Cisco upgrade gives network managers greater application control

Cisco Systems has announced that it is upgrading the lower-end model of the two "brains" sold with its widely used Catalyst 6500 switches, adding new technology that is designed to give network managers greater application control and deep packet inspection capabilities.

Share

Cisco Systems has announced that it is upgrading the lower-end model of the two "brains" sold with its widely used Catalyst 6500 switches, adding new technology to give network managers greater application control and deep packet inspection capabilities.

The new version of Cisco's Supervisor Engine 32 module includes integrated add-on technology called the Programmable Intelligent Services Accelerator (Pisa). Pisa can help IT staff gain more visibility into their systems so they can prioritise, limit or block access to applications on corporate networks, said John Yen, senior manager of network systems at Cisco.

That will enable companies to ensure that important applications, such as voice over IP systems (VoIP), get priority over lesser ones, Yen said. It also will let them prevent end users from launching internet radio or other unauthorised applications that use up precious network bandwidth.

In addition, the Pisa technology will function at multigigabit-per-second speeds, enabling IT staffers to check data packets more closely in order to protect their systems against viruses, worms and zero-day attacks, Yen said.

Cisco user BioPharma is evaluating the Pisa-equipped Supervisor Engine 32 for likely deployment at a new headquarters early next year, said Luis Chanu, global network and security architect at the pharmaceutical company.

"Pisa looks really good, since it does deep packet inspection and marks traffic at the edge of the network," Chanu said, based on seeing the technology in action at a Cisco lab. "Doing that in hardware is a big plus, since doing it in software could slow down the switch."

In addition, software-based application intelligence does not let companies specify which of their applications are the highest priority for network bandwidth, Chanu said.

PDL’s new facility in Redwood Shores, California, will have Cisco VoIP connections and Gigabit Ethernet cabling to each desktop to provide videoconferencing capabilities, Chanu said. He noted that Pisa can prioritise a videoconferencing stream over a data stream but not over a voice stream.

Pisa adds intelligence to networks to help IT staffers "deal with the unpredictable traffic flows", said Zeus Kerravala, an analyst at Yankee Group Research. "There are other vendors that talk about adding intelligence to the network, but most are application or security-oriented. Cisco does both."

Nick Lippis, an analyst at the Lippis Report, said the Pisa technology is the first to put the application and security functions in an access switch at the network edge instead of at the core.

"Applications classification at the edge is huge," Lippis said, describing that as "the most compute-intensive function" for network security. With Pisa, Cisco can offload that function from firewalls and take over the filtering of exploit signatures from intrusion-prevention systems, he added.

Various vendors provide some of the functions that Cisco is offering with Pisa, but they require putting in a separate appliance in every wiring closet, Lippis said.

The new supervisor engine is available in two versions, both available in June for $28,000 (£14,000) each. One version has eight Gigabit Ethernet uplinks, while the other includes a pair of 10 Gigabit Ethernet uplinks.

Cisco also announced a router that extends its 7200 Series product line with faster performance at lower power-consumption levels than existing models support. The new router, called the 7201, is priced at $24,000 (£12,000) and is available now. It is suited for WAN and metro-area network applications for large corporate users and network service providers, Cisco officials said.

Find your next job with computerworld UK jobs