Cisco Networkers 1998

home *** CD-ROM | disk | FTP | other *** search

/ Cisco Networkers 1998 / Cisco Networkers 1998.iso / pc / talks / nwk03 / nwk03.eml < prev next >

Wrap

Text File | 1998-04-08 | 75.4 KB | 1,076 lines

<HTML> <HEAD> </HEAD> <BODY> Hello, and welcome to the Managing Campus Networks Networkers presentation. Today we're going to talk about Managing Campus Networks. We're going to talk about common scenarios that customers go through on a daily basis to manage their networks. This presentation will not be a standard marketing presentation that strictly covers product features and functions. We'll try and apply some real-world scenarios to this presentation. My name is Greg Mayfield. I'm a Product Marketing Manager in the enterprise line of business, and specifically I am in the Network Management Business Unit within Cisco. Our goal and charter within the Network Management Business Unit, as the name implies, is to provide management products to our enterprise customers. The agenda for today's presentation is as follows. First we'll talk about what campus networks are, and then we'll talk about the products and technologies that are commonly being deployed in these campus networks. Then we'll follow through with specific challenges that customers face on a daily basis within these networks. And we'll go through some specific scenarios that customers go through on a daily basis. And we'll also discuss how our products solve problems in those scenarios. Last, but not least, we'll talk about our products themselves in more detail, and an overview of those products and what directions they're going to take in the future. Last, but not least, we'll have a summary and a Q&A session. So what's going on in campus networks today? Before we go on with this, let's first define what a campus is. In general a campus is a network comprised of hundreds, if not thousands, of end users. Also, it's comprised of hundreds, possibly tens, of switches and routers to connect all those users together. And typically a campus network is restricted to one geographic location. A campus network, for example, would have one building or a group of buildings in close proximity with one another. A campus network would not be something such as a campus or a network in Dallas, and a campus in St. Louis, and a campus in Houston. Campus network is typically confined to one physical or geographic location. So within campus networks, what technology or market trends are we seeing? In general we're finding out that customers are replacing their hubs with switches. They're replacing shared environments with switched environments. And of course, in Cisco's case we're deploying Catalyst 5000s, 3000s, and 2900 switches to address those customer needs. Also, we're finding out that customers are deploying more and more switches, not strictly as a direct replacement for all those hubs they're getting rid of - they're adding even more switches to their network environment, and this is partially due to the increase in network users they have in their network. Some customer environments started out with several hundred users and now they've grown to several thousand users. In order to accommodate this growth, we're deploying more switches, with more ports, within the network. Also, customers are logically segmenting their networks and their environments. What they're doing is deploying VLANs, or virtual LANs, so that they can limit and control broadcasts and traffic. Another popular technology or product that's - product direction that's taking place in the campus is deploying of faster and faster backbone technologies. Most likely customers are deploying ATM, Fast Ethernet, and of course, Gigabit is a very popular subject these days. Cisco's solution to those high-speed technologies are typically in the LightStream product line, the LightStream 1010s, the Catalyst family with support for the Fast Ether channel technology and the Gigabit technology. Customers are also migrating towards faster and different types of routing solutions. They're providing both centralized and distributed routing within the network environments. And to accommodate these customers Cisco, of course, provides the 7000 series families of routers and the new Route Switch Modules, the RSMs. And relating to routing, Layer 3 switching, or high-speed routing, is becoming a very popular subject these days, and Cisco is meeting the customer needs by providing the NetFlow Feature Card, the NFSC, and also the Route Switch Module to accommodate users' needs in this high-speed environment. So let's talk about some of the challenges that customers face in these types of campus networks. Now of course, we just walked through some of the technologies that Cisco is deploying in campus networks, and your probably most popular question that you're going to ask is, "How do I deploy or how do I manage and configure my new Catalyst 5000s?" Or, "How do I set up and configure my RSMs or my 7500 routers?" Those are all very valid questions and concerns. The slide that I have here regarding challenges is actually taking those types of issues on a higher level. In general you can break down challenges into three areas. You have the device-level issues, you have network-level  issues, and you have management console issues. From a device-level standpoint, the concerns with most IS staffs specifically are, how do you track your devices, how do you configure them appropriately, and how do you monitor their status and their performance? Now with end users you have the same types of issues. How do you track where your end users are located on your network? What is the performance that they are - how are they impacting the network? From a network level, which takes it at a little bit wider - a birds-eye view, if you will, excuse me - you're dealing with things such as managing network inventory, tracking all the devices in the network, verifying the performance of those devices within the network collectively, and also verifying security and accessibility to those devices within a network. Last, but not least of course, if you have failures from a network-level standpoint you want to be able to track all those failures across your network and pinpoint the cause of those failures. Last, but not least, out of these three issues, management consoles are also of great concern for IS staffs. This is often something that a lot of individuals forget when they're setting up a network. They may be concerned about configuring your devices and monitoring your networks, but when it comes down to actually deploying some type of software solution in their environment, they forget that there are difficulties associated with this. Some issues that you have to face are: What type of system should I use? What's my OS of choice? What's the processing power of the system that I'm about to load this software on? How many systems and applications do I need to adequately manage my network environment? And last, but not least, how can I store all this information? I have to gather information from the network - where can I store this and how do I store that? So in general these are the high-level issues that campus managers, or IS staffs, face within campus