Guest

Cisco Network Modules

Cisco Catalyst 6500 Supervisor Engine 32 PISA Data Sheet

  • Viewing Options

  • PDF (499.4 KB)
  • Feedback

Product Overview

The Cisco ® Catalyst ® 6500 Supervisor Engine 32 Programmable Intelligent Services Accelerator (PISA) delivers superior deep packet inspection, application awareness, security, availability, and manageability services for the networks of small and medium-sized business, enterprises, and service providers. This supervisor engine is ideal for securing campus access networks, converged services MAN/WAN applications and small/medium backbone functions.
The PISA on the Supervisor Engine 32 PISA provides hardware acceleration of services such as network-based application recognition (NBAR) and flexible packet matching (FPM) at multigigabit speeds, in addition to the management and control plane functions traditionally provided by the multilayer switch feature card (MSFC). The Supervisor Engine 32 PISA is offered with the Policy Feature Card 3B (PFC3B), to ensure feature and performance compatibility with the Cisco Catalyst 6500 Supervisor Engine 32. Two uplink options are available: 8-port Gigabit Ethernet Small Form-Factor Pluggable (SFP)-based uplinks (Figure 1) and 2-port 10 Gigabit Ethernet XENPAK-based uplinks (Figure 2). In addition to these modular uplinks, the Supervisor Engine 32 PISA also includes one port of 10/100/1000 RJ-45 for ease of network management. All ports on the Supervisor Engine 32 PISA can be active at the same time.

Figure 1. Supervisor Engine 32 PISA with 8-Port Gigabit Ethernet and PFC3B

Figure 2. Supervisor Engine 32 PISA with 2-Port 10 Gigabit Ethernet and PFC3B

The Supervisor Engine 32 PISA offers:

Deep Packet Inspection and Application Awareness: Support for hardware acceleration of intelligent services like NBAR and FPM at multigigabit speeds and inspection 4096 bytes into the packet. NBAR is a classification engine that can recognize a wide variety of applications, including Web-based applications and client/server applications that dynamically assign TCP or User Datagram Protocol (UDP) port numbers. After the application is recognized, the network can invoke specific services for that particular application. NBAR works with quality-of-service (QoS) features to help ensure that the network bandwidth is best used to fulfill the company's objectives. These features include the ability to guarantee bandwidth to critical applications, limit bandwidth to other applications, drop selective packets to avoid congestion, and mark packets appropriately so that the network and the service provider's network can provide QoS from end to end. FPM provides the means to inspect packets for characteristics of an attack, and to take appropriate actions (log, drop). FPM provides a flexible Layer 2 through Layer 7 stateless classification mechanism. The user can specify classification criteria based on any protocol and any field of the traffic's protocol stack. Based on the classification result, actions such as drop or log can be taken on the classified traffic.

Programmable Architecture: The Supervisor Engine 32 PISA is based on an adaptable, programmable architecture that adjusts to grow with the dynamic needs of the network. As new techniques for network intrusion or application compromise are created, the programmable nature of the Supervisor Engine 32 PISA ensures that the network administrator has the ability to quickly react to the changing environment. Additionally, the architecture integrates a high-performance hardware-based AES encryption engine to potentially next-generation Layer 2 through 7 services requiring multigigabit encryption services in the future.

Integrated security: The Supervisor Engine 32 PISA helps mitigate damage from denial-of-service (DoS) attacks using Control Plane Policing, hardware-based MAC learning, and user-based rate limiting. It limits threats from the Dynamic Host Configuration Protocol (DHCP) server, default gateway, or end-user IP address spoofing using features such as DHCP snooping, Dynamic Address Resolution Protocol inspection (DAI), and Unicast Reverse Path Forwarding (uRPF). The supervisor engine allows close control over which users can access the network and what privileges they are granted through identity-based networking with IEEE 802.1x and port-based security. These integrated security features are hardware-based so they can be enabled concurrently without compromising system performance as traffic levels increase. The intrusion detection services module, firewall services module, or the IPsec VPN SPA can be installed in the same chassis for
maximum security.

High availability: The Supervisor Engine 32 PISA helps ensure business continuity through minimizing network downtime with its support of Layer 2 Stateful Switchover (SSO), Layer 3 Nonstop Forwarding (NSF), Gateway Load-Balancing Protocol (GLBP), multimodule Cisco EtherChannel®, and rapid convergence protocols such as IEEE 802.1s and 802.1w. It also supports proactive detection and prevention of network equipment failures using Generic Online Diagnostics (GOLD).

Enhanced manageability: Enhancements include support for the Embedded Event Manager (EEM), a powerful ally for device and system management, enabling network administrators to harness the network intelligence intrinsic to Cisco IOS® Software and customize the behavior based on real network events as they happen; support for ACE counters for identifying the frequency that specific access-control-list (ACL) entries are hit; support for hardware-based NetFlow, providing a metering base for a key set of applications, including network traffic accounting, usage-based network billing, network planning, as well as denial of service monitoring capabilities; and support for Encapsulated Remote SPAN (ERSPAN), Digital Optical Monitoring, and Generic Online Diagnostic functions to simplify operational complexity. These enhanced capabilities enable network administrators to respond quickly to user access problems and simplify network management.

