Cisco CSS 11501, CSS 11503, CSS 11500 Series, CSS 11506 Datasheet

Cisco CSS 11500 Series

Content Services Switch

The Cisco CSS 11500 Series Content Services Switch is a compact modular platform,
delivering the richest Layer 4–7 traffic management services for e-business applications.

Data Sheet

The Cisco CSS 11500 with the

award-winning Cisco Web Network

Services (WebNS) is specifically designed to

provide robust transport and application

(Layer 4–7) services for Internet and

intranet data centers. The Cisco CSS 11500

builds on the success of the Cisco CSS

11000 Series in five key areas:

• Introduces an intelligent, distributed

architecture to meet the real-world

scaling requirements of today’s

e-business infrastructure

• Improves site availability and

transaction integrity by introducing

Adaptive Session Redundancy (ASR)—

a new industry standard in stateful

failover

• Delivers the greatest flexibility of

any content switch in its class for

customizing combinations of ports,

performance, and services

• Scales secured transaction performance

through support of an integrated,

high-capacity Secure Sockets Layer

(SSL) module (WebNS 5.20)

• Protects investment by enabling

upgrades of performance, ports, and

services through modularity

The Cisco CSS 11500 Series Content

Services Switch enables businesses to

simultaneously reduce costs by optimizing

data center resources and boost

productivity by offering a superior online

experience for customers, business partners,

and employees. Through fast switching and

forwarding of content, the Cisco CSS

11500 Series switches improve utilization,

responsiveness, availability, scalability, and

security of Web sites, server farms, cache

clusters, and firewall systems.

Premier Traffic Management

for E-Business

In addition to the Cisco CSS 11500, Cisco

delivers a complete product line, including

the Cisco CSS 11050, CSS 11150, and

Content Switching Module (CSM)—an

integrated services module for the Cisco

Catalyst® 6500 Series Switch and Cisco

7600 Internet Router. The Cisco CSM

attains the highest performance and offers

transport and application (Layer 4–7)

features as rich as those in WebNS.

Through full integration with Cisco IOS®

Software, the Cisco Catalyst 6500, and the

Cisco 7600 Internet Router—Cisco CSM

also supports the highest port density and

richest internetworking features.

The Cisco CSS 11500 and CSM together

are, simply, the solutions of choice for

enterprises and service providers deploying

content services.

All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.

Cisco Systems, Inc.

Page 1 of 10

Scalable Distributed Architecture for Today and Tomorrow

In a typical deployment, the Cisco CSS 11500 intercepts a request from a client browser, characterizes the flow by

reading Hypertext Transfer Protocol (HTTP) headers, selects a destination server based on resource availability, and

forwards the flow. Because it quickly processes the entire HTTP header (full URL, cookie, extensive resource

verification information), the Cisco CSS 11500 knows who the user is, what the user wants to do, and how best to

service the user’s request within a global Web infrastructure.

The Cisco CSS 11500 provides a fully distributed architecture—all modules in the system contribute to the overall

processing and memory needs for policy-based flow setup and flow forwarding. In this way, performance scales

linearly as modules are added, and heavy traffic that hits one module can be balanced to others within a single system.

So the Cisco CSS 11500 balances traffic not only within a data center but also across its own internal modules.

This innovative architecture addresses the primary limitations of PC- and application-specific integrated circuit

(ASIC)-based solutions. Unlike PC-based systems, the network processors of the Cisco CSS 11500 provide ample

packet processing power and bandwidth, avoiding the bottlenecks of the PC bus and a single central processor. And

unlike ASIC-based platforms, the powerful, yet adaptable processors of the Cisco CSS 11500 enable easy integration

of new software features.

The Cisco CSS 11500 can apply all its processing power to any port at any time, and it can grow with changing

feature and scalability requirements. The system is designed to readily adapt to changing e-business needs—without

complex and costly hardware upgrades.

New Standard in High Availability

The Cisco CSS 11500 delivers ASR—the industry’s first stateful Layer 5 session redundancy feature that enables

failover of important flows while maximizing performance.

Some flows—such as a long-lived File Transfer Protocol (FTP) or a database session—may be mission critical, but

many flows are not. Most solutions on the market today require all traffic—important or not—to be backed up from

one box to another. If the majority of flows are not critical, then most of system performance is wasted on

unnecessary back ups.

With ASR, the Cisco CSS 11500 may be configured so critical flows are marked as replication worthy, whereas others

do not need to be so marked. ASR focuses traffic management resources precisely where needed.

SSL Integration for Security and Performance

Cisco offers the most scalable integrated SSL solutions of any Layer 4–7 switches.

SSL, the industry standard for secure transport of traffic from client browsers to Web servers, presents two key

challenges for today’s e-business infrastructure. First, because SSL encrypts data and headers, it obscures the

request-specific information that Layer 4–7 switching decisions are made on. Second, SSL authentication places a

high processing load for each SSL flow setup.

The Cisco CSS 11500 with integrated SSL modules meets both of these challenges by combining leading SSL

acceleration technology with the Cisco WebNS technology. In addition to superior price performance, the SSL

module simplifies the management of digital certificates and offers new possibilities in optimizing the switch-to-server

architecture for security and performance. And SSL transaction performance may be scaled by adding multiple SSL

modules to a chassis.

All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.

Cisco Systems, Inc.

Page 2 of 10

Modularity for Investment Protection

The Cisco CSS 11500 offers the greatest flexibility and scalability of any midrange Layer 4-7 switch. Through its

modular design, the Cisco CSS 11500 will meet your functional requirements today while providing for expansion

for tomorrow’s needs. The Cisco CSS 11500 Session Accelerator Module is a cost-effective way to add performance

for flow setup and flow forwarding. A selection of input/output (I/O) modules not only gives you the choice of port

densities of Fast or Gigabit Ethernet, but also boosts flow performance. Optional memory upgrades increase the

number of simultaneous flows supported. PCMCIA Flash memory and hard disks are supported.

Local and Global Load Balancing

By supporting the latest advances in local and global load balancing, the Cisco CSS 11500 Series Switch not only

dramatically increases site availability—greatly improving user response time and retention—but also optimally

utilizes site resources, thereby decreasing the cost to serve end users.

The Cisco CSS 11500 learns where specific content resides, either locally or remotely, and dynamically selects the

best Web server or cache for specific content requests.

Local server selection is based on server load and application response time, as well as traditional least connection

and round-robin algorithms. Any application that uses standard TCP or User Datagram Protocol (UDP) protocols

can also be load balanced, including firewalls, mail, news, chat, and Lightweight Directory Access Protocol (LDAP).

The Cisco CSS 11500 also provides a complete solution for building and provisioning Internet-scale global content

distribution and delivery. Whereas local load-balancing features determine the best device within a data center, global

load-balancing functions choose the best data center in the Internet to service requests.

The Cisco CSS 11500 performs comprehensive resource verification before routing user requests, ensuring that they

are directed to the location that has the best response time and the least load for the requested content. Cisco supports

global load balancing through redirection based on both Domain Name System (DNS) and HTTP. The DNS

mechanism is fast and scalable; the HTTP method provides the highest degree of control.

Site and System Security

The Cisco CSS 11500 with Cisco WebNS Software ensures high levels of security without compromising site

performance. The Cisco CSS 11500 provides stateful, content-based access control, and supports security policies

based on any combination of source address, destination address, protocol, TCP port, or URL. The Cisco CSS 11500

monitors start-to-finish Web transaction activity and guards against denial-of-service (DoS) attacks such as SYN

floods, ping floods, “smurfs,” and any other undesirable connection attempts. Wire-speed Network Address

Translation (NAT) protects real server IP addresses.

For additional security, the Cisco CSS 11500 intelligently directs traffic across multiple firewalls. By load balancing

firewalls, the Cisco CSS 11500 eliminates performance bottlenecks and single points of failure that result in system

downtime, a situation that can close off the connection to the network and disrupt e-commerce purchases or other

mission-critical transactions.

All contents are Copyright © 1992–2002 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.

Cisco Systems, Inc.

Page 3 of 10