Friday, December 27, 2013

EoS and EoL Announcement for the Cisco ASA 5540

Cisco announced the end-of-sale and end-of life dates for the Cisco ASA 5540 Adaptive Security Appliances. The last day to order the affected product(s) is September 16, 2013. Customers with active service contracts will continue to receive support from the Cisco Technical Assistance Center (TAC) as shown in Table1 of the EoL bulletin. Table1 describes the end-of-life milestones, definitions, and dates for the affected product(s). Table2 lists the product part numbers affected by this announcement. For customers with active and paid service and support contracts, support will be available under the terms and conditions of customers' service contract.

This end-of-sale notice is part of a broader end-of-sale announcement for the Cisco ASA 5500 Series appliances that covers ASA 5510, ASA 5520, ASA 5540, and ASA 5550, including hardware accessories. Please refer to the respective end-of-sale notices for more detail. Software licenses on the Cisco ASA 5540 have not reached their end-of-sale date.

The Cisco ASA 9.1 is the last software release that will be supported on ASA 5540 and other ASA 5500 appliances that have reached their end-of-sale date. Customers are encouraged to migrate to the newer ASA 5500-X Series of next-generation firewalls (NGFW), which includes the ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, and ASA 5555-X.

Table1. End-of-Life Milestones and Dates for the Cisco ASA 5540 Adaptive Security Appliances

HW=Hardware OS SW=Operating System Software App. SW = Application Software
Note that the ASA 5500 appliances (including the ASA 5540) do NOT support NGFW services (AVC and WSE), whereas all ASA 5500-X appliances (including the ASA 5545-X) have been designed ground-up to run multiple services, including the NGFW services, without sacrificing performance.

Table2. Product Part Numbers Affected by This Announcement















Product Migration Options
Customers are encouraged to migrate to the newer Cisco ASA 5500-X Series, specifically the Cisco ASA 5545-X Adaptive Security Appliance, which offers increased throughput, better interface density, dual power supplies, and the ability to run services like IPS, AVC (Application Visibility and Control),WSE (Web Security Essentials), etc., without requiring a separate hardware module. Refer to the table below for a detailed comparison between the ASA 5540 and ASA 5545-X. Customers can also upgrade to the Cisco ASA 5555-X, which offers top-of-the-line performance and better scaling numbers than the ASA 5545-X.

Table3. Product Comparisons


More Notes:
Customers may be able to use the Cisco Technology Migration Program (TMP) where applicable to trade-in eligible products and receive credit toward the purchase of new Cisco equipment. For more information about Cisco TMP, customers should work with their Cisco Partner or Cisco account team. Cisco Partners can find additional TMP information on Partner Central at http://www.cisco.com/web/partners/incentives_and_promotions/tmp.html

Customers may be able to continue to purchase the Cisco ASA 5540 Adaptive Security Appliances through the Cisco Certified Refurbished Equipment program. Refurbished units may be available in limited supply for sale in certain countries on a first-come, first-served basis until the Last Date of Support has been reached. For information about the Cisco Certified Refurbished Equipment program, go to: www.cisco.com/go/eos

Service prices for Cisco products are subject to change after the product End of Sale date.

The Cisco Takeback and Recycle program helps businesses dispose properly of surplus products that have reached their end of useful life. The program is open to all business users of Cisco equipment and its associated brands and subsidiaries. For more information, go to:
http://www.cisco.com/web/about/ac227/ac228/ac231/about_cisco_takeback_recycling.html
More about EoL and EoS of Cisco ASA 5540 you can refer to
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/eol_C51-727354.html

More about Cisco EoS and EoL news you can see at http://blog.router-switch.com/category/news/
More Cisco EoS and EoL News:

Thursday, December 12, 2013

Cisco Catalyst 4948E Ethernet Switch for High-Performance Data Center Accesss



Cisco Catalyst 4900 Series Switches deliver high-performance, low-latency wire-speed Layer 2 and 3 services in a small form factor (1 or 2 rack units). The 4900 Series is ideal for space-constrained deployments.