Slot efficiency: Uplink density of eight Gigabit Ethernet SFP-based ports and increased bandwidth to two 10 Gigabit Ethernet XENPAK-based ports save slots for deployment of integrated service modules or higher-density chassis.

Investment protection: The Supervisor Engine 32 PISA supports Cisco Catalyst 6500 Series classic modules and Cisco Express Forwarding 256-based (CEF256) modules and is backward-compatible with all Cisco Catalyst 6500 Series chassis, allowing deployment of new, advanced services on existing equipment. The Supervisor Engine 32 PISA also supports the Enhanced FlexWAN module and the shared port adapter (SPA) Interface Processors (SIPs) along with the associated SPAs. This prolongs the deployment lifetime of interface modules and provides greater return on investment.

Superior traffic management: Uplinks are available with four transmit queues per port, with one strict priority queue for high-priority, low-latency traffic, and two receive queues per port. Each port supports Weighted Random Early Detection (WRED) for congestion avoidance within each queue, and Shaped Round Robin (SRR) as well as Deficit Weighted Round Robin (DWRR) for scheduling between queues to aid in traffic prioritization. Up to eight thresholds can be configured to manage differentiated levels of service.

Extensive management tools: The Supervisor Engine 32 PISA supports the CiscoWorks network management platform; QoS Policy Manager (QPM); Network Analysis Module (NAM); Simple Network Management Protocol (SNMP) Versions 1, 2, and 3; Cisco Security Manager; and four Remote Monitoring (RMON) groups (statistics, history, alarms,
and events).

Applications

Secure Enterprise LAN Access

The Supervisor Engine 32 PISA provides deep packet inspection, application awareness, high levels of security, availability, and manageability for enterprise LAN access deployments. Support for hardware-accelerated FPM and NBAR on the Supervisor Engine 32 PISA allows customers to move security and classification right to the edge of their networks, providing a comprehensive worm mitigation and application classification solution. Supervisor Engine 32 PISA is capable of accelerating services at 2Gbps for Internet mix (IMIX) traffic, which is optimal for standard campus access networks of typical enterprises using a pair of Gigabit Ethernet Small Form-Factor Pluggable (SFP) uplinks to each distribution layer switch. See Figure 3 for a deployment example.

Figure 3. Supervisor Engine 32 PISA Deployment Example in LAN Access

Enterprise WAN Edge, Internet Gateway and Service Provider Services

The Supervisor Engine 32 PISA is purpose built for enterprise WAN edge, Internet gateway, and Metro Ethernet deployments. The PISA on the Supervisor Engine 32 PISA provides hardware acceleration of intelligent services like NBAR and FPM to provide application classification and worm and virus mitigation at multigigabit speeds. Support for these intelligent services, coupled with the support for 256k routes and interface support from T1 to OC48 with shaping, makes the Supervisor Engine 32 PISA an ideal platform for WAN aggregation and Internet gateway deployments. Additionally, equipped with PFC3B, the Supervisor Engine 32 PISA ensures feature and performance compatibility with the Cisco Catalyst 6500 Supervisor Engine 32. It offers advanced hardware-accelerated IP services such as Multiprotocol Label Switching (MPLS), IPv6, Network Address Translation (NAT), generic routing encapsulation (GRE) tunneling, ACLs, rate limiting, and advanced QoS to enable network administrators to build feature-rich networks. (See Figure 4) The uplinks of the Supervisor Engine 32 PISA can also support SRR for rate limiting traffic.

Figure 4. Supervisor Engine 32 PISA Deployment Example in WAN Aggregation and as a Service Appliance

Service Appliance

The Cisco Catalyst 6504-E, together with the Supervisor Engine 32 PISA and up to three service modules, forms an ideal service appliance. High availability can be incorporated in this appliance by making use of a dual Supervisor Engine 32 PISA configuration. Hardware-accelerated services on the PISA, along with service modules like the firewall services module and intrusion detection services (IDS) module, can be deployed together as a security appliance. These advanced services can then be distributed in the network over the integrated eight-port Gigabit Ethernet uplinks or two-port 10 Gigabit Ethernet uplinks from the Supervisor Engine 32 PISA.

Features and Benefits

Table 1 lists the features and benefits of the Supervisor Engine 32 PISA.

