The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
When you want an on-prem device to launch the industry’s top Network Access Control (NAC) solution, look no further than the Cisco Secure Network Server (SNS) 3700. This is precisely what your network needs to augment security, boost performance and provide greater flexibility.
You need a command center that provides an overall view of what you’re trying to protect—namely your network. The ability to see the entire picture from a central eye-in-the-sky and deploy help where needed is integral to staying secure.
Like previous generations of SNS servers, the new Cisco SNS 3700 servers are configured specifically to support the Cisco Identity Service Engine (ISE) security application by providing scalable solutions that help network administrators meet complex network access control demands. These demands include managing the many different operations that can place heavy loads on applications and servers.
So how does the Cisco SNS 3700 fortify your network?
● Encryption that travels. Thanks to an optional Self-Encrypted Drive (SED), a bad actor with physical access to your data center can no longer simply pull drives and mine data from another location. SEDs are automatically encrypted in real time so when drives are stolen and then harvested for your data, the information is enciphered, thwarting data gathering.
● Zero-trust compliance satisfaction. Since ISE stores all logs on the disk when users logon to the network, their IP address and devices are recorded. This provides additional security which, in turn, increases privacy. This is especially good for federal, finance, healthcare and other industries where privacy isn’t a nice-to-have, but an absolute need.
● Secured storage. Thanks to the Trust Platform Model (TPM) chip—which is supported in Cisco ISE versions 3.2 onwards—the Cisco SNS 3700 comes equipped with features needed to securely store certifications and encryption keys. This additional layer of security provides a higher level of confidence that data is protected. The data saved on the physical TPM chip comes with the ability to create true random numbers for key generation. This results in peace of mind thanks to the realization that their data is the most secure it can possibly be.
● More cores, higher performance. Compared to the Cisco SNS 3500 and 3600, the Cisco SNS 3700 has more cores per processor—12 and 20 cores respectively for the Intel 4310 2.1GHz and Intel 4316 2.3 GHz chip. With the additional cores, customers can expect to see an improvement in performance.
● Your choice of storage. Previous versions of Cisco Secure Network Servers only offered one storage option: standard hard drives. The Cisco SNS 3700 offers three:
◦ Standard hard drives
◦ Solid State Drives (SSD)
◦ Self-encrypted hard drives (a version of SSD)
Both versions of SSDs allow for quicker load and reboot times, meaning that reboots and upgrades can be completed quicker than before.
● A flexible interface. Now both copper and fiber cables can be used to connect the server to other infrastructure in the data center. This increased flexibility allows customers to build a solution specific to their needs—not the other way around.
● Three different servers provide Cisco ISE security. The Cisco SNS 3700 family is made up of three different servers that deliver Cisco ISE no matter how many endpoints are connected in your organization. They are:
◦ Cisco SNS 3715 is for sites or data centers with concurrent 25,000 active endpoints supported by a dedicated PSN (12,500 with multiple personas).
◦ Cisco SNS 3755 is for sites or data centers with concurrent 50,000 active endpoints supported by a dedicated PSN (25,000 with multiple personas).
◦ Cisco SNS 3795 is for sites with concurrent 100,000 active endpoints supported by a dedicated PSN (50,000 with multiple personas).
Note: It is recommended to use the SNS 3795 for PAN and MnT personas.
While the three servers all offer the same robust Cisco ISE security, there are differences besides the number of endpoints supported. The variations between the three servers include: processors, core processors, memory, hard disk drives, hardware RAID, network interface and power supplies.
|
|
SNS 3715 |
SNS 3755 |
SNS 3795 |
| Processor |
Intel 4310 2.1GHz |
Intel 4316 2.3GHz |
Intel 4316 2.3GHz |
| Cores per processor |
12 cores |
20 cores |
20 cores |
| Memory |
32GB 2 X 16GB |
96GB 6 X 16GB |
256GB 8 X 32GB |
| Hard disk |
1 60012G SAS 10K RPM SFF HDD Or 800GB 2.5in Enterprise Performance 12G SAS SSD |
4 60012G SAS 10K RPM SFF HDD Or 800GB 2.5in Enterprise Performance 12G SAS SSD |
8 60012G SAS 10K RPM SFF HDD Or 800GB 2.5in Enterprise Performance 12G SAS SSD (3X endurance) |
| Hardware RAID |
Level 0 |
Level 10 Cisco 12G SAS Modular RAID Controller |
Level 10 Cisco 12G SAS Modular RAID Controller |
| Network interface |
2 X 10Gbase-T 4 X 10GE SFP |
2 X 10Gbase-T 4 X 10GE SFP |
2 X 10Gbase-T 4 X 10GE SFP |
| Power supplies |
1 x 1050W |
2 X 1050W |
2 X 1050W |
| TPM chip |
Yes |
Yes |
Yes |
These differences enable the customer to choose the solution that provides the most efficient tool for each organization.
To learn more about Cisco ISE, go to
https://www.cisco.com/site/us/en/products/security/identity-services-engine/index.html.