Fujitsu MDS 922i User Manual

Data Sheet
Cisco MDS 9222i Multiservice Modular Switch

Product Overview

The Cisco® MDS 9222i Multiservice Modular Switch (Figure 1), the next generation of the highly flexible, industry-leading, proven Cisco MDS 9200 Series Multilayer Switches, is an optimized platform for deploying high-performance storage area network (SAN) extension solutions, distributed intelligent fabric services, and cost-effective multiprotocol connectivity for both open and mainframe environments. With a compact form factor, modularity, and advanced capabilities normally available only on director-class switches, the Cisco MDS 9222i is an ideal solution for departmental and remote branch-office SANs.
Sharing a consistent architecture with the Cisco MDS 9500 Series Multilayer Directors, the Cisco MDS 9222i offers 18 4-Gbps Fibre Channel ports and 4 Gigabit Ethernet IP storage services ports and a modular expansion slot to host Cisco MDS 9000 Family switching and services modules.
As the storage network continues to expand, the Cisco MDS 9000 Family switching modules can be removed from the Cisco MDS 9222i modular switches and migrated to Cisco MDS 9500 Series directors, providing high flexibility, smooth migration, common sparing, and outstanding investment protection.
Figure 1. Cisco MDS 9222i Multiservice Modular Switch

Key Features and Benefits

The Cisco MDS 9222i provides unique multilayer and multiprotocol functions in a compact form factor:
High-density Fibre Channel switch with integrated multiprotocol support: The Cisco MDS 9222i offers 18 4-Gbps Fibre Channel interfaces for high-performance SAN connectivity and 4 Gigabit Ethernet ports for Fibre Channel over IP (FCIP) and Small Computer System Interface over IP (iSCSI) storage services. The Cisco MDS 9222i has the flexibility to scale up to a 66-port Fibre Channel switch with the Cisco 48-Port 4-Gbps Fibre Channel Switching Module for both open and IBM Fibre Connection (FICON) environments.
Integrated hardware-based virtual fabric isolation with Virtual SANs (VSANs) and Fibre Channel routing with Inter-VSAN Routing (IVR): VSANs and IVR enable deployment of large-scale multisite and heterogeneous SAN topologies. Integration into port-level hardware allows any port in a system or in a fabric to be partitioned into any VSAN. Integrated IVR provides line-rate routing between any of the ports in a system or in a fabric without the need for external routing appliances.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 16
Remote SAN extension with high-performance FCIP
Simplifies data protection and business continuance strategies by enabling backup,
remote replication, and other disaster recovery services over WAN distances using open-standard FCIP tunneling.
Optimizes utilization of WAN resources for backup and replication by enabling hardware-
based compression, hardware-based encryption, FCIP Write Acceleration, and FCIP Tape Read and Write acceleration; up to 16 virtual Inter-Switch Link (ISL) connections are provided on the 4 Gigabit Ethernet port through tunneling.
Preserves Cisco MDS 9000 Family enhanced capabilities, including VSANs, IVR,
advanced traffic management, and network security across remote connections
Cost-effective iSCSI connectivity to Ethernet-attached servers
Extends the benefits of Fibre Channel SAN-based storage to Ethernet-attached servers
at a lower cost than is possible using Fibre Channel interconnect alone.
Increases storage utilization and availability through consolidation of IP and Fibre
Channel block storage.
Through transparent operation, preserves the capability of existing storage management
applications.
Advanced FICON services: The Cisco MDS 9222i supports FICON environments, including cascaded FICON fabrics, VSAN-enabled intermix of mainframe and open systems environments, and N_Port ID virtualization for mainframe Linux partitions. IBM Control Unit Port (CUP) support enables in-band management of Cisco MDS 9200 Series switches from the mainframe management console.
Integrated Cisco MDS Storage Media Encryption (SME) as distributed fabric service: Natively supported on the Cisco MDS 9222i, Cisco MDS SME encrypts data at rest on heterogeneous tape drives and virtual tape libraries (VTLs) in a SAN environment using secure IEEE standard Advanced Encryption Standard (AES) 256-bit algorithms. Cisco MDS 9222i helps ensure ease of deployment, scalability, and high availability by using innovative technology to transparently offer Cisco MDS SME capabilities to any device connected to the fabric without the need for reconfiguration or rewiring. Cisco MDS SME provisioning and key management are both integrated into the Cisco Fabric Manager; no additional software is required.
Platform for Intelligent Fabric Applications: Cisco MDS 9222i provides hosting and acceleration of storage applications such as network-hosted volume management, data migration, and backup with the Cisco MDS 9000 Family Storage Services Module (SSM) installed in the expansion slot. Cisco MDS SSMs use the SANTap protocol to assist third­party applications in the fabric.
In Service Software Upgrade (ISSU) for Fibre Channel interfaces: Cisco MDS 9222i promotes high serviceability by allowing Cisco MDS 9000 SAN-OS Software to be upgraded while the Fibre Channel ports are carrying traffic.
Intelligent network services: Cisco MDS 9222i uses VSAN technology for hardware­enforced, isolated environments within a single physical fabric, access control lists (ACLs) for hardware-based intelligent frame processing, and advanced traffic management features such as Fibre Channel Congestion Control and fabric-wide quality of service (QoS) to facilitate migration from SAN islands to enterprise-wide storage networks.
Data Sheet
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 16
High-performance ISLs: Cisco MDS 9222i supports up to 16 Fibre Channel links in a single PortChannel. Links can span any port on any module in a chassis for added scalability and resilience. Up to 4095 buffer-to-buffer credits can be assigned to a single Fibre Channel port to extend storage networks over very long distances.
Comprehensive network security framework: The Cisco MDS 9222i supports RADIUS and TACACS+, Fibre Channel Security Protocol (FC-SP), Secure File Transfer Protocol (SFTP), Secure Shell (SSH) Protocol, and Simple Network Management Protocol Version 3 (SNMPv3) implementing AES, VSANs, hardware-enforced zoning, ACLs, and per-VSAN Role-Based Access Control (RBAC). Additionally, the Gigabit Ethernet ports offer IP Security (IPsec) authentication, data integrity, and hardware-assisted data encryption for FCIP and iSCSI.
IP Version 6 (IPv6) capable: The Cisco MDS 9222i supports IPv6 as mandated by the U.S. Department of Defense (DoD), Japan, and China. IPv6 support is provided for FCIP, iSCSI, and management traffic routed in-band and out-of-band.
Sophisticated diagnostics: The Cisco MDS 9222i provides intelligent diagnostics, protocol decoding, and network analysis tools as well as integrated Call Home capability for added reliability, faster problem resolution, and reduced service costs.
Data Sheet

