Cisco SBA ReleaseNotes Feb2013
Cisco SBA ReleaseNotes Feb2013
Table of Contents
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 In These Release Notes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Highlights of the February 2013 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Continued Commitments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Cisco SBA Borderless Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Local Area Network Guides. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Wide Area Network Guides . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Internet Edge Guides . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Additional Design Overviews . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Ecosystem Partner Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Cisco SBA Data Center. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Data Center Foundation Guides . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Additional Data Center Guides. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Ecosystem Partner Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Cisco SBA Collaboration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Collaboration Foundation Guides. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Smart Business Configurator for Collaboration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Additional Collaboration Guides . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Ecosystem Partner Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Cisco SBA Solutions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 BYOD Solutions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Teleworking Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Virtual Desktop Infrastructure Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Discrete Manufacturing Solutions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Table of Contents
Overview
Cisco Smart Business Architecture (SBA) helps you design and quickly deploy a full-service business network. An SBA deployment is prescriptive, out-of-the-box, scalable, and flexible. We update Cisco SBA guides on a regular basis. As we develop a new series of guides, we test them together, as a complete system. To ensure the mutual compatibility of designs in Cisco SBA guides, you should use guides that belong to the same series. The February 2013 Series is the Cisco SBA release for the first half of the 2013 calendar year. The February 2013 Series release supersedes the August 2012 Series. You can access all the guides that are listed in this document by visiting http://www.cisco.com/go/sba. For your convenience, each guide heading in these release notes is a hyperlink to the guide online. Cisco SBA guides are best viewed with Adobe Acrobat Reader.
Overview
Continued Commitments
For the February 2013 Series, we remained committed to the following goals. Providing prescriptive, validated designs for organizations with up to 10,000 connected users. Ensuring that our architectures are up to date with current Cisco products. Developing new designs and enhancements to existing designs, with a consistent focus on solving real-world problems with reliable, orderable Cisco products and services. Improving readability and usability of Cisco SBA guides.
Overview
For the Cisco Catalyst 4500 Series Switch, we updated the QoS policy to use the AutoQoS configuration available in newer Cisco IOS code versions. LAN Configuration Files Guide We updated the guide with the device configurations of the Cisco SBA lab devices used to validate the LAN Deployment Guide. Wireless LAN Deployment Guide We added the 7.4 release of firmware for all WLCs. We added the virtual Wireless LAN Controller (vWLC) for use with remote sites using Cisco FlexConnect.
LAN and Wireless LAN 802.1X Authentication Deployment Guide Coming soon. Network Analysis Module Deployment Guide Coming soon. Prime Infrastructure Deployment Guide Coming soon. Wireless LAN Advanced Guest Access Deployment Guide We upgraded Cisco ISE software to version 1.1.2. We added Guest Anchor support for the 2500 Series Wireless LAN Controller. Wireless LAN CleanAir Deployment Guide Coming soon.
VPN WAN Deployment Guide We updated the code version for the Cisco ASR and ISR platforms. We made changes to improve the readability and technical accuracy of this guide. VPN WAN Configuration Files Guide We updated the guide with the device configurations of the Cisco SBA lab devices used to validate the VPN WAN Deployment Guide. Additional WAN Guides Application Monitoring Using NetFlow Deployment Guide We made minor changes to the NetFlow-Enabled Device Configuration appendix. We updated the versions of the tested NetFlow collectors to the latest available. We updated the code version for the Cisco ASR and ISR platforms. Application Optimization Deployment Guide We modified the time zone settings in order to match the rest of Cisco SBA documentation. We made changes to improve the readability and technical accuracy of this guide. GET VPN Deployment Guide We updated the software release for the Cisco ISR-G2 Series routers used as GET VPN GM to IOS 15.1(4)M5. Network Monitoring Using IP SLA and Prime LMS Deployment Guide Postponedlook for an update to this guide in the August 2013 Series Video Quality Monitoring Using Medianet Deployment Guide Coming soon. VPN Remote Site over 3G/4G Deployment Guide Coming soon.
Firewall and IPS Deployment Guide We updated the Cisco ASA firewall software to 9.0(1) with ASDM 7.0(2). We updated the Cisco IPS software to 7.1(6)E4. We updated various screenshots to reflect the new software versions. We made minor updates to improve the usability of the guide. Remote Access VPN Deployment Guide We updated the Cisco ASA firewall software to 9.0(1) with ASDM 7.0(2). We updated various screenshots to reflect the new software versions. We made minor updates to improve the usability of the guide. Additional Internet Edge Guides Email Security Using Cisco ESA Deployment Guide We upgraded the Cisco ESA software to version 7.6.1. We updated configuration procedures to support outbound email. We modified the firewall policies and revised the procedures for creating network objects and access rules. We included an optional procedure to enable message tracking. IPv6 DMZ Web Service Deployment Guide We updated Cisco ASA software to align with current Cisco SBA release. We updated screen shots to show current Cisco ASA GUI. We added NAT64 option for IPv4-only servers. Remote Mobile Access Deployment Guide We updated the Cisco ASA firewall software to 9.0(1) with ASDM 7.0(2). We updated the AnyConnect Secure Mobility Client software for Windows, Mac OS X, and Linux to 3.1.00495. We updated the AnyConnect Secure Mobility Client software for iOS to 3.0.09097. We updated the AnyConnect Secure Mobility Client software for Android to 3.0.09093. We updated various screenshots to reflect the new software versions. We replaced the Microsoft ISA server with the Microsoft Forefront Threat Management Gateway. We made minor updates to improve the usability of the guide.
