Cisco Systems updated its Catalyst line of intelligent switches Thursday, adding security features and the Cisco Smartports management feature across the entire product family. The company also announced upgrades to its 6500 and 4500 Modular Chassis and to its 3750 stackable switch family.
The new security features include protection against a variety of attacks, including identity theft and address hijacking, according to Steven Shalita, a senior manager of worldwide product marketing for Cisco, who presented the new features at a news conference at Cebit.
The enhancements to the switch software include DHCP (Dynamic Host Configuration Protocol) snooping to stop clients attacking the switch; Port Security to stop MAC (Media Access Control) flooding attacks; port-based ACLs (access control lists) to restrict network access; dynamic ARP (Address Resolution Protocol) inspection to tie MAC and IP (Internet Protocol) addresses to specific ports; and IP Source Guard to prevent identity theft and IP address hijacking.
The features are only useful if network managers are able to implement them, but making a myriad changes to every device on a network can be a time-consuming process.
Smartports, now available across the entire Catalyst line, makes it simpler to deploy large numbers of switches with a consistent configuration by programming them using macro commands, according to Shalita. The software provides preconfigured macros and the ability to create customized ones so, for example, quality of service, security and availability features can all be set with a single command.
Cisco introduced a 48-port SFP (small form-factor pluggable) fiber-based Gigabit Ethernet module for its 6500 Modular Chassis. Priced at about US$25,000, the module has a throughput of 40G bps (bits per second) and allows 1152 SFP ports to be packed into a single equipment rack, the company said. It is available immediately.
Software updates added new features to four integrated services modules for the 6500: the Content Switching Module, the SSL (Secure Sockets Layer) Services Module, the IPsec VPN (virtual private network) Services Module and the Network Analysis Module. The updates improve security, application awareness and analysis of network traffic, the company said.
Also for the 6500, the new CiscoView Device Manager is an embedded system, which can simplify configuration of the chassis and modules through a Web-based graphical interface.
Cisco treated its 4500 Modular Chassis to an update too: the new Supervisor Engine V module, in conjunction with the new 4510R chassis, can support up to 336 Gigabit Ethernet ports with redundant power supplies and redundant supervisor systems, the company said.
Finally, the 3750 stackable switch range has now been upgraded to add a 10 Gigabit Ethernet uplink option. The new unit is aimed at enterprise wiring closets or cluster environments for grid computing, the company said.
The Cebit trade show runs through Wednesday at the Messegelände in Hanover, Germany.