router architecture slots install
DESCRIPTION
router architecture CiscoTRANSCRIPT
![Page 1: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/1.jpg)
1© 2004 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Cisco’s Integrated Services Routers
Thomas [email protected]
0664-4234611
![Page 2: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/2.jpg)
222© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Agenda
• Market Trends and Momentum for Services
• Cisco Integrated Services Routing Architecture
• Cisco’s Integrated Services Routing Portfolio
• Wireless Services on the Cisco 2800 & 3800 Series Integrated Services Routers
![Page 3: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/3.jpg)
333© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
MARKET TRENDS AND MOMENTUM FOR SERVICES
333© 2004, Cisco Systems, Inc. All rights reserved.Presentation_ID
![Page 4: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/4.jpg)
444© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Customer Priorities
Q. What functions that SHOULD be router-integrated?
Cisco-Sponsored Yankee Survey: June 03 n=3310 50 100 150 200 250
MulticastingStreaming
QoSCaching
Content FilteringCompressionIP Telephony
Anti-Virus SoftwareIntrusion Detection
VPNFirewall
![Page 5: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/5.jpg)
555© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
New Router Portfolio That Extends Integrated Services to Businesses of All Sizes
• FIRST portfolio engineered for secure, wire-speed delivery of concurrent data, voice and video services
• Cisco’s integrated systems approach to embedded services speeds deployment and reduces operating costs and complexity
• Founded on more than 20 years of innovation and leadership—FIRST to embed security and voice services into a single routing system
![Page 6: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/6.jpg)
666© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Cisco’s New Integrated Services RoutersNew Systems Approach For Services
Up to… 5X service density, 7X performance,
4X memory!
Industry-leading network
availability and resilience
Backward compatibility with
existing router modules for solid
investment protection
Integrated Services Routers
Embedded Security tightly integrated with Voice Sustained wire-speed
performance with concurrent services3800 series
2800 series
1800 series
![Page 7: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/7.jpg)
777© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
The Value of a Systems ApproachTightly Integrated Services
DMVPN(IPSec, NHRP, OSPF)Enables on-demand
and scalable full VPN mesh and easy to
manage.
V3PN(IPSec, QoS, GRE)
Deliver latency-sensitive data,
voice, video traffic across the VPN
Network Admission Control
(EAP, Radius ACLs)Limits network access
to compliant and trusted endpoints
Toll-Quality Secure Voice
(Voice, QoS, sRTP)Deliver toll quality IP Telephony over an IP
WANVoice Security
Routing Services
![Page 8: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/8.jpg)
888© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
3800 Series
2800 Series
1800 Series
FCS Sept 04
FCS Sept 04
FCS Oct 04Highest Density and Performance for Concurrent ServicesEmbedded, Advanced Voice, Video, Data & Security Services
Integrated Security & Data
Scalable from Small Business to Large EnterprisesRight-Sized Router, Right-Sized Requirements
Perf
orm
ance
and
Ser
vice
s D
ensi
ty
Enterprise Branch SMBSM Branch
![Page 9: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/9.jpg)
999© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Investment Protection and Migration Path
Cross compatibility with existing router modulesIncreased default memoryAdditional DRAM, reduced costsNew feature development and additions until IOS 12(5) mainlineNo EOS for at least 18-24 monthsContinued software support for 5 years after last sale
FCS Sept 04FCS Oct 04
Cisco 3800
Series Cisco 2800
Series
Cisco 1800
SeriesCisco 3700
Series Cisco 2600XM Series Cisco
1721
Cisco 1751/1760
FCS Sept 04
![Page 10: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/10.jpg)
101010© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
CISCO 3845$13000
Cisco’s Integrated Services Routers
CISCO 3825$9500
CISCO 1841$1395
CISCO 2851$6495
CISCO 2811$2495
CISCO 2821$3895
CISCO 2801$1995
![Page 11: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/11.jpg)
111111© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Wan Bandwidth
38451 T3/E3
CME:240SRST:720
3825½½ T3/E3CME:168SRST:336
