Table Of Contents
Product Bulletin No. 2440
Cisco IOS Software Release 12.2(17d)SXB
New Cisco IOS® Software release for the Cisco® Catalyst® 6500 Series switches and Cisco 7600 Series routers extends deployment options for integrated security services using the IP Security (IPSec) VPN Services Module and enabling superior resiliency and flexibility.
IPSec VPNs increasingly are recognized as a mainstream solution for secure LAN and WAN connectivity. They replace or augment existing private networks using shared VLANs, leased lines, Frame Relay, or ATM to connect remote and branch offices and central sites, campus networks, and data centers with increased flexibility. This requires VPN devices to deliver higher performance, support for both LAN and WAN interfaces, and high network availability.
Cisco IOS Software Release 12.2(17d)SXB offers the following features for use with the Catalyst 6500 Series switches and 7600 Series routers equipped with the Cisco IPSec VPN Services Module (VPNSM).
Support of new Supervisor Engine 720—Cisco IOS Software Release 12.2(17d)SXB introduces VPNSM support for both the new Supervisor Engine 720, including the new policy feature card (PFC-3BXL), as well as the Supervisor Engine 2. Customers now have the flexibility of using the VPNSM with either of these Supervisor Engines in native Cisco IOS Software mode.
Enhanced IPSec stateful failover—Enables maximum network uptime for critical services such as client/server applications or voice and video over a VPN. The IPSec VPN high availability enables rapid IPSec stateful failover for thousands of geographically dispersed peers, avoiding disruption to critical enterprise applications. New in this release is the ability to configure two VPNSMs in the same chassis for Active/Active stateful failover. This new intrachassis IPSec stateful failover supports all site-to-site and remote access tunnel types and works with both preshared keys and digital certificates. Customers have a choice of deploying failover resiliency within a single chassis or the existing Active/Standby IPSec stateful failover between primary and backup Cisco Catalyst 6500 or 7600 platforms.
Additional service module and interface compatibility—This Cisco IOS Software release adds VPNSM support for numerous interfaces, including the new Enhanced FlexWAN, Optical Services Module (OSM), and new Enhanced OSM modules, GE-WAN and new Enhanced GE-WAN modules. The VPNSM can be combined with Secure Sockets Layer, Content Switching Module, and Multiprocessor WAN Application Module within the same chassis, in addition to the existing support of VPNSM with Network Analysis Module (NAM), NAM2, Firewall Services Module, and Intrusion Detection System Module 2, resulting in comprehensive service module integration within a single platform.
For more information about specific features included in Cisco IOS Software Release 12.2(17d)SXB, see the release notes at:
Orderable Software Images
Caution: Always back up the switch configuration file to a Trivial File Transfer Protocol server or Flash device before upgrading or downgrading the switch software to avoid losing all or part of the configuration stored in NVRAM. When downgrading switch software, the configuration will be lost.
Table 1 lists the software versions and applicable ordering information for the Cisco Catalyst 6500 Series/
Cisco 7600 Series.