Ethernet in the corporate wiring closet is a conquered frontier. But what about less inviting environments, such as the factory floor or the battlefield, which require far more structural toughness than a typical Ethernet switch can provide?
Cisco Systems has tailored its Catalyst 2955 series of switches to operate in just such harsh, industrial environments that might preclude the use of normal Ethernet switching equipment. The 2955 owes its toughness to industrial-grade hardware elements, its small size, and a highly effective convection-cooling design.
On top of the resilient design, the 2955 provides the entire suite of excellent management features users expect from a Cisco product, along with wire-speed Fast Ethernet and Gigabit Ethernet throughput.
Rounding it all out are features such as relay output signalling and extended intelligent services, including advanced QoS and enhanced switch security.
The 2955's performance is impressive, managing set benchmarks with aplomb right up to full capacity at 64-byte packets. It's more expensive than other 10/100 switches, but its features make up for the price tag, especially if you need those features for a specific vertical application.
The 2955 family currently has three product members, the 2955T-12, the 2955C-12, and the 2955S-12. All three carry a base package of 12 10/100 auto-sensing ports and differ only in the types of uplinks they can manage. The 2955T-12 carries two 10/100/1000Base-T uplinks; the 2955C-12 carries two 100Base-FX uplinks; and the 2955S-12 has two 100Base-LX single-mode fibre uplinks. Cisco says other configurations are on the way, probably near the end of 2003.
Although the 2955s can be managed via CiscoWorks, I chose to configure and manage my test trio using a combination of IOS via telnet and the embedded support for Cisco's CMS (Cluster Management Suite). CMS comes embedded with most Cisco devices but does require a Java plug-in on the management console. Once that's installed, however, it can cache these plug-ins based on the IP address of the switch being managed, thus allowing you to manage multiple CMS device interfaces from a single console.
CMS provides a surprisingly robust Web-based management experience. Tasks are centred around an image-based interface, so an administrator is provided with an active representation of the front of the switch being managed. From here, you can simply click on individual or groups of ports, then drill down to see and modify their management settings.
Security is important for industrial environments and military applications, and Cisco beefed up the 2955's security rating. Web-based management can now be done using the SSHv2 (Secure Shell) protocol or via SNMPv3 encryption. The switch can authenticate users based on their port assignments via TACACS+ (Terminal Access Controller Access Control System) or Radius-based authentication.
The 2955 also allow for a private VLAN (virtual LAN) edge, which can isolate a port on a switch, ensuring that traffic travels only through that port and cannot be directed elsewhere. Further, using 802.1x, administrators can assign VLANs based on specific users, allowing them the same configuration regardless of their connection point on the network.
Individual ports can be assigned ACPs (access control parameters) to help restrict traffic along those ports based on source and destination MAC (media access control) address, IP address, or TCP/UDP port utilisation. These lookups are performed in the hardware, so they won't affect switch traffic throughput.
Despite the numerous security capabilities, administrators shouldn't sweat a steep learning curve. CMS provides complete support for all features, and even has a series of Security Wizards designed specifically to implement these features as easily as possible.
If Ethernet in unfriendly environments is a challenge in your future, the Catalyst 2955 is not only worth a look, it may be the only properly mature solution in town.