28516 T1/E1CME:96SRST:96
28214 T1/E1CME:48SRST:48
28112 T1/E1CME:36SRST:36
18411 T1/E1
18/28/3800 Concurrent Services at Wire Speed
2801 1 T1/E1CME:24SRST:24
T1/E1/xDSL
Multiple T1/E1/xDSL
T3/E3
![Page 12: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/12.jpg)
121212© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
HWIC HWIC FEFEHWIC HWIC
NME USBUSB
2811 130-160kpps64F/256D DDR
NMEGEGE HWIC HWIC
HWIC HWIC EVMUSBUSB
2821180-210kpps64F/256D DDR
NME
GEGEHWIC HWICHWIC HWIC EVM USB
USB
2851200-250kpps64F/256D DDR
HWIC VWICFEFE HWIC VWICUSB
280170-100kpps64F/128D DDR
2800/3800 Platform Overview
GEGE
SFPHWIC HWIC HWIC HWIC
NME NMENME NME
USBUSB
3845400-500kpps64F/256D
GEGE
SFPNME HWIC HWICHWIC HWIC
NMEUSBUSB
3825280-350kpps64F/256D
• Complete New Line of Full Service Branch Access Routers• 2-5x Increased routing performance *• 2-10x services performance *• Concurrent Services running at Wire-Rate• Increased Memory• Integrated 10/100/1000 LAN, Security and Voice options• New Modules (GE, Switch, Voice)• New higher speed module technologies• NMEs, HWICs, EVMs• Supports most current 1700/2600 modules
![Page 13: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/13.jpg)
131313© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
CISCO’S INTEGRATED SERVICES ROUTING ARCHITECTURE
131313© 2004, Cisco Systems, Inc. All rights reserved.Presentation_ID
![Page 14: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/14.jpg)
141414© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Time-of-day on system power up. Necessary for certificatesN/AReal Time
Clock
Up to 250MbpsUp to 40MbpsProcessor
Module Integration communication (HWIC, NM, AIM, DSPs,etc…)N/ACustom ASIC
256M EDO/48MCurrent
Up to 4X the density NEW
DRAM/Flash
CPU
ASIC
NEW Architecture-Core/Memory
CPU
PCI
DRAMFlash DRAMFlash
RTC
![Page 15: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/15.jpg)
151515© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Up to 4 HWICs (800Mbps aggregate)Up to 3 WICs (8Mbps shared)External Device for Inline Power (exception 3700
Up to 4 NMs (400Mbps aggregate)Current
Internal Inline Power (up to 360W)
Up to 4-NME (up to 1.2Gbps aggregate)New
NEW Architecture-WICs/Network Modules
CPU
DRAMFlash WIC
WIC
AIM
PCI
In-line Power
FE
FE
DRAMFlash
NME
HWICHWIC
HWICHWIC
In-line Power
ASICGE
USBUSB
CPU
AIM
AIM
VPN
EVM
DSP
GE
NM
RTC
![Page 16: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/16.jpg)
161616© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
NEW Architecture-AIMs/USB/LAN Interfaces
CPU
DRAMFlash WIC
WIC
AIM
PCI
In-line Power
FE
FE
DRAMFlash
NME
HWICHWIC
HWICHWIC
In-line Power
ASICGE
USBUSB
CPU
AIM
AIM
VPN
EVM
DSP
GE
NM
1-2 AIMs – Higher speed1-2 AIMsNo USB ports
Single/Dual FECurrent
1-2 USB ports per chassis
Dual FE/GE, Optional GE SFP HWIC NEW
RTC
![Page 17: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/17.jpg)
171717© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
NEW Architecture-Security
CPU
DRAMFlash WIC
WIC
AIM
PCIFE
FE
DRAMFlash
NME
HWICHWIC
HWICHWIC
In-line Power
ASICGE
USBUSB
CPU
AIM
AIM
VPN
EVM
DSP
GE
NM
DES/3DES/AES128,192,256Requires AIM
CurrentBuilt-in VPN or AIM
NEW
RTC
In-line Power
![Page 18: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/18.jpg)
181818© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
NEW Architecture-Voice
CPU
DRAMFlash WIC
WIC
AIM
PCIFE
FE
DRAMFlash
NME
HWICHWIC
HWICHWIC
In-line Power
ASICGE
USBUSB
CPU
AIM
AIM
VPN
EVM
DSP
GE
NM
Shared DSP slots on MBDedicated DSPsTDM switching 3700 only
Requires Voice NMCurrent
TDM switching supported in 2800/3800 series
HWICs support VICs and EVM slotNEW
RTC
In-line Power
![Page 19: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/19.jpg)
191919© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
CISCO’S INTEGRATED SERVICES ROUTING PORTFOLIO
191919© 2004, Cisco Systems, Inc. All rights reserved.Presentation_ID
![Page 20: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/20.jpg)
202020© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
New Cisco 3845 Router
Power + 802.3af
Power + 802.3afVPN AIM AIM
USBUSB
NME XNME X
NME D XDNME D XD
GEGE SFP
HWICHWIC HWIC
HWIC
1-2 (AC, AC+IP, DC), RPS supportInternal Power Supplies2500 (AIM), or 700 (VPN on-board)VPN Tunnels
4Onboard DSP Slots
4 single-wides /4 single-widesCan accommodate up to 2 EVMs in any NME slotNME/HWIC Slots
![Page 21: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/21.jpg)
212121© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
New Network Module and WIC Slot Types