The Cisco Catalyst4948E offers forty-eight 10/100/1000-Gbps RJ45 downlink ports and four 1/10 Gigabit Ethernet uplink ports and is designed to simplify data center architecture and operations by offering enterprise-class hardware and software in a one-rack-unit (1RU) form factor optimized for smart top-of-rack (ToR) data center deployments.










New Features of Cisco Catalyst 4948E Switch
The Cisco Catalyst 4948E offers:
• Twice the uplink capacity of the previous switch generation
• 1+1 power supply and fan redundancy for hardware replacement with no downtime
• Strict front-to-back cooling with no side or top venting
• Large shared packet buffers for microburst protection
• Nonblocking internal packet switching for east-to-west traffic patterns
• Full set of Layer 2 and 3 forwarding features
• Outstanding multicast performance
• Zero-touch provisioning with Cisco IOS Embedded Event Manager (EEM)
• Advanced quality of service (QoS)
• IP Version 6 (IPv6) switching and routing in hardware
• Extended MAC address tables to enable server virtualization

Table 1 summarizes the main features of the Cisco Catalyst 4900 Series Switches.
Table1. Cisco Catalyst 4900 Series Features
Feature
Cisco Catalyst 4948 Switch
Cisco Catalyst 4948 10 Gigabit Ethernet Switch
Cisco Catalyst 4948E Switch
Performance

Switching capacity
96 Gbps
136 Gbps
176 Gbps
Throughput
72 million packets per second (mpps)
102 mpps
131-mpps IPv4 switching
110-mpps IPv6 switching
CPU
266 MHz
666 MHz
1.0 GHz
Synchronous Dynamic RAM (SDRAM)
256 MB
256 MB
1024 MB
Active VLANs
4096
4096
4096
Multicast entries
• 28,000 (Layer 3)
• 16,000 (Layer 2)
• 28,000 (Layer 3)
• 16,000 (Layer 2)
• 32,000 (IPv4 Layer 3)
• 16,000 (IPv6 Layer 3)
• 32,000 (Layer 2)
Spanning Tree Protocol instances
1500
1500
3000
Switched virtual interfaces (SVIs)
2000
2000
4000
Security and QoS hardware entries
16,000
16,000
32,000
MAC addresses
32,000
55,000
55,000
Switched Port Analyzer (SPAN)
2 ingress and 4 egress
2 ingress and 4 egress
8 ingress and 8 egress
Minimum software requirement
Cisco IOS Software Release 12.2(20) EWA or later
Cisco IOS Software Release 12.2(25) EWA or later
Cisco IOS Software Release 12.2(54) XO or later

Cisco IOS Software
The Cisco Catalyst 4948E supports three levels of Cisco IOS Software, summarized in Table 2. The basic level is LAN Base, developed for deployments that require data center - class hardware along with Layer 2 switching. The next level of software is IP Base; most customers will deploy this level of software because it offers many of the value-added Cisco features that provide operational consistency and an easy-to-manage environment. The top level of software is Enterprise Services. Enterprise Services adds support for advanced routing protocols such as Border Gateway Protocol (BGP), Open Shortest Path First (OSPF), Intermediate System to Intermediate System (IS-IS), and Enhanced Interior Gateway Routing Protocol (EIGRP).

Software Configuration Options
Enterprise Services
IP Base
• BGPv4
• EIGRP
• OSPFv2 and v3
• IS-IS
• IP-SLA
• Nonstop Forwarding (NSF)
• Policy-Based Routing (PBR)
• Virtual Route Forwarding Lite (VRF-Lite)
• Multicast VRF-Lite
LAN Base
• AutoQoS
• Cisco EnergyWise
• Flexlink+
• Layer 2 traceroute
• Multicast Listener Discovery (MLD) snooping
• Rapid Per VLAN Spanning Tree Plus (RPVST+)
• Static routing
• Routing Information Protocol (RIP)
• Cisco SmartPort macros
• VLAN access control list (VACL) and port ACL (PACL)
• EIGRP-stub
• OSPF for routed access
• IEEE 802.1Q-in-IEEE 802.1Q (QinQ)
• IP service-level agreement (IP-SLA) responder
• Network Mobility Service Protocol (NMSP)
• Layer 2 Protocol Tunneling (L2PT)
• Stub IP multicast
• Cisco IOS EEM
• Gateway Load Balancing
Protocol (GLBP)