VSANs

Ideal for efficient, secure SAN consolidation, VSANs enable more efficient storage network utilization by creating hardware-based isolated environments with a single physical SAN fabric or switch. Each VSAN can be zoned as a typical SAN and maintains its own fabric services for added scalability and resilience. VSANs allow the cost of SAN infrastructure to be shared among more users, while helping ensure complete segregation of traffic and retaining independent control of configuration on a VSAN-by-VSAN basis.
IVR
In another step toward deploying efficient, cost-effective, consolidated storage networks, the Cisco MDS 9222i supports IVR, the industry's first routing function for Fibre Channel. IVR allows selective transfer of data between specific initiators and targets on different VSANs while maintaining isolation of control traffic within each VSAN. With IVR, data can transit VSAN boundaries while maintaining control plane isolation, thereby maintaining fabric stability and availability. Integrated IVR eliminates the need for external routing appliances, greatly increasing routing scalability while delivering line-rate routing performance, simplifying management, and eliminating the challenges associated with maintaining separate systems. Integrated IVR means lower total cost of SAN ownership.

FCIP for Remote SAN Extension

Data distribution, data protection, and business continuance services are significant components of today's information-centric businesses. The capability to efficiently replicate critical data on a global scale not only ensures a higher level of data protection for valuable corporate information, but also increases utilization of backup resources and lowers total cost of storage ownership.
Building on Cisco expertise and knowledge of IP networks, the Cisco MDS 9222i switch uses open-standard FCIP to break the distance barrier of current Fibre Channel solutions, enabling interconnection of SAN islands over extended distances.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 16
Data Sheet
The Cisco MDS 9222i dramatically enhances hardware-based FCIP compression performance for both high-bandwidth and low-bandwidth links, providing immediate cost savings for expensive WAN infrastructure. The Cisco MDS 9222i achieves up to a 43:1 compression ratio, with typical ratios of 4:1 over a wide variety of data sources.
The Cisco MDS 9222i supports hardware-based IPsec encryption for secure transmission of sensitive data over extended distances. Hardware enablement of IPsec helps ensure high throughput. Used together, hardware-based compression and hardware-based encryption provide high-performance, highly secure SAN extension capabilities.
Additionally, the Cisco MDS 9222i supports FCIP Write Acceleration, a feature that can significantly improve application performance when storage traffic is extended across long distances. When FCIP Write Acceleration is enabled, WAN throughput is optimized by reducing the latency of command acknowledgments. Similarly, the Cisco MDS 9222i supports FCIP Tape acceleration, which allows operation at nearly full throughput over WAN links for remote tape backup and restore operations. FCIP Tape Write Acceleration is supported in mainframe environments.