management environments on a daily basis. We can't discuss all these in today's session because of lack of time. What we can do, however, is focus on some specific challenges that were being - that customers, excuse me, are being faced with on a daily basis. Let's take a look at some of these right now. In these example scenarios - we've listed, excuse me, five example scenarios here. Out of these scenarios we talk about many various challenges that IS staffs face on a daily basis. This list is actually comprised of requests that we get from customers on a daily, if not a weekly basis. Cisco has a very busy Executive Briefing Center where we have customers come in on a daily/weekly basis, and based upon a lot of those executive meetings we've found out that these are the top issues that customers seem to be asking us. What can we do about their network inventory? What can we do about Year 2000 compliancy, which, of course, is growing in popularity because of the coming of the new century. What can we do about upgrading network software? Excuse me. And what can we do about tracking end-user stations? Where are these stations on my network? How many do I have? How can I control them? And last, but not least, if I'm setting up an ATM environment, a high-speed ATM core environment to my network, how can I configure that and monitor it appropriately? And this last issue, the last scenario, deals primarily with intercampus communications, I didn't want to leave this out of this session. If you're connecting campuses together and you want to be able to verify the integrity and monitor the performance of the links between those various campus networks, you need tools to track that appropriately, and we'll discuss that scenario as well during today's session. So for the next 30 minutes we'll walk through these various scenarios. Let's look at scenario number one, tracking network inventory. In this fictitious scenario I have Company XYZ, and in Company XYZ the CIO is conducting an audit. He's putting pressure on the IS staff, basically requiring that they present him with an update of the network inventory by the week's end. Also, they want to verify, of course, what is going on within the network regarding Year 2000 compliancy. There are many challenges to consider in this scenario. I've listed a few of them here. Some of the challenges, of course, are what do you do if you have hundreds and hundreds of network devices, if not thousands of network devices? How do you track that information in such a short amount of time? You have insufficient planning time and you're going to have to gather as much information as quickly as possible. Another problem that we face in this scenario is that most customer environments have outdated topologies and inventory understanding in their network. How many routers and switches do they have in their environment? What software versions are they running? These are questions that IS staffs typically ask on a daily basis. Last, but not least, out of all of that inventory, out of that software in their network environment, what versions are compliant with the Year 2000? So as the millennium comes, what software device - what software will cause faults in your network and possibly cause certain network devices to crash? What other devices will succeed and will comply with that standard? So there are some traditional approaches that network managers face when addressing this particular scenario - really two approaches. The first approach is manually collecting the inventory data. Now this is a very time-consuming and frustrating process. What most IS staff members tend to do is they walk around the network environment with a clipboard and possibly a spreadsheet, and they'll fill out information regarding the physical inventory. They'll check the various software versions on their devices through CLI and through Telnet. They will also enter this information through a spreadsheet and possibly make various copies for individuals to share within the IS staff. Last, but not least, regarding Year 2000 compliancy they'll also check through various forms and software libraries what versions of specific vendor software are compliant and what are not, and then of course, last but not least, they have to update their network and deploy those new software versions if they want to be 2000 - Year 2000 compliant. Another issue to address or I should say another traditional approach that network managers follow is the use of an NMS, a network management system. Most network management systems, such as HP OpenView and SunNet Manager, are very excellent, very powerful platforms. However, when it comes to gathering network inventory they do have some limitations. They are unaware, typically, of detailed information regarding module software, the number of modules within a specific device chassis, and so forth. So what you'll get out of these NMS stations typically are the name of the device, the chassis type, an IP address, and that's about it. So what customers have to do is typically go back to step number one and manually collect that additional data for those devices. So it's a very frustrating process, it's very laborious. So what does Cisco provide, from a product solution set, that'll address these problems and make life a little easier for these IS staff members? Our solution in this particular scenario is called Cisco Resource Manager, CRM. So for the rest of the presentation what I'll be using is that abbreviation CRM to address this product. With CRM we have a very powerful product offering that will gather network inventory information for you automatically, we automate that process. However, we do need a foundation of information to dig into for more detail. For example, if you are using a NMS in a network environment, and most customers are, what we can do is import that information into the CRM and then build upon it and gather even more detailed statistics from those devices - module-level information, software type, software version levels, location of the device, so forth and so on. That type of information is what we gather from CRM. Now we also provide the user with the benefit of customizing that information. What we can do is actually take that information and rearrange it in the specific views. So by default you can always look at your Catalyst switches, all your Catalyst switches. You can also look at all your routers or your routers of a specific type. But you can take it further and break down those views into specific locations or specific areas within your network. And this information is updated periodically. This is not a one-time gathering - a process where we gather information just for one point in time. You can update this information periodically so that your network inventory is always up-to-date. So in general, CRM provides a very powerful solution for gathering this network inventory statistics on hardware and software throughout your network. And we, of course, are focused on Cisco technologies, but we also will support some basic SNMP technologies in your network. For example, any device that speaks MIB II within the network we will gather inventory on and identify in the CRM database. Now the other point of this