NME
NME-X
NMD
NME-XD
i.e EVM-HD-xxx
Future Use
i.e. 36ESW
Future Use
removable slot dividers
HWIC HWIC-D
NM i.e16ESW
![Page 22: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/22.jpg)
222222© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
New Cisco 3825 Router
Power + 802.3afVPN AIM AIM
NME X
NME X D XD
1 (AC, AC+IP, DC), RPS supportInternal Power Supplies2000 (AIM), or 500 (VPN on-board)VPN Tunnels
4Onboard DSP Slots
2 single-wides /4 single-wides Can accommodate up to 1 EVM in any NME slotNME/HWIC Slots
HWIC HWIC
HWIC HWIC GEGE
USBUSBSFP
![Page 23: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/23.jpg)
232323© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
New Cisco 2851/2821 Router
AIMAIM AIMAIMVPNPower + 802.3af
USBUSB
EVMHWICHWIC
HWICHWICGE GE
HWICHWIC
HWICHWICGE GE EVM USB
USB
NME X D XD
NME X
![Page 24: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/24.jpg)
242424© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
New Cisco 2811/2801 Router
HWICHWIC
HWICHWIC USB
USBNME FE
FE
Power + 802.3afVPN AIMAIM AIMAIM
USB FE FE HWIC VWIC HWIC VWIC
![Page 25: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/25.jpg)
252525© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
2800 Comparison
2 GE2 GE2 FE2 FEOnboard LAN
300/1800250/1800150/1800100/800VPN Tunnels (VPN on-board/AIM)
332 2 Onboard DSP Slots
1/Yes1/Yes1/Yes1/NoInternal Power Supply/RPS support
4442HWIC1/11/11/00/0NME / Dedicated EVM Slot
2851282128112801
![Page 26: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/26.jpg)
262626© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
New Cisco 1841 Router
AIMVPNPower
USB FE FE HWIC HWIC
1 (AC only), no RPS supportInternal Power Supply800 (AIM), or 100 (VPN on-board)VPN Tunnels
None, Data OnlyOnboard DSP Slots2 single-widesHWIC Slots
The only Desktop form factor model
![Page 27: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/27.jpg)
272727© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Cisco Access Router Interface Cards and Modules
• Supports 90+ existing NM, WIC/VIC/VWIC, AIM
• Flexible expansion (HWIC NME, EVM), additional concurrent services
• Updated Cisco Access Router Quick Reference Guide
![Page 28: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/28.jpg)
282828© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
High-Speed WAN Interfaces
9 & 4 port Etherswitch HWICsNewNew
• Support in 1800/2800/3800• Low density L2 switching• Supports standards based POE (802.3af)
with optional inline power supply
![Page 29: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/29.jpg)
292929© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
High-Speed WAN Interfaces
• Offers Optical and Copper connectivity without NM occupancy
• Support in 2811, 2821, 2851 & 3800 only
Gigabit Ethernet HWICNewNew
![Page 30: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/30.jpg)
303030© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
RJ21 Connector
Extended Voice Module (EVM-HD)
• EVM (voice/fax expansion modules) supports high-density FXS, FXO, Analog-DID and BRI ports
• Baseboard: EVM-HD-8FXS/DID• Expansion Modules:
EM-HDA-8FXS EM-HDA-3FXS/4FXOEM-4BRI-NT/TE EM-HDA-6FXO
EM 0 EM 1 NewNew
![Page 31: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/31.jpg)
313131© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Removing Compact Flash (CF)
• Storage of IOS image, SDM, CME files, VLAN, etc…• Do not remove CP from operating router
Removing CF1. Press ejector button and
arm extends2. Push ejector arm in and
CF comes out
Installing CF6. Ejector arm pushed in7. Insert CF into slot and
push in
1
2
![Page 32: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/32.jpg)
323232© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Integrated Power Supply
Field Replaceable AC/DC and AC+POE
![Page 33: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/33.jpg)
333333© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
PVDM2 Installation
1. Angle PVDM into slot to seat
![Page 34: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/34.jpg)
343434© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
PVDM2 Installation
Installation order:Installation order: PVDM0PVDM0 PVDM1PVDM1 PVDM2PVDM2
2. Push up and snap into place
Removal order:Removal order:PVDM2PVDM2PVDM1PVDM1PVDM0PVDM0
To removeTo removePrey open tabs Prey open tabs on both sideson both sides
![Page 35: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/35.jpg)
353535© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
NME Slot
