Cisco Systems is shipping an upgrade to its Network Admission Control (NAC) appliance, which provides policy enforcement at enterprise network entry points. Version 4.0 can be deployed in-line or "out-of-band" with network traffic at Layer 2, and it can also be positioned out-of-band at Layer 3 to minimize the number of servers required for multiple locations. Version 4.0 of the NAC appliance also provides single sign-on functions for VPN clients, wireless clients and Windows Active Directory domains.
Cisco this week also announced two new models in its Cisco ASA 5500 Series Adaptive Security appliance family. The company's ASA 5505 targets small businesses, remote offices and telecommuters, while the ASA 5550 provides scalable IPSec and secure sockets layer virtual private network (SSL VPN) services to large business sites. Included in the announcement are enhancements to the Cisco ASA's underlying software.
WAN probe from Network Instruments
Historical analysis on the WAN just got a little simpler.
Network Instruments yesterday announced the release of its GigaStor-WAN probe appliance for high-performance data collection, high-capacity storage, and time-based analysis for the WAN.
In addition to the GigaStor-WAN probe, Network Instruments announced that the entire GigaStor product line can now write to a storage area network (SAN) to store and collect unlimited amounts of data.
The historical analysis technology helps with network troubleshooting, and the time-based display and large storage capacity let network administrators bypass the traditional and time-consuming task of having to recreate network problems. Instead, with GigaStor-WAN, administrators can select the time at which the problem occurred and go back to it for troubleshooting.
The GigaStor-WAN provides complete capture and decodes all native WAN error and line conditions, including congestion errors, Committed Information Rates, and Data Link Connection Identifiers. It supports capture and write-to-disk rates of more than 320 Mbps, and it can retain up to 2 TB, 4 TB, 8 TB or more in network data by writing to an external SAN. The GigaStor-WAN can monitor up to 12 links and works with the Network Instruments Observer family of products, and it reports to any Expert Observer and Observer Suite Console on the network.
In a statement, Network Instruments president and co-founder Douglas Smith said this latest tool was inspired by customers that wanted to monitor WAN links in real time and back in time.
"Data can be reviewed in real time without stopping the continuous capture capability," Smith said, adding that the data is collected and analyzed on the GigaStor itself. "For example, if you have a problem at a remote site, you don't have to compound the problem further by dragging unnecessary data across your WAN."
Bandwidth management, QoS based on business processes
Blue Coat Systems this week unveiled a bandwidth management and Quality of Service (QoS) enhancement for the MACH5 acceleration technology framework integrated with the Blue Coat SG family of appliances.
According to Blue Coat, the SG appliances can now prioritize traffic based on a comprehensive understanding of user, application and the nature of interaction with the application, instead of just by application protocol or packet identification data, like source destination.
For example, Blue Coat SG appliances can distinguish between order entry and a reporting request within an application and give higher priority to the person entering an order. Other bandwidth management solutions do not differentiate traffic beyond understanding packets, which limits the effectiveness of QoS.
By prioritizing by user, group and specific process, the MACH5 enhancements to Blue Coat SG appliances enable the system to mark traffic and pass prioritization information to other network devices that support QoS schemes, such as routers and switches. After determining the priority based on business process, the appliances will set the appropriate bits of each packet of traffic to convey the proper prioritization to other networking gear.