Академический Документы
Профессиональный Документы
Культура Документы
Cisco Confidential
SWITCHING
Cisco Switching Competitive Reference Guide
Introduction
Welcome to the 2010 Cisco® Switching Competitive Reference Guide. This guide provides Switch Positioning and Overview
information about selected LAN switching competitors (3Com/H3C, HP/ProCurve, Extreme, Nortel,
The charts on the following pages position the switches from commonly encountered competitors.
Force10, Brocade, Juniper, Huawei, Alcatel, and D-Link) and highlights multiple perspectives:
You will see products listed multiple times as they have dual roles and are used differently in small,
Introduction
products, sales, weaknesses, and sales tactics.
medium, and large networks. The charts are a guideline as to how the devices can be used.
The objective is to outline the advantages of Cisco switches in comparison to competitive offerings,
The following table list the competitor switches mapped against Cisco wiring closet, data center,
and to help you address Cisco competitors as you encounter them.
access, distribution and core switches as of December 2009.
The Switch Positioning and Overview section provides a quick comparison of how competitive
Table 1: Wiring Closet Switches
offerings are positioned relative to the current Cisco switches.
Wiring Closet Switches December 2009
Organization
• Switch Positioning and Overview Cisco 3Com Extreme Brocade ProCurve Juniper Nortel Force10 Huawei Alcatel D-Link
DES 35xx
• TCO Versus Value Benefit Analysis 2510
DES 30xx
Catalyst Summit 2520
Omni DES 32xx
• Competitor Profiles 2960 4210 X150 2810 EX2200 ERS2500 Quidway
FastIron Stack DXS 32xx
2960-X 4200G X250e 2600 EX3200 ERS4500 2300
6200 DGS 31xx
2975 X350 2610
• Who They Are and What They Sell 6600
DGS 32xx
DGS 34xx
• Typical Network Configuration
DES 35xx
DES 38xx
• Product Overviews and Vulnerabilities Catalyst
4500
Omini
DES 32xx
3560v2 Summit FastIron 2910al Switch
4500G EX2500 Quidway DXS 32xx
• Weaknesses 3560-E X250e FastIron 3500 ERS5000 S-series 6250
4800G EX4200 5300 DGS 31xx
3560-X X450a/e Edge/X 6200yl 6400
S3610 DGS 32xx
• Sales Tactics Series 6850
DGS 34xx
DGS 36xx
• Why Work With Cisco?
Catalyst
Fastlron
• Why Choose Cisco? 3750v2 Omini
5500 Summit Edge/X 3500 EX2500 Quidway DES 38xx
3750-E ERS5000 S-series Switch
5500G X450a/e Fastlron 6200yl EX4200 5300 DGS 36xx
3750-X 6850
CX
What’s New and Updated Series
• Updated section for Nortel Networks, currently under bankruptcy protection heading to liquidation
BigIron
Catalyst
• Products at end-of-sale or end-of-life in each competitor section RX Omini
6500 7900E 8800 Quidway
FastIron 8200zl EX8200 ERS8600 C-series Switch
6500-E 8800 10808 9300
SuperX/ 9000/E
• Updated financials for publicly held firms Series
SX
Introduction
Table 2: Data Center Switches
Introduction
Data Center: Blade Switches avoided the use of merchant silicon and continues to invest in the development of ASICs.
Cisco 3030/3032/3130 – Dell Using merchant silicon enables Cisco’s switching competitors to:
Cisco SFS M7000E InfiniBand – Dell
Cisco 3120/3020 – HP • Reduce production costs
Cisco GESM – HP
Cisco 3110/3012 – IBM • Facilitate entry into new markets
Cisco IGESM – IBM
Cisco 3040 – Fujitsu
Cisco Nexus 4001I – Dell
• Round out product lines
However, while switches that use merchant silicon are sometimes promoted as enterprise-class
Data Center: Fixed-Configuration Switches
products that promise to deliver performance and functionality, customers should evaluate whether
FastIron these low-cost products are designed and built to satisfy cost needs rather than customer needs.
Catalyst 5500G Edge/X
Summit 6400cl
4900 S5800 EX2500 ERS5000 S Series
X650 FastIron CX 6600
Series S5820X Adoption of Merchant Silicon
TurboIron
As the networking industry evolved, demands on network equipment manufacturers changed
Nexus
5000 S5820X X650 TurboIron EX2500 ERS5000 S Series from the highest switching capacity and the highest density to more complex requirements.
Series
These include combining high performance, high density, and business-critical services at
Data Center: Modular Switches cost-effective pricing. The need to reach aggressive price points and the expense of maintaining
chip development teams has led some network manufacturers to outsource aspects of product
Catalyst BirIron RX
6500
7900E
8800 C Series Quidway OminiSwitch development to merchant silicon providers. These merchant silicon companies now produce a
8800 FastIron 8200zl EX8200 ERS5000 DES 7202
6500-E
S12500
10808 E Series 9300 9000/E massive array of silicon products that can be taken by network equipment manufacturers and made
Series Super X/SX
into end-user products, such as LAN switches, wireless devices, WAN routers, and storage devices.
Nexus
7000 S12500 E Series Manufacturers using merchant silicon typically rely on the merchant silicon vendors to understand
Series customer requirements. The problem with this approach is that the silicon foundries do not have
either the channels or the customer contact to truly understand what business problems the
Table 3: Distribution and Core Data Center Switches customer hopes to address.
Introduction
Dangers of Products Built on Merchant Silicon TCO Versus Value Benefit Analysis
Merchant silicon seems to solve the main problems a network manufacturer encounters when Customers want to achieve superior business results within budget in today’s competitive
trying to design, build, and produce products for a market segment willing to accept low-cost environment. Cisco competitors often claim a lower TCO, typically citing initial acquisition cost and
Introduction
products with moderate functionality. However, merchant silicon does not allow for scalable a maintenance contract over a short time frame (three years) as proof of this claim. This view, though
products to be produced today. In fact, merchant silicon is accelerating the production of multiple- it may be well intended, can be misleading for the following reasons:
task, single-entity products limited to the features that a merchant silicon provider can easily
• Cisco’s modular design philosophy differs from its competitors. The Cisco Catalyst 4500 and
provide. In time, this results in more boxes that need to be implemented, integrated, and managed
6500 Series Switches are designed to be upgradable while competitors typically release a
within the network, resulting in higher OpEx. It also means the merchant silicon provider may not
completely new platform lacking hardware compatibility, potentially forcing customers to invest in
have knowledge of networking, or more importantly, of end-customer needs.
a different architecture within three to five years, at significantly higher overall cost.
Recently, more and more switching products using merchant silicon have been appearing in the
• Cisco products offer a richer feature set. This feature richness helps explain why customers
marketplace. They rely on time-to-market to differentiate themselves from their competitors, even
are sometimes willing to pay premium prices for Cisco switches. These value-based elements
if it means going to market with immature, not fully developed features. This has led to a shift in the
are often ignored or lost in a TCO analysis. Competitors have inserted the implied, misleading
industry as power and influence swing from the network product manufacturers to the merchant
assumption that their products have the same range of features as Cisco switches, which
silicon vendors. Originally network manufacturers designed a product, and then asked the
generally is not true. Cisco products typically offer higher levels of security, scalability, availability,
merchant silicon companies to build ASICs to that specific design. Now, it appears merchant silicon
IP convergence, and manageability features than competing product portfolios.
companies design and produce ASICs and then expect the network manufacturers to
build products around those ASICs. The result: Fewer innovative networking products are available • The TCO analysis is put into a limited context that ignores ongoing network and administration
to customers. costs, which can comprise 70-75% of lifetime costs. A larger omission is the failure to recognize
that the network is the fundamental delivery mechanism for IT (server, PC, storage) infrastructure
Cisco expects use of merchant silicon to proliferate because it solves the budget constraints
services. Costs avoided on the networking component (10-15% of IT expense) are a false
of various network vendors. However, it offers limited room for differentiation and value-added
economy when poorer IT infrastructure performance results in increased downtime, greater
features.
incidence of security issues, or longer wait times and lower productivity experienced by the IT
user community.
Summary
It is easy to see why network equipment manufacturers might be attracted by the time-to-market
and low-cost characteristics of merchant silicon. However, end customers who select a merchant
silicon product lose the price advantage in a two- to three-year investment. Over time, the customer
who deploys a series of merchant silicon devices will end up with more boxes to manage and
support, a less cohesive and less functional network, and a higher level of operating expenses
resulting from these factors.
Introduction
Figure 1 compares and contrasts Cisco’s modular design approach and product evolution with Skeptical? Supervisor modules have comprised 15–20% of the configured cost of Cisco Catalyst
those of selected competitors. 4500 or Catalyst 6500 Series Switches. Assuming a claimed 40% premium and 20% configured
cost paradigm, this becomes a simple math exercise. Initial competitor investment is 100%; assume
Introduction
Figure 1: Cisco’s Evolutionary Approach
in 3–5 years, a platform refresh is necessary, and its costs will be equivalent to the initial investment
plus the upgrade will require personnel costs. In the second phase, Cisco requires a less time-
consuming (less downtime), less costly upgrade versus a complete chassis replacement for a
competitor product, which is a more complex operation. The following net result is solely based
on hardware without costs of support, training, and administration. Although partially complete, a
different picture begins to emerge.
Table 4
Competitor Cisco
Competitors often introduce a modular platform and replace it every three to five years with little
regard for the customers’ investments in hardware, software, and training. Cisco introduces a
platform that evolves as technology evolves and the short TCO time spans used by competitors
ignore this fact. Large secondary investments in competing products are needed usually in year
four or five and are outside the typical TCO window that competitors use. A Cisco platform’s richer
feature set is lost in the TCO analysis. Figure 2 depicts how an initial investment in Cisco hardware
actually costs less over two investment cycles despite having an initial price premium over a
competitor offering. The primary factor is the capability to upgrade Supervisor modules and take
advantage of common equipment at various points throughout the life cycle of Cisco Catalyst 4500
and Catalyst 6500 Series platforms.
Introduction
Support and other elements need to be factored into the analysis. If you assume annual system This table illustrates how a single hour of downtime in any of these examples is cost-prohibitive
support costs of 8%, the Cisco offering is less expensive on a cumulative basis after the second and being ignored in a TCO approach. Costs related to security can also be prohibitive as viruses,
investment cycle. Until then, Cisco appears more expensive. Clearly, customers must consider their worms, and other forms of malware can result in significant productivity, financial, and intellectual
Introduction
long-term business needs rather than arbitrary TCO time periods set forth by competitors. property loss which are not considered in a TCO approach. Figure 3 creates a more balanced
customer evaluation framework.
Although this guide has focused on modular switches, a similar posture can be taken in the
stackable or fixed-configuration area. Advanced Cisco features such as Cisco StackWise®
architecture and Power over Ethernet (PoE) were emulated by competitors two to three years Figure 3: Cost Versus Value
after being introduced by Cisco. Network Admission Control (NAC), one-click software updates,
Smartport macros, and 802.1x Wake-on-LAN are recently introduced features that are likely
Cost-Based Elements Value-Based Elements
to be implemented by competitors in two to three years, depending on the merchant silicon Value-Based Selling
implementation cycle of suppliers. Which is a better value for the customer?
1) A switch with greater features costing $2500, which is likely to last five years? Initial Purchase Product Longevity
Implementation Costs Security Capabilities
2) One with less features costing $1500 and likely to last two or three years? Ongoing Support Ease-of-Use and Manageability Features
Training, Management, Administration Performance and Scalability
The first option is $42 per month ($2500 for 60 months) and the second is $42-60 per month Secondary Investment Cycle Costs Network Design and Support Capability
Current and Future Solution Capability
depending on longevity. The second option does not offer the extra benefits of the first option’s Investment Protection
richer feature set or superior ease of use, which results in higher productivity and lower network
administration costs.
Competitor Strengths Cisco Strengths
Cisco Catalyst switches are designed to offer high service and the high-availability levels
required by customers. The Cisco Catalyst 6500 Series offers high-availability features such as
Nonstop Forwarding (NSF), Stateful Switchover (SSO), Cisco IOS® Software modularity, and fault
containment to maximize customer uptime. The cost of downtime varies by customer but is huge,
as shown in the following table.
Table 5: Downtime Cost Various Industries When confronted with the TCO argument and framework, point out that it is a useful starting point
but is incomplete. Customers need to consider the value elements offered by Cisco which are
Downtime Cost For Various Industries ignored by the cost-based nature of a TCO exercise. Adding these value elements results in a more
balanced view, more akin to a cost and benefit analysis.
Finance Healthcare Transportation Manufacturing Retail
Customers are buying more than a networking product or components when working with Cisco
Downtime Cost $220 million $42 million $32 million $154 million $41 million
or Cisco partners. They are buying Cisco expertise and commitment to making them successful
Downtime Hours 1180 393 298 766 518
now and in the future. Cisco offers the broadest range of LAN switching products, from easy-to-use,
Cost Per
$188,000 $107,000 $107,000 $201,000 $79,000 high-performance, fixed-configuration switches designed for SMB customers to modular Cisco
Downtime Hour
Catalyst 4500 and Catalyst 6500 Series platforms designed for large enterprises. Cisco has the
Annual most experience designing and supporting networks of any vendor today and customers can take
Downtime Cost $8500 $4400 $1900 $9000 $1900
Per Employee advantage of that expertise by working with Cisco and its partners. Cisco is committed to enabling
customers’ success because this assures the future success of Cisco and its partners, regardless
Source: 2005 Cost of Enterprise Downtime: North American Vertical Markets study by Infonetics Research
of the product or service purchased.