Table 1. Features and Benefits of Supervisor Engine 32 PISA

Features

Benefits

Secure Application Fluency and Deep Packet Inspection

Network Based Application Recognition at Multigigabit Speeds

• Provides the ability to discover protocols and applications running on the network
• Allows Intelligent traffic classification based on application type
• Supports addition of new protocols and applications using packet description language modules (PDLMs)
• Provides the ability to load new PDLM's without changing Cisco IOS Software releases and without rebooting the switch
• Supports a wide variety of applications and protocols, including:
- P2P: BitTorrent, eDonkey/eMule, FastTrack, Gnutella, KaZaA
- Enterprise applications: PCAnywhere, Citrix ICA, Microsoft SQL Server
- Streaming Media applications: Real Time Streaming Protocol (RTSP), CU SeeMe, Netshow, StreamWorks, VDOLive
- Network Mail Services: Simple Mail Transfer Protocol(SMTP), point of presence (POP3), Internet Mail Access Protocol (IMAP), Lotus Notes, Microsoft Exchange
- Internet: HTTP(Hypertext Transfer Protocol) , FTP (File Transfer Protocol), NNTP (Network News Transfer Protocol ), IRC (Internet Relay Chat)
• GUI based management using QoS Policy Manager (QPM)

Flexible Packet Matching at Multigigabit Speeds

• Provides next generation "Super ACL" pattern matching capability for granular and customized packet filtering
• Provides the ability to match on arbitrary bits of a packet at arbitrary depth (offset) in the packet header and payload hence allowing detection of malicious patterns deep within the packet
• Allows users to define customized classification criteria for stateless traffic using CLI or off-box via XML
• Provides the ability to install new filters on switches without reload
• Provides protection again notable worms/viruses such as Slammer and MyDoom and protects against malicious attacks such as Fragmented UDP, HTTP vulnerabilities, and TCP SYN floods.
• Supports Flexible Configuration in the Cisco Security Manager to push configuration files to switches

L3 Routing

• Open Shortest Path First (OSPF and OSPFv2)
• Enhanced Interior Gateway Routing Protocol (EIGRP)
• Intermediate System-to-Intermediate System (IS-IS) Protocol
• Border Gateway Protocol Version 4 (BGPv4)
• Bidirectional Forwarding Detection (BFD) for OSPF and IS-IS
• Static Routing

High-performance IP routing protocols form the foundation for scalable Layer 3 services.

IPv6

• Native IPv6
• RIPng, MP-BGP4, OSPFv3
• IPv6 over IPv4 Tunnels
• Internet Control Message Protocol Version 6 (ICMPv6)
• Configured, Automatic, GRE, 6to4, ISATAP Tunnels
• IPv6 QoS
• PIM-SM and PIM-SSM

Improves the scalability of IP deployments, allowing high-performing network evolution. Multicast protocols and QoS features optimize triple-play and video delivery over an end-to-end IP architecture.

L2 Switching

• IEEE 802.1Q
• 802.1Q Tunneling
• Layer 2 Protocol Tunneling (L2PT)
• VLAN Translation

802.1Q and L2PT are the service enablers to offer Layer 2 VPNs. By encapsulating subscribers' data frames in a service provider 802.1Q tag and by tunneling subscribers' PDU, 802.1Q tunneling offers Transparent LAN Services (TLS) to scale the number of Metro Ethernet subscribers beyond the 4096 VLAN boundary.

VLAN Translation increases the flexibility of single tagged 802.1Q service by decoupling subscribers' and service providers' VLAN IDs.

• IEEE 802.1D
• IEEE 802.1w

Protocols such as IEEE 802.1D, IEEE 802.1w, and IEEE 802.1s help ensure business continuity by minimizing the network convergence time for time-sensitive applications.

• IEEE 802.1s
• Flexlink
• Port Aggregation Protocol (PAgP)
• IEEE 802.3ad (LACP)
• Unidirectional Link Detection

Flexlink provides fast failover over point-to-point connections, without the overhead of control protocols.

PAgP and IEEE 802.3ad increase bandwidth availability and provide fast link failover within the Cisco EtherChannel bundle.

Unidirectional Link Detection (UDLD) increases the network reliability by quickly detecting unidirectional links or misplaced fiber connectors.

• Cisco Discovery Protocol
• VLAN Trunk Protocol (VTP)

Cisco Discovery Protocol and VTP ease the network and service configuration by detecting peer capability and by propagating the VLAN's information within the service provider network.

DDoS and Spoofing Protection, Intrusion Detection

• DHCP snooping
• Dynamic ARP inspection (DAI)
• CPU rate limiting
• Control Plane Policing
• Hardware enabled NetFlow
• User-based rate limiting
• Unicast Reverse Path Forwarding (uRPF)
• Hardware-based MAC learning
• Cisco Catalyst 6500 IDS and Firewall modules
• Broadcast and multicast suppression
• Port Security on Access, 802.1Q Trunks, and 802.1Q Tunneling ports

Provides local containment of security threats and protects networks against security vulnerabilities, including malicious and inadvertent intrusion.

Trust, Identity, and Data Confidentiality

• Identity-based networking services with IEEE 802.1x
• Network Admission Control
• IPsec support through IPsec SPA and SSC-400

Allows close control over which users can access the network and what privileges they are granted. Identifies posture (or compliance) of the device to help ensure the device can be safely admitted to the network without undue hazard.

