Cisco MDS 9000 Family Multiprotocol Services Module
The Cisco MDS 9000 Family Multiprotocol Services Module delivers the intelligence and advanced features required to make multilayer storage area networks a reality. Supported in the Cisco MDS 9200 Series and Cisco MDS 9500 Series and offering fourteen Fibre Channel ports and two Gigabit Ethernet ports, the Cisco Multiprotocol Services Module enables FCIP for long distance SAN extension and iSCSI for Ethernet attached servers without sacrificing Fibre Channel port density. With its multiprotocol capability, the module also integrates FICON protocol, FICON Control Unit Port (CUP) management and switch cascading to enable mainframe connectivity.
The Cisco Multiprotocol Services Module includes hardware-enabled innovations designed to dramatically improve scalability, availability, network security, and manageability of storage networks, resulting in increased utility and lower total cost of ownership (TCO). Hardware-assisted compression and encryption on the Gigabit Ethernet ports ensure optimal utilization of available IT infrastructure and highly reliable and secure data exchange.
The module is hot-swappable and includes hot-swappable, Small Form-Factor Pluggable (SFP), LC interfaces for both Fibre Channel and Gigabit Ethernet. Individual ports can be configured with short-wave, long-wave, or extended-reach SFPs for connectivity up to 100 kilometers. The Gigabit Ethernet interfaces are configurable for both FCIP and iSCSI operation; the ports designated to work as FCIP can be further configured to support up to three virtual ISL connections.
Figure 1. The Cisco MDS 9000 Family Multiprotocol Services Module
KEY FEATURES AND BENEFITS
The Cisco® MDS 9000 Family Multiprotocol Services Module is designed for mission-critical enterprise storage networks that require robust, cost-effective business continuance services. Leveraging Fibre Channel and Internet Protocol (IP) in a single module, Cisco MDS 9000 Family Multiprotocol Services Module offers the following key features:
• Integrated Fibre Channel and IP Storage Services in an optimized form factor-Supports fourteen 2-Gbps Fibre Channel interfaces for high performance SAN and mainframe connectivity and two Gigabit Ethernet ports for Fibre Channel over IP (FCIP) and Small Computer System Interface over IP (iSCSI) storage services.
• Integrated hardware-based VSANs and Inter-VSAN Routing (IVR)-Enables deployment of large-scale multisite and heterogeneous SAN topologies. Integration into port-level hardware allows any port within a system or fabric to be partitioned into any VSAN. Integrated hardware-based inter-VSAN routing provides line-rate routing between any ports within a system or fabric without the need for external routing appliances.
• High performance Inter-Switch Links (ISLs)-Supports up to sixteen 2-Gbps Fibre Channel links in a single PortChannel-links may span any speed-matched ports on any module within a chassis for added scalability and resilience. Up to 3500 buffer-to-buffer credits can be assigned to a single Fibre Channel port to extend storage networks over unprecedented distances.
• Intelligent network services-Uses virtual SAN (VSAN) technology for hardware-enforced, isolated environments within a single physical fabric; access control lists (ACLs) for hardware-based intelligent frame processing; and advanced traffic management features such as Fibre Channel Congestion Control (FCC) and fabric-wide quality of service (QoS) to facilitate migration from SAN islands to enterprise-wide storage networks.
• Comprehensive network security framework-Supports RADIUS and TACACS+, Fibre Channel Security Protocol (FC-SP), Secure File Transfer Protocol (SFTP), Secure Shell (SSH), and Simple Network Management Protocol Version 3 (SNMPv3) implementing Advanced Encryption Standard (AES), VSANs, hardware-enforced zoning, ACLs, and per-VSAN role-based access control. Additionally, the Gigabit Ethernet ports offer IP security (IPsec) authentication, data integrity, and hardware-assisted data encryption for FCIP and iSCSI.
• Sophisticated diagnostics-Provides intelligent diagnostics, protocol decoding, and network analysis tools as well as integrated Call Home capability for added reliability, faster problem resolution, and reduced service costs.
• FCIP for remote SAN extension:
– Simplifies data protection and business continuance strategies by enabling backup, remote replication, and other disaster recovery services over WAN distances using open-standard FCIP tunneling.
– Optimizes utilization of WAN resources for backup and replication by tunneling up to three virtual ISLs on a single Gigabit Ethernet port, and enabling hardware-based compression, FCIP Write Acceleration, and FCIP Tape Acceleration.