The following summarizes the LAN switching market for 2005-2009 using Dell’Oro Group market
LAN Switching Market 2005–2009
share data. Between 2005 and 2007 LAN switching enjoyed significant growth in both the modular
and fixed L2/L3 segments as the market grew from US$13.3 billion in 2005 to over US$17.7 billion in US$M 2005 2006 2007 2008 Q1-3 2009
2008. The composite CAGR was slightly below 10% for the period with Cisco outpacing the market Unmanaged
$203 $287 $364 $441 $180
with a 10.6% growth. Calendar year 2009 proved very challenging with a 16% market contraction Fixed managed
$6249 $7293 $8624 $9487 $5989
L2/L3
compare to 2008 that impacted all major vendors. Dell’Oro forecasts a 5% revenue growth starting in $7121 $7615 $7864 $8225 $4579
Modular L2/L3
2011, after a flat 1% in 2010. Total L2/L3 Market $13,572 $15,195 $16,852 $18,153 $10,747
LAN switching is typically segmented into three areas: unmanaged, fixed managed L2/L3, and Source: Dell’Oro Group
modular switches as outlined below. Unmanaged switches are generally used in very small
Total L2/L3
Fixed L2/L3 switches typically come in 24- or 48-port configurations with most also having 2 or 4 73.9% 75.6% 75.4% 75.5% 70.9%
Market*
high-speed uplinks. Cisco has been very successful in this area with the Catalyst 2960, 3560, 3750, Source: Dell’Oro Group
and 49xx Series product lines. During the period, Cisco added 11% of market share by growing at a
compounded growth rate in excess of 26%. Initial Cisco pricing can be at a premium but also offers
a more extensive feature set, including elements to increase productivity and drive down long-term The Modular Layer 2 and Layer 3 Switch Market
operating costs. This is important to remember when customers make their evaluation
Modular or chassis switches come in a variety of sizes with slot capacities typically in the range of
as the typical useful life of this type of switch varies from 3-7 years with a median useful life of
3-10 slots. Cisco has also been very successful in this segment with the Catalyst 4500 and 6500
slightly under 5 years.
Series families and the newly introduced Nexus 7000 Series, very flexible platforms providing
Power-over-Ethernet (PoE) is growing rapidly in this segment and comprised over 23% of ports high-performance solutions and features.
shipped in 2007, up from slightly over 17% in 2006. Another trend is the move toward higher
All platforms offer models with upgradable switch fabrics to extend their flexibility and protect
performance products driven by applications such as IP video. Shipments of 10/100/1000 ports
customers’ initial investments by giving them this option instead of purchasing a new chassis.
increased to 34% of all fixed managed L2/L3 ports in 2007, up from 26% of ports in 2006. Some
Cisco has been able to hold a large share in the segment despite the economic downturn and
industry pundits suggest that 10 /100 products are sufficient today for customer needs; however,
aggressive competition.
that thinking may be too short term given the median useful life of almost 5 years for these types
of switches. Power-over-Ethernet (PoE) is also growing rapidly in this segment accounting for over 36% of ports
shipped in 2009, up from 34% in 2008 and 29% in 2007. Over 84% of ports shipped in 2009 were
1GE compared to 81% in 2008 while 10GE ports topped at almost 4%, from 2.3% in 2008, driven by
investments in data center deployments. The average modular life-cycle is also slightly under five
years, but many Cisco customers have extended the use of the 45xx and 65xx family beyond this
by taking advantage of the platform’s upgradability.
3Com
3Com Overview 3Com LAN Switches
3Com sells LAN switches, routers, wireless devices, security, connectivity (network interface The following graphic portrays 3Com’s current products as of December 2009.
cards [NICs]), and IP telephony products worldwide primarily through indirect channels.
3Com has a strong SMB franchise, but re-entered the enterprise segment in 2003 after exiting Figure 4: 3Com LAN Switches
this area in 2000. Most products designed for higher-density enterprise networking environments
have been developed as part of the H3C joint venture with Huawei, designed to increase product
velocity and lower costs. 3Com took control of the H3C venture buying out partner Huawei for
$882 million in November 2006 securing a non-competing agreement in the Enterprise/SMB
routing and switching markets until September 2008. Huawei and Bain Capital Partners teamed
up in September 2007 offering $2.2 billion for 3Com, but the deal fell through in early 2008
because of security concerns of US lawmakers related to the TippingPoint division. In November
2009, Hewlett-Packard has announced the intent to acquire 3Com for $2.7 billion in cash, citing
H3C R&D facilities, intellectual property and inroads into the Chinese markets as reasons for the
acquisition.
Fiscal year 2009 was the first profitable year for 3Com after 8 straight years of losses. Market
share grew considerably in fixed switches helped by demand for low cost solution in the
economic downturn. In the first nine months of 2009, roughly 54% of sales come from China
(60% when combined to the rest of the Asia Pacific region) reflecting the crucial role of the H3C
joint venture.
Table 8: 3Com Financial Profile
Source: 3Com
3Com Financial Profile1 and Market Share2
3Com
Figures in US$ (millions) Q1 FY 2010 FY 2009 FY 2008 FY 2007 FY 2006
Total Revenue $290.5 $1317.0 $1294.9 $1267.5 $794.8
3Com
Table 9: 3Com Fixed-Configuration Switches
corporate data center with distributed branch offices connected across the WAN. 3Com has Description 4210-9/PWR 4210-18/PWR 4210-26/PWR 4210-52
focused on delivering a base set of products upon re-entering the enterprise market with 3Com/H3C Product Numbers
3CR17341-91 3CR17332-91 3CR17333-91
3CR173334-91
3CR17331-91 3CR173421-91 3CR173431-91
price as differentiation. Using merchant silicon as foundation, the company has focused on
Cisco Catalyst Switching
basic customer connectivity, density, and performance requirements rather than architecture
Catalyst Equivalent Catalyst 2960
and solution addressing more comprehensive needs. Cisco Borderless Network solution and
architectural play has no equivalent in 3Com portfolio not even after the announced integration Positioning Wiring Closet
with HP. Furthermore, evn at the product level most of the innovation coming out of 3Com in recent Layer 2/Layer 3 Layer 2
years has been the result of the Huawei partnership, the company ability to sustain a pipeline of
Maximum Port Density
products has yet to be proven.
10/100 8/8 (PoE) 16/16 (PoE) 4/24 (PoE) 48
Dual Personality 1 2 2
SFP/GBIC/SFPs 2
10G Uplink
Performance
3Com
MAC Address Entries 8192
Security
Ethernet/Fast Ethernet
Gigabite Ethernet
Power over Ethernet (PoE)
Radius · · · ·
802.1X · · · ·
SSL
- Typical given market focus and predominance of fixed configuration products
- Shows 3Com voice products (phones / NBX) which have limited market share
SSH · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · ·
Source: 3Com
Rate Limiting · · · ·
GVRP · · · ·
Weighted Fair Queuing 4
3Com
Table 9: 3Com Fixed-Configuration Switches
3Com/H3C Product Numbers 3C17660-91 3C17661-91 3C17662-91 3C17671-91 3CR17561-91 3CR17562-91 3CR17761-91 3CR17762-91
3CR17571-91 3CR17572-91 3CR17771-91 3CR17772-91
Cisco Catalyst Switching
Dual Personality 4 2 2 4 4
Uplink/SFP/GBIC
Performance
Throughput (Mbps) 32.7 65.5 101.2 65.5 6.6 10.1 95.2 131
3Com
MAC Address Entries 16,000 8000 8000
Security
Radius · · · · · · · ·
802.1X · · · · · · · ·
SSL · · · · · ·
SSH · · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · · · ·
Rate Limiting · · · · · · · ·
GVRP · · · · · · · ·
Hardware Queues 8 Queues 8 Queues 8 Queues
3Com
Table 9: 3Com Fixed-Configuration Switches
Layer 2/Layer 3 RIP v1/2/ng, OSPF v1/2/3, PIM-SM/DM, BGP, MLD, IPv6 RIPv1/v2, OSPF/PIM-SM/DM (advanced image)
Dual Personality 4 4 8
SFP/GBIC/SFPs 24 4 4 2
Performance
3Com
MAC Address Entries 32,000 16,000
Security
Radius · · · · · ·
802.1X · · · · · ·
SSL · · · · · ·
SSH · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · ·
Rate Limiting · · · · · ·
GVRP · · ·
Hardware Queues 8 Queues 8 Queues
3Com
Table 9: 3Com Fixed-Configuration Switches
Layer 2/Layer 3 RIPv1/v2, OSPF, PIM-SM/DM Layer 2, OSPF, BGP, ISIS, PIM-SM/DM, IPv6
10/100 24 (SFP) 24 24 48
Dual Personality 4 4 4
SFP/GBIC/SFPs 24 2 4 2 4
10G Uplink 2 2 2
Performance
3Com
MAC Address Entries 16,000 16,000
Security
Radius · · · · · · ·
802.1X · · · · · · ·
SSL · · ·
SSH · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · · ·
Rate Limiting · · · · · · ·
GVRP · · · ·
Hardware Queues 8 Queues
3Com
Table 9: 3Com Fixed-Configuration Switches
Layer 2/Layer 3 Layer 2, OSPF, BGP, ISIS, PIM-SM/DM, IPv6, MLD SPF, BGP, ISIS, PIM-SM/DM, IPv6, MLD
10/100 24 (SFP))
24 / 24 (PoE) 48 / 48 (PoE) 8 (PoE)
10/100/1000 16 (Optional) 4 4
+ 16 (Optional) + 16 (Optional) + 32 (Optional)
Dual Personality
Performance
3Com
MAC Address Entries 32,000 32,000
Security
Radius · · · · · ·
802.1X · · · · · ·
SSL · · · · · ·
SSH · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · ·
Rate Limiting · · · · · ·
GVRP · · · · · ·
Hardware Queues 8 Queues 8 Queues
Source: 3Com
3Com
Table 10: 3Com Modular Switches
Layer 3 Compatibility RIPv1/v2, OSPF, BGP, IS-IS. PIM-SM/DM RIPv1/v2/ng, OSPF v2/3, BGP, IS-IS/v6. PIM-SM/DM, MLD, MPLS, IPv6
10 Gigabit 3 6 6 16 16 28 52 84
Power over Ethernet (PoE) 144 288 288 96 96 144 288 480
3Com
Capacity (Gbps) 240 240 240 122 288 480 768 1.536 Tbps
Throughput (Mbps) 179 179 179 143 178 274 488 714
3Com
Table 10: 3Com Modular Switches
Layer 3 Compatibility RIPv1/v2/ng, OSPF v2/3, BGP, IS-IS, PIM-SM/DM, MLDP, MPLS, IPv6 RIPv1/v2, OSPF, BGP, IS-IS. PIM-SM/DM
10 Gigabit 20 32 48 8 12 24 24
Power over Ethernet (PoE) 240 384 576 96 144 288 288
3Com
Capacity (Gbps) 300 960 1.4 Tbps 192 312 336 768
3Com
Table 10: 3Com Modular Switches
Layer 3 Compatibility RIP, OSPF, BGP, IS-IS. PIM, MLD, IPv6, MPLS, L3 VPN, L2 VPN (VLL) RIP, OSPF, BGP, IS-IS. PIM, MLD, IPv6, MPLS, L3 VPN, L2 VPN (VLL)
3Com
Capacity (Gbps) 250 600 960 1.44 TBS 3.06Tbps 6.6Tbps
3Com
3Com Weaknesses
NOTES
• Consistent financial losses, management turnover and prolonged uncertainties hindered the
company strategy and focus, with negative effects on customers. HP announcement reignites the
uncertainties around the company’s future.
• Constant change of strategies (exit and re-entry in enterprise), constant product shuffling (exit from
modular switches and then decision revised).
• Heavily relied on Huawei to deliver critical products and technology in the past, as well as to drive
sales. Huawei was responsible for 26% of H3C revenue and 15% of 3Com consolidated revenue
in 2008, down from 41% at the end of 2006. 3Com didn’t deliver any major products following the
break of the partnership while Huawei has announced EOS for many of the EOM switches.
• Competing simultaneously in many networking segments may have proven a distracting and
ineffective strategy leading to consistent financial losses.
• Back-end support could have been impacted by sales force turnover and company downsizing.
• An inconsistent strategy and in-out-in posture within the enterprise segment, may have risen
questions, among enterprise IT managers and professional, about 3Com credibility. The purchase
of H3C seems to indicate greater commitment, but the company track-record and past behavior
may have undermined irreparably customer trust.
3Com
a low price point, but the products offer less manageability, and fewer security, and quality-
of-service features than comparable Cisco products. Faster equipment churn due to shorter
merchant silicon life cycle will ultimately increase long-term operating costs. Poor customer
support would compound in increasing TCO. With five TACs and over 1500 support engineers,
and a track record of backward compatibility in many product lines, Cisco can offer low TCO
through consistently high levels of support and investment protection.
• 3Com can offer a broad solution but its solutions are best deployed in relatively small networks.
3Com’s in-out-in posture in the enterprise is still disconcerting to many IT managers hurt in
the past.
• Cisco has convergence products (voice, video, data, and IP TV) and expertise coupled with a
long-term commitment to implement these successfully. 3Com has some elements, but are they
committed? Is HP the final exit strategy?
• 3Com will sell downward from chassis to fixed-configuration switches as necessary. This is a
logical tactic given 3Com’s less sophisticated product portfolio.
Alcatel-Lucent
Alcatel-Lucent Overview Alcatel-Lucent LAN Switches
The present company is the result of a series of mergers, acquisitions, spin-off and spin-in that go Figure 6 portrays Alcatel-Lucent’s current products as of December 2009.
on since the late 19th century. With roots in two companies—La Compagnie Générale d’Electricité Figure 6: Alcatel-Lucent’s LAN Switches
(CGE) and the Western Electric Manufacturing Company—Alcatel merged in 2006 with a financially
troubled Lucent, a spin-off of AT&T focus on telecommunication equipments. The combined
companies earned $24 billion in revenue in 2008 but posted net operating losses for $7 billion.
Since the merger, Alcatel-Lucent has not been able to turn profitable despite drastic cost reduction
and heavy cuts to R&D investments.
Alcatel has strong marketing focus on SP and has largely ignored the Enterprise LAN switching
which is part of its Enterprise Solutions in Alcatel’s Private Communications Group (PCG).
Enterprise technologies, in the first half of 2009, accounted for $700M or 6% of total revenue with
switching generating $115M. Alcatel has a small presence in LAN switching, nevertheless its market
share has grown from a relative flat 1.3% of 2006-2008 to a 1.6% of 2009 driven primarily by growth
in Fixed switches.
Research and Development $1885.7 $3886.0 $4350.0 $1935.0 Below is a typical Alcatel solution for a LAN switching network. It’s totally focused on switch
connectivity and lacks any reference to WAN or security considerations. Alcatel has focused on
Other Expenses $922.5 $7396.0 $5597.0 $1099.0
delivering a base set of products to satisfy some basic customer needs (connectivity, density, and
Operating Income/Loss $1561.8 $7474.0 $6257.0 $183.0 performance requirements) and has not focused on the more comprehensive needs of enterprise
Operating Profit/Loss % -14.8% -31.2% -23.9% -1.1% customers.