Provides confidentiality and integrity for data, voice, and management traffic.

High Availability

• Hot-Swapping of Standby Supervisor Engines
• Layer 2 rapid convergence protocol suite
• Hardware redundancy with subsecond stateful failover (SSO) and Non Stop Forwarding (NSF)
• Generic Online Diagnostics
• Hot Standby Router Protocol (HSRP)
• Virtual Router Redundancy Protocol (VRRP)
• Gateway Load Balancing Protocol (GLBP)
• Fault management:
- Fault detection and troubleshooting
- System health check
- Enhanced memory protection
- Proactive detection and prevention of network Equipment failures using GOLD

Helps ensure business continuity through minimizing network downtime for mission-critical applications.

Integrated and Operations Management

Switched Port Analyzer (SPAN), Remote SPAN (RSPAN), Encapsulated Remote SPAN (ERSPAN)

Enables remote troubleshooting from anywhere, reducing troubleshooting time and tool costs.

CiscoWorks, Resource Management Essential (RME), QoS Policy Manager (QPM), Cisco Security Manager

GUI-based tools provide QoS and security management.

Network Analysis Module

Provides embedded data collection and analysis capabilities with a remotely accessible, Web-based management console.

ACE counters

Identifies frequency that specific ACL entries are hit for ease of management.

Embedded Event Manager

Harnesses the network intelligence intrinsic to Cisco IOS Software and customizes the behavior based on real network events as they happen.

SNMPv3, SSH Protocol Version 2, Secure Copy Protocol (SCP)

Provides secure management.

Efficient Multicast Delivery

• Hardware-based multicast forwarding
• Bidirectional Protocol Independent Multicast (PIM)
• Internet Group Management Protocol (IGMP) Querier
• Router-port Group Management Protocol (RGMP)
• Multiprotocol Border Gateway Protocol (MBGP)
• Multicast Virtual Private Networks (MVPN)
• PIM SM, PIM SSM, and PIM snooping
• IGMP Versions 1, 2, and 3

Enables efficient video broadcasting, e-learning, and information sharing.

Slot Efficiency and Backward Compatibility

Eight Gigabit Ethernet SFP-based ports or two10-Gigabit Ethernet XENPAK-based ports

Increases uplink density and saves slots to deploy integrated service modules or higher-density chassis. In addition to the uplinks, each supervisor provides a copper 10/100/1000 uplink.

Support for all Cisco Catalyst 6500 classic and Cisco Express Forwarding 256-based modules and relevant services modules; support for all Cisco Catalyst 6500 Series chassis

Allows deployment of new advanced services on existing equipment, prolonging the deployment lifetime of interface modules and providing greater return on investment.

Advanced Quality of Service (QoS)

• Packet classification, marking, and congestion avoidance based on Layer 2-4 header information
• User-based rate limiting enforces any of 64 policy rates, maintaining service-level agreements on a per-user basis independent of traffic type or IP address
• QoS scheduling rules with thresholds can be configured in the switch for multiple receive and transmit queues

Superior traffic management enables efficient handling of converged networks that carry a mix of mission-critical, time-sensitive, and bandwidth-intensive multimedia applications.

• Priority Queue
• Shaped Round Robin (SRR)
• Deficit Weighted Round Robin (DWRR)
• Weighted Random Early Detection (WRED)
• Egress Policing

Intelligent queuing mechanism helps ensure that the highest-priority data is serviced ahead of other traffic.

Congestion avoidance and scheduling algorithms help regulate traffic and prevent network congestion. SRR enhances the scheduling algorithm by shaping the traffic that egresses each queue.

MPLS

• Ethernet over MPLS (EoMPLS)
• EoMPLS VC Type 4 and VC Type 5
• MPLS VPNs (RFC4364/RFC2547bis)
• MPLS Traffic Engineering (MPLS TE)
• MPLS Fast Reroute (MPLS FRR)

Enhanced MPLS service flexibility allowing Layer 2 and Layer 3 services integration on the same platform.

Advanced Layer 2-4 Services

• Hardware-enabled GRE tunnels for IP traffic
• NAT-Translates addresses for inbound and outbound traffic in hardware, allowing clean separation between internal and external networks

Advanced Layer 2-4 forwarding enables service providers and enterprises to build feature-rich networks.

Note: Not all Supervisor Engine 32 PISA features are enabled in the first software release. Refer to the release notes for up-to-date software version information for support of different features at http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/relnotes/index.htm.

NBAR Protocol Support

NBAR on Supervisor Engine 32 PISA is capable of classifying the following types of protocols:

• Non-UDP and non-TCP IP protocols

• TCP and UDP protocols that use statically assigned port numbers

• TCP and UDP protocols that dynamically assign port numbers and therefore require stateful inspection.

• Peer to Peer Protocols

• VoIP Protocols

Table 2. Non-UDP and Non-TCP Protocols

Protocol

Type

Protocol Number

Description

EGP

IP

8

Exterior Gateway Protocol

EIGRP

IP

88

Enhanced Interior Gateway Routing Protocol

GRE

IP

47

Generic Routing Encapsulation

ICMP

IP

1

Internet Control Message Protocol

IPINIP

IP

4

IP in IP

IPSec

IP

50, 51

IP Encapsulating Security Payload/Authentication Header

Table 3. TCP and UDP Static Port Protocols

Protocol

Type

Well-Known Port Number

Description

BGP

TCP/UDP

179

Border Gateway Protocol

CU-SeeMe

TCP/UDP

7648, 7649

Desktop videoconferencing

CU-SeeMe

UDP

24032

Desktop video conferencing

DHCP/BOOTP

UDP

67, 68

Dynamic Host Configuration Protocol/ Bootstrap Protocol

DNS

TCP/UDP

53

Domain Name System

Finger

TCP

79

Finger user information protocol

Gopher

TCP/UDP

70

Internet Gopher Protocol

HTTP

TCP

802

Hypertext Transfer Protocol

HTTPS

TCP

443

Secured HTTP

IMAP

TCP/UDP

143, 220

Internet Message Access Protocol

IRC

TCP/UDP

194

Internet Relay Chat

Kerberos

TCP/UDP

88, 749

Kerberos Network Authentication Service

L2TP

UDP

1701

L2F/L2TP tunnel

LDAP

TCP/UDP

389

Lightweight Directory Access Protocol

MS-PPTP

TCP

1723

Microsoft Point-to-Point Tunneling Protocol for VPN

MS-SQLServer

TCP

1433

Microsoft SQL Server Desktop Videoconferencing

NetBIOS

TCP

137, 139

NetBIOS over IP (MS Windows)

NetBIOS

UDP

137, 138

NetBIOS over IP (MS Windows)

NFS

TCP/UDP

2049

Network File System

NNTP

TCP/UDP

119

Network News Transfer Protocol

Notes

TCP/UDP

1352

Lotus Notes

Novadigm

TCP/UDP

3460-3465

Novadigm Enterprise Desktop Manager (EDM)

