Documente Academic
Documente Profesional
Documente Cultură
m
a
g
a
z
i
n
e
(
V
o
l
u
m
e
1
3
,
N
o
.
2
)
,
c
o
p
y
r
i
g
h
t
2
0
0
1
b
y
C
i
s
c
o
S
y
s
t
e
m
s
,
I
n
c
.
A
l
l
r
i
g
h
t
s
r
e
s
e
r
v
e
d
.
CovFinal.tx 4/24/01 08:20 AM Page 1
W
vico:v )o )nv first
from the editor column
from the second editor-in-
chief in Packets 13- year
history. I took the reins last issue from my
esteemed predecessor, Joanna Holmes. An
overwhelming number of you are new to
Packet too. Over the last 18 months,
Packets reader ranks swelled from 20,000
to more than 110,000 subscribers!
So, welcome to your magazine. Our
mission is to help you get the most from
your Cisco investment and take better
advantage of todays Internet technologies.
Cisco is a heavy user of its own Internet
technology, always with a mind toward
increasing productivit y and reducing
operation costs. I thought you might be
interested to hear how we at Packet take
advantage of some of that technology.
I live and work in Portland, a small,
seaside city in southern Maine. Our edi-
torial staff is in San Jose, California. Our
printing vendor is in Los Angeles. And we
have writers spread out from Florida to
Fiji (no kidding).
I have an IP phone in San Jose, which
is set to forward calls seamlessly to my
phone in Portland or my cell phone when
Im on the road. A Web-based application
makes managing these features a snap.
For data, I use a cable modem and self-
managed virtual private network software
that I downloaded from Ciscos intranet. It
provides me with Triple DES secure access
to my e-mail account and Ciscos intranet.
Because I still do a bit of traveling on busi-
ness, I use a free Web-based fax service
that redirects faxes to my e-mail inbox.
That way, I can receive faxes no matter
where I go.
Telecommuting is just coming into
vogue thanks to todays Internet technol-
ogy. Just imagine what well be able to do
when IP-based services travel at the speed
of light on IP+Optical networks. Forget
about that costly business trip; send your
hologram instead! Lectures and classes
seen today by a limited few could be vir-
tuallyattended by an entire generation of
the worlds population.
The magazine youre holding in your
hand may one day contain articles that
pertain only to you, uploaded to your elec-
tronic book, complete with video supple-
ments and animated diagrams. Or perhaps
youll print and bind your personalized
issue on the same device your children use
to get the latest edition of Harry Potter
they purchase online.
With virtually unlimited bandwidth
delivering IP services, IP+Optical net-
works will indeed change the way we
work, live, play, and learn. So, welcome.
Welcome to the future.
f r om t he e di t or
Welcome to the Future
P~cxv) :~c~zixv
D~viu B~ii
E DI TOR- I N- C HI E F
Micn~vi H~xxvv)
P UB L I S HE R
Jvxxivvv Rvuovi~x
MANAGI NG E DI TOR
R~vv Bvowx
S E NI OR E DI TOR
Jo~xiv Wvxivv, G~ii Mvvvui)n
CONT R I B UT I NG E DI TOR S
G~vy McC~vi))
C R E AT I VE DI R E C TOR
Biii Li))vii
P RODUC T I ON COOR DI NATOR
E:iiy Buvcn
DE S I GNE R
Eiivx Anno))
DI AGR AM I L L UST R ATOR
R.J. S:i)n
Suxsv) Cus)o: Puniisnixc
P ROJ E C T COOR DI NATOR
Micnviv Gvvv~is, L~viss~ Lixx,
M~vx Ry~x, Nov:~ Tvxxis
Suxsv) Cus)o: Puniisnixc
P RODUC T I ON
Cvcvii~ Giovvv
C I RC UL AT I ON MANAGE R
S~v~n Bv~vvv
ONL I NE E DI TOR
Sus~x Bov)ox
COP Y E DI TOR
Melissa McGill
COVE R I L L UST R AT I ON
S P E C I AL T HANKS TO T HE F OL L OWI NG
CONT R I B UTOR S : Jvxxivvv B~vvivv, D~viu B~u:,
D~viu B~vvy, J~xicv Kixc, Gvxv Kx~uvv,
Rvxvv L~B~vcv, Tv~cvy Lvwis, Rnoxu~ R~iuvv,
P~)vicv S)vixvv, Lvv Sus)~v
ADVE RT I S I NG I NF OR MAT I ON:
Kvis)vx Bvvc:~x, 408 525-2542
kbergman@cisco.com
View Packet magazine at cisco.com/go/packet.
P UB L I S HE R I NF OR MAT I ON:
Packet magazine is published quarterly by Cisco
Systems and distributed free of charge to users of
Cisco products.
Direct address corrections and other correspondence to
packet@cisco.com or to Packet in care of:
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California, 95134-1706
USA
Phone: 408 526-4000
CCIE, CCNP, IGX, IP/TV, MGX, Packet, and PIX are trademarks,
and Aironet, BPX, Catalyst, Cisco IOS, the Cisco Powered Network
logo, the Cisco Systems logo, IOS, and LightStream are registered
trademarks of Cisco Systems, Inc., in the USA and certain other
countries. All other trademarks mentioned in this publication are the
property of their respective owners.
Packet, copyright 2001 by Cisco Systems, Inc. All rights reserved.
Printed in the USA.
No part of this publication may be reproduced in any form, or by any
means, without prior written permission from Cisco Systems, Inc.
This publication is distributed on an as-isbasis, without warranty of
any kind either express or implied, including but not limited to the
implied warranties of merchantability, fitness for a particular purpose,
or noninfringement. This publication could contain technical inaccu-
racies or typographical errors. Later issues may modify or update
information provided in this issue. Neither the publisher nor any con-
tributor shall have any liability to any person for any loss or damage
caused directly or indirectly by the information contained herein.
This magazine is printed on recycled paper.
10%
TOTAL RECOVERED FIBER
D~viu A. B~ii
Editor-in-chief, Packet
SECOND QUARTER 2001 PACKET 1
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
01A_Editor.txxp 4/24/01 06:39 AM Page 1
Deeply Indebted
This is just a note to let you know how
much I enjoyed the First Quarter 2001 issue
of Packet. I found the article on HomeSide
Lending [End-to-End Confidence, page
78] very interesting because I have my
home mortgage with HomeSide. It was
great to learn more about the company
that gets so much money from me every
month.
Your magazine covers network design
options and gives me great ideas on how
to improve existing networks. Please keep
me on the list to receive your magazine
for as long as you can.
Eric Umphress, Lockheed Martin Corporation
eric.w.umphress@cummins.com
Tutorials Please
Congratulations on a very professional
magazine. I like its format, look, and
feel. If you are thinking about some new
features, I would like to see short tutori-
als. The list of tutorial topics is endless,
but some of my suggestions are how to
lock down your router, how do I know
my switch is working well?, and what
is IPv6? As an IT manager, I often dont
have the time to read books and attend
courses, so a mini course would be very
nice.
Rich Lisanti, US Army Research Development
Acquisition Information Systems Activity
rich.lisanti@rdaisa.army.mil
Seamless Roaming
I am greatly impressed by what I read
about the Cisco Aironet 350 in your
Packet Online weekly update [The Cisco
Aironet 350 Series Access Point for
Wireless LANs]. However, I still want to
find out how communication occurs
between the two access points.
Ifiok Moses, BT Limited, Nigeria
ifiok@btlimited.com
Following is a response from Lorie Jurkovich,
manager of marketing communications in
the Wireless Networking Business Unit at
Cisco. Eds.
Regarding communication between the two
access points, there are two areas to under-
stand: roaming and load balancing. As a
client roams across the wireless network, it
must establish and maintain an association
with an Aironet access point.
To ensure seamless roaming:
s
The client sends out a request for association
and immediately receives a response from
all access points within its coverage area.
s
The client decides which access point to
associate with based on signal quality,
strength, the number of users associated,
and the required number of hops to reach
the backbone.
s
After an association is established, the
clients Media Access Control (MAC) address
drops into the table of the selected access
point. If the client encounters difficulty, it
will roam for another access point. If no
other access point is available, the client
will lower its data transmission rate and try
to maintain connection.
s
After the client roams to another access
point, its MAC address drops into the table
of the new access point, which sends a
broadcast message basically stating that it
received MAC address X.
s
The original access point forwards any
data it had for the client to the other
access point, which responds by sending
the same to the client.
