Avatar

Cisco innovates in the industry’s largest product line

Cisco Unified Access is about converging wired and wireless networks to improve scale and quickly launch new services with new levels of security and compliance.

When Cisco launched the Catalyst 3850 and WLC 5760 Controller in January 2013, it stood alone in the market for truly converging Wired and Wireless networks. Over the course of the last 2.5 years, Cisco has progressively extended its lead with more platforms and features based on the revolutionary ASIC which makes this rich convergence possible. And just this month, Cisco delivered Multi-gigabit Ethernet (or mGig), which enables the move to higher Wireless speeds based on the IEEE 802.11ac Wave 2 standard. Let’s start by clearly articulating why the home-grown ASIC is so fundamental to successfully integrating Wired and Wireless networks in a seamless way.

The foundational ASIC which Cisco developed is called Unified Access Dataplane (UADP). It cost well over $150M, and took several years to develop and refine. It delivers Hardware performance with Software flexibility and comes with many unique innovations. The defining characteristic of this ASIC is the true full-featured convergence of Wired and Wireless traffic together with its flexible forwarding engine.

The ASIC performs wire-speed DTLS encryption/decryption, fragmentation and reassembly of traffic in hardware, direct termination of the CAPWAP tunnels, and fine-grained multi-level QoS of the wireless traffic (Port/AP, Radio, SSID, Client). What this makes possible is that the wireless traffic is afforded the same rich experience as the wired environment has traditionally been given. So now, full Flexible Netflow visibility and the Wireshark packet capture visibility are available to the Wireless traffic as well. Additionally, the differentiated user and application experience made possible through the QoS capabilities in the ASIC is also made available to the wireless traffic. Using the MQC (Modular QoS CLI), the wired or wireless traffic can now consistently be prioritized, rate limited, shaped, or queued in a consistent fashion across multiple levels in the hierarchy.

As we’ve seen many times in the history of the Networking industry (for example the Internet itself is distributed), as the number of devices and bandwidth increases, the Dataplane / forwarding plane and at times, control plane traffic needs to be distributed. The platforms based on the UADP ASIC (Catalyst 3850/3650, 4500E and 5760) run a full-blown wireless Controller and as we’ve seen in the previous paragraph, the Dataplane is converged directly in the ASIC. This combination delivers an unmatched forwarding performance of up to 60 Gbps of wireless traffic (with 5760 and 40 Gbps with 3850/4500E), much higher than what competitors can deliver (see Miercom report). In a centralized controller model all the CAPWAP tunnels from the APs in the network terminate at that one point (the Controller). That Controller terminates the control plane as well as the Dataplane traffic and performs multicast replication across the tunnels, so it is easy to see why it will not scale to the same degree as a distributed model offered by Converged Access.

With Converged Access, each Access Switch terminates the wireless traffic, so the (already superior) wireless performance multiplies by the number of Access Switches in the network. The largest wireless networks in the world trust Cisco.

Continuing on the theme of delivering a greater experience for wireless traffic, Cisco spearheaded the move to Multi-gigabit Ethernet (first leading the N-Base-T industry consortium followed by being a leading voice in the IEEE 802.3bz task force) and started shipping a few key enabling products over this last month (Cisco Catalyst Multi-gigabit Switching).

As the market strives for higher speeds and better application experience over wireless, Access Points are coming out with support for IEEE 802.11ac Wave 2 which can now go over 1 Gig speeds on the wired Ethernet port. Multi-gigabit Ethernet is significant because it affords customers investment protection by leveraging their existing cabling plant (of which 90%+ is Category 5e/6) for 2.5 Gig and 5 Gig speeds. It is supported on multiple platforms using the UADP ASIC (Catalyst 4500E, Catalyst 3850 today and more in the future).

If you look at the Marketing messages from many of Cisco’s competitors, you’d think they have Converged Access today. Putting a Controller and a Switch together, side-by-side in the same chassis, is not true Converged Access. Here are some signs you can look for to determine the level of convergence:

  • Can the wireless traffic be delivered at wire-speed onto the wired side of the network?
  • Can I treat the wireless traffic in the same way as the wired traffic – i.e. apply the same levels of QoS, policing, shaping, rate limiting, dropping, etc. at multiple levels in the hierarchy?
  • Is the wireless traffic terminated in the same ASIC as the wired?
  • Does wired and wireless traffic traverse the same Dataplane path internal to the product?

If any of the above is not true, you do not have true convergence and is NOT Converged Access, so be mindful of this fact.

Another defining characteristic of the UADP ASIC is the programmable flexibility delivering support for new protocols at wire-speed performance. A traditional ASIC is fixed-function and would need to be re-spun (meaning build a new platform) in order to add support for new capabilities. The UADP flexibility has enabled Cisco to add support for hardware GRE and moved MACSEC capability from the PHYs into the silicon after the 3850 platforms shipped in 2013. In the future, additional capabilities will be added, thereby extending the life of these platforms. Support for Openflow 1.3 has also been added.

A year ago, Cisco shipped the SUP8E supervisor engine, providing new life to customers using the 4500E platform. By adding this new Supervisor Engine to an existing chassis with existing power supplies and line cards, customers get Converged Access and all of the other advantages the SUP8E brings to the table.

The UADP ASIC has delivered platforms like Catalyst 3850 and Catalyst 4500E which are unmatched in the market today even when used “simply” as a Switch. It supports 480G Stack bandwidth (the highest in the industry) together with other innovations such as Stackpower, wire-speed Flexible Netflow across all the ports simultaneously, SGT tagging and enforcement, 8 hardware queues per port, multi-level hierarchical QoS, UPOE, IPv6 First Hop Security, etc. It also comes with unmatched availability to maximize network uptime with capabilities such as NSF/SSO, ISSU, and VSS. The full support of Flexible Netflow across all ports simultaneously also delivers something not practically possible before – Network as a Sensor and Enforcer.

With full visibility combined with traffic/user/application controls available at the access layer in a distributed fashion, the network can be used to detect and block attacks, determine security holes, baseline network traffic, and enforce network access only to users playing by the rules and according to Business policy.

For these many reasons, Catalyst 3K revenue by itself is larger than the total (combined) Switching business of any of Cisco’s competitors. In fact, Catalyst 3K, the largest product line in the entire industry, is several times larger by revenue than the largest product line in any of Cisco’s competitors.

The following chart shows how Cisco has continued to extend its lead, adding new platforms over the last 2.5 years, the latest being support for Multi-gigabit and 10-Gigabit aggregation, all based on the UADP ASIC:

NorthStarRoadmapUADP

Cisco Unified Access helps converge wired and wireless networks to improve productivity and elevate the customer experience through a smart, simple and secure network from device to Cloud.

 



Authors

Ivor Diedricks

Sr. Product Manager - Enterprise Switching

Enterprise Networking Group (ENG)