Posts tagged: security

Cisco Borderless Network – ISR Generation 2

Last week I participated in a one-day workshop which took place at the Cisco office in München. The new Cisco vision of the borderless network was introduced and the main focus was on the new Integrated Services Router (ISR) Generation 2.

The whole idea of this vision is that the “borders” in the network will soon disappear and one will be able to connect to the network from anywhere, at any given time, from any device and to any resource. And all this will be done transparently and securely. One will no longer be limited by the device used (be it laptop, desktop, smartphone, etc) nor will he be limited by the type of connection (wired, wireless, mobile, etc). The network will be intelligent enough to adapt and provide a seamless experience.

What interested me the most was the new ISR G2 series, which is a key player in the borderless network concept. There are new versions to all the previous ISR routers and the upgrades are significant. I won’t bother you with too many details, but couple of things stand out:

  • 3 new models of the small 800 series, new 1900, 2900 and 3000 series
  • all of them run a universal IOS image, IOS 15.0 will be released.
  • the image contains all features. The individual features are activated on-demand, as they are needed
  • multi-core processors
  • crypto engines are already onboard
  • field-upgradeable mainboards (Service Performance Engine, SPE)
  • Multi Gigabit Fabric (MGF): the individual modules will be internally directly connected at gigabit speeds

There are of course other changes but I think those are the most important.

After the ISR G2 presentation, a few more things were discussed about topics such as Security, WAAS (Wide area application services) and the ASR 1000 (Aggregation Services Router).

Otherwise things were nice, the presentation was good, no blue screens or anything. And the canteen over there makes really good food! ;-)

GETVPN Training

This week from monday through wednesday, I took part in a GETVPN course at a training center in Munich. From what I know, this is not a standard Cisco course but at the request of the customer we’re working for, Global Knowledge (a Cisco training partner) organized everything. Even though there were not many new things for me in those three days, the course was welcomed because the project I am working at right now is exactly about this: traffic encryption in a large-scale MPLS network with GETVPN. The course was a good opportunity for me to practice again my knowledge about GETVPN. The troubleshooting sessions helped too, we’ve tested all kind of scenarios, simulating as much as possible the live MPLS network we work with at the office.

In case what I said above sounds worse than ancient chinese to some of my readers, GETVPN (which stands for Group Encrypted Transport Virtual Private Networks) is a technology used to encrypt customer traffic through the private network of a Internet Service Provider (usually). GETVPN allows secure communication between all customer branches without being affected by the scalability issues of the classical methods of encryption (like IPsec tunnels) when the number of locations increases.

The training room had good equipment, PCs for each student, WLAN with access to the lab network as well as to the Internet for our laptops, even silly little things like Mr. Watch:

Yeah, I named a toy … Anyway, the training center facilities were excellent, surprisingly good food at the canteen and all kinds of relaxation methods:

Some of my colleagues playing a quick round of table soccer. The game can become quite violent, as I had the opportunity to witness. But kinda cool.

All in all it was a productive way of spending three days away from work. But tomorrow I am going back to my office, what a mess. Oh well ;-)