Best products: Network infrastructure

27 February, 2006

By Christine Burns, Network World, 02/27/06

Winning company: Cisco

Winning product: Catalyst 4948-10GE

Some of the first tests Network World conducted more than a dozen years ago were on what would now be called very low-end servers and switches - those with only one slow CPU and 10Mbps network connections. Judging by the features of this year's Best of the Test Network Infrastructure winner - Cisco's Catalyst 4948-10GE with its 48 copper Gigabit Ethernet and two 10G Ethernet ports - you can't help but realize that we've all come a long way.

In this stress test conducted by Network World Lab Alliance member David Newman, the Catalyst 4948-10GE came up aces in all configurations. These involved Layer 2 and 3 switching, virtual LANs (VLAN) and Open Shortest Path First routing. The Catalyst 4948-10GE delivered record low latency, hovering in the range of 4 microsec for most frame lengths, and line-rate throughput of as many as 101.19 million frames per second.

Newman commended Cisco on its work in the security arena, too. The box sports standard, competitive security measures such as support for 802.1X user authentication, Secure Shell v2 for remote access and access-control lists. The switch offers many other security features, as well. The port security feature allows the switch to learn the media access control (MAC) addresses of attached hosts, even across reboots, preventing spoofing and boosting reliability. DHCP snooping enables the switch to listen for and reject responses from rogue DHCP servers. The IP source-guard feature builds on DHCP snooping to prevent an attacker from using a legitimate user's IP address to inject spoofed traffic.

Since our test, Cisco has added support for Network Admission Control so that the switch could work with the Cisco-based NAC scheme to lock out or quarantine client machines that do not meet corporate security policy standards.

On tap for the Catalyst 4948-10GE are the addition of Web Cache Communication Protocol v2, a Cisco-developed content-routing technology that enables Layer 3 switches to redirect content requests to appropriate back-end caching engines, and support for the Virtual Router Redundancy Protocol, Cisco says. This protocol allows a group of routers to function as one virtual router by sharing one virtual IP address and one virtual MAC address.

On the business side, Rajiv Ramaswami became vice president and general manager for the Gigabit Systems Business Unit and the Transceiver Module Group, where he is responsible for Cisco's midrange Ethernet switching and optical modules businesses. Previously, Ramaswami led Cisco's optical business.

FUTURE TESTS: In addition to having conducted the first public test of Web front-end devices (results published last month), our plans include testing single switch/routers and server configurations that piqued our interest with new levels of power and feature sets.

Taking the Alliance to a new level

With two new technology collaborations, Cisco and Intel are taking their strategic alliance to a new level.

Advanced NAC security

Cisco announces significant advancements to its’ Network Admission Control (NAC) framework.