PB468195
Overview
• Extending PISA NBAR and FPM services from Layer 3 routed wiring closet deployments to Layer 2 wiring closet deployments.
• Software integration with Cisco Catalyst 6500 Series Firewall Services Module (FWSM) to provide application-aware firewall policy enforcement.
• URL filtering to allow customers to enforce Internet usage policy at enterprise WAN or branch offices. This helps enterprises to improve employee productivity, conserve network bandwidth, and mitigate legal liability.
• Enhanced Power over Ethernet (PoE) support.
• New NBAR packet description language modules (PDLMs) covering more than 30 applications and network protocols including instant messaging applications such as Yahoo! Messenger, MSN and AOL messenger; enterprise applications such as Microsoft Outlook, Cisco Unified IP phones and PC-based Unified Personal Communicators, and Common Internet File System (CIFS); healthcare applications such as DICOM and HL7; and financial applications such as FIX; network protocols such as VNC, ISAKMP etc.
Hardware Support
New Software Features
Table 1. Software Features of Cisco IOS Software Release 12.2(18)ZYA
|
Software Feature |
Description |
|
Layer 2 NBAR and FPM |
This feature allows PISA NBAR and FPM services to be applied to access Layer 2 wiring closet access deployments with Layer 2 interface configurations such as user access ports, trunk ports, Layer 2 VLAN, and EtherChannel® ports. |
|
Application-aware firewall policy enforcement |
This feature provides solution integration between the Cisco Catalyst 6500 Supervisor Engine 32 PISA and the Cisco Catalyst 6500 Series FWSM. It allows the FWSM to define an enhanced application-based access control policy by using the stateful application classification information provided by the Cisco Catalyst 6500 Supervisor Engine 32 PISA. With this integration, the Cisco Catalyst 6500 Supervisor Engine 32 PISA recognizes applications at the campus access edge and tags the application information along with the IP packets. The upstream FWSM is then able to apply access control policy based on this application knowledge provided by the PISA. |
|
URL filtering |
URL filtering allows customers to enforce Internet usage policy by validating the users' Internet requests against corporate policies defined in an external policy server from WebSense, Inc. Additional information about WebSense can be found online at http://www.websense.com. |
|
New NBAR PDLMs |
New NBAR PDLMs are introduced with Release 12.2(18)ZYA. These PDLMs include: • Instant messaging applications such as Yahoo! Messenger, MSN and AOL messenger.
• Enterprise applications such as Microsoft Outlook, Cisco IP phones and PC-based Unified Personal Communicators, and Microsoft CIFS protocol
• Healthcare applications such as DICOM and HL7
• Financial applications such as FIX
• Recreational applications such as YouTube and Doom
• Network protocols: klogin, kshell, Ora-srv, sqlexec, clearcase, appleqtc, rcp, isakmp,Ibm-db2,lockd,npp, Microsoft-ds, VNC, echo, systat, daytime, chargen, time, Isi-gl, rtelnet, xdmcp, nickname,Corba-iiop, tacacs
|
|
FPM enhancements |
Increased FPM search window size from 32 bytes to 128 bytes |
|
Enhanced PoE support |
Support for Enhanced PoE, a Cisco extension of the IEEE 802.3af standard that delivers more than 15.4 watt per port. This allows the Cisco Catalyst 6500 system with Supervisor Engine 32 PISA to support the latest technologies such as Cisco Aironet 1250 Series wireless access points. |
Software Ordering Information
Table 2. Software Ordering information
For More Information