More Cisco 4900 Info:

Sunday, December 8, 2013

Cisco Catalyst 3750-X and 3560-X StackPower Overview

StackPower creates a power backplane among the switches in your stack, allows the power supplies to supply power to any switch in the stack. This means that you no longer have to have redundant power supplies in every switch. For example, in a switch stack that’s two units high, you could order a total of three power supplies. One per switch to provide enough power budget, and then a third that would act conceptually as a floating spare, filling in if either of the other two experienced a failure.

Another benefit is that you can replace a power supply in a switch without ever having to take the switch offline; assuming you’ve got the spare power budget available, StackPower will take care of keeping your switch powered while you replace the defective supply, even if that was the only supply in that physical switch.


Using StackPower
Note that StackPower is not supported in the LAN Base image. You need IP Base image or higher.
By default, StackPower comes up in power sharing mode, as opposed to redundant mode. That means that all power supplies detected in the switches are treated as one gigantic power supply.  If there is a power supply, the switch stack might have to shed some power (i.e. shut something down) so that the system conforms to the new, lower power budget created by the failed supply.

Take a look. First, I do a boring old “show env power all” to get a look at all the power supplies known to the stack, which in this case is a pair of 350W supplies in each switch. Then we look at the default state of the stack-power, having not done any configuration as yet. Note that I have both StackPower cables connected from switch 1 to switch 2.














Switch#show env power all
 SW  PID                 Serial#     Status           Sys Pwr  PoE Pwr  Watts
---  ------------------  ----------  ---------------  -------  -------  -----
1A  C3KX-PWR-350WAC     DTN1526L0PJ OK              Good     Good     350/0
1B  C3KX-PWR-350WAC     DTN1526L0PK OK              Good     Good     350/0
2A  C3KX-PWR-350WAC     DTN1526L0NV OK              Good     Good     350/0
2B  C3KX-PWR-350WAC     DTN1526L0NW OK              Good     Good     350/0

Switch#show stack-power
Power stack name: Powerstack-1
    Stack mode: Power sharing strict
    Stack topology: Ring
    Switch 1:
        Power budget: 223
        Low port priority value: 21
        High port priority value: 12
        Switch priority value: 3
        Port 1 status: Connected
        Port 2 status: Connected
        Neighbor on port 1: 7081.0588.9380
        Neighbor on port 2: 7081.0588.9380

    Switch 2:
        Power budget: 223
        Low port priority value: 22
        High port priority value: 13
        Switch priority value: 4
        Port 1 status: Connected
        Port 2 status: Connected
        Neighbor on port 1: 7081.0567.7b00
        Neighbor on port 2: 7081.0567.7b00
Switch#

You can choose between power-sharing (one big happy power supply) and redundant (the largest power supply is kept as a reserve). Also, each of these support modes of strict & non-strict.

“In strict mode, when a power supply fails and the available power drops below the budgeted power, the system balances the budget through load shedding of powered devices, even if the actual power being consumed is less than the available power.” In other words, no chances are taken that devices could exceed budget.

“In non-strict mode, the power stack is allowed to run in an over-allocated state and is stable as long as the actual power does not exceed the available power. In this mode, a powered device drawing more than normal power could cause the power stack to start shedding loads. This is normally not a problem because most devices do not run at full power and the chances of multiple powered devices in the stack requiring maximum power at the same time is small.” Here, Cisco will let you roll the dice under the assumption that it’s unlikely everyone in the stack is going to need max power. So technically, it’s possible to exceed power budget in this configuration, but the hope is that it won’t happen.