scenario was Year 2000 compliance. CRM also has the capability of track Year 2000 compliance in its suite of products - excuse me, suite of applications. CRM automatically gathers information from the network and puts it into its inventory database. And what we also do in CRM is compare that information with certified software and devices that are presented up on our Year 2000 compliance Web page. Cisco has a Year 2000 compliance Web page up on CCO and what we do is we automatically go up there, through CRM, and make a comparison of your inventory. Then we verify which devices and software in your network comply with the Year 2000, which ones do not. And that information on CCO is updated on a periodic basis so it's always up-to-date. So CRM actually is a very efficient tool for tracking your inventory and also for verifying Year 2000 compliance within your network. It checks all your devices and creates a change report regarding those devices that do not comply with the Year 2000 certification that Cisco has created, and it also provides a change report regarding any change in inventory within your network - very helpful for reporting the status of your network at a glance. Now let's look at another scenario. Scenario #2 actually is a perfect follow-on for Scenario #1. If you recall from Scenario #1, if you have any noncompliant Year 2000 software in your network, what you're going to have to do is upgrade that software if you want to make sure you run appropriately and sufficiently come the change of the century. So with this scenario we're talking specifically about upgrading network device software. Most companies go through and they certify and evaluate specific versions of software before they fully deploy them in their production network. In this case Company XYZ went through, they evaluated and certified IOS Versions 11.1 for their routers and Cisco Catalyst software 2.4.3 for their Catalyst 5000s. So what they need to do is migrate from their existing software and upgrade their various routers and switches in their network. In this case they have 75 routers, say, and they have 300 switches to support their LAN users. So it's going to be a very difficult task in most environments that don't have our product solutions to deploy and upgrade their network software. If you follow the manual approaches, which a lot of customers do, you'll find that's quite a challenge. So the challenges that we're facing here, of course, are a combination of router and switch images, which are different things. What are your hardware requisites? If you want to upgrade to the latest version of software, do you have the proper memory configuration, or the amount of memory within these devices? And if you don't, well then you want to be alerted to that situation prior to trying to download. Most IS organizations are typically understaffed to handle large software deployment issues. And also, if they have to support that upgrade within a short amount of time it's also very frustrating and difficult. You have a few people that are responsible for updating a large number of devices. So the challenges are not unrealistic but they are quite difficult to overcome. They are very difficult to overcome, and specifically if you look at the traditional approach. The traditional approach tends to be very manual. Of course you identify what resources you have within your network - who can actually conduct these upgrades and who cannot. Determine the impact of the upgrades, do you have enough - excuse me, what devices are you going to upgrade and specifically what locations on the network? Do you have enough memory to support some of those devices that you know off-hand need to be upgraded? So forth and so on. And, once you go through and review your manual process then you have to gather, of course, the software from your vendors which is probably the easiest thing you have to do. You acquire the software, in this case, from Cisco, you schedule your upgrades, and then you distribute the software. And typically when you're distributing software you use a TFTP server. Now if you have a small number of devices, TFTP and doing this one-by-one on a device-by-device basis is actually not a difficult process at all. It's actually fairly straightforward. However if you have many devices, as in this case, and many different types of devices, as in this case, it becomes a very slow process and it's also susceptible to a lot of problems. You find out that IS staffs have a low confidence level when it comes to upgrading a large number of devices within a network. And this process, of course, because of the low confidence is error prone. You find out that most customer environments will go through again, and again, and again a down - excuse me, an upgrade process to download software on the network and it's a trial-and-error process that comes out to be very laborious and tedious. So what does Cisco provide from a solution set that will address these upgrade problems? We provide, once again, CRM, Cisco Resource Monitor. Cisco Resource Monitor actually is a suite of applications. I mentioned the inventory capabilities earlier in the scenario, but in this case we're talking about capabilities within the product that automate the distribution of software across your network. We support the distribution across all Cisco devices, so routers, switches, access servers, for example - we support those types of devices and what we can do is gather information off of CCO if we do not have those devices in our local library. CRM has a library that it has within its system and you can maintain that library, you can update it and so forth and so on, courtesy of images you download from CCO. Prior to downloading that information onto your devices in your network we also check and verify that the devices match the prerequisites for the software. For example, if an image requires 8 meg and the system only has 4 megabytes of RAM, we'll alert you to that and we will not do the download. And we also verify the devices, of course, once you do do the download, which devices fail and which devices do not fail the download process. And the benefit of this whole solution is that it's automated. You can update many devices simultaneously, you can schedule this to run at specific times during the day, and you can also look at a report regarding the overall process and find out what worked and what didn't. So it's a very fast, a very efficient solution that lets you upgrade your software on your network, across your network. Now let's take a look at another common scenario that network managers face within a campus network. That scenario is tracking end-user stations. This scenario is very similar to the first one that we talked about earlier, tracking network inventory. In the case of Company XYZ, what they do - what they need to do is obtain an up-to-date end-user station inventory on the network. This will help them for troubleshooting end station problems. Typically users call in and they state that they have a problem - they can't access the network, they don't know how to set up an address, and so forth. If that's the case then the IS staff needs to troubleshoot - needs to, excuse me, quickly identify that station and