus 7000 chassis (maint) MPLS Phase 1 L3VPN FCoE / FCF (F1)
F2 Series: 48-port 10G I/O module F2 Features Phase 1: L2, L3, vPC, SPAN 7010 Fab 2 Module
LISP Phase 1 VM Mobility, IPv6, Map Server VACL Capture (M1) Static Mcast Mac (M1) Nexus 2232, 2224 (FEX) 1588 PTP (F1) OTV Adjacency Server
Cisco Confidential
M2 Series: 6-port 40G I/O module M2 Series: 2-port 40/100G I/O module F2 Series: 40-port 10GBase-T I/O Module F2 Features Phase 2: FEX, FCoE, FabricPath CCN Phase I* IPSLA* MPLS Phase 2-VPLS* LISP Phase 2 MultiTenancy
*Pending Separate EC
87
C97-591706-00
CY2011
6500 Service node
CY2012+
6500 & Nexus 7000
Security
FWSM
ASA SM
10+ Gbps Performance ASA Software Parity
NG FW For N7K
40Gbps Forwarding 1000 contexts
NAM
NAM10
10+ Gbps
ACE30
Data plane unification with appliance HTTP Compression
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ACE
Presentation_ID
88
Hitless ISSU
Stateful Process Restart for NX-OS Lossless Fabric Virtualization Enabler Unified Fabric
Enable I/O Consolidation with FCoE capable modules in the Nexus 7000
Support high-density 1GE ToR Designs with a greatly reduced management touchpoints
Simple solution for L2 Extensions within and across Data Center Build large L2 Networks without running spanning tree
Presentation_ID
Cisco Confidential
89
Line rate hop by hop link encryption, Group-based tags for access control in network
Allows optimized Air-Cooling/consumption DC deployments for greater resources utilization& cost Allows upgrade or maintenance operation without impact on Cabling => shorten time & cost Properly shut down sequence for Fabric module when unlocking=> prevents any packet loss Remote controlled identification of components requiring operations. Eliminate errors & optimize costs Integrated deep packet inspection capabilities for faster initial troubleshooting operations
90
Cisco Confidential
91 91
92 92
Centralized
network features
- Network virtualization transparently supported day 1
Nexus 7000 EBC External 2009 Cisco Systems, Inc. All rights reserved.
93 93
Cisco TrustSec
First Cisco product to deliver Cisco TrustSec, a crossplatform, multi-phase policy-based admission- and access-control solution
Unified I/O
GbE
GbE
Unified Fabric
Unified I/O
FC
FC
FC
FC
94 94
E
Employee
CRM
U
P
Partner
General
I
Internet
Verify Identity Credentials & Obtain Additional Attributes Cisco ACS 5.0 External Directory Server
Guest
C U I
2009 Cisco Systems, Inc. All rights reserved.
5. Links Up
95 95
E
Employee
CRM
Access Denied
U
P
Partner
General
I
Internet
Guest
Destination Groups
SGACL Matrix
Source Groups
E P G
E P G
Nexus 7000 EBC External
C U I
96 96
97 97
A
ARB
Credit
98 98
A
ARB
Credit
99 99
A
ARB
Credit
CBA
100 100
A
ARB
Credit
101 101
A
ARB
Credit
B C A
102 102
Cable Management
Can route up to 384 Cat6A cables to one side of chassis worst-case scenario Cable tray cover and lockable front doors prevent accidental interference
103 103
Power supply efficiency rated above 90% Redundancy modes for N+1 or GRID redundancy Variable Speed Fans Real-time Power Meter capable Virtualization allows switch consolidation
220V
220V
Grid 1
Grid 2
104 104
System Power
6000W or 7500W AC power supply for Nexus 7000 series chassis
105 105
15 Custom Power Cable with connector plug and terminal ends for hot swap Compatible with all shipping Nexus 7000 Series 7018 Supports up to 24kW
1+1 mode up to 12kW N+1 mode up to 18kW
106 106
Buffering:
Dedicated mode: 65MB ingress, 80MB egress Shared mode: 1MB per port Plus 65MB shared ingress, 80MB egress (4 ports)
109 109
110 110
512K
128K 16K
512K
128K 16K
111 111