Seen from the output above, the default mode is “power sharing strict”. Now, you might not want power sharing mode. Your alternative is redundant mode, which is easy enough to set.
Switch#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#stack-power stack ?
  WORD  Power stack name - Up to 31 chars

Switch(config)#stack-power stack Powerstack-1
Switch(config-stackpower)#?
Power stack configuration mode:
  default  Set a command to its defaults
  exit     Exit from power stack configuration
  mode     Power stack mode
  no       Negate a command or set its defaults

Switch(config-stackpower)#mode ?
  power-shared  Power shared mode
  redundant     Redundant mode

Switch(config-stackpower)#mode redundant ?
  strict  Strict mode
  <cr>

Switch(config-stackpower)#mode redundant strict
Switch(config-stackpower)#^Z
Switch#show stack-power
Power stack name: Powerstack-1
    Stack mode: Redundant strict
    Stack topology: Ring
    Switch 1:
        Power budget: 223
        Low port priority value: 21
        High port priority value: 12
        Switch priority value: 3
        Port 1 status: Connected
        Port 2 status: Connected
        Neighbor on port 1: 7081.0588.9380
        Neighbor on port 2: 7081.0588.9380

    Switch 2:
        Power budget: 223
        Low port priority value: 22
        High port priority value: 13
        Switch priority value: 4
        Port 1 status: Connected
        Port 2 status: Connected
        Neighbor on port 1: 7081.0567.7b00
        Neighbor on port 2: 7081.0567.7b00

Switch#

You can also configure the load-shedding order (what ports and/or switches get power removed first). This could be useful in a PoE scenario where you want certain wireless access points or IP phones to lose power before others ones so as to minimize the impact to your company during a power supply failure.

So what’s a power supply failure look like? With my stack-power configured in “redundant strict” mode (meaning one supply is a spare, and potential power requirement cannot exceed power budget), I am going to disconnect one of the supplies on the switch I am consoled into, which happens to be switch 1 in the stack, as well as the master switch.
Switch#
*Mar  1 01:53:20.862: %PLATFORM_ENV-1-FRU_PS_ACCESS: FRU Power Supply is not responding
*Mar  1 01:53:21.843: %PLATFORM_STACKPOWER-4-REDUNDANCY_LOSS: Switch 1's power stack lost redundancy and is now operating in power sharing mode
*Mar  1 01:53:23.831: %PLATFORM_ENV-1-FRU_PS_SIGNAL_FAULTY: POWER_GOOD signal on power supply 2 is faulty
Switch#
*Mar  1 01:54:08.627: %PLATFORM_STACKPOWER-4-REDUNDANCY_LOSS: Switch 1's power stack lost redundancy and is now operating in power sharing mode
*Mar  1 01:55:08.630: %PLATFORM_STACKPOWER-4-REDUNDANCY_LOSS: Switch 1's power stack lost redundancy and is now operating in power sharing mode
*Mar  1 01:56:08.634: %PLATFORM_STACKPOWER-4-REDUNDANCY_LOSS: Switch 1's power stack lost redundancy and is now operating in power sharing mode
*Mar  1 01:57:08.638: %PLATFORM_STACKPOWER-4-REDUNDANCY_LOSS: Switch 1's po

The switch logs several messages. First, the power supply is seen as no longer responded. Second, the loss of redundancy is noted (hey, we’re not redundant anymore, so I guess we’re in power sharing mode). Third, the specific power supply with the fault is noted. Last, the lost redundancy state is repeated every 60 seconds.

Now I’m going to disconnect the second power supply on switch 1. If there enough power budget (these are not PoE switches), there should be enough power budget to continue on.
Switch#
*Mar  1 01:57:53.844: %PLATFORM_STACKPOWER-4-UNBALANCED_PS: Switch 1's power stack has unbalanced power supplies
*Mar  1 01:57:55.857: %PLATFORM_ENV-1-FRU_PS_SIGNAL_FAULTY: POWER_GOOD signal on power supply 1 is faulty
*Mar  1 01:58:08.641: %PLATFORM_STACKPOWER-4-REDUNDANCY_LOSS: Switch 1's power stack lost redundancy and is now operating in power sharing mode
Switch#show stack-power
Power stack name: Powerstack-1
    Stack mode: Redundant strict
    Stack topology: Ring
    Switch 1:
        Power budget: 223
        Low port priority value: 21
        High port priority value: 12
        Switch priority value: 3
        Port 1 status: Connected
        Port 2 status: Connected
        Neighbor on port 1: 7081.0588.9380
        Neighbor on port 2: 7081.0588.9380