Figure 7: Typical Alcatel Enterprise LAN Switch Network Design
Headcount 77,717 76,410 89,370 Simple Network Complex Network
Alcatel-Lucent
Two tier, single data center/building Three tier, Multi data center/building
2009 2008 2007 2006
OmniSwitch 9800 OmniSwitch 9800
OmniSwitch 9700 OmniSwitch 9700
Fixed L2/L3 Market Share (revenue)2 1.9% 1.6% 1.4% 1.2% 10 GigE Link
Aggregation
Core
Modular L2/L3 Market Share (revenue) 1.2% 1.1% 1.3% 1.3%
Total L2/L3 Market Share (revenue) 1.6% 1.3% 1.3% 1.2% Dual core network
for maximal redundancy OS9700 OS9600
Aggregation
1
Yahoo Finance and Google Finance
2
Dell’Oro Group
Source: Alcatel–Lucent
36 Cisco Confidential Cisco Confidential 37
Cisco Switching Competitive Reference Guide
Alcatel-Lucent
Table 12: Alcatel-Lucent Fixed-Configuration Switches
10/100 12/12 (PoE) 24/24 (PoE) 24 (SPF) 48/48 (PoE) 24 /24 (PoE)
10/100/1000 4 4 4 4 2 24/24 (PoE) 48/48 (PoE)
Dual Personality 2 2 2 2 2 4 4 2
Uplink/SFP/GBIC 24
10G Uplink
Performance
Radius · · · · · · · ·
802.1X · · · · · · · ·
SSL
· · ·
· · · · · · · ·
Alcatel-Lucent
SSH
Bandwidth Management/QoS
IGMP Snooping · · · · · · · ·
Rate Limiting · · · · · · · ·
GVRP
· · · ·
Hardware Queues 4 Queues 8 Queues
Alcatel-Lucent
Table 12: Alcatel-Lucent Fixed-Configuration Switches Table 13: Alcatel-Lucent Modular LAN Switches
Layer 2/Layer 3 RIP v1/2/ng, OSPF v2/3, BGP, ISIS, IGMP v1/2/3, PIM-SM/DM, MLD, DVMRP, VRRP v2/3 Maximum Port Density
24 (L version, 48 (L version, RJ-45 10/100 80 160 (no E version) 320 (no E version)
10/100
upgredable to Gig) upgredable to Gig)
RJ-45 10/100/1000 96 192 384
10/100/1000 24 / 24 (PoE) 48 / 48 (PoE)
Maximum 1000BASE-SX/LX 96 192 384
Dual Personality 4 4 (no X version) 2
10 Gigabit 24 / 8 48 / 16 (E version) 96 / 32 (E version)
Uplink/SFP/GBIC 24
Power over Ethernet (PoE) 96 192 (no E version) 384 (no E version)
10G Uplink 2 (X versions) 2 (X versions) 2
Other (ATM, STM, etc.) None
Performance Service Module Support None
Capacity (Gbps) 44 / 64 (X version) 92 / 112 (X version) 64 Performance (One Unit)
Throughput (Mbps) 37.5 / 65.5 (X version) 71.4 / 101.2 (X version) 65.5 Bandwidth Capacity (Gbps) 480 960 1.92 Tbps
Maximum VLANs 1024 1024 1024 Throughput (Mbps) 143 285 570
MAC Address Entries 16,000 16,000 16,000 QoS and Rate Limiting
Security Weighted Round Robin · · ·
Radius · · · Weighted Random Early Detection · (RED) · (RED
802.1X · · · Weighted Fair Queuing
Alcatel-Lucent
SSL · · · Strict Priority Queuing · · ·
SSH · · · Rate Limiting · ·
Bandwidth Management/QoS High Availability
Alcatel-Lucent
Alcatel-Lucent Weaknesses
NOTES
• Alcatel has a small presence and market share in the worldwide LAN switching market. The DNA
of Alcatel and Lucent so focused on Service Providers has prevent them from making strides in
Enterprise providing the right combination of hardware and appropriate features.
• Given the limited weight of the Enterprise segment on the overall revenue of the company and the
economic challenges faced by the company, it will be difficult for Alcatel to justify its commitment to
the Enterprise market.
•Alcatel has lacked positive reinforcement as a data networks supplier, particularly in North America
and hasn’t gained significant mind in the enterprise infrastructure market.
• Alcatel has had a poor investment protection track record, typically requiring a complete
chassis upgrade.
• Alcatel seems to perceive customer technology needs moving more slowly than the industry as
a whole, including the demand for tri-speed Gigabit networking to the desktop and the demand
for Power over Ethernet. Alcatel was relatively late to market, choosing to invest more effort in
maintaining, supporting, and evolving cost-sensitive, lower-capacity solutions than other vendors.
This trend is likely to continue because of the high degree of price sensitivity in some of Alcatel’s
key vertical customer segments.
Alcatel-Lucent
• Alcatel will tout its solution as “best of breed,” with lower TCO and trot out an ease-of-management
cliché. They ignore the fact that such a solution requires multiple relationships, increasing linkage
and training costs.
Brocade/Foundry
Brocade/Foundry Overview Brocade/Foundry LAN Switches
Foundry Networks was acquired at the end of 2008 by Brocade to complement the storage Figure 8 portrays Brocade’s enterprise products as of December 2009
portfolio and provide a comprehensive Data Center solution. Integrating Foundry Enterprise and Figure 8: Brocade’s Enterprise Products
Metro Ethernet products, Brocade today can target enterprise, service provider and data center
environments with local, metro and wide area networks as well as storage area networks.
Foundry has typically focused on performance and was an early entrant in the 10 Gigabit market
space. Through time, it had adeptly morphed products and market messaging to deal with
changing market conditions. Foundry designed product architectures around custom ASICs with
little to no regard for compatibility, resulting in a series of incompatible architectures which reduces
the residual economic value of a customer’s investments in Foundry hardware.
The two company combined have increased their market share to 2.2%, up from 1.8% in 2008, but
relatively flat in respect of a 2% combined share in 2007 proving limited success in expanding their
penetration through cross selling. Most of the market shares gains have been in modular switches
a natural consequence of Brocade strong focus with service providers and large enterprise in data
center and high performance networks. (Source: Dell’Oro Group.)
1
Yahoo Finance
Brocade/Foundry
2
Dell’Oro Group
Brocade/Foundry
Typical Brocade/Foundry LAN Configurations
NOTES
The figure shows a typical Brocade enterprise network and the positioning for the product portfolio.
It portrays a typical corporate network with campuses of different sizes and campus backbone.
Foundry’s original product lines—NetIron, FastIron and TurboIron—are the fabric of Brocade
enterprise architecture.
Together with strengths, Foundry’s products present many shortcomings, like the lack of service
modules—SSL services, firewall, IDS, etc. available on the Cisco Catalyst 6500—so crucial in
data center deployments. Similarly, Foundry tried in the past to address its security shortcomings
by pulling together the Foundry Security Alliance Program, but offered interoperability testing
and joint marketing efforts and little else. Cisco provides a broad range of complete solutions,
whereas Foundry/Brocade is forced to partner to provide a complete solution. The use of multiple
organizations results in duplicated customer linkage costs such as support, training, administration,
and managing spares, increasing overall costs. Ownership, responsibility, and problem resolution
are problematic as more entities must be engaged when problems arise. Cisco provides multiple
solutions from a single vendor, lowering linkage costs and simplifying issue resolution, thereby
lowering TCO.
Source: Brocade/Foundry
Brocade/Foundry
46 Cisco Confidential Cisco Confidential 47
Cisco Switching Competitive Reference Guide
Brocade/Foundry
Table 15: Foundry Fixed-Configuration Switches
Catalyst Equivalent Catalyst 2960 or Catalyst 3560v2 Catalyst 2960 or Catalyst 3560v2
Layer 2/Layer 3 Layer 2 (Static L3, OSPF on EPREM) Layer 2 (L3 upgrade optional)
Dual Personality 4 4 4 4 4 4
Uplink/SFP/GBIC
Performance
Security
Radius · · · · · ·
802.1X · · · · · ·
SSL · · · ·
SSH · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · ·
Rate Limiting · · · · · ·
GVRP · · · · · ·
Hardware Queues 8 queues 8 Queues
Brocade/Foundry
48 Cisco Confidential Cisco Confidential 49
Cisco Switching Competitive Reference Guide
Brocade/Foundry
Table 15: Foundry Fixed-Configuration Switches
Catalyst Equivalent Catalyst 2960 or Catalyst 3560v2 Catalyst 3560v2, 3750v2, or 4948
Layer 2/Layer 3 Layer 2 (L3 upgrade optional) RIPv1/v2, OSPF, BGP, PIM DX, PIM SX, DVMRP, IPv6 on FESX6xx
10/100
Performance
Security
Radius · · · · · · ·
802.1X · · · · · · ·
SSL
SSH · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · · ·
Rate Limiting · · · · · · ·
GVRP · · · · · · ·
Hardware Queues 8 Queues 8 Queues
Brocade/Foundry
50 Cisco Confidential Cisco Confidential 51
Cisco Switching Competitive Reference Guide
Brocade/Foundry
Table 15: Fixed-Configuration Switches
Catalyst Equivalent Catalyst 3560v2, 3750v2, or 4948 Catalyst 3560v2, 3750v2, or 4948 Nexus 5000, Catalyst 4900
Layer 2/Layer 3 RIPv1/v2, OSPF, PIM DX, PIM SX, VRRP, DVMRP, IGMP RIPv1/v2, OSPF, BGP, PIM DX, PIM SX, VRRP, IGMP Layer 2
Dual Personality 12 4 4
Uplink/SFP/GBIC 2 2 4
Performance
Security
Radius · · · · · · ·
802.1X · · · · · · ·
SSL
SSH · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · · ·
Rate Limiting · · · · · · ·
GVRP · · · · · · ·
Hardware Queues 4 Queues 8 Queues
Source: Brocade/Foundry
Brocade/Foundry
52 Cisco Confidential Cisco Confidential 53
Cisco Switching Competitive Reference Guide
Brocade/Foundry
Table 16: Foundry Modular LAN Switches
Catalyst Equivalent Catalyst 4500 and Catalyst 6500 Catalyst 4500 and Catalyst 6500
Positioning Wiring Closet / Core / Data Center Wiring Closet / Core / Data Center
Layer 3 Capability RIPv1/v2, OSPF, BGP, IS-IS, VRRP, PIM DX, PIM SX, DVMRP, IPv6 RIPv1/v2, OSPF, BGP, IS-IS, VRRP, PIM DX, PIM SX, DVMRP, IPv6
RJ 45 10/100
10 Gigabit 16 32 64 128 16 20 36
Performance
Capacity (Gbps) 960 1.92 Tbps 3.84 Tbps 5.12 Tbps 510 600 1080
Throughput (Mbps) 286 571 1.14 Tbps 2.28 Tbps 304 348 636
High Availability
Non-Stop Forwarding · · · ·
Hitless Software Upgrades
Brocade/Foundry
Hot Swap Line Cards · · · · · · ·
Source: Brocade/Foundry
Brocade/Foundry
Brocade/Foundry Weaknesses
NOTES
• Lacks an end-to-end convergence strategy despite a long-term relationship with other vendors.
• High concentration of sales to the U.S. Government in the past led to product development efforts
focused on features of interest to the U.S. Government but not needed by other customers.
• Loss of market share in 2008 following the integration, but quickly gaining traction in modular
switching in 2009.
• Service and support offering and delivery mechanism are weak (1 TAC, 35 system engineers).
• Feeds and speeds mentality/myopia has limited them from understanding that customers deploy
complete systems including security and applications.
• Multiple product architectures create support issues and potential customer confusion. A lack
of investment-protection features has reduced economic value of some customers’ installed
base equipment.
• Lacks integrated method of service delivery (VPNs, IDS, firewalls) within product platforms.
Brocade/Foundry
standard, to name just a few. After obtaining ratification from standards bodies, Cisco supports all
of these features while continuing to develop new proprietary solutions based on customer needs,
starting the process anew.
D-Link
D-Link Overview D-Link LAN Switches
Founded in 1986, D-Link is a Taiwanese company, headquartered in Hsinchu, Taiwan. Listed on Figure 10 portrays D-Link’s LAN switch portfolio as of December 2009.
the Taiwan Stock Exchange (TSE), D-Link had 2,447 in 71 countries at the end of 2008 and claimed
Figure 10: D-Link’s LAN Switches
to have a global reach in more than 100 countries. D-Link focuses on SOHO and SMB market
D-Link
segments and targets emerging markets, especially in Asia-Pacific and Latin America. Roughly 52%
of its revenue came from emerging markets and Asia-Pacific in 2008 growing to 54% in 2009.
1
Dell’Oro Group
D-Link quickly adopts industry standards. It delivers many features via merchant silicon, focusing
on low initial purchase price. D-Link has primarily focused on SMB markets but does offer a chassis
product, indicating a desire to move up to larger Enterprise accounts. A thorough search of D-Link’s
North American website didn’t locate any network configuration diagrams or design best practices,
showing a lack of sophistication of D-Link products and their inexperienced in designing large and
integrated network topologies. Support is subcontracted to NCR, leaving us to wonder about the
quality of support provided in terms of dealing with networking environments of more than two to
four switches.
