Dan Schnour Cat. 3K Product Manager © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 BYOD IT REQUIREMENTS • Non IT Provided Devices • Guest and Contractors • Secure Access © 2012 Cisco and/or its affiliates. All rights reserved. • • • COLLABORATION VIRTUALIZATION Reduce Travel Costs Collaboration Rich Media Services • Business Productivity • Ease of Deployment • Low CAPEX/OPEX with VDI Securing Any Access Managing Complexity And Scale Delivering High-Quality Experience $$ Ensuring Business Continuity with Lower TCO Cisco Confidential 2 Securing Any Access On-Board • How do I onboard devices and contextually authenticate users? • How do I segment users, devices and applications? • How do I protect my network infrastructure? Segment Protect • Automatic discovery and device profiling with Device Sensor On-Board • Zero downtime deployment with .1x Monitor Mode • Simplify user authentication with Flexible Authentication Segment • Flexible Role-based segmentation with Security Group Access. • Simplified Layer 3 Segmentation with Easy Virtual Network. • Prevent Eavesdropping with link layer encryption with MACsec Protect • First Hop IPv4/IPv6 Security for L2 threat defense • Flexible NetFlow for real-time traffic flow analysis • Protect CPU with Hardware-based Control Plane Policing. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3 Cat3k: Now Shipping Cat4K: Now Shipping On-Board Segment Protect • Identify endpoints based on protocol information with Device Sensor • Identify and Authenticate user with 802.1x (Flex auth) • Classify context of access based on Device Type and User Device Aware 2 © 2012 Cisco and/or its affiliates. All rights reserved. 1 Location aware Corp PC doctor office 1 Personal laptop doctor office 2 Personal laptop patient hotspot Printer N/A office IP Phone N/A office TelePresence N/A conf room 1 CDP LLDP DHCP MAC Identity aware 1 Cisco Confidential 4 Cat3k: Now Shipping Cat4K: Now Shipping On-Board Segment Protect Identity Differentiators Monitor Mode Authentication Features Unobstructed Access No Impact on Productivity Gain Visibility Cisco Catalyst® Switch MAC Based Authentication Flexible Authentication Sequence Enables single configuration for most use cases Flexible fallback mechanism and policies Rich and Robust 802.1X IP Telephony Support Support for Virtual Desktop Environments Single Host Mode Multi-Host Mode Authorized Users Tablets IP Phones 802.1X Network Device Guests MAB WebAuth Multi-Auth Mode Multi-Domain Authentication Critical Data/Voice Authentication Business Continuity in case of failure © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5 Cat3k: Now Shipping Cat4K: Q3CY13 On-Board Segment Protect • Role-Based Access Control and Segmentation with Security Group Access Device Aware SGACL enforces policy at access, campus edge, or DC internet facility doctor permit permit permit patient deny permit deny voice deny ACL_v deny Location aware doctor office 1 Personal laptop doctor office 2 Personal laptop patient hotspot patient Printer N/A office facility IP Phone N/A office voice TelePresence N/A conf room video CDP LLDP DHCP MAC SG Tag imposed to incoming traffic Secure Group Corp PC 1 Patient record Identity aware doctor doctor Cisco Innovation Security Group Access X 2 • Simplifies ACL management 1 1 • Uniformly enforces policy independent of topology • Fine-grained access control © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6 Managing Complexity And Scale • How do I scale my network to meet device proliferation ? • How do I future proof my network while protecting my investment? • How do I provide consistent policies across networks and devices ? Scale Scale Protect Investment • 9 Member Stack • 64Gbps Stacking BW • Full POE/POE+/UPOE • • • • Stack Capacity as you grow 5-7 years of life cycle • 7-10 years of life cycle • Legacy line-card support with new supervisor • Feature enhancement with new supervisor • Mix/Match different generation line cards with no impact to system performance Protect Investment Provide Consistency © 2012 Cisco and/or its affiliates. All rights reserved. Provide Consistency 848 Gbps System Performance 384 Ports of 10/100/1000 & 40G uplinks 384p of PoEP & 192p of UPOE (9KW PS) 384p of Energy Efficient Ethernet • Unified Management / Single Pane of Glass Management : Prime Infrastructure • Single Policy Control Dashboard : Identity Services Engine [ISE] Cisco Confidential 7 Scale Protect Investment Provide Consistency Backward compatibility for all line cards with new supervisor Cisco Catalyst 4500 E-Series 14 years 90% Transition to E-Series Catalyst 4K EOS Cisco Catalyst 4500 (non-E) EOL Maintain Support 11 years EOS Cisco Catalyst 4000 1999 … 2004 EOL Maintain Support … 2007 … 2010 … 2015 … 2020 3750-X / 3560-X 9 years Catalyst 3K © 2012 Cisco and/or its affiliates. All rights reserved. EOS 3750E / 3560E Maintain Support EOL Cisco Confidential 8 Delivering High-Quality Experience Assess Assess Visualize and Control Monitoring & Troubleshooting © 2012 Cisco and/or its affiliates. All rights reserved. • How do I know my network is ready for real time applications? • What real time applications and devices are running on my network? • How do I monitor and troubleshoot Application level traffic ? Visualize and Control Monitor/Troubleshoot • Assess network readiness for real time media applications with IP SLA • Differentiate video applications and optimize QoE with Media Services Proxy (MSP)/Metadata • Improved Application visibility with Flexible NetFlow • Automate monitoring and troubleshooting with Mediatrace • Application level hop by hop statistics with Performance Monitor Cisco Confidential 9 Assess Visualize and Control Monitor/Troubleshoot • MediaTrace locates application performance problems Which end point has poor video quality and • Performance Monitor provides application level How do I know what to data using Flexible NetFlow troubleshoot? • Cisco Prime provides management End points are capable of High Definition however they only work • Wire canDefinition. capture raw, real-time in Shark Standard packets directly Why? on the switch X • Using MSI / MSP & Metadata the switch How do I provide Quality can now identify devices and applications of Experience for all for differential treatment video applications? © 2012 Cisco and/or its affiliates. All rights reserved. Is my network ready for 100 HD Desktop • IP-SLA VO injects synthetic media Cameras, 30 IPVSC and traffic to assess network a new Telepresence readiness room? Cisco Confidential 10 Assess Visualize and Control Monitor/Troubleshoot Differential Traffic Treatment through Visibility Quality of Experience Device Type Axis Camera CTS3000 Jabber Laptop PC Application Type Surveillance TelePresence Soft client HTTP/ You Tube WebEx NO NO NO Yes NO • Media Services Interface & MSP • Flow Metadata Priority • AVC on Wireless Controller Rate Limiting • Application based QoS • Device/App based FnF* Device/Application ID exported to FnF Endpoints embedded with the Media Services Interface Campus Cisco Prime Infrastructure Catalyst 3K-X/4500E Device and Application Identification using MSI / MSP © 2012 Cisco and/or its affiliates. All rights reserved. Uniform QoS policies across network Workflows to deploy and provide location awareness Cisco Confidential 11 $$ Business Continuity with Lower TCO • How can I make my network resilient to handle business SLAs ? • How can I easily onboard my network infrastructure ? • How can I reduce IT energy expenses and align with corporate ‘Green’ goals? Resiliency Resiliency Plug and Play Energy Management © 2012 Cisco and/or its affiliates. All rights reserved. Plug n Play Energy Efficiency • • Power & data resiliency with StackPower and Stackwise+ (3K-X) No impact to voice/video for planned and unplanned downtime with ISSU, NSF/SSO and VSS* • • • • Zero Touch deployment - Smart Install, Auto QoS, Auto Smart Ports Programmability with EEM, XML, SDN* Built in sniffer capabilities with Wireshark Efficient Planning & troubleshooting with IPSLA, FnF • Visibility, Control and Reporting of enterprise wide energy usage • Save up to $65 per Switch Port** • $0 SKU for Energy Visibility & Basic Control on 3K/4K Cisco Confidential 12 Best in class Fixed resiliency ! Resiliency Simplify and Scale with StackWise+ Plug n Play Fan Redundancy Energy Efficiency Maximize Power Redundancy with StackPower In-Chassis