– Preserves Cisco MDS 9000 Family enhanced capabilities including VSANs, advanced traffic management, and security across remote connections.
• iSCSI for extension of SAN to Ethernet attached servers:
– Extends the benefits of Fibre Channel SAN-based storage to Ethernet attached servers at a lower cost than possible using Fibre Channel interconnect alone.
– Increases storage utilization and availability through consolidation of IP and Fibre Channel block storage.
– Transparent operation preserves the capability of existing management storage applications.
FCIP for Remote SAN Extension
Data distribution, data protection, and business continuance services are significant components of today's information-centric businesses. The ability to efficiently replicate critical data on a global scale not only ensures a higher level of data protection for valuable corporate information, but also increases utilization of backup resources and lowers total cost of storage ownership. The Cisco MDS 9000 Family Multiprotocol Services Module uses the open-standard FCIP protocol to break the distance barrier of current Fibre Channel solutions and enable interconnection of SAN islands over extended distances.
Advanced SAN Extension Features
The Cisco MDS 9000 Family Multiprotocol Services Module supports FCIP compression to maximize the effective WAN bandwidth of SAN extension solutions. The Cisco MDS 9000 Family Multiprotocol Services Module achieves up to a 30:1 compression ratio, with typical ratios of 2:1 over a wide variety of data sources. With the addition of hardware-based compression, the MDS 9000 Family Multiprotocol Services Module is able to provide optimal levels of compressed throughput for implementations across both low-bandwidth and high-bandwidth links.
The Cisco MDS 9000 Family Multiprotocol Services Module supports IPSec encryption for secure transmission of sensitive data over extended distances. Hardware enablement of IPSec ensures high throughput. Used together, hardware-based compression and hardware-based encryption provide high performance, highly secure SAN extension capability.
Additionally, the MDS 9000 Family Multiprotocol Services Module supports FCIP Write Acceleration, a feature that can significantly improve application performance when storage traffic is extended across distance. When FCIP Write Acceleration is enabled, WAN throughput is optimized by reducing the latency of command acknowledgments. Similarly, the Cisco MDS 9000 Family Multiprotocol Services Module supports FCIP Tape Acceleration, which significantly improves throughput over WAN links for remote tape backup operations.
Ideal for efficient, secure SAN consolidation, VSANs allow more efficient storage network utilization by creating hardware-based isolated environments with a single physical SAN fabric or switch. Each VSAN can be zoned as a typical SAN and maintains its own fabric services for added scalability and resilience. VSANs allow the cost of SAN infrastructure to be shared among more users, while ensuring absolute segregation of traffic and retaining independent control of configuration on a VSAN-by-VSAN basis.
Integrated SAN Routing
In another step toward deploying efficient, cost-effective, consolidated storage networks, the Cisco MDS 9000 Family Multiprotocol Services Module supports IVR, the industry's first routing functionality for Fibre Channel. IVR allows selective transfer of data between specific initiators and targets on different VSANs while maintaining isolation of control traffic within each VSAN. With IVR, data can transit VSAN boundaries while maintaining control plane isolation, thereby maintaining fabric stability and availability. Integrated IVR eliminates the need for external routing appliances, greatly increasing routing scalability while delivering line-rate routing performance, simplifying management, and eliminating the challenges associated with maintaining separate systems. Integrated IVR means lower total cost of SAN ownership.
Integrated Mainframe Support
The Cisco MDS 9000 Family Multiprotocol Services Module is mainframe-ready with full support for IBM zSeries FICON and Linux environments. Qualified by IBM for attachment to all FICON-enabled devices in an IBM zSeries operating environment, Multiprotocol Services Module supports transport of the FICON protocol in both cascaded and non-cascaded fabrics, as well as an intermix of FICON and open systems Fibre Channel Protocol traffic on the same switch. Virtual SANs simplify intermix of SAN resources between z/OS, mainframe Linux, and open systems environments, allowing for increased SAN utilization and simplified SAN management. VSAN-based intermix mode eliminates the uncertainty and instability often associated with zoning-based intermix techniques. VSANs also greatly reduce the probability of a misconfiguration or a component failure in one VSAN affecting operation in other VSANs. VSAN-based management access control simplifies partitioning of SAN management responsibilities between mainframe and open systems environments, enhancing security. FICON VSANs can be managed using the integrated Cisco Fabric Manager, Cisco CLI, or IBM CUP-enabled management tools including SA/390 Resource Measurement Facility (RMF), or Dynamic Channel Path Management (DCM).