D-Link
Table 18: D-Link Fixed-Configuration Switches
D-Link Product Numbers DES-3526 DES-3528 DES-3550 DES-3010FA DES-3010GA DES-3010PA DES-3028/P DES-3052/P
D-Link
Cisco Catalyst Switching
10/100/1000 2 4 2 1 1 1 4 4
Dual Personality 2 2 2 2 2
Uplink/SFP/GBIC 1 1 1
10G Uplink
Performance
Capacity (Gbps) 8.8 12.8 13.6 3.8 5.6 5.6 12.8 17.6
Throughput (Mbps) 6.6 9.5 10.1 Up to 1488 Up to 1488 Up to 1488 9.5 13.1
Maximum VLANs 255 4,96 255 256 256 256 4096 4096
MAC Address Entries 8000 16,000 8000 8000 8000 8000 8000 8000
Security
Radius · · · · · · · ·
TACACS+ · · · · · · · ·
802.1X · · · · · · ·
SSL · · · · · · · ·
SSH · · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · · · ·
Rate Limiting
GVRP · · · · · · ·
Hardware Queues 4 Queues 8 Queues 4 Queues 4 Queues
D-Link
Table 18: D-Link Fixed-Configuration Switches
D-Link Product Family xStack DES 38xx DES 32xx/xStack xStack DXS 32xx DGS31xx/xStack 32xx
D-Link Product Numbers DES-3828P DES-3226L DES-3228PA DXS-3227/P/50/50E DGS-3100-24/P/48/P DGS-3224TGR DGS-3200-10 / 24
D-Link
Cisco Catalyst Switching
Catalyst Equivalent Catalyst 3560v2 / 3750v2 Catalyst 2960/3560-G Catalyst 2960/3560-G Catalyst 2960/3560-G
Uplink/SFP/GBIC
Performance
Capacity (Gbps) 12.8 8.8 12.8 108 / 180 / 240 / 144 68 / 116 48 20 / 48
MAC Address Entries 16,000 8000 8000 up to 16,000 8000 16,000 8000 / 16,000
Security
Radius · · · · · · ·
TACACS+ · · · · · ·
802.1X · · · · · · ·
SSL · · · · · · ·
SSH · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · · ·
Rate Limiting · · ·
GVRP · · · · · ·
Hardware Queues 8 Queues 4 Queues 8 Queues 4 Queues 8 Queues 8 Queues
D-Link
Table 18: D-Link Fixed-Configuration Switches Table 19: D-Link Modular LAN Switches
D-Link Fixed-Configuration Switches (continued) D-Link Modular LAN Switches December 2009
D-Link Product Family xStack DGS 34xx xStack DGS 36xx D-Link Product Family DES-6500 DES-7202
D-Link
Cisco Catalyst Switching D-Link Product Numbers
Catalyst Equivalent Catalyst 2960/3560-G Catalyst 3560 /E, 3750/E Cisco Catalyst Switching
Positioning Wiring Closet Wiring Closet Catalyst Equivalent Catalyst 4500 Catalyst 4500/6500
Maximum Port Density RIP-v1/v2, OSPF, IGMP v2, DVMRP, IP V4/V6, RIP, OSPF, IS-IS, BGP, IGMP,
Layer 3 Compatibility
PIM-DM, VRRP, IPv6 PIM-SM/DM, VRRP, DHCP, MPLS
10/100
Maximum Port Density
10/100/1000 24 (PoE) / 24 / 48 24/-/48
Interface Module Slots 8 Up to 8
Dual Personality 4 4 4
10/100 or 10/100 PoE 192
Uplink/SFP/GBIC 12 -/24/-
Gigabit Ethernet (SFP) 96 Up to 24
10G Uplink Up to 3 Up to 3
10/100/1000 96 Up to 384
Performance
10/100/1000 PoE ·
Capacity (Gbps) 88 / 108 / 136 24 108 / 108 / 136
10 Gigabit 16 64
Throughput (Mbps) 65.47 / 80.36 / 101.19 17.86 80.26 / 80.36 / 101.19
Performance (One Unit)
Maximum VLANs 4000 17.87 4000 Capacity (Gbps) 160 Up to 384
MAC Address Entries 8000 17.88 16,000 Throughput (Mbps) 142 Up to 286
Security High Availability
Radius · · · Stateful Switchover (SSO)
TACACS+ · · · Nonstop Failover (NSF)
D-Link
D-Link Weaknesses
NOTES
• Support capability potentially very weak, outsourced service and support to third party (NCR).
• Lack of security integration, relies on partnership with Checkpoint.
D-Link
• Lack of product stability and compatibility in complicated network environments.
• Lack of experience in larger, more complex network environments.
• Uncertain commitment toward backward compatibility and customer investment protection in
modular switches.
• Limited international enterprise experience and acceptance.
• Limited solution scalability. Product set is geared toward small network designs.
• Limited chassis selection.
Extreme
Extreme Overview Table 20: Extreme Financial Profile
Extreme, founded in 1996, focuses on the enterprise, data center, and metro ethernet market Extreme Financial Profile1 and Market Share Q1-3 20092
segments. It provides fixed and modular switches, wireless devices, and security appliances to
address customer needs. Extreme is ethernet-focused and, along to the traditional posture of Figures in US$ (millions) Q1 FY2010 FY2009 FY2008 FY2007 FY2006
performance and high density, it differentiates its product portfolio through power efficiency Total Revenue $66.3 $335.6 $361.8 $342.8 $358.6
and uniform approach to software at competitive prices. It uses a “Unified Access” message in Cost of Goods $29.5 $145.0 $156.5 $157.6 $164.7
both wired and wireless environments. Extreme advocates putting intelligence at the edge of
Gross Margin $36.8 $190.5 $205.3 $185.2 $193.9
the network and focuses development efforts on delivering managed wireless solutions as an
integral part of its wired offering. It provides a single mechanism for policy management and user Marketing and Administration $28.8 $129.2 $137.9 $135.7 $124.0
authentication. LAN switching comprises almost all of Extreme’s revenues with more than 70% in Research and Development $13.6 $58.2 $65.3 $67.1 $62.0
stackable and almost 80% or revenue in the enterprise segment.
Other Expenses $0.5 $2.2 $0.9 $4.0 $3.2
The recent economic slowdown, particularly in North America, greatly affected Extreme’s ability
Operating Income/Loss $5.2 $0.9 $1.2 $21.6 $4.7
to generate profits for most of 2009, forcing the company to a 9% reduction in the headcount.
Extreme
Analysts, in recent earnings calls, have questioned Extreme ability to address with such limited Operating Profit/Loss % -7.8% 0.3% 0.3% -6.3% 1.3%
resources very different markets: data center, enterprise and carriers. Headcount 788 786 861 847 834
Limited resources have led Extreme to seek partnerships as ways to fill gaps in the portfolio as Market Share Q1-3 20092 2009 2008 2007 2006
well as go-to-market strategy. Agreements to OEM products from Motorola indicate Extremes Fixed L2/L3 Market Share (revenue)2 1.9% 1.9% 2.4%
willingness to invest in WLAN to broaden the enterprise product offering and move toward wired-
Modular L2/L3 Market Share (revenue) 1.4% 1.6% 2.2%
wireless integration despite R&D constrains. On the other end, Avaya $28 million investment in
2004, led to a partnership agreement allowing the company to resell Extreme switches as part of Total L2/L3 Market Share (revenue) 1.7% 1.8% 2.3%
its VoIP solution, accounting today for a considerable portion of total revenue. 1
Yahoo Finance
2
Dell’Oro Group
R&D investment has remained relatively flat and profits have been hard to come by in the past
four years. Extreme’s LAN switching market share has also declined steadily from 2005 through
2007. The fixed configuration switch products were refreshed in 2006-2007, which helped stem
a decline in market share. As noted below, chassis (modular) products have declined as Extreme
has been slow to improve or add new products in this area.
Extreme
Figure 12: Extreme’s Resilient Enterprise Network
Extreme
Source: Extreme
Extreme has quickly adopted industry standards. It delivers many features through merchant 13232 Summit 200-24fx
silicon, focusing on low initial acquisition cost in various forms. Extreme has directed its marketing
13245 Summit 300-24
toward converged metro networks and mobile solutions offerings, implementing 802.11a, b, and g
standards. Extreme’s reliance on third-party and OEM agreements to deliver a secure, integrated 16131 Summit 400-24t
network solution is not ideal for keeping pace with multimedia, voice, and data advancements.
16137 Summit 400-24p
Extreme depends on its OEM partners to deliver these elements in a timely fashion.
16101 Summit 400-48t
The following figure represents a typical Extreme Resilient Enterprise Network.
16123 Summit x450-24t
Source: Extreme
Minimum period of support availability has ended in 2009 for the following products:
Black Diamond 6804
Black Diamond 6816
Alpine 3802
Extreme
Table 22: Extreme Fixed-Configuration Switches
Extreme
10/100 24 48 24 48
10/100/1000 20 44
Combo Ports 2 2 4 4 2 2 2
Dual Personality
Uplink/SFP/GBIC 24
Performance
MAC Address Entries 8000 8000 8000 8000 8000 8000 8000
Security
Radius · · · · · · ·
802.1X · · · · · · ·
SSL (SCP) (SCP) (SCP) (SCP) (SCP) (SCP) (SCP)
SSH · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · · ·
Rate Limiting · · · · · · ·
GVRP
Extreme
Table 22: Extreme Fixed-Configuration Switches
Description Summit 450e-24 Port Summit 450a-48 Port Summit 650-24 Port
17001
Extreme Product Numbers 16142 (PoE) 16148 (PoE)
17002 (SFP)
Extreme
Maximum Port Density
10/100
10/100/1000 24 48
Combo Ports
Dual Personality
Uplink/SFP/GBIC 4 4 4
Performance
Security
Radius · · ·
802.1X · · ·
SSL (SCP) (SCP) (SCP)
SSH · · ·
Bandwidth Management/QoS
IGMP Snooping · · ·
Rate Limiting · · ·
GVRP
Source: Extreme
Extreme
Table 23: Extreme Modular Switches
Extreme Product Numbers 45040 45080 41012 41011 60011 65040 65040 68020
Catalyst Equivalent Catalyst 4500 Catalyst 6500 Catalyst 6500 / Cisco 7600
Layer 3 Compatibility RIPv1/v2, OSPF, IS-IS, BGP, PIM, DVMRRP RIPv1/v2, IS-IS, OSPF, BGP, PIM, MLD RIPv1/v2, IS-IS, OSPF, BGP, PIM, MLD
Extreme
RJ-45 10/100 128 256
Capacity (Gbps) 32 64 1.9 Tbps 3.8 Tbps 1.28 160 160 2 Tbps
Weighted Random Early Detection · (RED) · (RED) · (RED) · (RED) · (RED) · (RED) · (RED) · (RED)
Weighted Fair Queuing
Extreme
Weaknesses • Security and wireless capability: Extreme offers Sentriant security appliances and wireless
products, but these are more of a product-line round out. Cisco has significantly greater security
Market share erosion continued from 2.3% in 2005 to less than 1.6% in 2009*.
and wireless networking expertise and capability than Extreme.
• Thin sales-force coverage model with limited resources spread on very differentiated
market opportunities. • Resiliency: Extreme claims its devices and implementations provide the most resilient offering
for customers today. Although the idea behind Extreme’s message is correct—resiliency is
• Top Management turnover, including the resignation of the CEO, may lead to more turnover/churn
needed—Extreme is far from being able to deliver on this promise. EAPS is a proprietary Ethernet
and strategic changes.
Ring solution with a ring needed to provide resiliency. Internal Cisco tests have shown that in
• Increased competition from ProCurve, 3Com - established vendors with larger market share- order to achieve sub-50-millisecond switchover times, there has to be a specific and fine-tuned
as well as from new enterprise players, Brocade/Foundry and Juniper, all striving to become a environment, which is unrealistic in the real world of network traffic. Extreme also offers a modular
credible alternative to Cisco. OS, ExtremeWare XOS, for improved application performance. However, the modular elements of
• Weak post-sales product support model. XOS are limited only to certain simple processes and no patching of processes is available, unlike
Cisco IOS Software modularity on the Cisco Catalyst 6500 Series.
• Support ownership and responsibility issues with so many partnerships (Avaya, Motorola,
Siemens) in delivering customer solutions. • Like Cisco but cheaper: Generally this approach is taken in a TCO analysis focused only on
Extreme
• Weak wide area connectivity story. Extreme doesn’t have solutions in this space compared to the initial acquisition cost and a service contract. This is short-sighted because it ignores ongoing
choices offered by Cisco. operational expenses, which are typically 75-80% of lifetime expenses. Extreme’s four ASIC
generations have created a collection of incompatible architectures and destroyed much of the
* (Source: Dell’Oro Group.)
economic value of earlier platforms. Simply compare residual values of Cisco Catalyst 4500
and Catalyst 6500 Series products to the Extreme Alpine or BlackDiamond series and you will
Extreme’s Sales Tactics see Cisco products retain a much higher percentage of original value. Extreme’s sole focus on
• Extreme doggedly advocated a two-tier network design but now has modified their stance. Ethernet switching necessitates partnering in most situations to provide a complete solution.
Extreme now proposes an Edge-Aggregation-Core architecture which is remarkably similar to By engaging multiple organizations, customer linkage costs such as support, training,
that proposed by Cisco for years. Cisco has used this conceptual three-layer model for years, administration, and managing spares are duplicated, resulting in increased costs. Ownership,
based on its proven capability to maximize application uptime, scalability, cost-effectiveness responsibility, and problem resolution are more problematic as more entities are engaged when
and manageability. Ultimately the choice is up to the customer based on business needs and problems arise. When these hidden costs are factored into any analysis, it is hard to reach the
objectives. Cisco can provide the appropriate network structure and design support for any conclusion that Extreme is “cheaper than” or “just like” Cisco.
customer network. Cisco has always had switches capable of collapsing the model into two or
• Cisco is too big to care about you: Cisco’s focus on its customers has actually contributed to
three tiers as desired by customers, while providing excellent aggregation performance and
its growth. Cisco offers a broad set of products, listens to customers, adapts to their needs, and
advanced services which other vendors can’t provide.
provides technical capability and leadership.
• Universal Edge Ports: Extreme touts the Universal Edge Port or a single port capable of supporting
IP phones, wireless access points, and gigabit-attached PCs. It is clever marketing, but Extreme
is claiming capabilities that Cisco has offered for several years (such as end-to-end IP telephony,
inline power, and automated deployment features). Cisco was first to introduce 10/100/1000 ports
capable of managing secure voice and video traffic. This is simply another attempt by Extreme to
spin the story to its favor.
• Innovative hardware and ASIC design: Extreme is likely to point out its development and
introduction of the fourth-generation network silicon systems (4GNSS), which is a marketing term
for programmable packet processor. It claims this provides the capability to process all different
networking technologies and assure the scalability of the 10808 product. Unfortunately, the
introduction of the BlackDiamond series, which has higher capacity, negated this claim.
Force10
Force10 Overview Force10 LAN Switches
• Privately held, Force10 has recently completed the merged with Turin Network a provider of carrier Figure 13 portrays current Force10 products as of December 2009.
Ethernet networking products for wired and wireless network operators.
Figure 13: Force10 LAN Switches
• Founded in 1999, Force10 is one of the most heavily funded venture-backed companies having
raised, combined with Turin, in excess of US$600M. A recent US$30M series B round provided a
valuation of approximately US$200M.
• The company has been more successful in raising VC funding than generating revenue;
according to Dell’Oro source their cumulative sales at the end of 2008 were $461M.
