The Lippis Report

Prashant Gandhi, Cisco Systems

In this Lippis Report podcast I talk with Prashant, Sr. Director of Server Access Virtualization Product Marketing at Cisco Systems about the new challenges of managing applications and layer 4-7 services in modern data center environments that consist of multiple hypervisors, a wide variety of workloads types and mobile/dynamic virtual machines.

Modern corporate networks are under increasing pressure to support a wider variety of applications thanks to mobile and cloud computing, desktop virtualization plus video traffic having skyrocketed. Not only are bandwidth rates increasing from 1 to 10 to 40 GbE, but most importantly network services are needed to manage and support a different application portfolio mix and network access methods. Network services such as firewalls, WLANs, network diagnostics and monitoring plus application performance acceleration are needed to deliver a consistently excellent user experience. Cisco recently announced an upgrade to its popular Catalyst 6k with the availability of the Supervisor 2T that included re-vamped high performance service modules to deliver these network services. Goyal, product line manager at Cisco Systems joins me to discuss which network services need to be available in modern networks.

Download “A Comprehensive Testing of Cisco Systems Catalyst 6500 Sup2T” report here.

During the week of October 31, 2011, the Lippis Report tested Cisco System’s new Catalyst 6500 with Supervisor 2T or Sup2T for performance, upgradability, control and scalability at Ixia’s modern iSimCity laboratory in Santa Clara CA. By all counts, Cisco’s upgrade of the Catalyst 6500 via its new Sup2T, is its most ambitious and thoughtful yet for the venerable platform. The Sup2T is a major upgrade to the most widely-deployed switching platform in campus and data center networking. It’s the new Catalyst 6500’s network services that deliver most of the value, which is partially found in the Sup2T’s Policy Feature Card or PFC that increases NetFlow monitoring and a new TCAM design offering improved Access Control (ACL), Quality of Service design options, encryption security and many other features. This Lippis Report test verifies many of Cisco’s performance and upgradability claims. While it’s impossible to test all of the Catalyst 6500’s new 200-plus features with the Sup2T, we rather focus on a select few that will have the widest impact on IT business leaders’ product acquisition decision process.

MACsec encryption has become increasing popular and important to campus network design, but previous switch performance degraded when encrypted traffic was passing through it. Here we show that the catalyst 6500 does not suffer a performance degrade while MACsec traffic is passing through it. We tested the Catalyst 6500 via the cPacket Networks cTap 10G passive probe to verify traffic flows were either MACsec encrypted or unencrypted. We found that there is no material difference in throughput performance, other than 802.1ae encryption key overhead, thanks to 16 additional bytes per packet. The cPacket passive probe also measured line rate throughput performance. This is a great short video that verifies how the old encryption performance penalty is now gone.

Download “A Comprehensive Testing of Cisco Systems Catalyst 6500 Sup2T” report here.

By Cisco Systems

There are three major trends sweeping through the enterprise: the rapid rise of the consumerized endpoint, the onset of virtualization and cloud computing, and the growing use of high-definition video conferencing. Each of these critical technologies is transforming business—and forcing a fundamental shift in how security is developed and deployed. In this white paper, Cisco describes its SecureX architecture and how it has evolved IT security so that IT leaders can enjoy the benefits of these IT trends securely.

by Cisco Systems

This one page at-a-glance brief on Security and Compliance for Virtual Computing provides a snapshot view of Cisco’s new Virtual Security Gateway (VSG) for Cisco Nexus® 1000V Series Switches. VSG delivers security, compliance and trusted access for virtual data center and cloud computing environments.

Download the Virtual Security Gateway (VSG) for Cisco Nexus® 1000V Series Switches here.