Load balancing is managed by maintaining
a constant flow of information between
the access points, client, and network.
Beacons and probe responses from the Cisco
Aironet access points contain additional
information, including the following:
s
The load that the access point is currently
handling
s
Number of hops from the backbone
s
Device type and name
s
Number of associated clients
s
Radio type
For current and archived Packet Online
weekly updates, visit the URL cisco.com/warp/
public/784/packet/weeklyupdate.html.
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 3
Mail
We welcome your comments and questions. Reach us through
e-mail at packet-editors@cisco.com. Be sure to include your name,
company affiliation, and e-mail address. Letters may be edited for
clarity and length.
Note: The Packet editorial staff cannot provide help-desk services.
SEND YOUR COMMENTS TO PACKET
Instant Internet
Mobilizing the
Corporate Troop
IPsec or MPLS?
Why Service Providers
Should Use Both
DSL Lockdown
Securing Always-
On Access
Security in the
21st Century
Balancing Access and
Security in the Internet Age
CI SCO SYSTEMS USERS MAGAZI NE FI RST QUARTER 2001
ci sco.com/ go/ packet
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
03_mail.tp 4/24/01 06:37 AM Page 3
User Connection
C
oxsi uvv )nvsv s)~)i s)ics:
Approximately 90 percent of
all Cisco customer orders come
over the Internet through the
Cisco.com Web site. Roughly 80 percent of
customer support is handled via this site.
Ten million pages of content and data
presently make up Cisco.com. Needless to
say, managing one of the worlds busiest and
most informative Web sites is not without
its data flow and integration challenges.
Overcoming these challenges by making
it easier for Cisco customers and partners to
conduct business and find information on
Cisco.com is exactly what a team of business
and information technology (IT) experts at
Cisco is busily working on.
Employing an information architecture
called metadata framework (MDF) that
standardizes the way content is organized
and retrieved, the Cisco team is transform-
ing Cisco.com into a single-site architecture
that will link users directly to the information
and online tools relevant to their specific
needs. To ensure that Cisco.com addresses
the needs of all users, MDF is being devel-
oped with steady input from several sources
including Cisco subject matter experts and
Cisco partners and equipment users.
Our goal is to take Cisco.com from a
static system to a dynamic, customer-focused,
highly integrated system that makes it easier
for customers to manage their work and rela-
tionships with Cisco from a single interface,
says Mike Kirkwood, manager of the Internet
knowledge framework team at Cisco.
At its core, MDF is an information map
that manages and classifies data into standard
vocabularies and relationships. With MDF,
the Cisco.com Web site will be able to scale
quickly to keep up with burgeoning levels of
C
i s c o ~v v i u v xv vv s s ~x .
wheel t ruck feat uring hands- on
demonstrations of the latest Cisco con-
verged data, voice, and video technology
is rolling through cities across the US and
Canada. Cisco AVVID (Architecture for
Voice, Video and Integrated Data) is the
architecture that supports a variety of prod-
ucts and services that merge voice, video,
and data into a single network to provide
enterprises with greater productivity,
enhanced customer care, and reduced costs.
With the Cisco AVVID Express,
information technology managers can look
at, touch, and see Ciscos voice, video, and
data solutions firsthand,says Mike Kisch,
program manager for Cisco AVVID
Express. They can see for themselves what
Ciscos converged network solutions can do
for them.
In addition to hands-on converged net-
working demonstrations, Cisco AVVID
Express includes demos and literature on IP
telephony infrastructure for enterprise cam-
pus and branch offices; video solutions such
as IP/TV
)
instruction. An alternative to the
traditional six to eight weeks needed
to complete CCNP-recommended
courses, the accelerated boot camp
packs instruction for the same topics
and skills offered in the longer cur-
riculum into 12 grueling days.
The CCNP boot camp isnt
for the lighthearted, says Mike
Benson, an instructor with the US
Army Communications Electronics
Command (CECOM). Last October,
Benson organized a CCNP boot camp for
ten of his fellow CECOM networking
instructors at Fort Bragg in Fayetteville,
North Carolina.
Designed for information technology
(IT) professionals from all-sized businesses
and networking environments, the CCNP
boot camp offers lecture and hands-on labs
from 8 a.m. to approximately 7 p.m. for 12
consecutive days. Among the equipment in
the CCNP labs are Catalyst
) certification. The
CCNP boot camp runs about twice a month
and is currently held at Global Knowledge
education centers in Washington, DC;
Chicago, Illinois; Dallas, Texas; Raleigh,
North Carolina; Herndon, Virginia; Atlanta,
Georgia; Morristown, New Jersey; New York
City, New York; and San Jose and San
Francisco, California. Plans for CCNP boot
camps in Canada, Australia, the UK,
Germany, and France are under way with
other locations outside the US to follow.
Global Knowledge also runs five-day CCNA
boot camps about 18 times a month.
It s not an easy course of study, con-
cludes Rick Gregory, a Global Knowledge
training director. But there are enough
motivated, qualified people and companies
who appreciate the value of CCNP and
other Cisco Career Certifications to make
the boot camp a hot idea.
Are you fiercely mot ivat ed, a quick
st udy, and dont need a lot of sleep?
Find out more about t he CCNP
and CCNA boot camps at t he URL
am.globalknowledge.com.
Certification Reveille
Rigorous two-week boot camp is fast track to CCNP certification.
The CCNP boot camp isnt for
the lighthearted.
MI KE BENSON, I NSTRUCTOR WITH THE US ARMY
COMMUNI CATI ONS ELECTRONI CS COMMAND
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
03A_UserConn.txxp 4/24/01 09:07 AM Page 7
us e r c onne c t i on
S
i xcv )nv vxu ov 1999 wnvx
the Cisco Technical Assistance
Center (TAC) Web site launched,
a steadily increasing number of
information technology (IT) managers
from all-sized businesses have been using it
to resolve their low-priority network prob-
lems online.
According to findings from a recent sur-
vey conducted for Cisco by Walker
Information, five in ten customers surveyed
from 53 countries were able to completely or
mostly resolve their network problem them-
selves directly through the TAC Web site
without having to open a case via the TAC
Escalation Center. The online resolution
findings become more eye-opening consid-
ering that the number of dailyTAC sessions
averages upwards of 250,000.
Despite these solid results, however, the
technical content and breadth of knowledge
contained on the Cisco TAC Web site remains
to a large extent an untapped resource.
The goal of the TAC is to short-circuit
customersproblems as directly and quickly as
possible. And often the resolution is already
on the TAC Web site right at their fingertips,
but they just arent aware of it, says Sean
Iverson, marketing manager for the TAC. By
deploying more self-serve tools, were giving
customers direct access to the content needed
to resolve problems and improve network
performance faster themselves, wherever they
are in the world 24 hours a day.
In fact, much of the same information
and resources and many of the same systems
used by Cisco TAC engineers to support
customers worldwide over the phone are
available on the TAC Web site. In addition
to the more than 100 employees working for
the Cisco TAC Web team, 1200-plus Cisco
TAC engineers from the worldwide escala-
tion centers regularly contribute their
knowledge and expertise to support the
TAC Web site.
The technical content in our databases
and years of networking experience con-
tained in the Cisco engineers heads are
what make the online solution and trou-
bleshooting tools so valuable, stresses
Iverson. The tools wouldnt be useful with-
out the technical content to back them up.
Open a Case Online, Get Priority
The TAC Web site is designed to help Cisco
customers resolve lower-priority network
problems online instead of opening a case
by phone via the TAC Escalation Center.
If lower-priority problemsdefined by the
TAC as priority 3 and 4 casescant be
resolved online, you can still open a case on
the TAC Web site using the enhanced, inter-
active Case Open tool. And youre rewarded
for doing so. Priority 3 and 4 cases opened
online are now ensured a faster response from
the TAC than the same-priority cases opened
over the phone. (See sidebar for a summary
of the TAC priority levels.)