• Revenue was flat in 2007 (US$109M) and grew moderately in 2008 (US$125M) driven by
investments in data center deployments and 10GE increasing penetration.
• Consistent need for funding indicates the company is burning cash and is likely unprofitable,
making the highly anticipated IPO unlike. The company started rumors about a possible public
offering back in 2004, and postponed the plan several time since then. Given its size following the
acquisition of Turin Network, Force 10 would daintily represent an ideal IPO candidate, but any exit
will need to be massive in order for its longstanding investors to receive decent returns.
• The company sells LAN switches through a direct sales force and selected resellers worldwide.
• Focused on data center, high-performance computing, service provider, Metro Ethernet, and
10-Gigabit Ethernet core environments. It has tried to crack Enterprise market with limited success.
• Currently offers the following modular switches; C Series (C300 and C150), ExtraScale E-Series
(E600i and E1200i), TeraScale E-Series (E300, E600 and E1200), and some fixed-configuration
switches in the S-series (S2410, S25N/S50N, S25V/S50V,S25P). Introduced C-Series based
Force10
on Broadcom chipset in 2007. Force 10 has four different architectures despite having limited
revenue creating potential support and interoperability questions.
• Niche player focused on Gigabit Ethernet and 10-Gigabit Ethernet switching and routing.
1
Dell’Oro Group
Force10
Typical Force10 Configurations
NOTES
Figure 14 shows typical Force10 configurations for a data center grid computing and enterprise
environment.
Figure 14: Typical Force10 Network Configuration
Source: Force10
Force10 emphasizes performance and high density. It uses the density argument to claim fewer
Force10
boxes are needed in a Force10 solution, resulting in:
• An easier environment to manage
• Lower CapEx and OpEx
Their message around reliability, scalability and serviceability has not changed since the early
2007, but it has met little success in the market. Force10 Operating System (FTOS) is still relatively
immature given its short time in the market and limited install base compared to Cisco IOS
Software. Cisco IOS Software has been successfully deployed in tens of thousands of customer
environments and its breadth of features and functionalities is the result of years of development.
Force10 products are focused primarily on speeds and feeds with the emphasis on port density
and performance. Force10’s product still lacks critical enterprise features and customers will be
forced to integrate multiple third-party solutions to provide these critical business-class services,
increasing their costs and time spent on issue identification and resolution.
Cisco strives for backward compatibility to protect customers’ investments and it is unclear if this is
important to Force10: in 2002 they introduced the EtherScale products, replaced by the TeraScale
series in 2004, and then again in 2009 by the ExaScale product line. This rapid introduction pace
results in increased CapEx and investment in terms of dollars and cycles to manage sparing
inventory as different types of boxes proliferate. It also can result in manageability issues as
differing boxes need to be managed and maintained within the network.
Force10
Table 25: Force10 Fixed-Configuration Switches Table 26: Force10 Modular LAN Switches
Force10 Fixed-Configuration Switches December 2009 Force10 Modular LAN Switches December 2009
Force10
Maximum VLANs 1024 1024 1024 1024 1024
Capacity (Gbps) 768 1536
MAC Address Entries 16,000 16,000 16,000 16,000 32,000
Throughput (Mbps) 476 952
Security
QoS and Rate Limiting
Radius · · · · · Weighted Round Robin · ·
802.1X · · · · · Weighted Random Early Detection · ·
SSL · · · · · Weighted Fair Queuing
Force10
Table 26: Force10 Modular LAN Switches
48 112 224
10 Gigabit
(12 Line Rate) (28 Line Rate) (58 Line Rate)
Force10
Service Module Support None
1750 3500
Performance (One Unit)
1042 2083
Capacity (Gbps) 400 900 1668
Force10
Force10 Weaknesses
NOTES
• Narrow product line requires Force10 to partner to offer complete solution outside narrow
market niches.
• Lacks the resources to scale into new markets and opportunities.
• Sales force is small.
• Spending habits require constant funding. Will the company survive?
• Products are expensive because of design and limited volume (their specialty nature).
• Support is expensive.
• The enterprise feature set is immature.
• Although Force10 claims to lead in performance, independent testing has shown the Cisco
Catalyst 6500 performs as well or better in a battery of tests, including test of availability,
management, port loss, and scalability*.
Force10
•Aggressive use of public relations to constantly stay in the headlines. This entails multiple press
releases often on the same topic or items such as using a specific vendor for a 10 Gigabit PHY
(PHY is a generic electronics term referring to a special electronic integrated circuit or functional
block of a circuit that provides physical access to a digital connection cable).
• Leverage partnerships to offer the customer a broad or complete solution.
*Source: EANTC testing of Cisco Catalyst 6500 versus Force10 TeraScale E1200 [June 2005].
Huawei
Huawei Overview Huawei LAN Switches
• Huawei is a privately held Chinese high-tech company established in 1988. Figure 15 portrays Huawei’s enterprise products as of December 2009.
• Huawei has over 87,000 employees, 43% of who engaged in research and development in centers Figure 15: Huawei LAN switches
across the globe: Silicon Valley and Dallas in USA, Stockholm in Sweden, Moscow in Russia and
Bangalore in India in addition to those in Beijing, Shanghai, Nanjing, Shenzhen, Hangzhou and
Chengdu in China
• The company claims to invest 10% of annual sales in research and development.
• Huawei’s 2008 annual sales totaled $18.3 billion ($1.3 billion in Net Income) with more than 75% of
sales made outside mainland China.
•According to researcher Dell’Oro, Huawei overtook Alcatel-Lucent as number 3 mobile network
gear maker in 2009, doubling its market share, from a year earlier, and Nokia Siemens for the
number 2 position in the global mobile infrastructure equipment market.
• With products in 31 of the world’s top 50 carriers, Huawei has made significant strides in 3G and
4G LTE deployments for European and Japanese operators.
• It has four corporate divisions organized functionally: products and services, strategy and
marketing, sales and support, operations and delivery.
• Huawei sold its stake in the joint venture interest in H3C to 3Com for $882 million and signed a Typical Huawei Network Configuration
18-month non-compete agreement in Enterprise/SMB routing and switching markets.
The agreement expired September 2008 and Huawei has aggressively moved away from selling Huawei’s documentation lacks connection to the problems faced by enterprise IT managers such
H3C gears. mobility, globalization of the workforce, collaboration and communication. Huawei products are
focused primarily on speeds, feeds at low cost with the emphasis on port density and uplink
• Huawei concentrates on five key areas: data communications, mobile networks, optical networks, speeds. Huawei’s solutions do not set out scalable architectures such as Cisco’s Borderless
software, and applications. Networ—a series of innovations across routing, switching, wireless, acceleration, and security to
help organizations deliver mobility, security, and performance to transform the way IT delivers and
Table 27: Huawei Market Profile
scales services.
Huawei Market Profile and Market Share Q1-3 20091 In addition, while Cisco’s solutions are always compatible with open standards and often integrated
with software from leading vendors, the same cannot be said for Huawei. For example, Cisco
2009 2008 2007 2006
developed NAC (Network Admission Control) as a global industry initiative including more than 60
Fixed L2/L3 Market Share (revenue)1 0.8% 0.7% 0.8% 0.7% active partners and while Huawei solution—Endpoint Admission Defense (EAD)—did work with
Modular L2/L3 Market Share (revenue) 3.1% 2.0% 1.7% 1.3% local Chinese antivirus software solutions.
Total L2/L3 Market Share (revenue) 1.7% 1.3% 1.2% 1.0%
Huawei
1
Dell’Oro Group
Huawei
Table 28: Huawei Fixed-Configuration Switches
Huawei Product Numbers S2309TP S2318TP S2326TP S2352P S3328TP S3328TP-24S S3352P S3352P-24S S3352P-48S
S2309TP-PWR S2326TP-PWR S33528TP-PWR S3352P-PWR
10/100/1000 1 2 2 2 2
Dual Personality 1 2 2 2 2
Uplink/SFP/GBIC 4 2 2 4 24 + 4 4
10G Uplink
Performance
Capacity (Gbps) 3.6 7.2 8.8 17.6 12.8 17.6 17.6 17.6 17.6
Throughput (Mbps) 2.7 5.4 6.6 13.2 9.6 13.2 13.2 13.2 13.2
Security
Radius · · · · · · · · ·
802.1X · · · · · · · · ·
SSL
SSH · · · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · · · · ·
Huawei
Rate Limiting · · · · · · · · ·
GVRP
Huawei
Table 28: Huawei Fixed-Configuration Switches Table 29: Huawei Modular LAN Switches
Huawei Fixed-Configuration Switches (continued) December 2009 Huawei Modular LAN Switches December 2009
Huawei Product Family Quidway 5300 Huawei Product Family Quidway 9300
Huawei Product Numbers S5324TP S5328C S5348TP S5352C Huawei Product Numbers S9303 S9306 S9312
S5324TP-PWR S5328C-PWR S5348TP-PWR S5352C-PWR
Cisco Catalyst Switching
Cisco Catalyst Switching
Catalyst Equivalent Catalyst 4500 / 6500
Catalyst Equivalent Catalyst 3560v2/3750v2
Positioning Aggregation/Core
Positioning Wiring Closet
Layer 3 Compatibility RIPv1,2, OSPF, BGP, IS-IS, VRRP, PIM-DM/SM, MPLS, IPv6
Layer 2/Layer 3 RIP v1/2, OSPF/ISIS/BGP/PIM-SM/PIM-DM (advanced image)
Maximum Port Density
Maximum Port Density
Interface Module Slots 3 6 12
10/100
RJ-45 10/100
10/100/1000 24 / 24 (PoE) 24 / 24 (PoE) 48 / 48 (PoE) 48 / 48 (PoE)
RJ-45 10/100/1000 144 288 576
Dual Personality 4 4 4
Maximum 1000BASE-SX/LX
Uplink/SFP/GBIC 4 (Optional) 4 (Optional)
10 Gigabit 36 72 144
10G Uplink 2 (Optional) 2 (Optional)
Power over Ethernet (PoE)
Performance
Other (ATM, STM, etc.)
Capacity (Gbps) 48 88 96 136
Service Module Support
Throughput (Mbps) 6 66 72 102
Performance (One Unit)
Maximum VLANs 4096
Capacity (Gbps) 1.2 Tbps 2.4 Tbps 4.8 Tbps
MAC Address Entries 16,000 (32,000 advanced image)
Throughput (Mbps)
Security
QoS and Rate Limiting
Radius · · · · Weighted Round Robin · · ·
802.1X · · · ·
SSL
Weighted Random Early Detection · · ·
Weighted Fair Queuing
SSH · · · ·
Bandwidth Management/QoS
Strict Priority Queuing · · ·
Rate Limiting · · ·
IGMP Snooping · · · · High Availability
Huawei
Rate Limiting · · · ·
GVRP
Stateful Switchover (SSO) · · ·
Hardware Queues 8 Queues
Nonstop Failover (NSF) · · ·
Source: Huawei
Hitless Software Upgrades · · ·
Modular Operating System
Huawei
Huawei Weaknesses
NOTES
• Heavily reliant on direct sales and OEM model.
• Limited feature support for QoS and multicast.
• Unknown commitment to guarantee customer investment protection through backward
compatibility of products.
• Limited international enterprise experience and acceptance.
Huawei
96 Cisco Confidential Cisco Confidential 97
Cisco Switching Competitive Reference Guide
Juniper
Juniper Overview Juniper LAN Switches
Juniper is a publicly traded company founded in 1996. Initially focused on high-end routers for SP The following figure portrays Juniper’s enterprise products as of December 2009.
markets, Juniper broadened its product portfolio to include edge services devices, WAN branch
Figure 16: Juniper LAN Switches
routers, and application networking. The company entered the LAN switching market with the
EX series, with products slowly gaining market share at the expense of heavy discounts to gain
footprint.
1
Yahoo Finance
2
Dell’Oro Group
Juniper
98 Cisco Confidential Cisco Confidential 99
Cisco Switching Competitive Reference Guide
Juniper
Table 31: Juniper Fixed-Configuration Switches
Juniper Product Numbers EX2200-24T-4G EX2200-48T-4G EX2500-24F-FB EX3200-24T EX3200-48T EX4200-24T EX4200-48T EX4200-24F
EX2200-24P-4G EX2200-48P-4G EX2500-24F-BF EX3200-24P EX3200-48P EX4200-24P EX4200-48P
Cisco Catalyst Switching
Catalyst 4900M,
Catalyst Equivalent Catalyst 3560v2 Catalyst 3560v2 Catalyst 3750v2
Nexus 5000
Positioning Wiring Closet Data Center Wiring Closet Wiring Closet
Layer 2/Layer 3 Layer 2 + RIP, OSPF and Layer 3 Multicast (Optional) Layer 2 RIP v1/2/ng, OSPF, BGP, IS-IS, PIM-SM, IPv6 RIP v1/2/ng, OSPF, BGP, IS-IS, PIM-SM, IPv6
10/100
10/100/1000 24 / 24 (PoE) 48 / 48 (PoE) 24 (8 PoE) / 24 (PoE) 48 (8 PoE) / 48 (PoE) 24 (8 PoE) / 24 (PoE) 48 (8 PoE) / 48 (PoE)
Dual Personality
Performance
Security
Radius · · · · · · · ·
802.1X · · · · · · ·
SSL
SSH · · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · · · ·
Rate Limiting · · · · · · · ·
GVRP · · · · ·
Hardware Queues 8 Queues 8 Queues
Source: Juniper
Juniper
100 Cisco Confidential Cisco Confidential 101
Cisco Switching Competitive Reference Guide
Juniper
Table 32: Juniper Modular LAN Switches
Juniper Weaknesses
Juniper Modular LAN Switches
• New market entrant. Lacks any experience in LAN switching area.
Juniper Product Family EX8200
• Support for key features for voice/video, such as QoS and multicast.
Juniper Product Numbers 8208 8216
• Limited enterprise/experience and acceptance.
Cisco Catalyst Switching
• JUNOS was developed for SP environments. How extensive is the Enterprise feature set?
Catalyst Equivalent Catalyst 4500 / 6500
• JUNOS release cycle not well matched to Enterprise if followed as in SP environment.
Positioning Core / Data Center
Capacity (Gbps) 6.2 Tbps (2.5 with current linecards) 12.2 Tbps (5.1 with current linecards) • Logical alternative to Cisco.