Align NME with groovesRemovable slot dividers
![Page 36: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/36.jpg)
363636© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Wireless Services on the Cisco 2800 & 3800 Series Integrated Services Routers
363636© 2004, Cisco Systems, Inc. All rights reserved.Presentation_ID
![Page 37: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/37.jpg)
373737© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Outline
• Wireless Services on RoutersCisco Integrated Services RoutersWireless Services for Branch OfficesFast, Secure MobilitySurvivable Local AuthenticationScalabilityFeature Sets
• Future Services – SWAN supportRogue DetectionAssisted Site Surveys
![Page 38: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/38.jpg)
383838© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Wireless Services Integrated With Wired Infrastructure
LAN with site-widewireless VLANs
LAN access layer
Guest EmployeePhone
LAN access layer withper-switch wireless VLANs
WideArea
Network(Intranet)
LAN core & WAN
W
W
W
W
HQ / CAMPUS BRANCH 1
BRANCH 2
Catalyst 6500Series WLSM
Catalyst 6500Series WLSM
Cisco 3800 &2800 Routers
![Page 39: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/39.jpg)
393939© 2004 Cisco Systems, Inc. All rights reserved.Presentation_IDLayer 2
Wireless Services –Fast Secure Mobility for Voice, Video, VPN
LAN with site-widewireless VLANs
LAN access layer
WLSEACS
LAN access layer withper-switch wireless VLANs
WideArea
Network(Intranet)
LAN core & WAN
W
W
W
W
Layer 3
Layer 3
Fast securemobility (aslittle as 50ms)maintainslatency-sensitiveconnections
![Page 40: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/40.jpg)
404040© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Wireless Services –Fast Secure Mobility for Voice, Video, VPN
• Fast secure mobility enables wireless clients to maintain voice, video, VPN connections when moving between access points
• Mobility time is reduced from ~500ms to as low as 50ms through WDS-based authentication for the handoff
No need to go back to the ACS server across the WAN for authentication again (note that the initial authentication still requires access to the ACS server)
• Supported with:Cisco Aironet Access Points, andCisco Aironet or Cisco Compatible client devices that support the Cisco Centralized Key Management protocol and Cisco LEAP
![Page 41: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/41.jpg)
414141© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Wireless Services –Survivable Local Authentication
LAN with site-widewireless VLANs
LAN access layer
WLSEACS
Guest EmployeePhone
LAN access layer withper-switch wireless VLANs
WideArea
Network(Intranet)
LAN core & WAN
W
W
W
W
ACSFailure
SurvivableLocalAuthentication
SurvivableLocalAuthentication
SurvivableLocalAuthentication
WANFailure
BackupSwitch &WLSM
![Page 42: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/42.jpg)
424242© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Wireless Services –Survivable Local Authentication
• The wireless LAN can survive a variety of failures:WAN Link Failures – through dial backup & local authenticationACS Server Failures – through local authentication
• During a loss of connectivity to the ACS server:Clients already connected to the network maintain their WLAN accessNew clients trying to authenticate to the network are authenticated by the local authentication server
• Supported with:Cisco Aironet Access Points, andCisco Aironet or Cisco Compatible client devices that support the Cisco Centralized Key Management protocol and Cisco LEAP
![Page 43: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/43.jpg)
434343© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Wireless Services –Scalable for Branch Offices of All Sizes
505Cisco 2600XM
50050Cisco 3825Cisco 3745
FutureCisco 2801
10
2025
100 APs
Access Points
Supported
200Cisco 2851
100Cisco 2821Cisco 2811Cisco 2691
250Cisco 3725
1000 clientsCisco 3845
Local Authentication
Client Database
![Page 44: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/44.jpg)
444444© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Wireless Services –Feature Sets Supported
IOS Advanced IP Services feature set (K9)
IOS Advanced Enterprise Services feature set (K9)
WirelessServices
IOS Enterprise Services feature set (K9)
IOS SP Services feature set (K9)
IOS Advanced Security feature set (K9)
IOS 12.3(11)T or later
Note – The above feature sets include the wireless services – no additional feature License is required.