then troubleshoot that station to find out what the difficulties are. In this environment though there are lots of challenges. Of course a lot of customer environments don't have information on end users at all. They have a basic understanding of the devices in the network such as the switches and routers, but they have an out-of-date network user inventory, and of course they may not even have any idea where these stations are located within the network. Another problem, of course, that presents itself is if you have hundreds, if not thousands, of end-user stations in a network. If you have a smaller network this doesn't present such a problem. However, with larger and larger networks it's very difficult to track where your users are located on the network and the statistics related to those users such as, IP address, MAC address, switch location, wall jack location, etc. And of course, this becomes a very pressing issue if you have an edict from upper management and you have insufficient time for gathering this data off of the network. Another important point to consider in this type of scenario is, how do you support and how do you track users in dynamic networks? And what I'm referring to specifically is how do you track users that are mobile within a network? A lot of companies employ sales forces, for example, and some of these individuals within the sales force come into an office, they plug into one location, the next day they also come into the office, and they plug into a different location on the network. How do you verify who's on the network, and when they were on the network, and track that appropriately? Those are some common challenges. Now let's look at some of the approaches that IS staffs face on a daily basis. These approaches, coincidentally enough, are very similar to what we talked about in Scenario #1. The first approach is a manual process. So they manually gather end-station information. They enter this into a spreadsheet. So you may see a lot of people walking around the network with a clipboard asking people for their IP address, their MAC address, if they have a station host name, verifying the wall jack location as it connects to the risers, and of course, once you go to the risers what switch and what switch port are you connected to. This is very valuable information if you want to troubleshoot end users on the network. However, as in the previous case with the inventory, it's a very laborious, time-consuming, and frustrating process. Now the second approach that you can follow is using an NMS. And as we spoke about earlier, the NMS solutions that are out there on the network do gather some end-user information and device information on the network but unfortunately it's limited. It doesn't provide you information such as, for example, user names, wall jack information, switch location, even where, if you're using VLANs, where they're plugged into the network and what VLANs are they associated to. These are some of the problems that users face and here are some of the traditional approaches which, as you can see or as we just discussed, excuse me, they're fairly inefficient. Now Cisco has some solutions that address this particular scenario, and what we're talking about here is CWSI, CiscoWorks for Switched Internetworks. CWSI, as I'll call it from heretofore, is actually a powerful application suite designed specifically for managing switched environments. CWSI automatically will gather information on your network and compress that into a database and allow you to search and query that information within the database. We have a topology display, we have tabular displays, and so forth, that'll make it easier for you to verify what's in your network. In this case what we're concerned with of course is the inventory information regarding end users. What we will do within CWSI is go out there and automatically gather information about the stations attached to your Catalyst switches in your network. We'll gather information about the MAC address, the IP address, the host name if applicable, the VLAN membership, what switch it's attached to, and so forth. And from this information then you can run queries on the network. You can say, I want to find out where this particular station with this IP address is and where it's attached, what the wall jack location is, and so forth on the network. I mentioned wall jack location. We do have some customized fields within the CWSI database, within this application, that users and operators can customize and they can fill in, to their heart's content. A lot of customers have deployed, or I should say, have used wall jack information - they have a specific standard mechanism for naming a wall jack location, they put this into the table that we provide in the application, and then they can run queries on it. So if a user does call up, they can verify who the user is by either their name or their IP address, and then they can verify where they're plugged into the network and identify the wall jack that they're plugged into and, of course, identify what switch they're plugged into. From there they can go through and troubleshoot that user's port or troubleshoot that user's performance on the network. They can go through and analyze packets and diagnose the network based upon that user's input on the - impact on the network. This information that we provide within CWSI also is very helpful when you want to configure dynamic networks, or what we call dynamic VLANs within your network. So if you do have mobile users within your environment and you want to make sure that you know where those users are within the network environment, you can deploy some of the technology that we just recently released within Cisco. Within our Catalyst switch software we have technology called VMPS, Virtual Membership Policy Server, and that software basically understands, or I should say allows users to plug into the network at different locations and it will still automatically assign them to a designated VLAN. And the benefit of CWSI in linking into the VMPS is that you can actually configure those policies for those end users so that whenever Joe plugs into the network, Joe will automatically be associated to the sales VLAN or to the marketing VLAN. The benefit is that it's easy to assign specific groups of users to specific VLANs in the network, and it's also very easy to track those users once they're on the network. You can verify where they are, when they are on the network, and what VLANs they belong to. So user tracking within the CWSI application really has two benefits. It can identify all the end stations on your network and tell you where they are and statistics about those stations, and it also allows you to configure dynamic networks in your environment, dynamic VLANs, and allow you to set up policies for these users across the network. Very powerful tool. Let's talk about another common scenario that we see within our customer environment, and this is regarding really the network backbone. In this case customers want to migrate and deploy ATM in their network backbone. Very common scenario - customers are migrating from FDDI to ATM and in this case, using Cisco equipment, they're deploying LS 