With the help of today's advanced smart enterprise networks, enterprises can effectively deploy e-commerce and other applications, thus realizing the optimized combination of labor and the globalization of business. These powerful networks can connect many remote sites, branch offices, mobile employees, partners and customers to provide services for thousands of users. However, there is still a problem that all networks are increasingly threatened by the increasing number of security risks on Enterprise campus networks and the Internet. In addition, the increasing demand for e-commerce applications and the concentration of services in the public domain also increase the danger of traffic passing through the network. In the possible places, traffic needs to be encrypted.
Cisco Catalyst®The solution provided by the 6500 series switches can prevent the network from being compromised by security risks from campus networks and public networks.
|
Figure 1 using the Cisco Catalyst 6500 series in the enterprise Campus Network Comprehensive Network Security |
New Smart Security Services developed for enterprise Campus Networks
Due to the increasing harm of network security issues, the coverage is getting wider and wider, and it is more and more easy to deploy in the enterprise campus network, so the network integrity is threatened more and more. As a result, almost all organizations need to use appropriate security technologies to protect their IT investment and corporate reputation from impact. To supplement the shortcomings of existing software security products, the Cisco Catalyst 6500 switch integrates a set of Advanced Security Modules to further enhance network security.
The new Cisco advanced security module includes the Firewall Service Module FWSM, Secure Sockets Layer SSL, IP Security Virtual Private Network IPSec VPN) service module and network analysis module NAM ). The customer will be able to deploy comprehensive security on the vswitch without separately managing different devices and then connecting them to the basic infrastructure. Therefore, this method can greatly improve the performance, manageability, and cost-effectiveness of the entire system.
Cisco Security service module designed for Catalyst 6500
The Cisco IPSec VPN service module is a high-speed module designed for Cisco Catalyst 6500 switches and Cisco 7600 Internet Routers. It can provide infrastructure-integrated IPSec VPN services and not only provide strong connections, you can also increase the bandwidth.
The Cisco Firewall Service Module FWSM is installed in Cisco Catalyst 6500 series switches. It is not only applicable to the edge distribution layer of the data center and external network, but also to the network management layer. Cisco Catalyst 6500 is the preferred IP Service Switch for customers who require firewall, intrusion detection, virtual private network, and multi-layer LAN, WAN, and MAN switching.
Cisco FWSM is the most performing firewall solution in the industry. the throughput of each module can be expanded to more than 5 GB. With multiple modules, the bandwidth can be up to 20 GB. FWSM fully supports VLAN, provides dynamic routing, and can be fully integrated into Cisco Catalyst 6500 series switches. Based on Cisco PIXTM Firewall technology, FWSM provides the same security and reliability as the award-winning Cisco PIXTM security device series. FWSM uses a network processor technology that enhances the features of software downloads to maximize future needs and features.
Main features include:
Scalability: it can generate multiple security domains protected by State firewalls with the highest performance in the industry, so as to eliminate more and more security threats from the enterprise campus network. Each FWSM module provides 5 GB throughput. If multiple modules are installed, the total bandwidth of each chassis can be expanded to 20 GB.
Reliability-Based on Cisco PIX technology, FWSM uses the same time-tested Cisco PIX operating system, a secure hardened real-time operating system. FWSM provides high performance and high security on a single platform with a practical Cisco PIX group check mechanism. In addition, it can provide LAN-based fault recovery in an active/pending FWSM environment.
Easy to use-FWSM users are very familiar with the practical Cisco PIX management interface to maintain security and the independence of the network management interface. Cisco management framework and Cisco AVVID integrated video, video, and data architecture) partners support FWSM configuration and monitoring.
The Cisco Secure Sockets Layer SSL service module designed for the Cisco Catalyst 6500 series is ideal for deployment in data centers. It improves the performance and security of Web applications and provides integrated and Secure Content Networking, and ensures optimal customer experience. Because it can uninstall processor-intensive tasks related to the use of SSL protocol to protect traffic, it can increase the number of secure connections supported by Web sites.
If SSL is integrated with the Cisco Content exchange module CSM, it can accelerate Encrypted and unencrypted traffic while detaching resource-intensive functions from the Web server, this provides a high-performance, scalable, and Secure Server Load balancer solution.
The new high-performance Cisco network analysis module NAM-2) is very suitable for data centers, enterprise edge, distribution layer, can also be used as a key service access layer of the network, to provide application-level visibility for the network, real-time traffic analysis, performance monitoring, and troubleshooting are implemented in a gigabit environment.
These service modules are integrated into Cisco Catalyst 6500 series switches. If they can be deployed at the recommended network layer and used together with the software security products of the Cisco Catalyst 6500 switch, it can effectively prevent the internal network from being attacked by illegal devices and users, and protect the network from external security risks. Cisco Catalyst 6500 series switches provide comprehensive security solutions for enterprise campus networks.
Related Articles]
- Connection method between Cisco switches
- Accelerate the cisco switch initialization process
- Cisco switch configuration