The Case Open tool has been enhanced
to not only diagnose technical issues but also
identify the online solutions available to
resolve your particular network problem
early in the case opening process. This new
auto-suggest functionality gives Cisco cus-
tomers the opportunity to resolve their pri-
ority 3 and 4 problems without delay. The
Case Open tool is available to all registered
users of Cisco.com with a valid Cisco service
contract and can be found at the URL
cisco.com/tac/caseopen.
Treasure Chest of Online Tools
A complete list of online TAC tools is
available to registered Cisco.com users at the
URL cisco.com/tac/tools. Included among
the many online tools and resources avail-
able on the Web site are the following:
s
Knowledge basesDetailed technical
solutions for the most frequently reported
networking problems worldwide; prod-
uct, technology, and solutions support
pages; an open question-and-answer
forum with responses from Cisco Certified
Internetwork Experts (CCIEs
).
s
ToolsCisco hardware and software
compatibility aids; software bug toolkit;
diagnostic troubleshooting assistance;
Cisco IOS
software feature-to-hardware
platform navigator; and more.
s
SoftwareDownloadable software and
firmware upgrades.
Additionally, in the past few months, the
TAC Web team has added a state-of-the-
art, interactive technical content search
tool; free TAC Web tools training; and IP
8 PACKET SECOND QUARTER 2001 CISCO SYSTEMS
Get the Most from the Cisco TAC
Self-Serve Cisco TAC Web site is first line of defense for tech support.
Continued on page 11
SEAN I VERSON
MARKETI NG MANAGER, CI SCO TAC
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
03A_UserConn.txxp 4/24/01 09:07 AM Page 8
us e r c onne c t i on
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 11
telephony network readiness assessment
and solution guide. For more on the latter,
see Cisco TAC Adds IP Telephony
Assessment Tool, Solution Guide,page 6.
Interactive Search Functionality
The new search tool shortens research ses-
sions by identifying relevant technical con-
tent in response to your queries. The
application also tracks the progress of
queries and allows you to add information
or start the session over. In the end, only
relevant documents are retrieved.
It s a great resource for quickly finding
information on such topics as booting or
starting up Cisco products; configuration,
installation, or upgrades for hardware,
firmware, or Cisco IOS software; connec-
tivity issues; network management appli-
cations; configuring new protocols on
products; locating information in the TAC
Web site knowledge bases; and much more.
The interactive search tool is available to
registered users of Cisco.com at the URL
cisco.com/kobayashi/support/kbase.shtml.
TAC Web Site Resource Training
The Cisco TAC Web Tools seminar is a free
Web-based program open to anyone who
wants to learn more about Cisco online
technical support resources. The seminar
provides training on how to use the online
technical resources of the TAC Web site
effectively to find critical information on
troubleshooting network issues, enhancing
networking skills, and designing and sup-
porting your network.
The one-hour online training presenta-
tion is accompanied by a live presenter on
the phone, who will answer questions about
the tools and content related to your specific
interests and network issues. Phone num-
bers outside the US are available. To view
training dates and register for the TAC
Web tools training seminar, visit the URL
cisco.evoke.com.
Cisco TAC, Continued from page 8
Cisco TAC Problem Priority Levels
Priority Level Problem Recommended Action
You need information on
Cisco product capabilities,
installation advice, or basic
product configuration data.
Your network performance is
degraded; network function-
ality is noticeably impaired,
but most business operations
continue.
Production network is severe-
ly degraded, impacting signif-
icant aspects of your business
operations.
Production network is down,
with the potential of causing
critical impact to business
operations if service is not
restored quickly.
Check out the extensive knowledge
bases (Top Issues, Product Support,
Technology Support, and Solutions
Support pages; Open Q&A Forum);
hardware and software compatibility
tools; troubleshooting assistant; soft-
ware bug toolkit; and other support
resources available at the TAC Web
site (cisco.com/tac).
If your problem isnt resolved, open
a case online using the Case Open
tool (cisco.com/tac/caseopen).
P4 and P3 cases opened online now
receive expedited handling over P4
and P3 cases opened by phone via the
TAC Escalation Center.
Contact the Cisco TAC Escalation
Center by phone and open a case
immediately. A directory of global
toll-free numbers is available at the
URL cisco.com/warp/public/687/
Directory/DirTAC.shtml.
Priority 4
(P4)
Priority 3
(P3)
Priority 2
(P2)
Priority 1
(P1)
w
w
w
w
C i s c o H e a d q u a r t e r s
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
USA
www.cisco.com
Tel: 408 526-4000, 800 553-NETS (6387)
Fax: 408 526-4100
European Headquarters
Cisco Systems Europe
11, Rue Camille Desmoulins
92782 Issy Les Moulineaux
Cedex 9
France
www-europe.cisco.com
Tel: 33 1 58 04 60 00
Fax: 33 1 58 04 61 00
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
USA
www.cisco.com
Tel: 408 526-7660
Fax: 408 527-0883
Asia Headquarters
Cisco Systems Australia Pty., Ltd.
Level 17, 99 Walker Street
North Sydney
NSW 2059 Australia
www.cisco.com
Tel: 61 2 8448 7100
Fax: 61 2 9957 4350
ExiO Acquisition
Enhances Ciscos
Wireless Technology
Cisco plans to acquire ExiO Communi-
cations, Inc., a leading developer of in-build-
ing wireless technologies for corporate
networks based on Code Division Multiple
Access (CDMA) technologies. The acquisi-
tion strengthens Ciscos commitment to
developing a fully converged network that
supports multiple wireless standards, includ-
ing CDMA and the Global System for
Mobile Communications (GSM) for inte-
grated voice and data services. In addition,
ExiOs wireless telephony solution builds on
Ciscos existing wireless technology that
enables enterprises to add the convenience of
mobility to voice-over-IP services.
ExiO has 38 employees in San Jose,
California, and Seoul, Korea. For more infor-
mation on Cisco acquisitions, visit the URL
cisco.com/warp/public/750/acquisition/.
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
03A_UserConn.txxp 4/24/01 09:07 AM Page 11
us e r c onne c t i on
IP Telephony Solution Guide
The new Cisco IP Telephony Solution
Guide provides an illustrative overview of
the full lifecycle of steps required to plan,
design, implement, and operate IP tele-
phony networks.
Detailed chapters help users assess the
readiness of their current networks for IP
telephony, understand different network
design models and their selection criteria,
analyze and troubleshoot IP telephony
network problems, and identify the opera-
tional support requirements of IP tele-
phony networks.
Totaling more than 350 pages, the com-
prehensive solution guide focuses on the
core components of an IP telephony net-
work including Cisco CallManager version
3.0, various Cisco gateways, and integration
with legacy telco networks.
The solution guide is available to all
registered and nonregistered users of
Cisco.com and can be found at the URL
cisco.com/tac/iptelsolguide.
12 PACKET SECOND QUARTER 2001 CISCO SYSTEMS
IP Telephony, Continued from page 6
information, integrating data from a multi-
tude of sources and dynamically generating
related links. Based on a users personal pro-
file, the new information architecture will also
enable Cisco.com to present an interface
and navigation structure specific to users
and provide users with personalized content
and integrated applications.
The rapid growth of Cisco.com in its
present static system has resulted in data
flow barriers that often produce multiple,
and sometimes irrelevant, information
results. For example, notes Kirkwood,
there are roughly 30 different ways to
search for the Catalyst
6500 switch on
Cisco.com, with about 56 different ways
for the system to identify this product. The
common vocabulary, applications, and
organization resulting from a standardized
MDF consolidate the varying information
and identifiersproducing relevant results
to user searches, sophisticated user navi-
gation capabilities, and a foundation for
personalization.
Additionally, MDF and a centralized pro-
file repository of user data, including prefer-
ences and entitlement information, will enable
personalized content viewed through an easy-
to-navigate user interface or single-view dash-
board. For instance, a search for the Catalyst
6500 might also yield content on related
technologies, networking solutions, training
information, and online tools for the 6500.
MDF and related data repositories are
key facets of the redesigned Cisco.com Web
site, which is slated to launch in the second
half of this year.
Cisco.com, Continued from page 5
Join the Ranks Who Get
Their Copy of Packet Instantly.
At Packet magazine, we have an important goal: to
offer you the best possible information for the growth
and health of your network and business success.
If you regularly read Packet Online, join the more
than 40,000 network professionals worldwide who
are notified by e-mail when each new issue of Packet
is published on Cisco.com.
All Cisco customers are eligible to receive this free
service. In addition to the technology stories, case
studies, and new-product information contained in
each paper issue, our Web version includes weekly
updates and Packet Online exclusives.
Register to be an electronic reader of Packet at the
URL www.ciscopacket.com/reader.shtml.
If you would like to receive additional information on
Cisco services and products by e-mail, send a request
to packet@external.cisco.com using the subject line:
Cisco Services and Products.
ci sco.com/ go/ packet
Our goal is to take Cisco.com from a
static system to a dynamic, customer-
focused, highly integrated system that
makes it easier for customers to man-
age their work and relationships with
Cisco from a single interface.
MI KE KI RKWOOD, MANAGER OF THE
CI SCO I NTERNET KNOWLEDGE FRAMEWORK TEAM
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
03A_UserConn.txxp 4/24/01 09:07 AM Page 12
Enterprise
S O L U T I O N S
C
o:vv )i )i vv vx)vvvvi s vs xvvu
networks that can streamline operations, man-
age supply chains, and extend connectivity to an
increasingly mobile work forceand the
Catalyst
firewall
provides perimeter security. As a voice-over-IP gateway,
the module supports toll bypass and H.323 version 2
voice gateway functions at the WAN edge. In IP tele-
phony mode, the module provides DSP-based voice
services for Cisco CallManager, including conferencing and
G.723.1, G.729a, and G.711 transcoding.
For example, network managers who deploy
inline power 10/ 100Base-
TX Ethernet switching
modules in a Catalyst 4000
chassis can position the
infrastructure for the addi-
tion of IP telephones.
Embedded intelligence
discriminates between IP
phones that require inline
power and devices that
dont. Inline power through
Ethernet connections to IP
phones eliminates the need
for power adapters and
uninterrupted power supply
(UPS) backup with each telephone set. The Catalyst
4000 family also allows for other Internet appliances to
be powered over the network.
Enhancing the Wiring Closet
In wiring closets, the Catalyst 4000 switches enhance
Layer 2 flexibility. Dual Gigabit Ethernet uplinks from
the supervisor engine support a high-availability sys-
tem architecture to the distribution layer, while
advanced Cisco IOS software features bring quality of
service (QoS), multicast, IP routing, and IP telephony
services closer to users.
By delivering Layer 3 switching, integrated WAN,
and advanced Cisco IOS software services including
QoS and security, the cost-effective Catalyst 4000
switches are a critical part of a scalable, highly available
network infrastructure that s ready to support emerg-
ing multiservice applications.
The Catalyst 4000 family is an important contrib-
utor in Ciscos efforts to provide more powerful prod-
uct solutions with high-end consistency and improved
ease-of-use simplicity,concludes Richardson.
For more information on the Catalyst 4000
family of switches, visit the URL cisco.com/ warp/
public/ cc/ pd/ si/ casi/ ca4000/ .
Enterprise
S O L U T I O N S
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 17
JOEL CONOVER,
SENI OR ANALYST FOR ENTERPRI SE I NFRASTRUCTURE,
CURRENT ANALYSI S
Catalyst 4000, Continued from page 15
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
04A_Enterprise.txp 4/24/01 08:18 AM Page 17
Enterprise
S O L U T I O N S
20 PACKET SECOND QUARTER 2001 CISCO SYSTEMS
T
nv uxi)vu s)~)vs vos)~i svvvicv
Office of Inspector General (OIG) was cre-
ated by the US Congress in late 1996 to
investigate and eradicate waste, fraud, and
abuse in the US postal system. From a communica-
tions network perspective, this relatively young
watchdog government agency faced a formidable
challenge: At any given time, OIG employees work
from 15 offices across the US, and theyre constantly
on the move. The widely dispersed OIG sites cur-
rently have about 700 staff members. In addition,
because of the sensitive nature of the OIGs work,
secure communication was a big consideration in
choosing a networking platform for carrying all
types of traffic.
The OIGheaded by Inspector General Karla W.
Corcoranknew that an integrated IP network that
transported data, voice, and video was critical for max-
imum flexibility and control over cost, management,
and security when conducting audits and investiga-
tions. Corcoran also saw an integrated IP network as
a way to achieve flexibility both in terms of user access
capabilities and in giving the agency the agility to
quickly perform new installations and upgrades. For
example, the IP network offers mobile workers the
flexibility to connect to important agency information
via their intranet from wherever their assignments
take them. The OIG can handle telephony system
moves, adds, and changes with existing information
technology (IT) staff rather than having to outsource
these functions.
Voice over IP gives us a standards-based platform
for communication and the flexibility to enable our
workers to take their phones with them. They can plug
them in anywhere on the network and gain access to
Web-based data applications no matter where they are,
explains Robert Duffy, OIG telecommunications man-
ager. Since our workforce is on the road about 40 per-
cent of the time, that was important to us.
Similarly, unlike traditional circuit-based private-
branch exchanges (PBXs) and key systems, an IP tele-
phony system routes telephone calls directly to users
wherever they are. It s like follow-me roaming,
notes Duffy, and that s the service we need to deliver
to our workforce. An IP-based system also gives us a
uniform platform to process and store all of our voice
communication just as if it was a data packet.Finally,
having to manage a single network with a consistent
security policy and encryption appealed to the agency,
Duffy adds.
Converged Network Benefits
In October 1999, the OIG began designing and
implementing a Frame Relay-based WAN for its exist-
ing and future field offices based on services from Cisco
Powered Network provider WorldCom, Inc. As the
agencys growth revved up, the benefits of converged
servicesincluding cost savings, advancements in
voice technology, and ease of installationbecame
increasingly appealing.
Instead of wiring for two networks, voice and data,
we only had to wire a single network in field sites,says
OIG Wan Manager James Campbell. The WAN was
designed from the start to support future technologies.
We deployed T1 circuits to field locations, with a DS3
circuit deployed in our Arlington, Virginia, headquar-
ters to funnel traffic.
Future plans include moving the network from
point-to-point permanent virtual circuits (PVCs) to a
multipoint PVC architecture for additional redundancy.
The OIG planned for this capacity in anticipation of
adding first voice, then video, traffic to the network,
explains David Sidransky, OIG director of IT.
In May 2000, the OIG adopted H.323 as a voice-
over-IP (VoIP) standard, feeling confident that IP
standards for voice traffic compression technologies
had solidified. The OIG also began a 90-day trial
between its Arlington headquarters and Atlanta,
Georgia, offices during peak activity periods. The
setup included Cisco CallManager 3.02 management
software for IP telephony; a mix of Cisco 7910 and
7960 IP phones; a Cisco uOne unified messaging sys-
Postal Inspector General Stamps
Out Network Inefficiency
US government agency integrates data, voice, and video to slash
telecommunications costs by 40 percent and gain tight security.
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
04B_Enterprise.txp 4/24/01 06:46 AM Page 20
tem; and Cisco 2600 and 3600 multiservice WAN
routers. The Cisco routers support packetized voice
and associated compression, echo-cancellation, and
quality-of-service (QoS) technologies (see figure).
The Cisco CallManager server software and IP tele-
phones are components of the Cisco Architecture for
Voice, Video and Integrated Data (AVVID).
The Arlington-to-Atlanta Frame Relay PVC runs
at a 768-kbps committed information rate (CIR) that s
burstable to full T1 (1.5-Mbps) capacity. Packet voice
was added to the IP flows and was tested using
International Telecommunications Union (ITU)-T
G.711 algorithm for devices and signaling encoding for
64-kbps conversations to see what would happen in
terms of network congestion and voice quality degra-
dation. The trial revealed that nine 64-kbps simulta-
neous phone calls could be conducted. At the onset of
the tenth call, that call defaulted back to the public
switched telephone network (PSTN).
Long-distance calls are first routed through the
WAN back to local access (a Primary Rate Interface,
or PRI, circuit) in Arlington. If WAN traffic exceeds
CIR (estimated nine calls), traffic is routed through
a local-access circuit, explains Campbell. For redun-
dancy, in the event of WAN or PRI circuit failure,
H.323-compliant Cisco VG200 voice gateways are
deployed using foreign exchange station (FXS) and
foreign exchange office (FXO) modules to provide
access to the PSTN via POTS lines using Media
Gateway Control Protocol (MGCP) and H.323.
To get more bang for its buck, the OIG plans to
implement ITU-T G.729 compression, which further
squeezes voice traffic to 8-kbps streams and increases
network efficiency and flexibility, says Duffy.
Early on in the testing, the OIG experienced
some problems with echo on the IP calls, but says this
has been rectified with the advent of more sophisti-
cated echo- cancellation techniques, including
increased use of QoS to achieve optimal voice traffic
prioritization and packet fragmentation for proper call
quality. Duffy says he considered it a major accom-
plishment when non-IT users were tested making
PSTN and VoIP telephone calls and didnt notice a
difference in voice qualitya condition, he notes, that
is status quo today.
Enterprise
S O L U T I O N S
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 21
DIAL E FOR
EFFICIENCY: OIG
Telecommunications
Manager Robert Duffy
(left) and Director of
Information Technology
David Sidransky were
part of a team who
have added IP voice
to their data WAN to
garner the cost and
control benefits
afforded by a single,
converged network.
Continued on page 23
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
04B_Enterprise.txp 4/24/01 06:46 AM Page 21
QoS Considerations
The OIG currently has eight production VoIP sites and
plans to expand to 20. Six Cisco CallManager systems
and more than 300 Cisco IP phones are installed. To
ensure QoS for its traffic, the OIG is leveraging the
Weighted Fair Queuing (WFQ) and Weighted
Random Early Discard (WRED) features in the Cisco
3600 series routers.
WFQ is a QoS algorithm that queues traffic in router
memory buffers and then enables the transmission of
packets from each buffer in a round-robin type manner.
Traffic with a higher-priority markingsuch as VoIP,
which is particularly delay-sensitivereceives a higher
weight. This means that as packets are transmitted in a
round-robin fashion, a larger number of packets are taken
from the higher-priority queue than from other queues.
Voice traffic cant burst above CIR, since burst band-
width is not considered reliable and thus not suitable,
says Campbell. This heightened the need for tuning our
WAN using the QoS mechanisms WFQ and WRED.
WRED is a congestion control QoS mechanism. It
reduces the chances of tail drop (the discard of many
packets at the end of a transmission) by selectively
dropping packets when the output interface begins to
show signs of congestion. By dropping some packets
early rather than waiting until the buffer is full, this
QoS feature avoids dropping large numbers of packets
at once to ensure better session quality.
Rate of Return
The OIG estimates that it s saving about 40 percent on
equipment, installation, and maintenance at each site
with an integrated network. Support is critical, and we
designed the data network around the business needs of
the agency, which mandates that different types of voice
be handled and treated alike,claims Duffy. Were not
only saving in that regard, but were also gaining by
being able to leverage our existing knowledge base to
support the system. It s much easier to transverse a data
Enterprise
S O L U T I O N S
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 23
THE USPS OI G CONVERGED NETWORK
IP
IP
IP
IP
IP
IP
PSTN
PSTN
Phones
Cisco
CallManager
Cisco
CallManager
USPS OIGs
Frame Relay-
Based Intranet
Typical Remote Site
Temporary Site
Arlington, Virginia, Headquarters
IP
Phone
IP
Phone
IP
Phone
PC
PC
Application
Servers
Application
Servers
Video Server
Catalyst 6509
LAN Backbone
Switch
Catalyst 6509
LAN Backbone
Switch
Cisco 2620
Multiservice
Router
Cisco 2620
Multiservice
Router
Dialup for Off-Net
and Back-Up Calls
PBX
CONVERGENCE CALL:
With its scalable,
converged network,
the OIG is benefiting
its bottom line as well
as leveraging existing
human resources for
support. For example,
the agency can extend
the intelligence of a sin-
gle Cisco CallManager
server to multiple, clus-
tered sites using Cisco
2600 WAN router and
VG200 gateway connec-
tions. For added redun-
dancy, the Cisco 2600
can provide call routing
using the H.323 stan-
dard in the event of a
CallManager failure.
Postal Inspector General, Continued from page 21
Continued on page 25
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
04B_Enterprise.txp 4/24/01 06:46 AM Page 23
person to voice than it is voice to data.
Part of the savings also comes from the agency
being able to use the Windows NT-based platform
server and workstation infrastructure it already had in
place. This architecture allows for simple integration
with IP soft phones and future enterprise Web-based
applications such as SAP and computer telephony
integration (CTI). Telecommunications moves, adds,
and changes are also simple with an IP-based system,
adds Campbell. The Cisco CallManager can auto-
configure a telephone based on its location within the
WAN. Users can move freely throughout the entire
organization and still maintain their direct-inward-dial
number and voice services, he explains.
With a traditional circuit-switched approach, wed
be spending about US$80,000 per site for a turnkey
solution including hardware, maintenance, training,
networking, and integrated voice mail, Duffy esti-
mates. Now, were closer to $50,000 per site, because
we can handle all the installations and upgrades our-
selves.He says the US$50,000 figure includes the cost
for training and acquisition of new IP skill sets.
In addition, Duffy says, by relying on in-house
expertise, we can get new systems up much more
quickly, which is another cost savings for a centralized
IT department. We can simply mirror and map what
we configured at one site and download it to another
CallManager.
Adds Campbell: By designing the LAN and
WAN infrastructure to support a converged network,
all field sites are merely replicas of each other. This
standardization allows for simplified troubleshooting
of existing sites while providing a template for addi-
tional sites as theyre deployed.
The OIG compared the cost of using a VoIP net-
work versus a circuit-switched network that collectively
received large volume discounts from carriers, accord-
ing to Sidransky. We could make phone calls for just
under 5 cents per minute using other services, while
a VoIP call at that time [2000] was about 3 cents,
Sidransky says.
The scalable nature of an IP-software based phone
system also benefits the OIG budget. In some circum-
stances, the agency can extend the intelligence of a sin-
gle CallManager server to multiple, clustered sites using
Cisco 2600 WAN router and VG200 gateway connec-
tions. Doing so precludes the agency from having to
maintain and manage CallManager servers in every
OIG location, notes Duffy.
Next Steps
The OIG plans to enhance its encryption to provide
further security across the network, says Sidransky. In
addition, the agency is likely to build a full-blown con-
tent delivery network (CDN) to leverage its network for
efficient, secure multimedia communications.
CDNs use distributed cache engines, load balanc-
ing, Web request redirection systems, IP Multicast, and
other technologies to optimize the use of network
bandwidth and ensure quick user response times for the
delivery of rich multimedia content. The OIG, in fact,
was poised to implement video across its network to
certain sites when this issue of Packet
went to press.
Ultimately, the postal service inspector general
envisions that the OIGs converged IP network will be
a single portal for all data applications and e-business
initiatives such as internal training, multicast, and
video streaming.
Readily embracing its communications network
has enabled the OIG to be nimble in accomplishing
audits and investigations with widely dispersed offices
and a highly mobile workforce. What s more, the
OIGs commitment to cutting-edge technology is vital
to meeting statutory responsibilities for preventing
waste, fraud, and abuse in the US postal system.
Enterprise
S O L U T I O N S
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 25
For more information on the products men-
tioned in this article, visit the following URLs:
s Cisco AVVID home page:
cisco.com/warp/public/779/largeent/avvid
s Cisco CallManager voice processing software:
cisco.com/warp/public/779/largeent/avvid/
products/call_process.html
s Cisco 3600 series routers:
cisco.com/warp/public/cc/pd/rt/3600/index.
shtml
FURTHER READI NG
Were committed
to cutting-edge
technologies that
reduce cost and
increase efficiency.
I NSPECTOR GENERAL
KARLA W. CORCORAN
Postal Inspector General, Continued from page 23
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
04B_Enterprise.txp 4/24/01 06:46 AM Page 25
Enterprise
S O L U T I O N S
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 27
A
ccovuixc )o ix)vvx~)iox~i u~)~
Corporation (IDC), 45 million mobile
professionals worldwide average more than
280 million business trips a year. For most
of these folks, access to their corporate network while
on the move is a necessity. The Cisco Internet Mobile
Office initiative provides mobile business professionals
with secure, reliable, broadband network access in
venues including airports, convention centers, hotels,
coffee shops, and other public facilities worldwide. This
initiative furthers Ciscos vision of providing business
professionals with immediate access to the Internet and
their corporate networkwhether theyre at work, at
home, or on the move.
Cisco wired and wireless products and technologies in
LAN and WAN infrastructures, virtual private network
(VPN) security, broadband roaming, and end-to-end
management tools underscore the Cisco Internet Mobile
Office initiative, as do a team of Cisco-certified partner-
ships. Already there are more than 400 hot spots, public
locations where mobile professionals can access their net-
works through secure broadband Internet access.
Avoiding Downtime in Key Locations
Delayed or rerouted flights are common these days and
often result in long wait times. Telephone jacks in airports
rarely deliver the bandwidth needed for traveling workers
to accomplish complex tasks, and dialup wireless connec-
tions have been similarly slow and unreliable. However, the
Cisco Internet Mobile Office solutions architecture and
partnerships enable subscribers to access their network
using the Cisco Aironet
equip-
ment (see figure).
The CSC network also supports an IP telephony
system and IP video-powered cameras. Cisco AVVID
(Architecture for Voice, Video and Integrated Data)
technology allows converged traffic to travel across the
same network and will eventually give customer service
representatives the ability to identify callers and view their
account information even before picking up the telephone.
This is a dedicated AVVID shop,notes Cal Rice, net-
work system manager at CSC. Cisco AVVID technology
also gives CSC the flexibility to provide program assurance
and data load management over its network.
Customer Benefits
After internal control over the manufacturing process
was firmly established, CSC began introducing its cus-
tomers into the process. Because each order of corrugated
sheets is unique, CSC created a custom ordering tool to
receive orders on its extranet Web site CSCLive
(www.csclive.com). The software directly links into a cus-
tomers purchase ordering module, or customers can
enter their orders on the Web and specify width, length,
paper type, creases, and even add logos to specific loads
of corrugated sheets. But the extranet is much more than
just an ordering tool. A customized software solution also
allows customers to follow their orders through the man-
ufacturing process. They can track orders right to their
door and set up manufacturing equipment before their
shipment of corrugated sheets arrive.
To garner the full
potential of its invest-
ment, CSC does all it can
to encourage customers
to use the extranet. It s a
constant training pro-
cess, says Rice, but we
dont want our customers
left behind. We want
them to see what this
technology has to offer.
In doing so, Rice and his
team often find them-
selves providing customer training and, in some cases,
on-site installation and support of PCs equipped with
Cisco Aironet access points.
Tangible Results
CSC now receives more than 80 percent of its customer
orders via the Web. After an order is received on the
CSCLive Web site, it s tied directly into the manufac-
turing process. Technology has allowed us to add core
value to the product,says Pung. And the value is pay-
ing off with tangible results. In the last three years, CSC
has doubled its throughput and revenues without
major capital equipment investment. Fully half of all
orders are received, produced, and delivered in less than
24 hours, and many orders are filled in less than 12
hours. The companys annual revenue has grown from
US$40 million to more than $90 million in just the last
three years. It s a team effort; everyone is pitching in
to make it happen. Were at our highest volumes, yet
were more in control than ever,adds Pung.
CSCs IP telephony and wireless technologies are
changing the sales process as well. In addition to get-
ting quality products, CSC customers benefit from such
services as online ordering and tracking, automated
shipping notices, and immediate notification of any
problems or delays.
Weve had to increase our customersability to run
their plants efficiently and give them tools so they cant
afford to go to any other supplier,explains Pung.
Looking Forward
While CSC has achieved remarkable success, the com-
pany is far from resting on its laurels. There is still 20
percent to go, says Rice, referring to customers who
have yet to use CSCs extranet. But with continued
technology enhancements and seamless access to its
automated ordering, manufacturing, and shipping pro-
cesses, Rice is confident that CSCs value proposition
will win all of its customers over in the end.
MOBILE EFFICIENCY:
With CSCs homegrown
Web-based application
running on a Windows
NT wireless workstation,
scanned barcode infor-
mation is automatically
transmitted via the net-
work to the companys
database. The applica-
tion helps CSC fork
truck drivers like Efendi
Sarmiento retrieve
information on scanned
units and move them
to the appropriate
warehouse or trailer
for shipment.
Corrugated Supplies, Continued from page 51
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
06A_SMB.txp 4/24/01 07:03 AM Page 53
Small
A N D
Midsized
B U S I N E S S E S
54 PACKET SECOND QUARTER 2001 CISCO SYSTEMS
I
)s nvvx ~i:os) ac yv~vs si xcv i sux
debuted, and feature-rich services continue to
make it a widely used communications protocol
among small office/home-office (SOHO) users.
Because ISDN was designed primarily for enterprises,
however, it s often difficult for SOHO users to solve
problems when they arise. But with the right informa-
tion, many ISDN problems can be easily solved using
the built-in capabilities of Cisco routers.
The most common ISDN problem is configuring
the end users equipment to work with a central office
switch. There are different telcos or local-exchange
carriers with different settings for ISDN Basic Rate
Interface (BRI),explains Plamen Nedeltchev, Ph.D.,
a remote-access consultant at Cisco. As such, there are
different ways of setting ISDN service. And because
ISDN was designed in the pre-Web era, routed proto-
cols like IP and IPX
BRUCE KOSTRESKI ,
CTO AND SENI OR VP OF ENGI NEERI NG
CAMBRI AN COMMUNI CATI ONS
Intelligent Light, Continued from page 63
Continued on page 103
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
10B_IP+Optical.txxp 4/24/01 08:37 AM Page 65
intelligent and responsive to change, says
Farnsworth. They will find it less expensive
to provision and maintain their infrastruc-
tures, and their higher capacity and intelli-
gence will provide unique foundations for
profitable services.
With its IP+Optical strategy and solu-
tions, Cisco combines its IP expertise with
optical technology to light the networks of
the New World.
Service providers that provision services
through Cisco IP+Optical networks and
enterprise customers that buy those services
can meet the demands of 21st century global
networking, while enjoying the benefits of
much higher service velocities, mission-crit-
ical IP network services such as VPN and
content delivery networking, and far lower
provisioning and operations costs than tradi-
tional optical networks.
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 103
ADVERTISER INDEX
ADVERTISER URL PAGE
@Work work.home.net/t9884.html 46
ADC Telecommunications www.adc.com 26
ADTRAN www.adtran.com 14
American Power Conversion (APC) www.apcc.com 9
Apogee Networks, Inc. www.apogeenetworks.com 50
Ascolta Training Company www.ascolta.com 82
AT&T www.att.com/emea/vpn 34
BMC Software www.bmc.com 28
Cable & Wireless www.gettheconnection.com 30
Canary Communications www.canarycom.com 16
Cisco Press www.ciscopress.com B, 48
Colorado Computer Training Institute (CCTI) www.ccti.com F
Counterpane Internet Security www.counterpane.com A
CRYPTOCard www.cryptocard.com 10
Custom Cable Industries www.customcable.com 86
CyberStateU.com www.cyberstateu.com 68
DalTech, Dalhousie University www.dal.ca/internetworking 55
Genuity www.genuity.com/blackrocket 64
Global Knowledge am.globalknowledge.com IFC
Globix www.globix.com 92
Horizon-MTS www.horizon-mts.com 4
Infonet www.infonet.com Back Cover
Integrated Research www.ir.com 18/19
ISI www.isi-info.com 22
KnowledgeNet www.knowledgenet.com 2
Mind CTI www.mindcti.com 88
NetOptics www.netoptics.com 66
netViz www.netviz.com 70
Panduit www.panduit.com IBC
Platform Computing www.platform.com 24
PRISM Innovations www.prisminnovations.com 98
ReadyRouter.com www.readyrouter.com D
Skyline Computer Corporation www.skylinecomputer.com 52
Solsoft` www.solsoft.com 94
Superior Modular Products www.superiormod.com 38
SurfControl www.surfcontrol.com 13
Verado www.verado.com 44
VUE www.vue.com 100
Websense www.websense.com 80
Xacct Technologies www.xacct.com 74
Intelligent Light, Continued from page 65
For more information on Ciscos
IP+Optical strategy and solutions,
visit the URL cisco.com/go/optical.
FURTHER READI NG
Coming
Third Calendar
Quarter 2001
Next-
Generation
Networks
Not a subscriber? Sign up for
your FREE subscription!
www.ciscopacket.com
ci sco.com/ go/ packet
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
105_continued.txp 4/24/01 09:08 AM Page 103
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 67
Cost
Conundrum
Core networks, then, are being chal-
lenged to support multiple customers with
traffic volumes that, in aggregate, surpass the
capacity that is available in most of todays
optical backbones. So service providers are
already looking to provision 10-Gbps and
higher speeds between their core network
nodes to keep pace. This is a different situ-
ation than has historically been the case in
service provider backbones. Large backbone
network pipes were once orders of magni-
tude faster than the individual interfaces
feeding into them, so simply provisioning
lots of raw capacity (and building in circuit
and equipment redundancy) has long been
sufficient to assure high service quality lev-
els. But optical core networks are moving
away from their role as pure back-end
plumbing.Now that the speeds of customer
premises equipment (CPE) interfaces are
catching up with those in the backbone
core, service providers are in need of smarter
technologies that enable them to quickly
provision more capacity as demands warrant
and to strategically manage their bandwidth.
The worlds largest Internet service
providers [ISPs] say that their number one
challenge is being able to provision band-
width fast enough to meet unpredictable
customer demand,observes John C. Adler,
a director of marketing in Ciscos Optical
Networking Group.
The reasons are growing apparent. In a
recent report, The Future of Optical IP
Networking,for example, telecommunica-
tions consulting firm Telechoice, Inc. pro-
jects that IP traffic will consume 90 percent
of all network bandwidth by 2002. This
trend, according to Telechoice, is finding
carriers squeezed between the ballooning
costs of building larger IP networks and
their inability to charge premium prices for
best-effort services.
To address the situation, technologies and
equipment have been emerging to enable
service providers to gain more control over the
provisioning and management of their core
network bandwidth. Dense wavelength-divi-
sion multiplexing (DWDM) technology has
been developed and implemented in network
infrastructure equipment to allow service
providers to provision multiple logical fibers,
each running at up to OC-192/STM-64
(10-Gbps) speeds, within a single physical
fiber to deliver what will eventually reach
terabit-per-second aggregate speeds.
DWDM multiplexers such as the Cisco
ONS 15800 aggregate traffic from multiple
IP routers and other equipment, including
SONET/ SDH add/ drop multiplexers
(ADMs), and then place the traffic on mul-
tiple wavelengths on a single fiber cable.
Mapping incoming signals onto specific
wavelengths for transport enables service
providers to squeeze more capacity out of
their fiber networks and to guarantee certain
amounts of bandwidth for particular traffic
flows or customers.
Cost
Conundrum
new equipment in the network core tackles
scalability and cost challenges
The Capacity vs.
I
x )nv v~s) vvw yv~vs, w~x coxxvc)iox svvvus ~) :~xy
customer sites have accelerated to the point that they are on a par with the full
capacity of service providers core backbone networks. It is not uncommon
for some companies, such as large enterprises, e-commerce Web site owners, and
ISP aggregators, for example, to run high-end IP WAN routers or ATM WAN switches with
OC-48/STM-16 (2.5-Gbps) Internet connections. Many of these large customers will soon
start demanding OC-192/STM-64 (10-Gbps) access services, if they havent already.
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
10C_Core.txxxp 4/24/01 08:01 AM Page 67
By contrast, when creating traditional
SONET/SDH optical networks, which are
based on TDM technology, 10 Gbps is the
maximum aggregate bandwidth that can be
derived from a single physical fiber. Note,
though, that Cisco and industry efforts are in
the works to render SONET/SDH provi-
sioning more flexible and dynamic through
the use of a unified control plane. A common
control plane for both Layer 3 IP and Layer
1 optical networks will enable service
providers to provision network capacity
through their backbones on demand, with
certain associated service-level metrics (see
Taking Control,page 93).
Same Fiber, More Capacity
Cambrian Communications, LLC, a whole-
sale service provider that sells IP-over-opti-
cal capacity to retail carriers in the eastern
US, uses the ONS 15800 and other Cisco
equipment to get more capacity out of its
network. One reason the company settled
on the ONS 15800 was because it supported
the longest distances between sites, reducing
the amount of line amplification equip-
ment required. This was important, because
you dont always have the luxury of choos-
ing exactly where your locations are, says
Bruce Kostreski, vice president of engineer-
ing and chief technology officer at the
Fairfax, Virginia-based company.
Network architects at St. Louis, Missouri-
based Digital Teleport, Inc., another network
transport wholesaler, cited similar reasons for
turning to the Cisco ONS 15800 for the
remaining portion of the companys network
buildout. We have very dense fiber routes in
a number of markets, says Greg Orman,
president and CEO of KLT Inc., majority
owner of Digital Teleport and a subsidiary of
Kansas City Power and Light Company.
DWDM requires only two fibers to run. We
can use the remaining fibers for other func-
tions, such as deploying different IP services
and Gigabit Ethernet capabilities.
Digital Teleport, which also uses the Cisco
ONS 15454 Optical Transport Platform in its
metro network and Cisco multiservice routers
in its service POP, has already lit about 2000
miles of fiber in the midwestern United States.
It is working with Cisco to complete its eastern
US optical network by the end of this year and
its western US optical network during the first
half of 2002. Once complete, the network will
comprise about 20,000 fiber miles, Orman says.
On the Drawing Board
Cisco ONS 15800 enhancements currently
in development will yield still greater back-
bone efficiencies. For example, Cisco expects
the number of SONET/SDH channels sup-
ported per wavelength in the ONS 15800 to
double to 64 later this year, says Luis Tondi-
Resta, director of marketing in Ciscos
Photonics Business Unit.
Later, next-generation Cisco DWDM
equipment will push the number of wave-
lengths even higher and will support speed rates
beyond 10 Gbps, he says. The equipment will
also contain technology that enables increas-
ingly greater distances between equipment
before signal regeneration is required, which
pares down the amount of network infrastruc-
ture equipment service providers need.
In addition, tunable lasers coming in
Cisco DWDM equipment will enable ser-
vice providers to use a single line-card model
to generate any color of light. Today, most
equipment requires a separate type of line
card for generating each color. Having a sin-
gle, flexible card will be easier to manage and
will significantly decrease service provider
spare-parts inventories,Tondi-Resta explains.
These and other developments will con-
tinue to empower service providers to
squeeze significantly more mileage out of
their optical cores.
CISCO SYSTEMS
SECOND QUARTER 2001 PACKET 69
For additional information, go to Packet
Online at cisco.com/go/packet/core.
FURTHER READI NG
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
10C_Core.txxxp 4/24/01 08:01 AM Page 69
D
i
n
e
r
Internet
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 71
Informationcontent and applicationsis the stuff of the Internet. The service POP
delivers information to users, and like a real-life diner, the success of those services depends
upon the ingredients, the recipes, how fast theyre served, and the price. The menu might
include application hosting, Web hosting, e-commerce, voice, Internet access, and real-
time services. When service providers cook up such entres, business customers in par-
ticular can outsource more information technology (IT) services, allowing them to focus
on their core competencies, lower their cost of doing business, and most importantly, take
advantage of advanced applications that give them an edge over their competitors. New
economies of scale also make such services available to small and midsized businesses that
need such services but could not afford them under old-world ways.
Internet
The point of presence offers
an enticing menu of services
for consumers and businesses. The
D
i
n
e
r
W
ni iv )nv )v~ui )i ox~i voi x) ov vvvs vxcv
vov
J
O
Y
C
E
H
E
S
S
E
B
E
R
T
H
/
S
I
S
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 89
Technology
I
v )nv xvw woviu
of packet telephony is
already bringing the
power and dynamism of
the Internet to voice networks,
Ciscos implementation of the
Session Initiation Protocol
(SIP) promises to make the
distinction between voice and
data networks irrelevant.
The key concept behind
SIP is its ability to separate
the physical devices (such as
telephones) from the users,
and the service-logic from
centralized control. This abstraction of service from
physical location allows features such as presence and
mobility to be possible. SIP provides the ability to
locate and communicate with someone virtually any-
where, using any combination of Internet technologies,
telephones and pagers.
SIP takes as its starting point the intelligent
endpointan autonomous IP host as opposed to the
traditional telephone handset. Features are thus actu-
ally implemented in devices such as SIP phones, rather
than the central controlling switches found in time-
division multiplexing (TDM) networks. SIP-enabled
phonesincluding Ciscos IP Phone 7960support
private branch exchange (PBX)-like features such as
call hold, redialing, speed dialing, transferring calls,
placing conference calls, and accessing voice mail. But
where traditional PBX systems typically require pro-
prietary handsets, Internet-Drafts co-authored by
WorldCom and Cisco engineers show that PBX-style
features such as conferencing and voice mail can be sup-
ported on a global basis across ISP networks, using SIP
phones from a variety of vendors. Other features will be
standardized and interoperable as well, including instant
communications and more.
Yet theres no need to wait in order to tap SIPs
advantages. The state of development of SIP-based
products is well beyond the lab at this point says
Ciscos Tom Redman, who serves as consulting systems
engineer, IXC area. For example, Ciscos SIP-based
solution includes unified messagingconverting voice
messages to text messages on the same server. Other
applications enabled by SIP include instant messaging
over any media, and the ability for users to establish
caller and called-party preferences.
SIP Goes Mainstream
Ciscos SIP-based solutions bring the true power of the Internet
to telephony.
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
11A_Technology.txp 4/24/01 08:14 AM Page 89
WorldCom is among the service providers setting
the pace in rolling out SIP services. As a leader in new
voice services, we think that SIP has the biggest
potential, says Dr. Henry Sinnreich, distinguished
member of engineering at WorldCom. Where other
voice-over-IP (VoIP) protocols are often linked to tra-
ditional telephone systems, SIP offers an open stan-
dard for voice and data integration.
SIP is not about redesigning voice, its about redefin-
ing it,Sinnreich says. So we used our internal expertise
on voice and data to start with SIP on a solid footing.
In the beginning of 2001, WorldCom announced
new SIP services to enterprise users with their IP
Comm suite of services, says Teresa Hastings,
WorldComs director of multimedia services engineer-
ing. These will include unified messaging, instant con-
ferencing and IP-based, Centrex-style services.
SIP is incredibly flexible, she says. It s built
around Internet and Web protocols, so that it will
seamlessly integrate with the Web and other Internet
services, and that s critical. Development is straight-
forward, and it will scale widely.
Ciscos Gateway to SIP
SIP was originally developed by the Internet Engineering
Task Force (IETF) Multiparty Multimedia Session
Control (MMUSIC) Working Group to provide multi-
media call session setup and control over IP networks.
Defined in the IETFs RFC 2543, SIP is supported in
Cisco IOS
fire-
wall series provides high-performance
tunneling and encryption services suitable
for site-to-site and remote-access applica-
tions. This hardware-based VPN accelera-
tor card (VAC) is optimized to handle IP
Security (IPsec)-related tasks such as hash-
ing, key exchange, and storing security
associations. The Cisco Secure PIX firewall
VAC supports as many as 2000 tunnels and
provides 100 Mbps of 168-bit Triple Data
Encryption Standard (3DES) throughput.
ci sco.com / go/ pi x
Cisco IGX 8400 Universal Router
Module
The Cisco IGX
) technologies.
Each Cisco IAD2400 model has a choice of
eight or 16 analog ports or one T1 digital
port for voice connectivity. A choice of T1
or Digital Subscriber Line (DSL) WAN
interfaces supports robust voice-over-ATM
Adaptation Layer 2 (VoAAL2) and voice-
over-IP (VoIP) implementations. The
IAD2400 operates within Class 5 switch
bypass/call agent or Class 5 switch access
architectures.
ci sco.com / go/ 240 0
NBAR and QDM Support for
Cisco 2600 and 3600 Series Routers
Two Cisco IOS
8850, BPX
8600,
Catalyst
1010
switches; and the Cisco 6400 Aggregator.
This architecture provides the founda-
tion for all other MPLS standards, enabling
the realization of the many benefits of MPLS
such as IP+ATM integration, traffic engi-
neering, and scalable virtual private network
services,says Cisco Fellow Bruce Davie.
Equally essential to the development of
MPLS is RFC 3032. Co-authored by
Rosen and Distinguished Engineer Dan
Tappan, RFC 3032 specifies the encoding
used by label switching routers (LSRs) to
transmit labeled packets on Point-to-Point
Protocol (PPP) data links, LAN data links,
and packet over SONET. This encoding is
supported on all Cisco MPLS products
with the appropriate interface types, includ-
ing the Cisco 12000 series Internet router
and the Cisco 7500, 7200, 4700, 4500, and
3600 series routers.
Co-authored by Cisco Software Engineer
Bob Thomas, RFC 3036 defines a set of
procedures called Label Distribution Protocol
(LDP) by which LSRs distribute labels to
support MPLS forwarding. Support for
LDP on most of Ciscos MPLS products is
under way.
RFC 3035 specifies the procedures for
distributing labels to or from ATM LSRs
when the labels represent FECs for which
the routes are determined on a hop-by-hop
basis, and also specifies the MPLS encap-
sulation to be used when sending labeled
packets to or from ATM LSRs. All Cisco
MPLS products with ATM interfaces sup-
port RFC 3035, including Cisco 7500 and
7200 series routers and MGX 8850, BPX
8560, and LightStream 1010 switches. RFC
3035 was co-authored by Ciscos George
Swallow, chair of the IETF MPLS working
group, Cisco Fellow Keith McCloghrie,
Jeremy Lawrence, Davie, and Rosen.
The full texts of these MPLS-related
RFCs are available at the URL ietf.org.
Multiprotocol Lambda Switching
In related news, Multiprotocol Lambda
Switching (now being called Generalized
MPLS, or GMPLS, in Internet-Drafts
before the IETF) is expected to be released
as a final RFC in mid-2001. GMPLS is an
extension of the unified control plane
(UCP) developed in MPLS for traffic engi-
neering.
GMPLS defines the routing and sig-
naling extensions to support the control of
circuit-switched, lambda-switched, and
fiber-switched connections, explains
Swallow. For more information on the UCP,
see Technically Speaking,page 93.
Standards Updates
CISCO SYSTEMS SECOND QUARTER 2001 PACKET 101
I
x vvnvu~vy, vvc .c6c (voiicy
Core Information Model) was approved
as a standards-track document by the
Internet Engineering Task Force (IETF).
Co-authored by Cisco Fellow John
Strassner and Andrea Westerinen, manager
of information modeling at Cisco, RFC
3060 defines the structure of a policy rule.
This structure is defined in the form: IF
<condition clause> THEN <action clause>,
meaning that if a set of conditions evaluate
to TRUE, then the rules actions should be
executed. The structure is used as a basis for
standardizing how policy information is
represented, regardless of technical content.
RFC 3060 defines an object-oriented
information model to represent the key
concepts in formulating and grouping pol-
icy rules, so that every policy derived from
these classes can be semantically under-
stood, named, and scoped.
The document defines two hierarchies
of object classes: structural classes that rep-
resent policy information and control of
policies and association classes that indicate
how instances of the structural classes
relate to each other. Subsequent docu-
ments will define mappings of this infor-
mation model to various concrete
implementations, for example, to a direc-
tory that uses Lightweight Directory
Access Protocol (LDAP) as its access
protocol.
RFC 3060 paves the way for interoper-
ability of policy information, notes
Strassner, and is already being used in
Ciscos Quality of Service (QoS) Policy
Manager Common Open Policy Services
(QPM-COPS) software and Cisco
Networking Services (CNS) software. For
the full text of RFC 3060, visit the URL
ietf.org/rfc/rfc3060.txt?number=3060.
Policy Core Information Model
Reprinted with permission from Packet magazine (Volume 13, No. 2), copyright 2001 by Cisco Systems,Inc. All rights reserved.
13A_StandUpdates.txp 4/24/01 07:13 AM Page 101
104 PACKET FIFTH QUARTER 2000 CISCO SYSTEMS
Cache File
S N I P P E T S O F W I S D O M F R O M O U T O N T H E N E T
T H E 5
t h
W A V E