SAN JOSE, Calif. - April 22, 1996 - Cisco Systems, Inc. today unveiled anew software technology and new high-speed interfaces that will enablecorporations and service providers to use their existing, packet-basedrouted infrastructures to meet tomorrow's networking requirements.

NetFlow(tm) Switching is a new CiscoIOS(tm) software switching mechanismthat enables Cisco routers to combine high-performance, network-layerswitching with the application of network services providing security,quality of service (QoS) and traffic accounting information. With NetFlowSwitching, these services can be applied on a per-user, per-applicationbasis. This will benefit network managers because they can:

• more efficiently control access to information on corporate networks,

• support an array of existing and emerging applications with different priorities and response-time requirements and

• get more detailed traffic statistics to fine tune their networks. All of these requirements are driven by the demands of client/server computing, Internet access, switched virtual LANs, remote and mobile users, networked multimedia and high-speed campus and WAN services.

Users can deploy NetFlow Switching on the Cisco 7500 series and onhigh-end Cisco 7000 routers (withRoute/Switch system Processors --RSPs) with asimple Cisco IOS software upgrade, which will be available in the secondcalendar quarter of 1996.

Support for NetFlow Switching will be extended to other Cisco routerplatforms throughout 1996, beginning with mid-range systems in the thirdquarter. NetFlow Switching initially will support the network-layerInternet Protocol (IP) and will be extended to support the Internet PacketExchange (IPX) protocol.

With the introduction of NetFlow Switching services, Cisco also announcedtoday that it will roll out new packet-oriented interfaces that supportSynchronous Optical Network (SONET) and Synchronous Digital Hierarchy (SDH)speeds. These interfaces will be available in the third quarter of 1996 onCisco 7500 series routers. Together, these software and hardwaredevelopments enable network managers to extend their existing,packet-oriented infrastructures to deliver the scalability, interface speedand performance needed to meet emerging network requirements.

"These advances represent significant enhancements to the routing elementof our CiscoFusionarchitecture , which allows customers to use routing, LANswitching and ATM switching to build scalable, distributed internetworksthat will meet their future needs," said Richard Palmer, Cisco's directorof marketing for high-end routing products. "By providing NetFlowSwitching on existing Cisco routers, we're maximizing customers'investments while helping them meet the demand for more bandwidth and newnetwork services."

NetFlow Switching is a unique, Cisco IOS software switching mechanism thatidentifies traffic flows between internetwork hosts and then, on aconnection-oriented basis, switches packets in these flows at the same timethat it applies relevant services. Traffic flows are uni-directionalstreams of packets between a given source and destination, both defined bynetwork-layer (IP) address and transport-layer port number.

In conventional switching at the network layer, each incoming packet ishandled on an individual basis. The router performs a series of separate"look-ups" or tasks for each packet and then sends (switches) each packetto its destination. These separate tasks include checking to see if asecurity access filter applies and updating traffic accounting records.With NetFlow Switching, this process only occurs with the first packet in aflow. Once a network flow has been identified -- and services relevant toit determined -- all subsequent packets are handled on a connection-orientedbasis as part of this flow. Packets are switched and services are appliedto them in tandem by a single task. This streamlined way of handlingpackets enables Cisco routers to greatly increase performance for networkservices.

On Cisco 7500 series routers, for example, NetFlow Switching can takeadvantage of distributed switching and service capabilities provided by thenew Versatile Interface Processor(VIP) interface cards.By performingdistributed NetFlow Switching on each VIP, while utilizing the mainRoute/Switch Processor, system performance of the Cisco 7513 can scale tomore than one million packets per second.

NetFlow Switching provides increased performance for Cisco IOS servicesrelating to security, quality of service and traffic accounting. At thesame time, it enables these services to be more efficiently applied on aper-user and/or per-application (session) basis, which helps networkmanagers better design and fine tune their networks.

Security

In addition to allowing large numbers of access lists (used for securityfirewalls) to operate with no significant performance impact, NetFlowSwitching allows access list permissions to be set with granularity basedon application protocol. For example, access privileges are determined notjust according to IP address, but according to whether the traffic is WorldWide Web, file transfer or telnet, etc.

"The ability to increase granularity in applying security or access controlis tremendously important in client-server environments, where informationis distributed and accessed by distributed and mobile users," said KimberlyLorencic, senior analyst at the Yankee Group in Boston, Mass. "Before,when information primarily resided 'all in one place' on a mainframe, itwas easier to control access and provide security."