Web Security Using Cisco WSA Deployment Guide We upgraded Cisco WSA software to version 7.5.0. We made minor changes to improve the readability of this guide. Cloud Web Security Using Cisco ASA Deployment Guide New Guide. This guide describes how to implement Cisco Cloud Web Security (CWS), using the Internet edge Cisco ASA 5500 Series Adaptive Security Appliance to direct traffic to Cisco CWS.
We removed the Cisco UCS 6100 Series Fabric Interconnects and Cisco UCS 2100 Series Fabric Extenders. We added Cisco UCS C-Series C220 M3 and C240 M3 rack mount servers to the Cisco SBA data center along with the new Cisco UCS VIC 1225. We updated the Cisco UCS C-Series server LSI RAID controller configuration, to use the more recent LSI MegaRAID controller. We added Cisco UCS Manager single-wire-management to the process for Cisco C-Series server integration to the Cisco UCS Manager environment. Virtualization with Cisco UCS, Nexus 1000V and VMware Deployment Guide We upgraded the VMware environment to version 5.0U1 and updated processes to match the new procedures and steps required for deployment. We added Cisco UCS C-Series servers with Cisco FlexFlash as an option for VMware ESXi image boot. We updated the Cisco Nexus 1000V software to the 2.1 release and updated procedures and steps required for deployment. We added the Cisco Virtual Machine Fabric Extender Configuration and Deployment section, targeted at environments using Cisco UCS B-Series servers with Cisco virtual interface cards and VMware ESXi release 5.0U1.
10
BYOD Solutions
BYOD Design Overview Coming soon. BYODAdvanced Guest Wireless Access Deployment Guide We upgraded Cisco ISE software to version 1.1.2. We added Guest Anchor support for the 2500 Series Wireless LAN Controller. BYODIdentity and Authentication Deployment Guide Coming soon. BYODInternal Corporate Access Deployment Guide Coming soon. BYODRemote Mobile Access Deployment Guide We updated the Cisco ASA firewall software to 9.0(1) with ASDM 7.0(2). We updated the AnyConnect Secure Mobility Client software for Windows, Mac OS X, and Linux to 3.1.00495. We updated the AnyConnect Secure Mobility Client software for iOS to 3.0.09097. We updated the AnyConnect Secure Mobility Client software for Android to 3.0.09093. We updated various screenshots to reflect the new software versions. We replaced the Microsoft ISA server with Microsoft Forefront Threat Management Gateway. We made minor updates to improve the usability of the guide.
Teleworking Solutions
Teleworking Design Overview We updated the discussion of Cisco OfficeExtend. For more information, see the notes for the TeleworkingOfficeExtend Deployment Guide, below. TeleworkingASA 5505 Deployment Guide We upgraded the Cisco ASA software to 9.0(1). We made minor changes to improve the readability of this guide. TeleworkingCVO Deployment Guide We made minor changes to improve the technical accuracy and readability of this guide. We added a section describing the addition of voice protocols into the ACLs provisioned on teleworker routers. We updated the code version of the Cisco ISR G2 aggregation and teleworker routers. TeleworkingOfficeExtend Deployment Guide In previous releases of this document, we presented a second design model where both internal and Cisco OfficeExtend access points were joined on the same controller pair. Because Cisco OfficeExtend and high availability using AP SSO is not supported concurrently on a controller, we have removed that option in this release. We upgraded the Cisco ASA software to 9.0(1). We upgraded the Cisco Wireless Controller software to 7.4. We made minor changes to improve the readability of this guide. TeleworkingVPN Phone Deployment Guide Coming soon.
11
12
Feedback
Please use the feedback form to send comments and suggestions about this guide.
Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices.
ALL DESIGNS, SPECIFICATIONS, STATEMENTS, INFORMATION, AND RECOMMENDATIONS (COLLECTIVELY, DESIGNS) IN THIS MANUAL ARE PRESENTED AS IS, WITH ALL FAULTS. CISCO AND ITS SUPPLiERS DISCLAIM ALL WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THE DESIGNS, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE DESIGNS ARE SUBJECT TO CHANGE WITHOUT NOTICE. USERS ARE SOLELY RESPONSIBLE FOR THEIR APPLICATION OF THE DESIGNS. THE DESIGNS DO NOT CONSTITUTE THE TECHNICAL OR OTHER PROFESSIONAL ADVICE OF CISCO, ITS SUPPLIERS OR PARTNERS. USERS SHOULD CONSULT THEIR OWN TECHNICAL ADVISORS BEFORE IMPLEMENTING THE DESIGNS. RESULTS MAY VARY DEPENDING ON FACTORS NOT TESTED BY CISCO. Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental. 2013 Cisco Systems, Inc. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)