Cisco MDS SME

The services provided by Cisco MDS SME are mandatory in today’s storage area networks as a result of enactment of recent regulations that require companies to store and protect data at rest for a specified number of years while publicly disclosing security breeches. Cisco MDS SME enables data on tapes and VTLs to be compressed, encrypted, and authenticated for centralized security management and data management and recovery. Cisco MDS SME is supported in the fixed slot of the Cisco MDS 9222i, and its performance can be scaled up with either a Cisco MDS 18/4-port Multiservice Module or 18/4-port Multiservice Federal Information Processing Standards (FIPS) Module. Cisco MDS SME services employ clustering technology to create a highly available solution. The cryptographic cluster formed enhances reliability and availability, provides automated load balancing and failover capabilities, and simplifies provisioning as a single SAN fabric service rather than as individual switches or modules. The Cisco Key Management Center (KMC) provides comprehensive key management for Cisco MDS SME, with support for single- and multiple-site deployments. Cisco KMC provides essential features such as key archival, secure export and import and translation for distribution, and key shredding.

Platform for Intelligent Fabric Applications

The Cisco MDS 9222i provides an open platform that delivers the intelligence and advanced features required to make multilayer intelligent SANs a reality, including hardware-enabled innovations to host or accelerate applications for data migration, data replication, serverless backup, and network-hosted volume management. Hosting or accelerating these applications in the network can dramatically improve scalability, availability, security, and manageability of the storage environment, resulting in increased utility and lower total cost of ownership (TCO).

Integrated Mainframe Support

The Cisco MDS 9222i is mainframe-ready, with full support for IBM zSeries FICON and Linux environments. Qualified by IBM for attachment to all FICON-enabled devices in an IBM zSeries operating environment, Cisco MDS 9222i switches support transport of the FICON protocol in both cascaded and noncascaded fabrics, as well as an intermix of FICON and open systems Fibre Channel Protocol traffic on the same switch. VSANs simplify intermixing of SAN resources among z/OS, mainframe Linux, and open systems environments, enabling increased SAN utilization and
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 4 of 16
Data Sheet
simplified SAN management. VSAN-based intermix mode eliminates the uncertainty and instability often associated with zoning-based intermix techniques. VSANs also eliminate the possibility that a misconfiguration or component failure in one VSAN will affect operation in other VSANs. VSAN­based management access controls simplify partitioning of SAN management responsibilities between mainframe and open systems environments, enhancing security. FICON VSANs can be managed using the integrated Cisco Fabric Manager; the Cisco command-line interface (CLI); or IBM CUP-enabled management tools, including SA/390, Resource Measurement Facility (RMF), and Dynamic Channel Path Management (DCM).

Advanced Traffic Management

The following advanced traffic-management capabilities are integrated into the Cisco MDS 9222i to simplify deployment and optimization of large-scale fabrics:
Virtual Output Queuing: Helps ensure line-rate performance on each port, independent of traffic pattern, by eliminating head-of-line blocking.
Up to 4095 buffer-to-buffer credits: Can be assigned to an individual port for optimal bandwidth utilization across long distances.
PortChannels: Allow users to aggregate up to 16 physical ISLs into a single logical bundle, providing optimized bandwidth utilization across all links; the bundle can consist of any speed-matched ports from any module in the chassis, helping ensure that the bundle can remain active even in the event of a module failure.
Fabric Shortest Path First (FSPF)–based multipathing: Provides the intelligence to load balance across up to 16 equal-cost paths and, in the event of a switch failure, dynamically reroute traffic.
QoS: Can be used to manage bandwidth and control latency, to prioritize critical traffic
Fibre Channel Congestion Control: Provides an end-to-end, feedback-based congestion control mechanism that augments the Fibre Channel buffer-to-buffer credit mechanism to provide enhanced traffic management.

Comprehensive Solution for Robust Network Security

To address the need for failure-proof security in storage networks, the Cisco MDS 9222i offers an extensive security framework to protect highly sensitive data crossing today's enterprise networks:
Intelligent packet inspection is provided at the port level, including the application of ACLs for hardware enforcement of zones, VSANs, and advanced port security features.
Extended zoning capabilities are provided to help ensure that logical unit numbers (LUNs) can be accessed only by specific hosts (LUN zoning), to limit SCSI read commands for a certain zone (read-only zoning), and to restrict broadcasts to only selected zones (broadcast zones).
VSANs offer higher security and greater stability by providing complete isolation among devices that are connected to the same physical SAN.
FC-SP provides switch-switch and host-switch Diffie-Hellman Challenge Handshake Authentication Protocol (DH-CHAP) authentication supporting RADIUS or TACACS+ to help ensure that only authorized devices access protected storage networks.
Comprehensive IPsec protocol suite delivers secure authentication, data integrity, and hardware-based encryption for both FCIP and iSCSI deployments.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 16
Loading...
+ 11 hidden pages