Cisco delivers "monster" Catalyst switch in major product refresh

Network World - Cisco this week will significantly update its enterprise network line-up with programmable campus and branch switches and routers designed to tightly bind applications to network hardware and services.

The new products include the Catalyst 6800 backbone switching line, a new supervisor engine for Cisco’s 4500-E chassis-based access switch, a new high-end ISR branch router and application performance extensions to the ASR 1000 edge router.

Cisco 6800

[ FIRST LOOK: Cisco Catalyst 6800 switch and friends ]

“Cisco has…delivered a monster Catalyst,” says Bill Carter, senior business communications analyst at value-added reseller Sentinel Technologies in Springfield, Ill. “This gives customers a core switch with 10G/40G/100G with the feature set required in the campus.”

The company, which this week hosts itsCisco Live event in Orlando, says its new products fit within an Enterprise Network Architecture under which applications, network services software and hardware networking functions all work together.

Much of this synergy is facilitated by Cisco’s ONE API framework for programmable networking and associated ASICs optimized for Cisco ONE programmability. Cisco ONE and its onePK API set is Cisco’s response to software-defined networking (SDN), in which many of the functions of network behavior are divorced from hardware and centrally administered by software controllers.

[UPDATE: Cisco enterprise boss reports on programmability]

SDN makes network functions less reliant on specific hardware and operating systems, and more accommodating to commodity switching and open source software. It threatens Cisco’s dominance and fat profits in routers and switches.
Cisco is combatting the SDN trend by attempting to tightly link software programmability of network infrastructure to custom-developed ASIC hardware and hardware-specific operating systems, and defending its incumbency and massive installed base. These new products are instantiations of that strategy.

Cisco says it will support onePK across its entire enterprise routing and switching portfolio within the next 12 months, beginning with the ISR 4451-AX and ASR 1000-AX routers announced this week, which will support onePK in late summer/early fall.

The Catalyst 6800 is an outgrowth of the ubiquitous – and 10+ year old – Catalyst 6500. The 6800 is targeted at campus backbone 10/40/100Gbps services. In addition to network programmability, the 6800 is supervisor- and line card-compatible with the 6500, Cisco says, adding that there is still no date set for retiring the 6500.

“I see the Cat 6800 as a natural evolution of the 6500 platform,” says IDC analyst Rohit Mehra. “While scale and performance are going to be important, so will the need for providing agility and deploying programmable platforms. That's what the 6800 brings to the table with added simplicity, while maintaining operational consistency and continuity with the 6500 product suite.”

Sources say Cisco still has a vibrant roadmap for the Catalyst 6500, including a 10Tbps supervisor engine in the works. Cisco confirmed that a 10T supervisor engine is planned for both the 6500 and 6800 switches. The company would not say when it's coming.

Courtesy: networkworld

Check Point SPLAT Commands

This is a list of several Check Point SPLAT commands that I use frequently. Perhaps this CLI tip sheet for Secure Platform is useful to you too:

clock	display date and time on firewall
cpconfig	change SIC, licenses and more
cphaprob ldstat	display sync serialization statistics
cphaprob stat	list the state of the high availability cluster members. Should show active and standby devices.
cphaprob syncstat	display sync transport layer statistics
cphastop	stop a cluster member from passing traffic. Stops synchronization. (emergency only)
cplic print	license information
cpstart	start all checkpoint services
cpstat fw	show policy name, policy install time and interface table
cpstat ha	high availability state
cpstat os -f all	checkpoint interface table, routing table, version, memory status, cpu load, disk space
cpstat os -f cpu	checkpoint cpu status
cpstat os -f routing	checkpoint routing table
cpstop	stop all checkpoint services
cpwd_admin monitor_list	list processes actively monitored. Firewall should contain cpd and vpnd.
expert	change from the initial administrator privilege to advanced privilege
find / -type f -size 10240k -exec ls -la {} \;	Search for files larger than 10Mb
fw ctl iflist	show interface names
fw ctl pstat	show control kernel memory and connections
fw exportlog -o	export the current log file to ascii
fw fetch 10.0.0.42	get the policy from the firewall manager (use this only if there are problems on the firewall)
fw log	show the content of the connections log
fw log -b	search the current log for activity between specific times, eg fw log -b "Jul 23, 2009 15:01:30" "Jul 23,2009 15:15:00"
fw log -c drop	search for dropped packets in the active log; also can use accept or reject to search
fw log -f	tail the current log
fwm logexport -i -o	export an old log file on the firewall manager
fw logswitch	rotate logs
fw lslogs	list firewall logs
fw stat	firewall status, should contain the name of the policy and the relevant interfaces, i.e. Standard_5_1_1_1_1 [>eth4] [eth0.900] [
fw stat -l	show which policy is associated with which interface and package drop, accept and reject
fw tab	displays firewall tables
fw tab -s -t connections	number of connections in state table
fw tab -t xlate -x	clear all translated entries (emergency only)
fw unloadlocal	clear local firewall policy (emergency only)
fw ver	firewall version
fwm lock_admin -h	unlock a user account after repeated failed log in attempts
fwm ver	firewall manager version (on SmartCenter)
ifconfig -a	list all interfaces
log list	list the names of the logs
log show	display a specific log, ‘log show 33′ will display "Can’t find my SIC name in registry" if there are communication problems
netstat -an | more	check what ports are in use or listening
netstat -rn	routing table
passwd	change the current user’s password
ps -ef	list running processes
sysconfig	configure date/time, network, dns, ntp
upgrade_import	run ‘/opt/CPsuite-R65/fw1/bin/upgrade_tools/upgrade_import’ after a system upgrade to import the old license and system information.
hwclock	show the hardware clock. If the hardware and operating system clocks are off by more than a minute, sync the hardware clock to the OS with "hwclock –systohc"
fw fetch 10.0.0.42	Manually grab the policy from the mgmt server at 10.0.0.42
fw log -f	Shows you realtime logs on the firewall – will likely crash your terminal