NTP

TCP/UDP

123

Network Time Protocol

PCAnywhere

TCP

5631, 65301

Symantec PCAnywhere

PCAnywhere

UDP

22, 5632

Symantec PCAnywhere

POP3

TCP/UDP

110

Post Office Protocol

Printer

TCP/UDP

515

Printer

RIP

UDP

520

Routing Information Protocol

RSVP

UDP

1698, 1699

Resource Reservation Protocol

SFTP

TCP

990

Secure FTP

SHTTP

TCP

443

Secure HTTP

SIMAP

TCP/UDP

585, 993

Secure IMAP

SIRC

TCP/UDP

994

Secure IRC

SLDAP

TCP/UDP

636

Secure LDAP

SMTP

TCP

25

Simple Mail Transfer Protocol

SNMP

TCP/UDP

161, 162

Simple Network Management Protocol

SNNTP

TCP/UDP

563

Secure NNTP

SOCKS

TCP

1080

Firewall security protocol

SPOP3

TCP/UDP

995

Secure POP3

SSH

TCP

22

Secured Shell

STELNET

TCP

992

Secure Telnet

Syslog

UDP

514

System Logging Utility

Telnet

TCP

23

Telnet Protocol

X Windows

TCP

6000-6003

X11, X Windows

Table 4. TCP and UDP Stateful Protocols

Protocol

Type

Description

Citrix ICA

TCP/UDP

Citrix ICA traffic by application name

FTP

TCP

File Transfer Protocol

Exchange

TCP

MS-RPC for Exchange

HTTP

TCP

HTTP with URL, MIME, or host classification

Netshow

TCP/UDP

Microsoft Netshow

R-commands

TCP

rsh, rlogin, rexec

RTP

TCP/UDP

Real-Time Transport Protocol Payload Classification

RTSP

TCP/UDP

Real-Time Streaming Protocol

SAP-PGM

TCP/UDP

SAP Program traffic

SAP-MSG

TCP/UDP

SAP Message traffic

SAP-APP

TCP/UDP

SAP Application traffic

SQL*NET

TCP/UDP

SQL*NET for Oracle

StreamWorks

UDP

Xing Technology Stream Works audio and video

SunRPC

TCP/UDP

Sun Remote Procedure Call

TFTP

UDP

Trivial File Transfer Protocol

VDOLive

TCP/UDP

VDOLive Streaming Video

Table 5. Peer-to-Peer Protocols

Peer-to-Peer Protocol

Type

Description

BitTorrent

TCP

File-sharing application

Gnutella

TCP

File-sharing application

Kazaa2

TCP

File-sharing application

eDonkey

TCP

File-sharing application

Fasttrack

TCP

File-sharing application

WinMX

TCP

File-sharing application

Direct Connect

TCP

File-sharing application

Table 6. VoIP Protocols

VoIP Protocol

Type

Description

RTCP

TCP/UDP

Real-Time Control Protocol

SCCP

TCP

Skinny Call Control Protocol

SIP

TCP/UDP

Session Initiation Protocol

MGCP

TCP/UDP

Media Gateway Control Protocol

H.323

TCP/UDP

An ITU-T standard for digital videoconferencing over TCP/IP networks

Supervisor Engine 32 PISA Architecture

The Supervisor Engine 32 PISA provides the intelligent services of the Supervisor Engine 32 and at the same time provides hardware acceleration of services like NBAR and FPM. Additionally, it provides performance and price points suitable for the LAN access, WAN edge, and Metro Ethernet access (Table 7).

Table 7. Cisco Catalyst 6500 Series Supervisor Engine Comparison

Feature

Supervisor Engine 720

Supervisor Engine 32

Supervisor Engine 32 PISA

Uplinks

Two Gigabit Ethernet ports: one gigabit interface converter (GBIC) based and one configurable to GBIC based or 10/100/1000 RJ-45 based

• Eight Gigabit Ethernet ports, SFP based + one 10/100/1000 RJ-45 port

OR

• Two 10 Gigabit Ethernet ports, XENPAK based + one 10/100/1000 RJ-45 port
• Eight Gigabit Ethernet ports, SFP based + one 10/100/1000 RJ-45 port

OR

• Two 10 Gigabit Ethernet ports, XENPAK based + one 10/100/1000 RJ-45 port

Uplink Queue Structure

• Tx 1p2q2t
• Rx 1p1q4t
• 512 KB buffer per port
• Tx 1p3q8t
• Rx 2q8t
• 9.5 MB buffer per Gigabit Ethernet port
• 100 MB buffer per 10 Gigabit Ethernet port
• Tx 1p3q8t
• Rx 2q8t
• 9.5 MB buffer per Gigabit Ethernet port
• 100 MB buffer per 10 Gigabit Ethernet port

Uplink Port Scheduler

WRR

DWRR or SRR

DWRR or SRR

Self-Power Cycling

No, power cycle line cards only

Yes, power cycle remotely through console port

Yes, power cycle remotely through console port

Backplane

720 Gbps integrated switch fabric module (SFM)

32 Gbps shared bus

32 Gbps shared bus

Performance

Up to 400 Mpps for Cisco Express Forwarding interface modules

Up to 15 Mpps IPv4 services

Up to 15 Mpps IPv4 services

Deep Packet Inspection Performance (NBAR, FPM)

N/A

N/A

2Gbps

Cisco Express Forwarding

Hardware-based

Hardware-based

Hardware-based and PISA assisted for features like NBAR and FPM

Distributed Cisco Express Forwarding

Yes, with a DFC3 present

No

No

*SP NVRAM

2 MB (SP)

2 MB (SP)

2 MB (SP)

*SP Dynamic RAM (DRAM)

512 MB default, upgradeable to 1 GB on Supervisor Engine 720-3B; 1 GB default on Supervisor Engine 720-3BXL

512 MB default, upgradeable to 1 GB

512 MB default, upgradeable to 1 GB

*SP Onboard Flash (BootFlash)

64 MB upgradeable to 512 MB, 1GB

256 MB, through internal compact flash (referred to as sup-bootdisk in command-line interface), upgradeable to 512 MB, 1 GB

512 MB, through internal compact flash (referred to as sup-bootdisk in command-line interface), upgradeable to 1 GB

**RP Dynamic RAM (DRAM)

512 MB default, upgradeable to 1 GB on Supervisor Engine 720-3B; 1 GB default on Supervisor Engine 720-3BXL

512 MB default, upgradeable to 1 GB

1GB default

**RP Onboard Flash (BootFlash)

64MB default

64MB default

256MB default

Chassis Supported

All Cisco Catalyst 6500 Series chassis with fan tray 2 or E-Series fan tray and 2500W power supplies or above

All Cisco Catalyst 6500 Series chassis with fan tray 2 or E-Series fan tray and 2500W power supplies or above

All Cisco Catalyst 6500 Series chassis with fan tray 2 or E-Series fan tray and 2500W power supplies or above

Minimum Software Support

• Cisco Catalyst 6500 Series:
• CatOS 8.1(1)
• Cisco IOS Software 12.2(14)SX
• Cisco Catalyst 6500 Series:
• CatOS 8.4(1)
• Cisco IOS Software 12.2(18)SXF
• Cisco Catalyst 6500 Series:
• Cisco IOS Software 12.2(18)ZY

Slot Requirements

Slots 1 and 2 in a 3-slot chassis, slots 5 and 6 in a 6- or 9-slot chassis, and slots 7 and 8 in a 13-slot chassis

Slots 1 and 2 in a 3-slot and 4 slot chassis, slots 5 and 6 in a 6- or 9-slot chassis, and slots 7 and 8 in a 13-slot chassis