NetFlow Switching also enhances performance with new Cisco IOS servicessuch as network encryption. Cisco's network encryption service enablestraffic to be encrypted using private Data Encryption Standard (DES) andpublic key mechanisms. Network managers can selectively apply encryptionto just the applications which require it. This improves overall networkperformance and is less expensive than encrypting all traffic on each link.The ability to encrypt data on a per-session basis also will enablecorporations to use the public Internet to safely transport confidentialinformation.

Quality of Service

In corporate environments, ensuring defined quality of service (QoS) levelsin the network is important because mission-critical,response-time-sensitive applications now share network resources with newbandwidth-hungry applications such as imaging and groupware. For serviceproviders, delivering varying QoS levels is fundamental to offering thedifferentiated services needed in an increasingly competitive industry.

Cisco IOS software supports industry-standard protocols such as theResource Reservation Protocol (RSVP) and advanced queuing methods such asWeighted Fair Queuing, which use the same concept of flows as NetFlowSwitching. RSVP enables applications to request a specific QOS across anetwork, and techniques like Weighted Fair Queuing enable each router tomeet the requested service level.

Currently, NetFlow Switching and Weighted Fair Queuing each operateindependently on incoming and outgoing packet flows. In the future, Ciscowill integrate and support their operation on a distributed basis in Cisco7000 family routers (with Route/Switch system Processors). This will allownetwork managers to maintain scalable, high-performance quality of serviceacross a Cisco-based routed infrastructure.

Traffic Accounting

Cisco NetFlow Switching includes an accounting mechanism that allowsmanagers to track network traffic on an end-to-end or per-applicationbasis, a level of detail not available in other technologies. Dataprovided by NetFlow Switching covers both "snapshot" summaries of trafficfor each protocol and detailed statistics on each flow. This accountinginformation enables network managers to fine-tune networks by identifyingwhich users and applications need more bandwidth or a specified quality ofservice.

In essence, NetFlow Switching gives network administrators access to "calldetail recording" information for their data networks.

"NetFlow Switching provides an end-to-end view of traffic patterns in realtime," said Erikas Napjus, manager of network development in the ComputingServices Division at Carnegie Mellon University in Pittsburgh, Penn. "Thatcould help us react to problems more quickly and better plan for where weneed to expand the network or add new high-speed technologies such as FastEthernet."

The extensive traffic statistics generated by NetFlow Switching can beexported to network management applications using a mechanism calledNetFlow Data Export. Information about "expired" flows is summarized andcan be efficiently exported using a defined data structure, which issupported by multiple remotemonitoring (RMON) and performance managementapplications. NetFlow Data Export provides the detailed trafficinformation that enables network managers to better understand and tracknetwork traffic patterns.

"With NetFlow Switching, users can not only perform valuable networkservices at high levels of performance but can also apply these services ona per-user, per-application basis," Cisco's Palmer said. "High-performance, network-layer switching, coupled with the connection-orientedapplication of Cisco IOS services, gives customers a rich, extendible setof technologies for corporate and service provider backbone networks."

Packet OC-3/STM-1 Interface

Cisco also is extending the capabilities of routed backbones by introducinga new packet-oriented interface that supports SONET and SDH speeds.

In 1991, Cisco was the first to develop a packet-based High SpeedSerialInterface (HSSI) to meet the need for high-speed data transportover 45Mbps DS-3 facilities. Now, the company has developed a packet interfacethat will enable customers to efficiently send frame and packet data overhigher-speed lines using standard protocols such as High-Level Data LinkControl (HDLC) and Point-to-Point Protocol (PPP). The 155-Mbpspacket OC-3/STM-1 interface will maximize line efficiency and utilizethe extensive SONET/SDH infrastructure already deployed by carriers.

*Special bundled pricing is available when NetFlowSwitching is ordered with other Cisco IOS software feature licenses forCisco 7000/RSP and 7500 series routers.

Cisco Systems (NASDAQ: CSCO) is the leading globalsupplier ofinternetworkingsolutions for corporate intranets and the global Internet.Cisco's products, including routers, LAN and ATM switches, dial-up accessservers and network management software, are integrated by the Cisco IOSsoftware to link geographically dispersed LANs, WANs and IBM networks.Company news and product/service information are available at World WideWeb site http://www.cisco.com. Cisco is headquartered in San Jose, Calif.

---

Posted: Fri Jul 18 11:30:02 PDT 1997