FRU Redundant PSU Innovative Inter-Chassis Power Interconnect Common power pool for distributed power redundancy Highly Resilient Zero-Footprint of RPS. PS Backup within Stack Flexible Non-Stop communication. Variant in sizes (AC/DC) Intelligent Load Shedding Preserve critical network during power failure © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13 Best in class modular resiliency ! Seamless Resiliency Plug n Play Energy Efficiency ISSU License No Long Required NSF available in IP Base Now! Si Ent Svc Redundant Redundant PS Sup Campus Si NSF System LAN IP Base ISSU Lic 2+2 uplinks Redundant Fans © 2012 Cisco and/or its affiliates. All rights reserved. Network HSRP/VRRP/GLBP VSS (Jan 2013) Distribution Layer ISSU SSO CoPP ISSU NSF/SSO Smart Call Home Link Fast Detect: TDR, DOM UDLD CoPP, Basic HA Access Layer Fast Converge: Flexlink+, RPVST Cisco Confidential 14 Resiliency Plug n Play Energy Efficiency 3K, 4K, 6k * (“Director”) Access Switches Smart Install Zero Touch Deployments and Maintenance New Switch Connected Software image downloaded; Configuration automatically applied © 2012 Cisco and/or its affiliates. All rights reserved. Auto Smart Ports Plug and Play for End Devices Smart Call Home IPSLA, WireShark Programmability Control Your Network Monitor & Troubleshoot New Device Attached Port Configuration: Applied QoS Policy: Enforced Security Policy: Enforced Anomaly Detected Proactive diagnostics Real time Alerts Web-based reports Routed to TAC team Cost Savings: $15,000 (or 230 Hours) per 100 Switches* EEM XML Software Defined Network (OnePK)* Cisco Confidential 15 Special $0 EW Fast-Start SKU’s for Cisco Customers with 4K/3K Resiliency Plug n Play Energy Efficiency • Cisco EnergyWise is an IOS-based intelligent energy management protocol What’s New with Fast-Start $0 SKU’s? • Enhance customer ROI with a $0 SKU • Available only with 4K, 3K PoE/PoE+/UPOE Product ID EW-JX-50SW Activation Key of JouleX Energy Manager for Cisco EnergyWise EW-VER-50SW Verdiem Surveyor Accelerator Key for Cisco EnergyWise EW-CA-50SW Key for Nimsoft (CA-Technology) Management SW for Cisco EnergyWise • Features vary by partner, but - Visibility, Monitoring of energy for free (up to 5 years) - Limited control of devices How to Order? • 3 SKUs available in Cisco GPL and ordering tool • Each SKU license for up to 50 users • For more information on Cisco EnergyWise contact ask- energywise@cisco.com © 2012 Cisco and/or its affiliates. All rights reserved. Product Description Visibility (Monitoring) Basic Control Cisco Switches and Routers √ √ Wireless access points VoIP phones √ √ √ √ EnergyWise-enabled devices √ √ Windows PCs/Laptops √ √ Upgrade Upgrade Upgrade PoE Unlimited devices forever Unlimited devices 1 Yr Cisco Switches Unlimited devices forever Unlimited devices 1 Yr Monitors, Printers All other campus/data center devices PC/Laptops Unlimited devices 1 Yr Upgrade Cisco Confidential 1000 devices 1 16 Yr © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17 4510R+E 4507R+E 4506-E 4503-E 848Gbps Switching Capacity 4 x SFP+/SFP uplinks 384 10/100/1000 Ports 520Gbps Switching Capacity 2 x 10G SFP+/SFP uplink 240 10/100/1000 Ports WS-X4748-UPOE+E WS-X4648-RJ45-E • UPOE 60W, IEEE • 30W/port on all 48 ports WS-X4648-RJ45V+E 24G 48G WS-X4748-RJ45-E • 30W/port on 24 ports Data 2 LineCards 5 LineCards Single Supervisor 5 LineCards 8 LineCards Dual Supervisor <200ms ISSU POE, POE+ and Cisco UPOE Dual Core CPU for 3rd Party Apps (Wireshark) 1+1 Power Redundancy N+1 Fan Redundancy Scales up to 384p POE/PoEP & 192p of UPOE PoE UNDISPUTED MARKET LEADERSHIP 3rd party validation 110M+ Ports, 800K+ Systems 70% PoE/PoEP Port share 80% Adoption by Cisco Top Customers © 2012 Cisco and/or its affiliates. All rights reserved. “Powerful stuff: New Cisco switch delivers 60 watts to the desktop” Cisco Confidential 18 Stand-Alone Switch Portfolio Stackable Switch Portfolio Catalyst 3750 v2 Catalyst 3750-X Catalyst 3560 v2 Catalyst 3560-X Data or PoE StackWise Fixed 1G Uplinks Single PS LLW Data / PoE(+) StackWise Plus Modular 1G/10G Uplinks Dual FRU PS and Fans E-LLW Data or PoE Fixed 1G Uplinks Single PS LLW Data / PoE(+) Modular 1G/10G Uplinks Dual PS E-LLW Fast