Slots 1 and 2 in a 3-slot and 4 slot chassis, slots 5 and 6 in a 6- or 9-slot chassis, and slots 7 and 8 in a 13-slot chassis

Hardware-Based Forwarding Engine

PFC3A, PFC3B, or PFC3BXL onboard

PFC3B onboard

PFC3B onboard

MSFC Daughter Card Version

MSFC3

MSFC2A; Advanced routing protocol support with layer 3 license

PISA, which integrates MSFC2A functions of Supervisor Engine 32 board


*Switch Processor, **Route Processor.
The Supervisor Engine 32 PISA with PFC3B and PISA daughter cards provide the following functions:

PFC3B: Performs hardware-based Layer 2-4 packet forwarding as well as packet classification, traffic management, and policy enforcement.

PISA: Performs Layer 3 control-plane functions, including address resolution and routing protocols; In addition performs hardware acceleration of deep packet inspection services such as NBAR and FPM.

Ordering Information

Table 8 provides part numbers for the Supervisor Engine 32 PISA.

Table 8. Supervisor Engine 32 PISA Part Numbers

Product Number

Description

Supervisor Engine 32 PISA

WS-S32-GE-PISA

Catalyst 6500 Supervisor 32 with PISA and 8 GE uplinks

WS-S32-10GE-PISA

Cat 6500 Supervisor 32 with PISA and 2 ports 10GbE

Memory Options for Supervisor Engine 32 PISA

MEM-xCEF720-512M

Default switch processor (SP) DRAM on the Supervisor Engine 32 PISA baseboard

MEM-MSFC3-1GB

Default route processor (RP) DRAM on PISA (Programmable Intelligent Services Accelerator)

MEM-C6K-CPTFL512M

Default switch processor (SP) bootflash on the Supervisor Engine 32 PISA baseboard

MEM-C6K-CPTFL256M

Default route processor (RP) bootflash on PISA (Programmable Intelligent Services Accelerator)

MEM-C6K-CPTFL256M

Optional external 256-MB compact flash memory

MEM-C6K-CPTFL512M

Optional external 512-MB compact flash memory

Software Options for Supervisor Engine 32 PISA

S3P3IBL-12218ZY

Cisco CAT6000 SUP 32 PISA IP BASE LAN ONLY

Includes support for

• RIP, Static Routing, EIGRP Stub
• Network Based Application Recognition (NBAR)
• Flexible Packet Matching (FPM)

S3P3IBK9L-12218ZY

Cisco CAT6000 SUP 32 PISA IP BASE SSH LAN ONLY

Includes support for

• RIP, Static Routing, EIGRP Stub
• Network Based Application Recognition (NBAR)
• Flexible Packet Matching (FPM)

S3P3IS-12218ZY

Cisco CAT6000 SUP32 PISA IP SERVICES

Same functionality as the IP BASE image PLUS

• IPv4 routing and services

S3P3ISK9-12218ZY

Cisco CAT6000 SUP32 PISA IP SERVICES SSH

Same functionality as the IP BASE image PLUS

• IPv4 routing and services

S3P3AIK9-12218ZY

Cisco CAT6000 SUP32 PISA ADVANCED IP SERVICES SSH

Same functionality as the IP SERVICES image PLUS

• Advanced MPLS feature set
• Layer3 IPv6 Services
• Advanced FPM Manageability

Standards and Management

Table 9 describes Supervisor Engine 32 PISA standards and management.

Table 9. Supervisor Engine 32 PISA Standards and Management

Description

Specification

Standards and Protocols

• IEEE 802.3
• IEEE 802.3u
• IEEE 802.3z
• IEEE 802.1t
• IEEE 802.1u
• IEEE 802.3x
• IEEE 802.3ab
• IEEE 802.1Q
• IEEE 802.1p
• IEEE 802.1D
• IEEE 802.1w
• IEEE 802.1s
• IEEE 802.1x
• IEEE 802.3ad
• IEEE 802.3x
• RIPv2
• EIGRP
• OSPF
• IS-IS
• BGPv4
• Policy Based Routing (PBR)
• HSRP (RFC2281)
• Virtual Router Redundancy Protocol (VRRP)
• Bidirectional Forwarding Detection (BFD) for OSPF and IS-IS
• Internet Group Management Protocol (IGMP) v1, v2, v3
• IGMP Proxy reporting for IGMPv2 and MLDv1
• PIM
• PIM-SM, PIM-SSM, Bidirectional PIM
• WCCPv2
• MPLS VPN (RFC2547)
• Ethernet over MPLS (EoMPLS Martini draft)

Management

• Simple Network Management Protocol Version 1, 2, and 3 (SNMPv1, v2, v3)
• Telnet Interface
• VTP
• CDP
• IGMP Snooping
• DHCP Snooping
• Remote Switch Port Analyzer (RSPAN), Encapsulated Remote SPAN (ERSPAN)
• Embedded Remote Monitoring (RMON) software agent
• Domain Name System (DNS)
• Trivial File Transfer Protocol (TFTP)
• Network Timing Protocol (NTP)
• Multifunctional LEDs per port

