Security’s the Driver For Cisco Branch Services

Cisco Systems  said it has upgraded its wide area application services (WAAS) portfolio, adding new security software and two new appliances to help facilitate information across networks.

Cisco, which forged its WAAS portfolio last September to ensure high application performance for corporate branch employees, unveiled the new technologies today at the company’s Networkers conference in Anaheim, Calif.

The event’s theme is Data Center 3.0, which is Cisco’s strategy for automating and choreographing infrastructure services from shared pools of virtualized server, storage and network resources.

Mark Weiner, director of product marketing for Cisco’s application networking services unit, said Cisco is unveiling Wide Area Encryption (WAE) and Standards-Based Strong Encryption technology, which uses 256-bit Advanced Encryption Standard (AES) to prevent data leakage due to stolen drives or compromised WAE devices.

Weiner explained that a lot of its WAAS solutions are deployed on a small module on the router that can be easily pulled out and pocketed.

“If you do, with this release there’s no way that data can harm the enterprise or harm their customers,” Weiner told in a briefing before the event. “Pretty simple, but we’re one of only two vendors that has this capability.”

Weiner added that startup Silver Peak Systems is the other vendor offering disk encryption.

“WAN optimization shouldn’t break the services that customers are buying from companies like Cisco,” Weiner said. “Most solutions do things like tunnels, where they basically create new header information and addresses, forcing you to punch a hole through the firewall to let the traffic go through and not get dropped.

“We don’t break the firewall; we totally allow stateful inspection of all the traffic even when it’s optimized, because all of the Cisco security devices can recognize WAN as optimized traffic.”

Cisco also introduced two new appliances to extend its WAAS tendrils. The WAE 7371 and WAE 7341 offer up to 20 percent greater TCP connections per appliance than other wide-area network (WAN) vendors, such as Blue Coat Systems and Riverbed Technology, according to a Cisco slide deck.

The WAE 7371 offers up to 50,000 TCP connections and the WAE 7341 covers a much smaller footprint, with 12,000 TCP connections. The machines run up to 32 gigabits per second without an external load balancer.

In other Cisco storage news, the company today unveiled its latest SAN-OS 3.2, as well as new Cisco routers and software features capable of automating storage services in the datacenter to meet security, compliance and data migration needs in the datacenter.

Rajeev Bhardwaj, director of product management for Cisco’s datacenter business unit, said SAN-OS 3.2 and MDS 9134 Multilayer Fabric Switch, MDS 9222i Multiservice Modular Switch and MDS 18/4-Port Multiservice Module enable services-oriented applications.

The Cisco MDS 9134 Multilayer Fabric Switch provides 4Gbps and 10Gbps ports in a one-rack-unit (1RU) form factor. It can expand from 24 to 32 ports and optionally activate two 10-Gbps ports.

The Cisco MDS 18/4 Multiservice Module provides eighteen 4Gbps Fibre Channel ports and 4 Gigabit Ethernet IP storage services ports. The module can reside in MDS 9500 Series directors or 9200 Series semi-modular fabric switches.

Finally, designed for branches and remote offices, the Cisco MDS 9222i Multiservice Modular Switch provides 18 4Gbps Fibre Channel ports, 4 Gigabit Ethernet IP storage services ports and an expansion slot to host switching and services modules.

“I would view these platforms as Swiss-army knives,” Bhardwaj told before the event. “They do 4-gig Fibre Channel, routing, virtual SANs, IP storage through iSCSI and FCIP and they do encryption. This is how we deliver services-oriented storage applications.”

To help in the “services-oriented quest,” the new platforms may leverage three software tools, according to Bhardwaj.

The Storage Media Encryption (SME) encrypts data on tape and disk, obviating the need for separate stand-alone encryption appliances; the Cisco Data Mobility Manager (DMM) non-disruptively migrates block data across disparate storage arrays and the N-Port Virtualize (NPV) simplifies SAN-attached blade server deployment.

An NPV-enabled blade switch presents itself as a Fibre Channel Host Bus Adapter (FC HBA) to the core SAN, reducing the number of Fibre Channel domain IDs used, which improves SAN scalability and minimizes interoperability issues with the core SAN.

NPV is available on HP and IBM blade switches and on Cisco MDS 9124 and MDS 9134 Fabric Switches.

News Around the Web