Juniper
102 Cisco Confidential Cisco Confidential 103
Cisco Switching Competitive Reference Guide
Nortel
Table 33: Nortel Financial Profile
Nortel Overview
Nortel Financial Profile1 and Market Share2
Nortel started as part of Bell Canada in the 1930s, changing the name to Northern Telecom (NT)
in 1976 and diversifying into networking by buying Bay Networks in 1998. It changed the name to Figures in US$ (millions) Q1-3 2009 2008 2007 2006
Nortel, and expanded its product line through numerous acquisitions of networking, software, and Total Revenue $3,705.0 $10,421.0 $10,948.0 $11,418.0
Nortel
telecom businesses. Sales soared at the pick of the dot-com IT investment bubble, only to plunge
Cost of Goods $2326.0 $6136.0 $6334.0 $6979.0
following the burst, with Nortel taking a $27+ billion loss in 2001. The economic slowdown and
credit crunch lead Nortel to file for Chapter 11 in January 2009, seeking bankruptcy protection to Gross Margin $1379.0 $4285.0 $4614.0 $4439.0
initiate the unwinding of the assets. Nokia Siemens opened the bidding with a $650M offer for the Marketing and Administration $965.0 $2153.0 $2490.0 $2503.0
CDMA/LTE unit trumped ultimately by Ericsson’s $1.3B offer. The Enterprise Solutions operation
Research and Development $642.0 $1573.0 $1723.0 $1939.0
was acquired by Avaya for $900 million, while Ciena won a heated battle with Nokia Siemens after
offering $769M for the Optical and Carrier Ethernet business. To worsen matters, Mike Zafirovsky, the Other Expenses $302.0 $210.0 $105.0
CEO appointed in 2005 to restructure the company and revive the business following accounting Operating Income/Loss $228.0 $257.0 $191.0 $108.0
issues, eventually sued the bankrupt telecom equipment maker for more than $12 million. Operating Profit/Loss % -6.2% 2.5% 1.7% -0.9%
Despite the financial and management troubles, Nortel has proven exceptionally resilient throughout Headcount 30,307 32,550 33,760
2009 losing its market share slowly than expected helped by customers and channels securing
Market Share Q1-3 20092 2009 2008 2007 2006
orders and stuffing inventories before products would be discontinued. Verizon Communications in
particular, one of Nortel largest accounts, has even tried to oppose the deal with Avaya, citing public Fixed L2/L3 Market Share (revenue) 2.4% 2.7% 3.5% 3.5%
safety and security concerns as service and support contracts could be discontinued.Despite Modular L2/L3 Market Share (revenue) 2.3% 3.4% 3.7% 3.3%
the financial and management troubles, Nortel has proved exceptionally resilient throughout 2009
Total L2/L3 Market Share (revenue) 2.4% 3.0% 3.6% 3.4%
losing its market share slowly than expected helped by customers and channels securing orders
and stuffing inventories before products would be discontinued. Verizon Communications in 1
Yahoo Finance
2
Dell’Oro Group
particular, one of Nortel largest accounts, has even tried to oppose the deal with Avaya, citing public
safety and security concerns as service and support contracts could be discontinued.
Nortel LAN Switches
The following graphic portrays Nortel’s current products as of December 2009
Nortel
Typical Nortel Network Configuration
NOTES
Nortel markets its 5500, 4500, and 2500 series fixed-configuration devices for extensive use in
the wiring closet. The 5500 series switches are based on merchant silicon from Broadcom to
permit lower prices and protect margins. Nortel is one of a few vendors (Cisco included) whose
Nortel
products can touch nearly all corners of the Enterprise LAN (wireless, LAN Switching, routing,
security). Continual churn and re-organization within Nortel’s enterprise division made it difficult
to identify and execute a consistent strategy resulting in delays in new product development
channel initiatives, and customer focused events. They focused mainly on speeds and feeds
with an emphasis on port density, uplink speeds, standards-oriented features, and price (heavy
discounting). Nortel strategy was to embrace industry standards, using merchant silicon to deliver
many features with a focus on a low initial acquisition cost.
The following figure represents a typical Nortel Enterprise Network design.
Nortel
Table 34: Nortel Fixed-Configuration Switches
Description 2526T 2526T-PWR 2550T 2550T-PWR 4526FX 4526T 4526T-PWR 4550T 4550T-PWR
Nortel
Nortel Product Numbers AL2500/01-E6 AL2500/11-E6 AL2500/02-E6 AL2500/12-E6 AL4500/01-E6 AL4500/03-E6 AL4500/13-E6 AL4500/02-E6 AL4500/12-E6
Catalyst Equivalent Catalyst 2960 (2975 if stacking is required) Catalyst 2960 (2975 if stacking is required)
100FX 24
10/100/1000 2 2 2 2
Dual Personality 2 2 2 2 2 2 2 2 2
Uplink/SFP/GBIC
10G Uplink
Performance
Capacity (Gbps) 12.8 12.8 15.6 15.6 48.8 48.8 48.8 77.6 77.6
Throughput (Mbps) 9.5 9.5 11.6 11.6 6.6 6.6 6.6 10.2 10.2
Maximum VLANs 256 256 256 256 256 256 256 256 256
MAC Address Entries 16,000 16,000 16,000 16,000 8000 8000 8000 8000 8000
Security
Radius · · · · · · · · ·
802.1X · · · · · · · · ·
DHCP Snooping · · · · ·
SSH · · · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping
Rate Limiting · · · · · · · · ·
GVRP
Nortel
Table 34: Nortel Fixed-Configuration Switches
Nortel Product Family ERS 4500 Series (continued) ERS 5000 Series
Description 4524GT 4548GT 4526GTX 4526GTX-PWR 4548GT-PWR 5510-24 5510-48 5520-24PWR 5520-48PWR 5530-24TFD
Nortel
Nortel Product Numbers AL4500/05-E6 AL4500/04-E6 AL4500/06-E6 AL4500/16-E6 AL4500/14-E6 AL1001/04-E5 AL1001/03-E5 AL1001/06-E5 AL1001/05-E5 AL1001/07-E5
Catalyst Equivalent Catalyst 2960 (2975 if stacking is required) Catalyst 3560v2 / 3750v2
10/100
100FX
Dual Personality 4 4 4 4 4 24
Uplink/SFP/GBIC 2 2 4 4
10G Uplink 2 2 2
Performance
Maximum VLANs 256 256 256 256 256 256 256 256 256 256
MAC Address Entries 8000 8000 8000 8000 8000 16,000 16,000 16,000 16,000 16,000
Security
Radius · · · · · · · · · ·
802.1X · · · · · · · · · ·
SSL · · · · · · · · · ·
SSH · · · · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · ·
Rate Limiting · · · · · · · · · ·
GVRP
Nortel
Table 34: Nortel Fixed-Configuration Switches
Nortel
Nortel Product Numbers AL1001/14-E5 AL1001/13-E5 AL1001/12-E5 AL1001/11-E5 AL1001/15-E5
10/100
100FX
Dual Personality 6 6
Uplink/SFP/GBIC 24
10G Uplink 2 2 2 2 8
Performance
Security
Radius · · · · ·
802.1X · · · · ·
SSL · · · · ·
SSH · · · · ·
Bandwidth Management/QoS
IGMP Snooping
Rate Limiting · · · · ·
GVRP
Source: Nortel
Nortel
Table 35: Nortel Modular LAN Switches
Nortel
Nortel Product Numbers DS1402008-E5 DS1402007-E5 DS1402002 DS1402001
Nortel
Discontinued Nortel LAN Switches • Acquiring most of Nortel Enterprise Solutions, Avaya will have some redundancy and overlapping
between the newly acquired switching portfolio and products offered through its Extreme’s
This list is current as of March 2008. Updated information can be found at:
partnership.
http://support.nortel.com/go/main.jsp?cscat=CATEGORY&catOID=-9605
• Continual turnover and reorganization within the ranks of Nortel’s enterprise division took in the
Nortel
Table 36: Discontinued Nortel Platforms past the toll on the company’s ability to execute on a single enterprise strategy, causing delays
in new product development, channel initiatives, and customer-focused events. Despite sizable
Extreme discontinued the following platforms in 2009
employee retention programs, Nortel workforce, particularly the sales force, will be greatly
Model End of Support impacted by the liquidation. Lack of job security, impending layoffs, loss of equity incentives, and
highly instable work environment may impact the effectiveness of both Engineering and Sales.
BayStack 350 Switches Oct 31, 2009
Customers should be wary that the integration of Nortel assets into other vendor existing portfolios
BayStack 380-24T Switch Oct 31, 2009
will prove very disruptive to product life cycles, in contrast to customer investment protection,
BayStack 410-24T Switch Feb 28, 2008 detrimental to service and support contracts and ultimately negative to customer satisfaction and
R&D commitments.
BayStack 70 Switches Dec 31, 2006
ProCurve
HP/ProCurve Overview ProCurve LAN Switches
The ProCurve Networking by HP product line includes LAN switches, access routers, wireless, Figure 19 portrays ProCurve LAN switches as of December 2009
and security products, sold worldwide through indirect channels, which account for the large
Figure 19: ProCurve LAN Switches
majority of sales. Historically, ProCurve focused on smaller networks (fewer than 2000 nodes),
but recent products are designed for higher-density enterprise and data center environments.
ProCurve market share increased—in terms of ports and revenues—from 2004 through 2007,
stalled in 2008, only to grow again in 2009. While the growth came initially at the expenses of
second- and third-tier networking vendors, growth in Q1 and Q2 had some negative impact on
Cisco’s market share. The difficult economic slowdown favored vendors positioned as “cheap
alternatives” touting, often without merits, lower TCO thanks to lower initial CapEx.
HP Financial Profile
ProCurve
Table 37: HP Financial Profile
ProCurve revenue in 2009 was $768 million, or less than 0.7% of HP’s total revenue.
How strategically relevant can the networking division be to the HP long term strategy?
ProCurve
Typical ProCurve LAN Convergence Configuration
NOTES
Figure 20 shows a typical ProCurve solution for a medium-sized enterprise using a ProCurve 5300
chassis.
ProCurve
Source: ProCruve
ProCurve has limited VoIP experience outside of a partnership with Mitel and Avaya. It is unclear if
reference designs are used or if customers have to work separately with each vendor to implement
their VoIP architecture. This unnecessarily exposes customers to potential implementation and
integration issues as they move toward a converged network infrastructure. These issues are
unlikely to be encountered when working with Cisco, which is the leader in implementing enterprise
VoIP solutions. ProCurve products are focused primarily on matching speeds and feeds with
the emphasis on port density, uplink speeds, standards-oriented features, and rely on price as
differentiator. ProCurve has not articulated a scalable and highly integrated architecture like Cisco’s
Borderless Network, but offers the Adaptive Edge Architecture, which is largely a rationale for a
disparate, disjointed product line.
ProCurve
Table 38: ProCurve Fixed-Configuration Switches
ProCurve Product Numbers J9019B J9020A J9279A J9280A J9137A J9138A J9298A J9299A
ProCurve
10/100/1000 2 24 48 2 4 8 (PoE) + 2 20 (PoE)
Dual Personality 2 4 4 2 2 2 4
Uplink/SFP/GBIC 2
10G Uplink
Performance
Security
Radius · · · · · · · ·
802.1X · · · · · · · ·
SSL · · · · · · · ·
SSH · · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · · · ·
Rate Limiting
ProCurve
Table 38: ProCurve Fixed-Configuration Switches
ProCurve
10/100 8 (PoE) 24/24 (PoE) 24 (12 PoE) 48/48 (PoE)
10/100/1000 24 48 1 2 2 2
Dual Personality 4 4 1
Uplink/SFP/GBIC 2 2 2
10G Uplink
Performance
Security
Radius · · · · · ·
802.1X · · · · · ·
SSL · · · · · ·
SSH · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · ·
Rate Limiting
ProCurve
Table 38: ProCurve Fixed-Configuration Switches
Description 2910al-24G / 2910al-24G-PoE 2910al-48G / 2910al-48G-PoE 3500-24 / 3500-24-PoE 3500-48 / 3500-48-PoE 3500yl-24G-PWR 3500yl-48G-PWR
J9145A J9147A J9470A J9472A
ProCurve Product Numbers J9146A J9148A J9471A J9473A
J8692A J8693A
Layer 2/Layer 3 Layer 2, RIP, MLD snooping Layer 2, RIP, OSPF (Advanced Image), MLD Snooping
ProCurve
10/100 20/20 (PoE) 44/44 (PoE)
Dual Personality 4 4 4 4 4 4
Uplink/SFP/GBIC
Performance
Security
Radius · · · · · ·
802.1X · · · · · ·
SSL · · · · · ·
SSH · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · ·
Rate Limiting · · · ·
GVRP · (GARP) · (GARP) · (GARP) · (GARP) · (GARP) · (GARP)
Hardware Queues 8 Queues 8 Queues
ProCurve
Table 38: ProCurve Fixed-Configuration Switches
ProCurve Product Numbers J8992A J8433A J8474A J9263A J9264A J9265A J9451A J9452A
Catalyst Equivalent Catalyst 3560v2 Catalyst 4900M Catalyst 2960G, 4948, 4900M
ProCurve
10/100
10/100/1000 24 24 48 48
Dual Personality 4 4 4
Uplink/SFP/GBIC 24
Performance
Security
Radius · · · · · · · ·
802.1X · · · · · · · ·
SSL · · · · · · · ·
SSH · · · · · · · ·
Bandwidth Management/QoS
IGMP Snooping · · · · · · · ·
Rate Limiting · · · · · · · ·
GVRP · (GARP) · (GARP) · (GARP) · (GARP) · (GARP) · (GARP) · (GARP) · (GARP)
Hardware Queues 8 Queues 8 Queues
Source: ProCruve
ProCurve
Table 39: ProCurve Modular LAN Switches
ProCurve
RJ-45 10/100 120 96 48 192 192 120
Maximum 1000BASE-SX/LX 8 16 12 32 16 24
10 Gigabit 2 4 2 4 4 4
Rate Limiting
High Availability
ProCurve
Table 39: ProCurve Modular LAN Switches
Layer 3 Compatibility RIPv1/ v2 / OSPF, PIM and VRRP (avanced image) RIPv1/ v2 / OSPF, PIM and VRRP (avanced image)
ProCurve
RJ-45 10/100
10 Gigabit 24 16 16 48 32 32
Rate Limiting · · · · · ·
High Availability
ProCurve
Table 39: ProCurve Modular LAN Switches
Cisco Catalyst Switching Switch 2600 Switch 2500 Switch 2300 Switch 1800
Source: ProCruve
Catalyst Equivalent Catalyst 6500
Positioning Core/Distribution
Layer 3 Compatibility RIPv1/ v2 / OSPF, PIM and VRRP (avanced image) ProCurve Weaknesses
Maximum Port Density • ProCurve is still a small division within HP. Its revenue in 2009 was $768 million, less than 0.7% of
HP’s revenue. How strategically relevant can they be for HP strategy?