Advanced Traffic Management
The following advanced traffic management capabilities integrated into every Cisco MDS 9000 Family Multiprotocol Services Module simplify deployment and optimization of large-scale fabrics.
• Virtual Output Queuing-Helps ensure line-rate performance on each port, independent of traffic pattern, by eliminating head-of-line blocking.
• 255 buffer-to-buffer credits-Are assigned to each port for optimal bandwidth utilization across distance. When extended distances are required, up to 3500 credits can be allocated to a single port within a group of four Fibre Channel ports.
• PortChannels-Allow users to aggregate up to 16 physical ISLs into a single logical bundle, providing optimized bandwidth utilization across all links. The bundle can consist of any speed-matched ports from any module in the chassis, ensuring that the bundle can remain active even in the event of a module failure.
• Fabric Shortest Path First (FSPF)-based multipathing-Provides the intelligence to load balance across up to 16 equal cost paths and, in the event of a switch failure, dynamically reroute traffic.
• QoS-Can be used to manage bandwidth and control latency, to prioritize critical traffic.
• Fibre Channel Congestion Control (FCC)-Is an end-to-end, feedback-based congestion control mechanism that augments the Fibre Channel buffer-to-buffer credit mechanism to provide enhanced traffic management.
Advanced Diagnostics and Troubleshooting Tools
Management of large-scale storage networks requires proactive diagnostics, tools to verify connectivity and route latency, and mechanisms for capturing and analyzing traffic. The Cisco MDS 9000 Family integrates the industry's most advanced analysis and diagnostic tools. Power-on self test (POST) and online diagnostics provide proactive health monitoring. The Cisco MDS 9000 Family Multiprotocol Services Module implements diagnostic capabilities such as Fibre Channel Traceroute for detailing the exact path and timing of flows and Switched Port Analyzer (SPAN) to intelligently capture network traffic. Once traffic has been captured, it can then be analyzed with the Cisco Fabric Analyzer, an embedded Fibre Channel analyzer. Comprehensive port-based and flow-based statistics facilitate sophisticated performance analysis and service-level agreement (SLA) accounting. With the Cisco MDS 9000 Family, Cisco Systems® delivers the most comprehensive toolset for troubleshooting and analysis of storage networks.
Comprehensive Solution for Robust Network Security
Addressing the need for failproof security in storage networks, the Cisco MDS 9000 Family Multiprotocol Services Module offers an extensive security framework to protect highly sensitive data crossing today's enterprise networks. The Cisco Multiprotocol Services Module employs intelligent packet inspection at the port level, including the application of ACLs for hardware enforcement of zones, VSANs, and advanced Port Security features.
Extended zoning capabilities are enabled to ensure that LUNs are accessible only by specific hosts (LUN zoning), to limit SCSI read command for a certain zone (read-only zoning), and to restrict broadcasts to only the selected zones (broadcast zones). VSANs are used to achieve higher security and greater stability by providing complete isolation among devices that are connected to the same physical SAN. In addition, Fibre Channel Security Protocol (FC-SP) provides switch-switch and host-switch Diffie-Hellman Challenge Handshake Authentication Protocol (DH-CHAP) authentication supporting RADIUS or TACACS+, to ensure that only authorized devices access protected storage networks. Finally, for both FCIP and iSCSI deployments, the comprehensive IPsec protocol suite delivers secure authentication, data integrity, and hardware-based encryption.
Table 1 lists the product specifications for the Cisco MDS 9000 Family Multiprotocol Services Module.
Cisco MDS 9200 SAN Extension over IP Package for the Cisco MDS 9000 Family Multiprotocol Services Module, Spare
Cisco MDS 9200 Enterprise Package, Spare
Cisco MDS 9200 Fabric Manager Server Package, Spare
Cisco MDS 9200 Mainframe Package, Spare
Cisco MDS 9500 SAN Extension over IP Package for the Cisco MDS 9000 Family Multiprotocol Services Module, Spare
Cisco MDS 9500 Enterprise Package, Spare
Cisco MDS 9500 Fabric Manager Server Package, Spare
Cisco MDS 9500 Mainframe Package, Spare
SERVICE AND SUPPORT
Cisco offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare the network for new applications to extend network intelligence and the power of your business. For more information about Cisco Services, see Cisco Technical Support Services or Cisco Advanced Services.