![Page 45: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/45.jpg)
454545© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Outline
• Wireless Services on RoutersCisco Integrated Services RoutersWireless Services for Branch OfficesFast, Secure MobilitySurvivable Local AuthenticationScalabilityFeature Sets
• Future Services – SWAN supportRogue DetectionAssisted Site Surveys
![Page 46: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/46.jpg)
464646© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Wireless Services –RM Aggregation for Rogue Detection
LAN with site-widewireless VLANs
LAN access layer
WLSEACS
Guest EmployeePhone
LAN access layer withper-switch wireless VLANs
WideArea
Network(Intranet)
LAN core & WAN
W
W
W
Rogue AccessPoint
RM RM
RM
RM
Rogue AP
RM Aggregation
W
![Page 47: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/47.jpg)
474747© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
1. CiscoWorks WLSE instructs APs to measure and report the Radio Frequency (RF) environment and pushes optimal RF configurations to APs2. CiscoWorks WLSE uses measurements from a client as it walks the perimeter of the coverage area to further fine-tune RF coverage
CiscoWorks WLSE controls the process
Wireless Services –Radio Management Aggregation for Site Surveys
WLSE
W
![Page 48: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/48.jpg)
484848© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Wireless Services –Roadmap
AP-IOSFluorine
AP-IOS 12.3(11)JA
AP1100, AP1200 compatible
Access point support (minimum release)
Rogue Detection, Site Survey,
SWAN
High Availability
Security,Fast Mobility
Benefit
Spring’05 12.3(6th)T, WLSE 3.0
RM aggregationWLSE support
IEEE 802.1X (backup) local authentication for LEAP clients
WDS with fast, secure layer 2 roaming
Future Releases
Router-IOS 12.3(11)T
![Page 49: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/49.jpg)
494949© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
New IOS Software Architecture in 12.3IOS Software Architecture in 12.3Simplified Image SelectionSimplified Image Selection
• Simplifies options (from 44 to 8)• “Advanced Security” replaces:
IP/FW/IDS IP FWIP Plus IPSec IP/FW/IDS/IPSec
• Security featuresNetwork Admission ControlIOS FirewallIntrusion PreventionDMVPN, AESSSH and SNMPV3 (DES)
• As you step up, all features below are inherited
• www.cisco.com/go/fnIP Base
IP Voice
Advanced Security
Advanced IP Services
Enterprise Base
Enterprise Services
SP Services
Advanced Enterprise Services
NAC
NAC
NACSSH
SSH
SSH SSH
SSH
SSH
![Page 50: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/50.jpg)
505050© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Cisco 1800/2800/3800 Release Plan
• 3800, 2800, 1800 Platforms Announcement:External Announcement – Sept 14, 2004
• For 1800/2800 Platforms:T train release – 12.3(8)T Target CCO date 9/13/2004Target Orderability date – 9/16/2004Target FCS date - End of Sept 2004
• For 3800 Platforms:T train release - 12.3(11)TTarget CCO date – Oct 2004Target FCS Oct 2004
![Page 51: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/51.jpg)
515151© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Q and A
515151© 2004, Cisco Systems, Inc. All rights reserved.Presentation_ID
![Page 52: Router Architecture Slots Install](https://reader031.vdocument.in/reader031/viewer/2022020105/54684933b4af9f3f3f8b5bee/html5/thumbnails/52.jpg)
525252© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID 525252© 2003, Cisco Systems, Inc. All rights reserved.Presentation_ID