MIBs

• BRIDGE-MIB (RFC1493)
• BGP4-MIB (RFC1657)
• CISCO-ACCESS-ENVMON-MIB
• CISCO-BGP-POLICY-ACCOUNTING-MIB
• CISCO-BGP4-MIB
• CISCO-CDP-MIB
• CISCO-CLASS-BASED-QOS-MIB
• CISCO-CONFIG-COPY-MIB
• CISCO-CONFIG-MAN-MIB
• CISCO-ENTITY-ALARM-MIB
• CISCO-ENTITY-EXT-MIB
• CISCO-ENTITY-VENDORTYPE-OID-MIB
• CISCO-FLEX-LINKS-MIB
• CISCO-FTP-CLIENT-MIB
• CISCO-HSRP-EXT-MIB
• CISCO-HSRP-MIB
• CISCO-IETF-IP-FORWARD-MIB
• CISCO-IETF-IP-MIB
• CISCO-IF-EXTENSION-MIB
• CISCO-IMAGE-MIB
• CISCO-IP-STAT-MIB
• CISCO-IPMROUTE-MIB
• CISCO-L2-CONTROL-MIB
• CISCO-L2-TUNNEL-CONFIG-MIB
• CISCO-MAC-NOTIFICATION-MIB
• CISCO-MEMORY-POOL-MIB
• CISCO-NBAR-PROTOCOL-DISCOVERY-MIB
• CISCO-NDE-MIB
• CISCO-OSPF-MIB
• CISCO-OSPF-TRAP-MIB
• CISCO-PAE-MIB
• CISCO-PAGP-MIB
• CISCO-PIM-MIB
• CISCO-PING-MIB
• CISCO-PRIVATE-VLAN-MIB
• CISCO-PROCESS-MIB
• CISCO-PRODUCTS-MIB
• CISCO-QUEUE-MIB
• CISCO-RMON-CONFIG-MIB
• CISCO-RTTMON-MIB
• CISCO-STP-EXTENSIONS-MIB
• CISCO-SVI-AUTOSTATE-MIB
• CISCO-SWITCH-ENGINE-MIB
• CISCO-SYSLOG-MIB
• CISCO-TCP-MIB
• CISCO-UDLDP-MIB

Safety and Compliance

Table 10 describes Supervisor Engine 32 PISA safety and compliance.

Table 10. Supervisor Engine 32 PISA Safety and Compliance

Description

Specification

Electromagnetic Emission Compliance (EMC)

• FCC Part 15 (CFR 47) Class A
• VCCI Class A
• EN55022 Class A
• CISPR 22 Class A
• CE marking
• AS/NZS 3548 Class A
• ETS300 386
• EN55024
• EN61000-6-1
• EN50082-1

Physical Specifications

• Occupies one slot in a Cisco Catalyst 6500 Series
• Dimensions (H x W x D): 1.6 x 15.3 x 16.3 in. (4.0 x 37.9 x 40.3 cm)

Safety

• UL 60950
• CSA-C22.2 No. 60950
• EN 60950
• IEC 60950
• AS/NZS 60950/TS001

ETSI

• ETS 300 019 Storage Class 1.1
• ETS 300 019 Transportation Class 2.3
• ETS 300 019 Stationary Use Class 3.1

Operating Environment

• Operating temperature: 32 to 104°F (0 to 40°C)
• Storage temperature: -40 to 167°F (-40 to 75°C)
• Relative humidity: 10 to 90 percent, noncondensing
• Operating altitude: Sea level to 6500 ft (1981 m)

Service and Support

Whether your company is a large organization, a commercial business, or a service provider, Cisco is committed to helping you maximize the return on your network investment. Cisco offers a portfolio of technical support services to help ensure that your Cisco products operate efficiently, remain highly available, and benefit from the most up-to-date system software.
The Cisco Technical Support Services organization offers the following features, providing network investment protection and minimal downtime for systems running mission-critical applications:

• Provides Cisco networking expertise online and on the telephone

• Creates a proactive support environment with software updates and upgrades as an ongoing integral part of your network operations, not merely a remedy when a failure or problem occurs

• Makes Cisco technical knowledge and resources available to you on demand

• Augments the resources of your technical staff to increase productivity

• Complements remote technical support with onsite hardware replacement

Cisco Technical Support Services include:

• Cisco SMARTnet® support

• Cisco SMARTnet Onsite support

• Cisco Software Application Services, including Software Application Support and Software Application Support plus Upgrades

For More Information on Cisco Catalyst 6500 Series

Visit http://www.cisco.com/en/US/products/hw/switches/ps708/products_data_sheets_list.html to view the Cisco Catalyst 6500 Series data sheets.