By Cisco Systems and Splunk

This document is for the reader who:

-Has read the Cisco Security Information and Event Management and Borderless Networks Enterprise Deployment Guide
-Wants to connect Borderless Networks to a Splunk SIEM solution
-Wants to gain a general understanding of the Splunk SIEM solution
-Has a level of understanding equivalent to a CCNA® certification
-Wants to solve compliance and regulatory reporting problems
-Wants to enhance network security and operations
-Wants to improve IT operational efficiency
-Wants the assurance of a validated solution

By Cisco Systems and RSA

This document is for the reader who:

-Has read the Cisco Security Information and Event Management and Borderless Networks Enterprise Deployment Guide
-Wants to connect Borderless Networks to a RSA SIEM solution
-Wants to gain a general understanding of the RSA SIEM solution
-Has a level of understanding equivalent to a CCNA® certification
-Wants to solve compliance and regulatory reporting problems
-Wants to enhance network security and operations
-Wants to improve IT operational efficiency
-Wants the assurance of a validated solution

By Cisco Systems and nFX Cinxi One

This document is for the reader who:

-Has read the Cisco Security Information and Event Management and Borderless Networks Enterprise Deployment -Guide
-Wants to connect Borderless Networks to a nFX Cinxi One SIEM solution
-Wants to gain a general understanding of the nFX Cinxi One SIEM solution
-Has a level of understanding equivalent to a CCNA® certification
-Wants to solve compliance and regulatory reporting problems
-Wants to enhance network security and operations
-Wants to improve IT operational efficiency
-Wants the assurance of a validated solution

By Cisco Systems and LogLogic

This document is for the reader who:

-Has read the Cisco Security Information and Event Management and Borderless Networks Enterprise Deployment Guide
-Wants to connect Borderless Networks to a LogLogic SIEM solution
-Wants to gain a general understanding of the LogLogic SIEM solution
-Has a level of understanding equivalent to a CCNA® certification
-Wants to solve compliance and regulatory reporting problems
-Wants to enhance network security and operations
-Wants to improve IT operational efficiency
-Wants the assurance of a validated solution

By Cisco Systems and ArcSight

This document is for the reader who:

-Has read the Cisco Security Information and Event Management and Borderless Networks Enterprise Deployment Guide
-Wants to connect Borderless Networks to the ArcSight SIEM solution
-Wants to gain a general understanding of the ArcSight SIEM solution
-Has a level of understanding equivalent to a CCNA® certification
-Wants to solve compliance and regulatory reporting problems
-Wants to enhance network security and operations
-Wants to improve IT operational efficiency
-Wants the assurance of a validated solution

Download this deployment guide here:

By Cisco Systems

Today’s sophisticated, blended threats can exploit three or four different communications vehicles before they launch full-scale attacks on unprepared enterprise networks. This white paper, written for IT managers and executives, examines the new security risks for today’s borderless enterprise networks, and describes how cloud-based Cisco® Security Intelligence Operations and powerful, comprehensive reputation filtering capabilities built into Cisco security appliances and services can help you protect your network from known and unknown threats.

Find out how by downloading this paper.

By Cisco Systems

The broad parameters and urgency of the Comprehensive National Cybersecurity Initiative (CNCI) require IT triage using risk management and leading technology practices. Some investments must occur earlier and more systemically than others. This white paper helps senior government staff understand the need to embed identity- and policy-based controls throughout essential infrastructure. The critical steps outlined in this paper will improve the government’s front line of defense and boost situational awareness to combat immediate threats. The same actions infuse identity, policy enforcement and intelligence-based security throughout the network, helping to strengthen the future cybersecurity environment.

Find out how by downloading this paper.

By HP Networking

As cyber threats across the globe continue to increase in number and sophistication, security and networking personnel must not only work harder but also smarter to stay ahead of malicious attacks. Sophisticated scanning, penetrating, and obfuscating tools and techniques are more widely available now more than ever before. Worst of all, hackers are now highly motivated to penetrate networks, applications, and databases to steal information that can quickly be sold for profit using botnets and other resources
they control.

To learn how to defend IT assets and business reputation by download this paper from HP Networking.