Interface Module Slots 6 12
ProCurve
• While positive in 2008, operating earnings were negative in 2009 (negative $56 million in ’09 vs.
RJ-45 10/100 144 288
positive $49 million in ’08) signaling high acquisition costs, discount, and narrow margins.
RJ-45 10/100/1000 144 288
• Low intellectual property content limits value added (pricing power) and constricts value
Maximum 1000BASE-SX/LX 144 288
proposition toward price-oriented market initiatives (low TCO, price per port). Access routers are
10 Gigabit 24 48 sourced externally and are limited in interface types offered and product breadth.
Power over Ethernet (PoE) 144 288 • Recent product introductions and marketing suggest desire to move from a cost-based sales
Other (ATM, STM, etc.) model (price per port) toward a more value-based sales model.
Service Module Support · • Small size of dedicated ProCurve sales force and talent acquisition to drive growth.
Performance (One Unit) • Talent acquisition and management in an uncertain environment and a location far from most of
Capacity (Gbps) 345.6 691.2 HP’s product organizations.
Throughput (Mbps) 240.2 480.3 • No application networking, limited security product offering, and limited scope of VoIP
partnerships.
QoS and Rate Limiting
ProCurve
ProCurve Sales Tactics
NOTES
• ProCurve claims to offer features similar to Cisco, but with lower price or lower total cost of
ownership focusing on initial acquisition costs only.
• It portrays Cisco solutions as expensive, complicated, and proprietary solutions with ProCurve
as a simpler, less expensive alternative with most of the same features (Cisco is the best, but
ProCurve is good enough).
• ProCurve emphasizes HP’s traditional commitment and reputation for product quality. It backs
this with a qualified lifetime warranty for most products. This is very effective in government and
education markets. Most Cisco desktop (fixed configuration) switches come with a similar warranty.
• HP presents a safe choice and worldwide presence in terms of support and distribution; however,
because significant parts of the product line are OEM or third party in nature, this can result in an
extensive hidden multivendor solution.
ProCurve
• It uses partnerships to offer the customer a broad or complete solution. A good example is IP
telephony. Although this can provide a complete solution it adds to customer linkage cost in
identifying and resolving problems. When problems arise, which organization will step up and
support the customer?
Cisco
Why Work With Cisco? As noted by Gartner back in 2005, “consumer IT will affect every enterprise… As technology
providers increasingly design products for consumers, enterprise IT managers have to learn how
Cisco Offers Business and Technical Value to manage these products as employees bring them into varieties of workflows and processes…
Consumer-grade technology represents an unavoidable challenge for CIOs”.
Cisco offers value beyond a switch, router, wireless access point, or other networking device.
Cisco has stepped up to the challenge offering Borderless Networks, the next-generation
By working with Cisco, customers and partners can practically and pragmatically find ways to
architecture that delivers the new workspace experience: connecting anyone, anywhere, using any
more effectively utilize their networks to further their business goals. The Cisco Service-Oriented
device, to any resource—securely, reliably, and seamlessly. Systems innovations across routing,
Network Architecture (SONA) and Network Admission Control (NAC) are two examples, both based
switching, wireless, acceleration, and security help organizations deliver mobility, security, and
on extensive customer interaction and understanding of issues faced by customers. They address
performance to transform the way IT delivers and scales those services on the network.
different aspects of effective network utilization, but demonstrate how Cisco adds customer value
in addition to providing high-functionality, high-performance networking solutions. Furthermore, as the network becomes the intelligent platform on which all IT services are enabled,
information can be more effectively collected and analyzed to implement additional functionalities
SONA provides a framework that uses the network to accelerate business applications and
while lowering total costs. The recently released EnergyWise—a distributed model to monitor and
processes to enhance customer profitability. The network is the platform that connects and enables
manage energy usage on connected devices—is a clear example of it. Available on most of Cisco
the IT infrastructure. By making the network more intelligent, the IT infrastructure is improved. This
Catalyst Switches, EnergyWise allows IT managers to remotely monitor energy consumption, power
frees up funds for greater innovation and strategic investment. By reducing operating expenses
on/off IP phones and switches or to enforce policies based on observed patterns, daily schedule,
and increasing network relevance, SONA creates new revenue opportunities for partners to sell
or energy cost considerations.
solutions and services that move enterprises to next-generation IT.
NAC uses the network to intelligently confirm user identity and endpoint-device security policy
Why Choose Cisco?
compliance. NAC addresses worms, viruses, spyware, and malware, which cause downtime
and financial loss and decrease productivity. Customers can use existing network, security, and • Cisco has the most experienced networking design and implementation staff in the world. This
management infrastructure for the smallest IT footprint possible. NAC is built on an industry staff has designed thousands of networks of varying size and complexity worldwide. Cisco has
initiative led by Cisco, with over 60 active partners, and offers the broadest solution available in incorporated this experience into product development, design, and delivery.
the market in the form of ready-to-use NAC appliances and an architecture-based framework. • Cisco has successfully navigated through good and bad times, growing from a small startup to a
Appliance components can be integrated into the NAC framework, providing a smooth transition to large multinational company with a constant focus on customer and partner needs.
Cisco
an architectural implementation. NAC offers far-reaching customer benefits such as:
• Cisco develops leading-edge features that others brand as proprietary. In reality, this is technology
• Endpoints (laptops, PCs, PDAs, servers, etc.) conform to the security policy, which proactively innovation and leadership. Cisco works proactively with peers and competitors to incorporate
protects against worms, viruses, spyware, and malware, helping organizations focus operations on these innovations as standards. This has occurred numerous times during Cisco’s history. A few
prevention, not reaction. examples are:
• NAC integrates broadly with multi-vendor security and management software to enhance existing • Cisco worked actively with many other companies to develop the initial Fast Ethernet specification,
investments in network infrastructure and vendor software. later adopted by IEEE as the 802.3u standard.
• Comprehensive admission control across all access methods prevents noncompliant and rogue • Power over Ethernet (PoE): Cisco began shipping pre-standard PoE in mid-2000. This became
endpoints from impacting network availability. This reduces OpEx related to identifying and the basis for the ratification of standards-based PoE (802.3af) in late 2003. In the fall of 2006, Cisco
repairing infected, rogue, and noncompliant systems. shipped its 50 millionth PoE–capable port, more than five times all other vendors combined.
Cisco works with leading security vendors such as McAfee Security, Trend Micro, and Symantec • Cisco EtherChannel technology became the basis for 802.3ad.
to incorporate the best solutions into the scalable NAC framework. This stands in stark contrast
to Cisco competitors who have a more narrow focus or choose to avoid addressing security • Multiple Instance Spanning Tree (MIST) was the basis for 802.1s.
concerns. • Spanning Tree Protocol fast enhancements provided the basis for 802.1w (Rapid Spanning
NAC is one example of the functionalities required to address recent shifts in IT: consumerization of Tree Protocol).
IT, any content to any device and mobility. • Inter-Switch Link (ISL) was the basis for 802.1Q trunking.
Cisco
Table 41: Cisco Market Coverage as of December 2009
• Layer 2 Tunneling Protocol (L2TP): Cisco developed Layer 2 Forwarding (L2F) and a Microsoft
consortium developed Point-to-Point Tunneling Protocol (PPTP). Cisco cooperated actively with the Market Coverage
Microsoft consortium and helped develop a new standard, L2TP, which took the best ideas
Cisco 3Com Extreme Nortel ProCurve Force10 Foundry Juniper Huawei Alcatel D-Link
from both groups.
Switches
• Interior Gateway Routing Protocol (IGRP) and Enhanced IGRP (EIGRP) later became much of the
basis for Open Shortest Path First (OSPF) and Routing Information Protocol Version 2 (RIPv2).
Modular · · · · · · · · · · ·
• Cisco employees chair 20 IETF working groups in varying networking areas, turning innovations
Fixed · · · · · · · · · · ·
into standards. Blade · ·
• More than 100 Cisco employees have written Internet drafts and RFCs. Wireless
Switches/
• Cisco actively participates in virtually every group concerned with networking standards. This Controllers · · · · · · · ·
participation helps ensure that Cisco products remain current and compatible with standards. Access
Cisco customers can deploy Cisco devices without concern over incompatibility. By focusing on
Points · · · · · · · · ·
Routers
standards, Cisco also quickly brings to market products that meet customer needs—when they
need them. And the emphasis on standards addresses the needs of the broad market, giving Enterprise · · · · ·
customers more choices in how they solve their networking problems and tailor their networks to Branch/
meet specific business objectives. Multiservice · · · · · · · ·
IP Telephony
• Cisco actively looks for new opportunities to grow and serve its customers through internal
development, acquisition, or a combination, taking the most effective approach possible. IP Phones · · · ·
• Cisco invested in excess of US$5 billion in R&D in fiscal year 2009 and in 2008 showing great IP PBXs · · · ·
commitment to product development despite the economic challenges of a hard downturn.
Call Centers · · · ·
• Cisco has more than 16,000 engineers working in labs worldwide and has been awarded more than
Security
2000 patents with another 3000 pending.
Cisco
Intrusion
• Cisco has the largest networking support staff in the world with five Technical Assistance Centers Detection · ·
(TACs) and more than 1400 support engineers devoted to network support and problem resolution. Intrusion
Prevention · · · · ·
• Cisco offers multiple purchase alternatives such as direct purchase or leases when desired Firewall/
by customers. VPNs · · · · · · ·
• Cisco IOS Software unifies all Cisco switches, routers, and other equipment, providing a solid
SANs · ·
foundation for Internet applications and helping companies to extend common services and Network Support and Services
interfaces across the entire network, reducing training and administrative costs. Number of 5 Unknown Unknown Unknown 2 3 2 3 Unknown Unknown
TACs
• Cisco management software supports remote monitoring, configuration, fault-detection, and Support 1400 Unknown Unknown Unknown 30–35** 30** 35** Unknown Unknown Unknown
troubleshooting. A complete line of tools simplifies and automates the delivery of intelligent Engineers
services throughout the network, whatever the organization’s size. Network
Design · · · · · Unknown Unknown · ·
Cisco is the networking market leader and has the broadest product portfolio of networking Advanced
products, services, and solutions. Cisco can provide a complete solution or provide critical product Services · Unknown Unknown Unknown Unknown Unknown Unknown Unknown · Unknown
and service elements as desired by customers. The following table compares Cisco’s market *HP does not develop SAN equipment, but sells SANs from multiple sources including Cisco.
coverage with selected competitors. **Estimated.
Cisco
Why Cisco Catalyst Switching Availability and Resiliency
Cisco switches offer availability and resiliency by providing device-level, protocol-level, and
Integrated Security
network-level resiliency. Examples include:
Cisco switches have built-in mechanisms to help make the network self-defending. They integrate
• The modular Cisco Catalyst switches have redundant power supplies, redundant supervisors,
security functions into the infrastructure to help control user access to the network and to various
fan trays, and clock modules that help protect against failure. Features such as NSF/SSO ensure
services, to help protect against network threats such as worms, viruses, and denial-of-service
subsecond supervisor failover in an event of a supervisor failure. Cisco IOS Software modularity,
(DoS) attacks, and to help ensure privacy in communications. Cisco switching portfolio offers
an industry first, takes high availability to the next level by allowing subsystem image upgrades
integrated security solutions for networks of every size, without compromising performance.
without having to take the switch down.
From standalone to chassis, the Cisco Catalyst family of switches lets you implement whatever
safeguards you need, wherever you need them. • The fixed-configuration Cisco Catalyst switches support the optional Cisco Redundant Power
System 675, which provides a 675-watt redundant AC power system backup source for one of six
• Using Network Admission Control (NAC) the network will allow devices onto the network only if
units, improving fault tolerance and network uptime.
they meet certain criteria, such as having the latest version of virus software. NAC significantly
limits the capability for viruses to enter the network. • Features such as Bridge Protocol Data Unit (BPDU) Guard prevent accidental topology loops from
happening in the network, while Unidirectional Link Detection (UDLD) and Aggressive UDLD detect
•Access control lists (ACLs) assign users to designated network areas and block unauthorized
incorrect fiber-optic wiring or port faults. Network uptime is maximized when these features are
access to all other applications and information. ACLs allow only designated users to access
enabled.
specified resources.
• Cisco Spanning Tree Protocol enhancements allow for maximum uptime, maximum available
• Cisco switches offer capabilities to mitigate man-in-the-middle attacks. Features such as Dynamic
bandwidth, and greater levels of resiliency. Features such as Per VLAN Rapid Spanning Tree
Host Configuration Protocol (DHCP) Snooping, Dynamic Address Resolution, and IP Source Guard
(PVRST+) and Backbone Fast allow for load balancing of VLANs and rapid convergence of the
all help prevent data and identity theft in the network.
network. Gateway Load Balancing Protocol (GLBP), a unique Cisco feature, allows users to further
• Identity-Based Networking Services (IBNS) authenticate who can access the network and what maximize link and network resources by permitting load sharing of links and gateway resources in
network resources they can access. IBNS prevent unauthorized users from gaining access to the a Layer 2 environment.
network. Using IBNS, guests can be placed in a guest VLAN and provided access to the Internet.
• Routed Access in the wiring closet enables the network to respond to recovery times very quickly,
Cisco
• Cisco switches offer numerous features to mitigate DoS attacks. These include Control Plane often in less than 200 milliseconds, and optimizes usage of existing network links and ports.
policing, Port Security, Scavenger Class QoS, and NetFlow anomaly detection, to name a few.
• Cisco IOS Software Modularity on the Cisco Catalyst 6500 Series boosts operational efficiency
• Cisco delivers on the vision of integrated network security by offering a suite of advanced security and minimizes downtime through evolutionary software infrastructure advancements. By enabling
modules including firewall, IPsec VPNs, SSL, IPS, IDS, and gigabit network analysis modules into modular Cisco IOS subsystems to run as independent, self-healing processes, this innovation
the Cisco Catalyst 6500 Series. By expanding on the Cisco SAFE Blueprint to include the Cisco minimizes unplanned downtime through fault containment and stateful process restarts, simplifies
Catalyst 6500 Series, these capabilities enable more integrated, highly available, adaptive, and software changes through subsystem In-Service Software Upgrades (ISSU), and enables
scalable security for network connectivity, services, and applications. process-level, automated policy control by integrating the Embedded Event Manager (EEM).