1010, LightStream switches, and they're also using the Catalyst 5000 switches as their edge devices. What are the challenges in this scenario? Well, they're quite common. A lot of people don't have the expertise in ATM as they do in Ethernet or Token Ring technologies. ATM is a connection-oriented architecture and it's very different from the standard Ethernet and Token Ring and FDDI architectures that exist. Some other challenges you have to address is if you are connecting your ATM network to your Ethernet LANs, for example, you're going to have run LAN emulation. So how do you maintain LAN connectivity and how do you configure your emulated LANs in your network properly so that you can run data across your network efficiently. Last, but not least, in ATM networks, how do you track and verify the usage of virtual circuits throughout your network? That's a very common challenge that customers ask us about. How do you verify that the various dynamic virtual circuits that are flowing about an ATM network are running efficiently? It's very different from just tracking the performance of one Ethernet link. Basically what you're looking at is a virtual circuit that can run through various locations in the network and you want to make sure that you can track that and monitor it appropriately and identify if there is any problems. So what are the traditional approaches for addressing this ATM configuration situation? In this case, unfortunately it's very device-centric. Most customers that we discuss those issues with use CLI, command line interface, or Telnet on a device-by-device basis. They use that to initially configure the device, to set up the LANE services - your LANE clients, your LANE Broadcast Unknown Server and your LANE configuration server, your active and backup services, and so forth. They use the CLI to configure those services and they also the CLI to set up and monitor your virtual circuits. The problem with this approach is that, as I mentioned before, it's device-by-device. It lacks a network-wide focus. So what you have to do is literally hop from one device to another and verify the status and performance of these various services in your network. It's a very myopic view. So what is the solution that we provide here at Cisco to address this? Once again, we provide CWSI, CiscoWorks for Switched Internetworks. CWSI, as I mentioned before, is a suite of applications and one of those applications is specifically ATM management. And what we do is we automatically discover the ATM devices and links and the services in your network. We'll go out there and discover them if they're already set up. If they are not set up we'll provide a mechanism within CWSI so that you can configure those devices appropriately. You can set up your LANE services such as your LES server, your LES/BUS server, excuse me, your LANE configuration server, and we could also monitor the status of those LANE services on your network so you can verify what services are up and running and what services are not. You can easily even set up active and backup connections within your network - all through a standard, very simple to use, graphical user interface. Last, but not least, if you want to track your virtual connections end-to-end across your network you can also use the virtual circuit tracking, or virtual channel tracking, capabilities within CWSI. So you can verify, for example, within the topology map, click on a link and verify all the virtual circuits running through that link. Or what you can do is verify from one end to another and verify what circuits are used to connect those devices together. Very powerful ATM configuration and monitoring capabilities, and these capabilities significantly ease the ATM management difficulties that you'll have within your network environment. The ATM capabilities that I've just mentioned have been very popular with a lot of customers and we've actually made a lot of IS staffs happy with this product solution. Let's talk about our final scenario. That scenario is really intercampus-related as opposed to just looking at intracampus activity. In this case we're talking about monitoring WAN links. As companies grow they'll start expanding and they may not have one building. They'll move to two or three buildings. Well, if they establish WAN connectivity between those buildings you'll find that, of course, that they're going to be running more and more traffic across those WAN links. They'll be running, of course, their e-mail, their meeting schedulers, maybe multimedia or video applications, and this increase in the LAN traffic over the WAN link actually can cause some problems. As you're probably well aware of, you have to subscribe for WAN services. So what you'll do is typically pay for a specific channel from a subscriber, a service provider, and then you could break that channel down into subchannels and those channels can represent - are represented by PVCs, permanent virtual circuits. Well, each PVC that you subscribe to is based upon a committed information rate, a CIR. So, the importance here is that - is you should verify that your CIR, that you meet your CIR requirements. If you exceed your CIR, your committed information rate, that means basically that your bandwidth, you're running too much bandwidth across that WAN link. If you are underneath that CIR, you're underutilizing the link, and basically you're paying for services that you don't need. So the challenge is, of course, it's always a balance. Well, how much bandwidth do I need? How much availability do I need? Can I resolve the WAN problems if there are any difficulties whatsoever on this WAN link? Can I allocate cost properly by setting up this WAN link across my network? And, how do I set up and plan for future bandwidth requirements? As my needs grow in my corporation, do I have enough bandwidth to link various parts of my campus network together? So let's talk about some of the traditional approaches that we use in this environment. And there's really two. And they're quite fundamental. The first one deals with basically using SNMP to gather and poll information regarding your WAN interface statistics. Typically in a WAN environment you'll have a router, and you'll link that router to a DSU/CSU. What you can do, through standard SNMP polling from say a network management station, is you can verify the interface statistics on that WAN interface, on that WAN port. You can verify, you know, the utilization, how many packets they're running through the interface, and so forth. However, this approach is very limited. It doesn't tell you information regarding the PVCs, the circuits. It doesn't tell you information about any protocols or applications running across that link, which is typically what IS staff members want to look for. They want to verify what applications are running across their LAN and what applications are not. Another approach is using network analyzers. You've probably heard, of course, of the Sniffer. A Sniffer is a popular device, and what people would do is they'd carry this portable device, set it up and monitor the statistics that are coming off of that wide area link. The problem with that is that it's - one thing, it's a portable solution, it's not permanent. These solutions can be very expensive. And last, but not least, they tend to be very protocol-level specific as opposed to looking at application-level statistics or looking at, say, overall traffic flow across the link. There are some difficulties with deploying the analyzers. So what we actually provide as a solution set here at Cisco is kind of a hybrid of these two solutions. Courtesy of CWSI, or CiscoWorks for Switched Internetworks solution, and our SwitchProbe devices, we provide a very powerful, robust solution for proactively monitoring your WAN utilization in your network. Our SwitchProbes are dedicated hardware devices that reside in the network. They comply with the RMON specifications, the Remote Monitoring specification, and they eavesdrop and diagnose the performance of your networks and look at statistics on those network links. Our SwitchProbes support both LAN technologies and WAN technologies, so you can use SwitchProbes for Ethernet and Token Ring. You can also use them for frame relay or WAN links. These probes, in the case of a WAN link, these probes gather statistics on the WAN link and they tell you information about your DLCIs, your data link connection identifier, and your committed information rate. They can verify if you are meeting or exceeding your CIR, and they can pinpoint what applications or what protocols are running across that link. So you can set up detailed analysis on per-PV - per-PVC basis, excuse me, across that wide area link. You can do this on a realtime basis or you can also save this information and analyze it on a long-term basis. This helps you for doing baselining and trending for future forecasting within your network environment. And, of course, through thresholding what you can do is set up specific thresholds to verify if you've exceeded a specific rate, a packet rate, or specific protocol usage on a network link and that is very beneficial because it proactively alerts the user, or the IS staff, to problems within that WAN environment. These are very powerful tools. With the CWSI and SwitchProbe solution the benefit to the end user is that you have the same user interface, same consistent capabilities across the LAN as you do with the WAN, so there's no new products to learn. You can use the same product to analyze your LAN performance as well as your WAN performance. So it's a very powerful product for pinpointing WAN bottlenecks and for identifying any congestion problems within your WAN. So in general that concludes our scenarios. To review, we talked about really five scenarios. We talked about the network inventory. We talked about Year 2000 compliancy. We discussed software distribution, tracking end-user stations on your network, configuring and monitoring ATM networks, and last, but not least, monitoring your WAN links within your network environment. Now let's talk about some of the solutions that we discussed in those scenarios. I'm going to break down this presentation really into two areas. Let's talk about agents and applications. From an agent perspective what I'm referring to is basically embedded software inside our devices. We call that here at Cisco the Cisco IOS. Our Cisco IOS provides powerful embedded management capabilities inside our devices. And one thing you'll notice is Cisco doesn't go out there and advertise a super agent or a powerful SNMP agent. We don't advertise or market that information in that manner. What we do is say, "Here's the Cisco IOS. The Cisco IOS has a wealth of capabilities that provide very valuable services to you as a customer and part of those services, of course, are manageability." In the case of the IOS we support the standards - SNMP, the Simple Network Management Protocol, RMON, the Remote Monitoring specification, various MIBs. We support some interesting technologies such as NetFlow, a very powerful technology that we introduced last year. We support, of course, security and diagnostic capabilities. From a device standpoint you'll find out there's some commonality amongst our switches, our routers, and our SwitchProbes. Our switches and routers and SwitchProbes all speak SNMP. They all speak RMON. You can all access - you can configure and access all these devices quite easily. With the SwitchProbe example, however, you find out that it's a dedicated management tool. Its purpose is for management, where switches and routers, of course, are designed for connecting users and sharing information. SwitchProbes are dedicated management devices that eavesdrop on the network, and they specifically are used in conjunction with their network management applications. Now regarding some of the standards I just mentioned - SNMP, RMON, RMON2, and so forth - Cisco, of course, adheres to those standards. We use industry standards and we are on many standards committees. One thing that a lot of people criticize us on is the use of proprietary technology and the benefit to the end user, of course, is we're providing solutions that ease the administration and management of your network courtesy of these supposed proprietary capabilities. These Cisco extensions provide a lot of value to our customers and customers want these solutions today. That's why you'll find out that Cisco is always ahead of the pack and always delivering these solutions on a very timely basis, and we also affect the development of standardizing these technologies. For example, some of the Cisco extensions here that are becoming standards - ISL. ISL stands for Interswitch Link and that is used for trunking VLANs and for sharing VLAN information amongst devices in the network - between switches and routers, switches and switches, and even servers. A new standard is coming out in the marketplace called the 802.1Q specification and a lot of that technology is based upon input from ISL, from our ISL specifications. CDP is another very powerful and very relevant Cisco extension. It stands for Cisco Discovery Protocol and that technology basically allows us to identify neighbor information in the network. So a router is connected to another router, and this router is connected to a switch, and so forth and so on. It's a Layer 2 protocol. It allows us to gather neighbor information on the network and we use that for our discovery mechanism within CWSI and with many of our - and other applications. VTP stands for Virtual Trunking Protocol and that is an automated method for advertising VLAN presence on the network. So if you make changes to a specific VLAN it will be recognized across various switches in your network environment as opposed to going to each switch one-by-one. Very powerful, automated VLAN capability. And last, but not least, VQP stands for Virtual Query Protocol. Excuse me. Earlier in the presentation during the user tracking scenario I talked about VMPS, Virtual Membership Policy Server, and what that is is basically the capability with - the software inside our switches to automatically assign users to specific VLANs as they plug into the network. Well, VQP basically works in conjunction with VMPS and basically says, "This user just plugged into me. I want to let you know about that." And we send the VQP information amongst various switches within the network environment. So, it is a very powerful capability for supporting dynamic network environments. So all in all, our enhanced agent technologies are comprised of industry standards and they're comprised of Cisco extensions. Collectively this provides a benefit to you, the end user, so you can manage your devices easily and quite simply. Now let's talk about the applications that we use to manage our network environment. We just spoke about some of the network agents that are embedded inside our devices. Now let's talk about the applications that we use to manage those agents. In this case the campus management applications that we discussed in today's scenarios were really two applications. We discussed CiscoWorks for Switched Internetworks, or CWSI, and we also discussed Cisco Resource Manager, CRM. CWSI is actually a product that is dedicated for managing Catalyst and LightStream switch environments. It's based on Windows NT and supports UNIX operating systems. It is actually a complement to our CiscoWorks and CRM products. It has grown over the years from a workgroup management solution to an enterprise-class management solution. CWSI can run as a standalone application suite or can run also as an integrated part of a network management system. For example, we integrate with leading network management systems like HP OpenView. We also integrate with solutions such as SunNet Manager and NetView AIX. Cisco Resource Manager complements CWSI. Cisco Resource Manager is a network administration tool that is perfect for switched and router environments. It provides several capabilities that allow you to easily track inventory, to distribute software, and so forth within your network environment. And it also runs on popular network operating systems. It runs on Windows NT, it runs on UNIX, various flavors of UNIX, and it's also Web-based. We announced CRM last year. It's actually our first step towards a Web-based direction for our products and it is completely Web-based, where you have a backend server that does a lot of processing and then from a Web browser you can manage and control your network appropriately. CRM is also sold as a standalone solution and it can also integrate with management systems. And as I mentioned earlier in one of the scenarios CRM actually imports data from a network management system so you can gather information in more detail about your network inventory and you can run such things as software distribution processes. Currently right now we're running a promotion where CRM is bundled with CiscoWorks for Switched Internetworks. So when you buy the CiscoWorks for Switched Internetworks package, when you buy CWSI, you actually get CRM included inside the box. So it's bundled together and collectively they do share some resources. So as an end user the benefit to you is that you have a very powerful switch solution with a topology display and mechanism for managing your ATM networks and for tracking your LAN utilization and WAN utilization and also you have a very powerful solution for tracking and distributing network inventory and software. So let's talk about each one of those in a little bit more detail. CWSI, as I mentioned before, is very switched-focused. It works with our LAN switches, our Catalyst switches, and it also, of course, supports our ATM LightStream switches. The product has grown significantly over the past few years and now actually can support hundreds of network devices. We've created this because of a lot of demand from our customer base basically saying we have several hundred switches in our network environment and we need you to manage that information and track it appropriately. Within CWSI we also provide device management, very powerful device management, so that you can configure and monitor devices on a device-by-device basis across your network. From a network-wide perspective we also allow you to configure VLANs and monitor them across the network. And I mentioned this before in a scenario, of course, we have integrated ATM management. So you can track your virtual circuit usage, you can also track, for example, your LANE services using the CWSI suite of applications. Network analysis and monitoring - this also relates to one of the scenarios that I discussed earlier in the presentation where you can verify your utilization of various links or segments within your network. And end-station tracking and authentication - this is the user tracking application that I mentioned earlier so you can identify and track your end users across your network environment. And of course, CWSI being a very powerful tool also includes network diagnostic capabilities for tracking abnormalities and problems within your network environment and letting you easily identify, or I should say pinpoint, where those problems are occurring within your network. Now the complement to that, of course, as I mentioned before, is CRM. Cisco Resource Manager is actually a suite of four applications. CRM includes an inventory management capability that allows you to track your network inventory on Cisco and MIB II devices. It also generates reports based upon that inventory information and can verify if any of that inventory changed since the last discovery process. It also includes a software distribution capability so that you can distribute software images to your routers and switches and you can do that through a very easy-to-follow wizard process. We also check and verify the hardware status prior to the downloads, so that you don't end up dumping software that is inappropriately loaded on - excuse me, that is downloaded to a device that cannot handle that software image - for example, as I mentioned before, you try and download an IOS image to a router that requires 8 meg when you only have 4 meg on the device. We do the prerequisite checking for you. We can also schedule these downloads at various times and you can choose to download specific devices in one class or in a specific region, depending on whatever is appropriate for your network environment. We also provide availability management, and we have an availability manager within CRM that allows you to verify the connectivity status of a device on the network and also verify the response time to that device. So if you have critical devices in your network, very easily you can track that information through CRM. And last, but not least, CRM includes Syslog analysis, so you can track Syslog error messages from your routers and switches within CRM and you can categorize them and break them down by severity and by device type and even by alert type. So collectively CRM is a very powerful switch and router management solution. It's all Web-based, as I mentioned before, and it provides the capability to manage your network from various locations in your environment because of this Web technology. You can manage your network from a Web browser. So, where do these products reside? These products actually are very key to Cisco's Assured Network Services management strategy. Assured Network Services is actually comprised of several components. In general we have your network infrastructure, so as I mentioned earlier in the presentation, we have network agent technologies, the embedded technology inside our devices. We also have, of course, the devices themselves, and we have network management applications. Collectively these things make up your network infrastructure. What we're seeing is a push towards not only just device management but network-wide management and also moving that up towards policy- or service-level management. We just recently made an announcement for CiscoAssure Policy. That initiative basically is looking at the network from a different perspective and creating policies relating to QoS, relating to accessibility and various metrics that you can set up within your network environment. We are moving towards that direction and at the same time we're following from a development standpoint a move towards Web-based architectures. CRM is Web-based right now. CWSI today actually includes some Java code. What you're going to see is actually a merge of these technologies and have them evolve into a completely Web-based architected solution. So rather than having the standard solutions that we have today that run on one simple console, we're going to evolve to a solution that can run off a Web browser so you can manage and configure your network from various locations in your network quite easily. It provides some mobility and some freedom for your network management staff. And last, but not least, the third key point of our Assured Network Services strategy is basically the integrated service support. Cisco has world-class support services that are, bar none, the best in the industry. In some cases we're linking to them right now and taking advantage of them within our network management applications. CRM links into CCO. As I mentioned earlier in our scenario where we went through a network software distribution - excuse me, we actually went up to specific pages within CCO and pulled that software down so can download it to devices in our network. CCO also allows us to check the Year 2000 compliancy of devices within our network. Right now CRM is automatically linked into those services within the network and provides a very efficient way for supporting devices in your network. You're going to see that support increase and evolve even more so in the future. In fact you're going to see a couple of snap-in modules inside architecture that will allow you to work with our TAC, our Technical Assistance Center, even on a better and a more effective basis. We are releasing a case management application that snaps into our architecture that allows you to easily provide information gathered off your network and send it to the TAC prior to having them look at your problem. So I've been calling them up and saying I have difficulties with my network. You can simply just send this information to them over the Internet and it provides a wealth of information that was gathered courtesy of CRM and they can look at this information and easily get to the problem at hand. So in general Assured Network Services involves the management applications and agents we have in our network infrastructure. The evolution of these applications towards policy-based initiatives and also towards a Web-based initiative, or I should say Web-based solutions, and linking those applications and those agents into the service and support we provide within our organization. Now let's talk about where we're going in the short term. Assured Network Services, as I mentioned before, deals with the evolution of our products. Right now the solutions that I talked about are CWSI and CRM, and those are separate applications. Although we do bundle them together, they are by all means separate applications. As we move towards the future, later on this year you'll actually see those products becoming more and more integrated and existing on a common Web-based framework. So you're going to CRM, CWSI, CiscoWorks and some other applications merge together into a common foundation. The benefit is that you will no longer have to buy separate applications for router management and for switch management, you will have one very powerful comprehensive suite of management applications that are Web-based that will help you do your job on a daily basis. So Assured Network Services is - has several key points and what we're doing in a short term to support that initiative is integrate our products and Webify them, if you will. So let's wrap up what we spoke about today. In general we have some very powerful network management solutions that are appropriate for campus network environments. We have very powerful embedded software inside our devices that allow you to manage and administer those devices, and we provide applications that allow you to manage and administer your network collectively from a central location. We spoke about CRM, Cisco Resource Manager - Monitor. That's a very easy to use Web-based solution. It allows you to manage your network routers and switches quite effectively. We also spoke about CWSI, CiscoWorks for Switched Internetworks, which is a very powerful suite of applications designed for managing your Catalyst and your ATM switches throughout your network. CWSI also has some Java Web technologies. You'll see these products merge together in the future. The benefit of these solutions is that they simplify and expedite the deployment and operation of Cisco networks. They help you manage your network more effectively. They save you time and they save you money. And these products are actually very key to our Assured Networks Services strategy. This strategy basically involves integrating these solutions, even more so than they are today. Webifying these solutions and evolving to support more of a policy-based initiative. And of course, last but not least, integrating more tightly with our service and support provided through CCO. So we have very powerful solutions, these solutions are evolving, and these solutions today can help you solve your common network management problems. Now before I close what I'd like to do is actually at least point you to more information. While you're here at Networkers I suggest you check out some of these presentations. We have some on enterprise accounting. I didn't even talk about the accounting capabilities we can go into with our solutions. You can check out that presentation. You can also check out more of an architecture presentation by John McCormick. It's called Designing Web-based Network Management. And last, but not least, there is a policy implementation and management presentation that I would suggest that you visit. If you ever need information on network management by all means please refer to CCO. We have a wealth of up-to-date information on there - general information on the enterprise network management solutions, and of course, we have information on our products and even our partner solutions that we integrate with. So if you want more information on what we can provide and how we provide that for you, because we do have some nice specs on the Web, please by all means refer to these URLs that I've listed here on this slide. That's all for today. My name is Greg Mayfield and I thank you for your time and your patience and I appreciate you coming to Networkers. Please enjoy your visit. Thank you. </BODY> </HTML>