    Switch 2:
        Power budget: 223
        Low port priority value: 22
        High port priority value: 13
        Switch priority value: 4
        Port 1 status: Connected
        Port 2 status: Connected
        Neighbor on port 1: 7081.0567.7b00
        Neighbor on port 2: 7081.0567.7b00

*Mar  1 01:58:37.825: %PLATFORM_STACKPOWER-4-UNBALANCED_PS: Switch 2's power stack has unbalanced power supplies
Switch#show env power all
 SW  PID                 Serial#     Status           Sys Pwr  PoE Pwr  Watts
---  ------------------  ----------  ---------------  -------  -------  -----
1A  C3KX-PWR-350WAC     DTN1526L0PJ No Input Power  Bad      N/A      350/0
1B  C3KX-PWR-350WAC     DTN1526L0PK No Input Power  Bad      N/A      350/0
2A  C3KX-PWR-350WAC     DTN1526L0NV OK              Good     Good     350/0
2B  C3KX-PWR-350WAC     DTN1526L0NW OK              Good     Good     350/0

Switch#
*Mar  1 01:59:08.645: %PLATFORM_STACKPOWER-4-UNBALANCED_PS: Switch 1's power stack has unbalanced power supplies
*Mar  1 01:59:08.645: %PLATFORM_STACKPOWER-4-REDUNDANCY_LOSS: Switch 1's power stack lost redundancy and is now operating in power sharing mode
*Mar  1 02:00:08.649: %PLATFORM_STACKPOWER-4-UNBALANCED_PS: Switch 1's power stack has unbalanced power supplies
*Mar  1 02:00:08.649: %PLATFORM_STACKPOWER-4-REDUNDANCY_LOSS: Switch 1's po

So at this point, the two power supplies in switch 1 are disconnected, and the two supplies in switch 2 are still up. Now there’s a pair of messages being logged every minute, complaining about the loss of redundancy, and the loss of balanced power.

Let’s go for the gold. What happens when we disconnect one of the two remaining power supplies? Amazingly, a single 350W supply seems to be enough to keep these two 3750X’s running, although admittedly there are no 10GBE optical modules installed. Still, impressive.
Switch#
*Mar  1 02:03:21.058: %PLATFORM_STACKPOWER-4-UNDER_BUDGET: Switch 2 does not have sufficient power budget
*Mar  1 02:03:20.052: %PLATFORM_ENV-1-FRU_PS_ACCESS: FRU Power Supply is not responding (Switch-2)
*Mar  1 02:03:22.040: %PLATFORM_ENV-1-FRU_PS_SIGNAL_FAULTY: POWER_GOOD signal on power supply 1 is faulty (Switch-2)
Switch#
Switch#show switch
Switch/Stack Mac Address : 7081.0567.7b00
                                           H/W   Current
Switch#  Role   Mac Address     Priority Version  State
----------------------------------------------------------
*1       Master 7081.0567.7b00     1      1       Ready
 2       Member 7081.0588.9380     1      1       Ready

Switch#show env power all
 SW  PID                 Serial#     Status           Sys Pwr  PoE Pwr  Watts
---  ------------------  ----------  ---------------  -------  -------  -----
1A  C3KX-PWR-350WAC     DTN1526L0PJ No Input Power  Bad      N/A      350/0
1B  C3KX-PWR-350WAC     DTN1526L0PK No Input Power  Bad      N/A      350/0
2A  C3KX-PWR-350WAC     DTN1526L0NV No Input Power  Bad      N/A      350/0
2B  C3KX-PWR-350WAC     DTN1526L0NW OK              Good     Good     350/0

Switch#

The way power is shared here makes a 3750-X behave like a chassis.

More Cisco StackPower Reviews: