Cisco CSS 11501 Content Services Switch
with Secure Sockets Layer Termination and
Cisco WebNS Software Version 7.20
Cisco Systems Announces Availability of the Cisco CSS 11501 Content Services Switch with SSL Termination and Cisco WebNS Software Version 7.20
Cisco® WebNS Software Version 7.20 delivers support for a new Cisco CSS 11501 model with Secure Sockets Layer (SSL) termination and new features for the Cisco CSS 11500 Series such as backend SSL for end-to-end security. The software has also been tuned to boost flow setup performance by 20 percent for both SSL and non-SSL traffic.
The Cisco CSS 11500 Series Content Services Switch is a compact, modular platform that delivers rich Layer 4 to Layer 7 traffic management services for e-business applications. The Cisco CSS 11501 and Cisco CSS 11501 with SSL termination are both 1-rack unit fixed-configuration models appropriate for small data-center applications. Both support eight 10/100 Ethernet ports and one gigabit Ethernet port though an optional Small Form-Factor Pluggable (SFP) gigabit interface converter (GBIC). The Cisco CSS 11501 with SSL termination delivers 800 SSL transactions per second and 200 Mbps of bulk encryption (ARC4) by exploiting an internal card with the latest cryptology chips. (Performance results are for full SSL handshakes: 64-byte page and no caching of SSL session IDs.) The Cisco CSS 11501 purchased without SSL termination may not subsequently be upgraded in the field to support SSL termination.
The Cisco CSS 11500 Series also includes the 2-rack-unit, 3-slot Cisco CSS 11503 and the 5-rack-unit, 6-slot Cisco CSS 11506. The Cisco CSS 11503 and 11506 are designed for medium-sized and large data centers. The Cisco CSS 11503 offers integrated SSL termination, 2 to 6 gigabit Ethernet ports, modularity, and up to three times the performance of the Cisco CSS 11501. The Cisco CSS 11506 offers all the functions of the Cisco CSS 11503 plus three additional slots, redundant power, switch fabrics, and switch control.
- Backend SSL delivers end-to-end security by enabling encryption and authentication of not only client-to-switch SSL session but also switch-to-server SSL sessions.
- URL rewrite simplifies integration of the CSS in SSL environments by rewriting the URL of server redirects from HTTP to HTTPS.
- Switched Port Analyzer (SPAN) or port mirroring is useful for network analysisa copy of the packets received or transmitted by a source port is sent to a designated destination port.
- Packet defragmentation for UDP reassembles fragmented UDP packets, enabling an additional option for handling fragmented packets produced by such applications as streaming media.
- Modem support through a console port provides the option of out-of-band command-line interface (CLI) management through a modem, providing flexibility for remote administration.
In addition to these features, flow setup performance for both SSL and non-SSL traffic has been improved for Cisco WebNS Software 7.20. Layer 4, SSL, and Layer 7 setup rates have been increased by 20 percent over the previous release. A Cisco CSS 11506 can now achieve more than 45,000 TCP connections per second and, if configured with 4 SSL modules, can attain over 4000 SSL transactions per second.
The enhanced feature set includes the commands of the standard feature set and the commands for Network Address Translation (NAT) peering, Domain Name System (DNS), demand-based content replication (dynamic hot content overflow), content staging and replication, and network proximity DNS.
Some features have been adapted for the Cisco CSS 11501. Two ports are recommended or required for some Cisco WebNS features, such as Adaptive Session Redundancy (stateful failover) and port mirroring. Because the Cisco CSS 11501 has a single gigabit Ethernet port, these features are supported only on the Fast Ethernet ports on the Cisco CSS 11501.
The Cisco CSS 11501 has a unique chassis part number, but options such as disks, cables, and SFP GBICs use the same part numbers as other models in the Cisco CSS 11500 Series. These part numbers start with CSS5-HD, CSS5-FD, CSS5-GBIC, and CSS5-CAB. Secure Telnet, secure FTP, SSL termination, and the secure Cisco CSS management GUI require the Cisco WebNS Secure Management Software License for strong encryption to be enabled.
For customer convenience and supportability, registration for Cisco WebNS Software 7.20 and subsequent versions is available through an online registration system to facilitate obtaining license keys for a Cisco CSS software feature upgrade. Software upgrades for the CSS WebNS software include the enhanced feature set and strong encryption license. Every Cisco CSS 11500 Series configured with Cisco WebNS Software 7.20 and later will ship with a license claim certificate that includes complete instructions for obtaining keys and the URL for the online registration.
Table 1 Product Numbers for Cisco WebNS Software 7.20 and the Cisco CSS 11501
For product literature and technical documentation, visit: http://www.cisco.com/go/css11500