Ethernet Gigabit Ethernet Fast Ethernet Gigabit Ethernet Network And Service Modules NEW UPOE coming soon!! C3KX-NM-1G C3KX-NM-10G C3KX-NM-10GT C3KX-SM-10G Service Module Flexible Netflow MACsec ¼ Billion+ Ports and 7 Million+ Units sold worldwide Data Redundancy using Stackwise+ (64 Gbps)* 9 member switch stack** Power Redundancy using StackPower* Enhanced video features, e.g., Mediatrace, built-in traffic generation Field replaceable Power Supplies and Fans* Enhanced Security features, e.g., SGT, Device Sensor © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential **available on 3750, *available on 3K-X 19 A technology pioneered by Cisco 2000 2003 2007 7W 15W 30W 60W Inline Power (PoE) (PoE+) UPOE Industry Standard: IEEE 802.3af (15W PoE) 2009 2011 Industry Standard: IEEE 802.3at (30W PoE+) Cisco Innovations Drive Industry Standards © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20 CISCO 2960S PORTFOLIO Layer 2 Only Catalyst 2960SF Catalyst 2960S 1G Uplinks FlexStack Full PoE, E-LLW 10G/1G Uplinks FlexStack Full PoE, PoE+ E-LLW Fast Ethernet EASE-OF-USE Competitive Features • Security with 802.1x Monitor Mode • Lower TCO with Energy Wise, Smart Operations and Auto QoS • Static Routing & Priority Queing • FlexStack 2 x 10G ports (wire speed) Differentiators of 4K/3K over 2K • TrustSec: SGT, MACsec, Device Sensor • Application Visibility: FnF, Mediatrace, Wireshark • Resiliency: StackPower, ISSU, UPOE • Scale: Stack up to 9 on 3750X, 10 Slot Chassis 4500E Gigabit Ethernet 60M PORTS 1.3M+ UNITS ENERGY EFFICIENCY LOWER TCO Cisco Quality at Competitive Price © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21 Fast Growing Catalyst Platform • 22% Growth in FY12 Delivering Zero Touch BYOD Deployments • POE+/UPOE Powered 4500E 3750X • AC Power Option • Smart Operations • Smart Install • Auto Smart Ports • PoE •PoE(+) and non PoE Models Scalable and Proven Deployments in Education, Retail & Healthcare © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22 Traditional Workspace Data Next Generation Workspace BYOD Voice IP Base Collaboration Virtualization Catalyst 3K IP Base LAN Base Catalyst 2960 Scale & Performance • Stacking (upto 192 port) • POE/POE+ • Base Identity features Lower TCO • Lowest Power consumption • Green / Energywise • Smart Install Client © 2012 Cisco and/or its affiliates. All rights reserved. Scale & Performance • 9 Member Stack (2X+ ports) • 3 X Stacking BW (64 Gbps) • Full POE/POE+ Resiliency • StackPower, StackWise+ • FRU Power supplies and Fans Energy Management & Green • EnergyWise • UPOE (60W) ** • EEE ** Scale & Performance • Wired/wireless convergence* TrustSec & Segmentation • Device Sensor, Cisco TrustSec (SGA, MACSec) Dynamic routing protocol • OSPF, EIGRP Stub, RIP Application Visibility • Flexible NetFlow & Medianet • 3rd Party Apps (WireShark) * Lower TCO • EEM & IP SLA * Only on IP Base Cisco Confidential • Smart Install Client & Director* Roadmap 23 Traditional Workspace Data Voice Next Generation Business BYOD Collaboration Virtualization @96p base config with Redundancy and UPOE Capability Catalyst 4500E Catalyst 2960 Scale & Performance • Stacking (upto 192 port) • POE/POE+ TrustSec • Identity Lower TCO • Power consumption • Green / Energywise • Smart Install Client © 2012 Cisco and/or its affiliates. All rights reserved. Scale & Performance • 848 Gbps System Performance • 240p with 7 slot and 384p with 10 slot Chassis • In Service Software Upgrade* • VSS** • Wired/wireless convergence ** TrustSec & Segmentation • Device Sensor* • VRF-Lite, EVN* • Cisco TrustSec* (SGA**, MACSec) Application Visibility • Flexible NetFlow*, Medianet* • 3rd Party Apps (WireShark*) Energy Management and Green • UPOE (60w) • EnergyWise and EEE Lower TCO • AutoSmart Ports • Longer Life Cycle (7-10 years) • Smart Install Director** * With IP Base Cisco Confidential ** Roadmap 24 Flexibility of Choice Breadth of the portfolio across 2k, 3k and 4500E Architecture and Operations Agility Features for current and Next Generation Campus • Trustsec Investment Protection Protect your current investments while getting ready for future in Access. • SmartOps • AVC © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25