Cisco
Advanced Technology Integration • Cisco offers among the highest performance modular and stackable switches in the industry,
Cisco delivers on the vision of integrated, converged services by offering a suite of service but throughput alone is not enough. Organizations need to be assured of predictable
modules. The Cisco Catalyst 6500 Series includes the following advanced features: performance, regardless of variables like congestion, traffic type, or the use of software-or
hardware enabled services. That is why all Cisco Catalyst switches are designed to maintain
• Voice-aware services integrate with Cisco Unified Communications to make it easier to deploy, predictable performance through a unique combination of mechanisms, including Cisco
operate, and consolidate voice solutions. Express Forwarding, Ternary Content Addressable Memory (TCAM), buffering, and congestion
• The Cisco Content Switching Module brings advanced Layer 4–7 content switching capabilities management. This allows network managers to enable complex features without fear of losing
to the Cisco Catalyst 6500 Series Switch, adding high-performance, feature-rich Layer 4–7 load- speed in their networks.
balancing to existing Layer 2–3 features on the Catalyst platforms.
Enhanced Manageability
• The Cisco Catalyst 6500 Wireless Services Module (WiSM) enables pervasive, campus-
wide wireless services and is a central component of the Cisco Unified Wireless Network. Cisco switches offer enhanced capabilities that allow the switch to be easily configured and
Integrating the WiSM into the Cisco Catalyst 6500 Series combines the best of wireless and managed, and offer many tools that aid in troubleshooting the network if a problem arises.
wired technology, resulting in simplified wireless deployment and management, leading wireless • Cisco Network Assistant offers centralized management and configuration of Cisco devices to
security, maximum wireless scalability, and the highest levels of wireless availability. simplify deployment and ongoing maintenance by using Cisco Smartports technology. Through
• The Cisco Catalyst 6500 Application-Oriented Networking Module provides message-level a user-friendly GUI, users can easily apply common services such as configuration management,
routing, visibility, and security. inventory reports, password synchronization, and Cisco IOS Drag-and-Drop Upgrade across
Cisco switches, routers, and access points.
• The Cisco Application Control Engine (ACE) Module provides organizations with levels of control
over the way that they deploy, operate, deliver, secure, and manage their applications and • Smartports Advisor takes Cisco Smartports technology further by automatically detecting the
business services across the extended enterprise. type of device (for example, an IP phone, router, or access point) connected to the switch and
offering a Cisco best-practices configuration to the ports.
Optimized Delivery • Cisco Catalyst switches provide unique extensions to the IEEE 802.3af standard through the use
Cisco switches help disparate applications, all of which have different requirements, to get the of Intelligent Power Management (IPM), which minimizes wall power requirements and maximizes
bandwidth and efficiency needed from a converged IP network. From the wiring closet to the core power use on a per-port basis.
Cisco
network, the Cisco portfolio increases your network value. • Embedded Event Manager (EEM) on the Cisco Catalyst 6500 Series is a flexible automation
• Because Cisco switches inspect and classify every data packet based on the priorities you set, technology that enables administrators to set custom policies that control what actions a switch
your most urgent traffic is handled first. ACLs can be used to identify and tag packets, using both should dynamically take when particular events occur. This automation helps administrators off-
802.1p Class of Service (CoS) and Differentiated Services Code Point (DSCP) markings to indicate load time-consuming tasks to the network and accelerate the resolution of network issues.
relative importance. This combination helps ensure that QoS levels are maintained throughout the
network, even across WAN links.
• With Cisco AutoQoS, a Cisco IOS Software feature, you do not need a big IT department or
For more information about Cisco’s switching platforms, please refer to the
extensive expertise to take advantage of these advanced QoS features. For example, with
Cisco Catalyst Switch Guide, located at:
one click, all the parameters for IP telephony are set automatically, preventing other traffic from
interfering with network-based phone conversations. www.cisco.com/go/switchguide
Cisco Catalyst Switch Guide
• Cisco Catalyst switches deployed at the edge of the network support Internet Group Management Scalable, intelligent LAN switching for campus, branch,
and data center networks of all sizes
from, instead of where the traffic is going. This helps to ensure the best efficiency for multicast
Catalyst 2950, Catalyst 2940, and Catalyst Express 500 Series
Fixed-Configuration Switches
traffic.
Content based on publicly available information current as of the date of release of this guide.
NOTES
NOTES
Introduction
Welcome to the 2010 Cisco Access Routing Competitive Reference Guide. This guide provides Access Router Positioning and Overview
information about selected routing competitors (Huawei, 3Com, and Juniper Networks) and
The branch-WAN infrastructure for an enterprise has evolved from being a connectivity driven to
highlights multiple perspectives: products, sales, weaknesses, and sales tactics. The objective is
customer-experience driven. Now more than ever, businesses are looking at their IT as an asset
Introduction
to outline the advantages of Cisco routers in comparison to competitive offerings, and help you
of strategic value to their employees, partners, and customers rather than a cost center. CIOs are
address Cisco competitors as you encounter them.
also looking to deliver next-generation branch services—planned or unplanned—at any time, any
Organization place, and on any device. And they want this done with limited budget and a quick ROI.
• Router Positioning and Overview This new business model translates to a fresh set of challenges to the branch infrastructure. From
small businesses, to enterprise branches, employees need secure access to network resources
• Key Requirements such as e-mail, sales and customer relationship management (CRM) applications, or rich media
• Lead Cisco Platform conferencing services. Additionally, the complexity of the network is increasing as branches add
voice and video over IP, wireless, video surveillance, digital signage, and building control systems
• Cisco Differentiation
on top of the traditional network traffic. The “branch of the future” offers clear advantages for
• Competitor Profiles productivity and driving real business results, but can present significant challenges to network
architects and administrators.
• Who They Are and What They Sell
• Typical Network Configuration
• Product Overviews and Vulnerabilities Figure 1: Typical Branch Office Components
• Weaknesses
• Sales Tactics
• Why Work With Cisco?
• Why Choose Cisco?
Introduction
Key Requirements •S
ervice Virtualization: The new Cisco IOS software packaging and licensing model, included
with every ISR G2, and the Cisco Services Ready Engine bring a revolutionary services delivery
While a traditional branch may not yet have deployed all of the technologies above, a standard
approach by decoupling hardware and software and enabling virtual services on-demand. The
branch today will have the following devices or technologies:
Introduction
applications available for the SRE also create a strong linkage between Branch and Datacenter
• Router solutions, delivering greater value to our customers.
• Firewall and VPN •O
perational Excellence: With reduced truck-rolls, support for Cisco EnergyWise, the services
• Voice and Video services on-demand model and rapid ROI, Cisco continues to raise the bar on operational simplicity and
Green innovation, while offering a high-degree of investment protection.
• Switch
The new ISR G2 platforms can integrate all the key standard branch technologies into a single
• 802.11 Wireless
platform. The new platform also delivers up to 6x performance improvement , and sets the stage for
The following table summarizes the rough equivalent of Cisco’s access router offerings compared high-definition collaboration, and enable service virtualization at the branch.
to offerings from Huawei, 3Com, and Juniper.
The ISR G2 platforms build upon a widely deployed ISR architecture that integrates routing, voice,
Table 1: Branch Office Router Positioning and security features combined into a single Universal IOS image. In the security domain, the
onboard encryption capabilities provide a boost to security performance over a software only
Branch Office Router Positioning implementation. Beyond, point-to-point IPSec and SSL VPN, the ISR G2 routers also support
DMVPN and GETVPN to provide a multi-point VPN solution that is both scalable and manageable.
Cisco Huawei 3Com Juniper
The security features also include a full-featured zone-based firewall, intrusion prevention services,
Cisco 850, 860,
870, 880, and 890 content filtering, and secure voice capabilities.
Quidway AR18-xx SRX100, SSG5
Series Integrated
Services Routers Cisco Call Manager Express (CCME), Survivable Remote Site Telephony (SRST), and Cisco Unity®
Express (CUE), deployed first on on Cisco’s ISR platforms over 5 years ago, are also available
Cisco 1900
SRX210, J2320, J2350, on the ISR G2. The new ISR G2 platforms also enable a full range of Medianet-based emerging
SSG20, SSG140,
Series Integrated Quidway AR18-xx Router 3000 Family
SSG320M, video services, with scaling improvement to support Cisco TelePresence®. Additionally, the
Services Routers
and SSG350M Cisco Unified Border Element software features facilitate business-to-business TelePresence
communications.
Cisco 2900
Quidway AR28-xx and Router 5000 Family, SRX240, SSG520M, Integrating the remaining standard branch technologies is made possible with the available ISR
Series Integrated
Quidway AR19-xx MSR 20, and MSR 30 and J4350
Services Routers modules. Module-based services such as switching, WAN optimization, wireless LAN, and video
Cisco 3900 Quidway AR46-xx, SRX650, SSG550M surveillance allow the customer to deploy a complete solution while minimizing the operational
Router 6000 Family
Series Integrated Quidway AR29-xx, and J6350 costs of maintaining the network. The ISR G2 modules include a new series of switch modules
and MSR 50
Services Routers and Quidway AR49-xx
that run the same IOS as the Cisco Catalyst 2960 and Catalyst 3750-E. These modules offer
16-48 ports of Gigabit Ethernet switching with enhanced Power Over Ethernet (ePOE). The WAN
Lead Cisco Platform optimization module enables customers to optimize usage of their WAN link for collaboration
sessions or cache video content for digital signage while the Wireless LAN controller module
Whether you are designing a traditional branch or a more advanced solution, the Integrated enables branch offices to cost-effectively deploy and manage secure WLANs.
Services Router Generation 2 (ISR G2) platforms are the foundation. Cisco’s ISR G2 delivers the
borderless network experience through service virtualization, new video-ready capabilities and Lastly, the new Cisco Services Ready Engine (SRE) module extends the ISR G2 capabilities to
operational excellence. Building upon the incredible adoption of the Cisco ISR brand, the ISR empower the “branch of the future.” The SRE module enhances service virtualization in the branch
G2 platforms help transform the business experience to foster innovation, promote a superior in 3 ways: It allows customers to decouple the deployment of hardware and software. It provides an
customer experience, while lowering TCO. Building upon the tremendous success of the Cisco ISR x86-based server platform to run 3rd party applications via the Cisco Applications Extension (AXP)
brand and sustained market leadership, the Cisco ISR G2 delivers three key customer values: framework. And the SRE module also enables customers to run various Cisco applications on a
single module form-factor.
•V
ideo-Ready Architecture: New onboard media-service engines and enhanced performance
bring innovative rich-media services to the branch as the first medianet-ready proof-point. Read the Lipps white paper about the latest branch trends and how Cisco ISR G2 can address your
needs: http://www.cisco.com/en/US/prod/collateral/routers/branch_evolution.pdf
Introduction
Figure 2: ISR G2 Series Positioning Table 2: Cisco Integrated Services Routers Key Differentiators
Introduction
Integrated Router Feature Benefit to Secure Networking
The ISR G2 platforms are critical components of key Cisco network solutions. These
solutions change the game from a box-to-box comparison to a network solution
Cisco Network Solutions:
comparison. The ISR G2s are designed and tested to meet the solution requirements
MediaNet
of MediaNet which enables sophisticated video solutions across a range of Cisco
EnergyWise
products. EnergyWise offers the ability to monitor and control enterprise-wide energy
usage (even beyond the networking equipment).
By integrated multiple services into a single platform, Cisco has been able to
demonstrate up to a 70% reduction in customer’s operating expenditures. The savings
Total Cost of Ownership are realized across the board: simplified deployment and management, simplified
service contracting, more efficient use of space and energy, higher availability and
easier troubleshooting.
The layered services within the ISR G2 platforms are designed to work together.
Service Density coupled with The functions of routing, WAN optimization, mobility, voice, video and security are
Solution Design/Validation architected, designed, and tested to ensure they work in together in the same device.
There is no assurance that this is the case in a multi-vendor implementation.
With the Cisco Services Ready Engine module, the ISR G2 provides a new business
model that allows the customer to purchase application services hardware and flexibly
deploy applications. The hardware can run different applications at different times of
the day, or if a network service is no longer needed, the module can be reloaded with
Service Virtualization a new service, preserving the investment. Over time, the supported Cisco applications
will include CUE, AXP, WAN optimization (WAAS), network analysis module (NAM), and
the wireless LAN controller (WLC).
Additionally, future releases will allow the SRE module to host multiple applications at
once.
With Cisco IOS IP SLAs, users can verify service guarantees, increase network
reliability by validating network performance, proactively identify network issues, and
increase Return on Investment (ROI) by easing the deployment of new IP services.
IPSLA uses active monitoring to generate traffic in a continuous, reliable, and
Advanced IOS Features such predictable manner, thus enabling the measurement of network performance and
as IPSLA and Performance health.
Routing (PfR)
PfR extends the capabilities of IPSLA so that networks can make automatic, intelligent,
flow-based routing decisions. Rather than depending on “next hop” and timed failovers,
PfR enables routing decisions based on delay, MOS, jitter, and other advanced
mechanisms.
3Com
Figure 3: 3Com Access Router Product Line
3Com Overview
Huawei/3Com/H3C
3Com sells LAN switches, routers, wireless devices, security, connectivity (network interface
Features/
cards [NICs]), and IP telephony products worldwide primarily through indirect channels. 3Com has Performance
a strong SMB franchise, but re-entered the enterprise segment in 2003 after exiting this area in
2000. Most products designed for higher-density enterprise networking environments have been 3Com/H3C MSR50-40/60 (Huawei AR
49-xx): Modular Configurations with
up to 10 interface slots (SIC/FIC), up
developed as part of the H3C joint venture with Huawei, designed to increase product velocity 3Com/H3C MSR30-20/40/60 (Huawei
to 6 security/voice expansion slots.
Claimed up to 600 Kpps performance.
AR 29-xx): Modular Configurations
and lower costs. 3Com took control of the H3C venture buying out partner Huawei for $882 with up to 10 interface slots (SIC/
MIM), up to 5 security/voice
3Com/H3C MSR20-20/40 (Huawei AR expansion slots. Claimed up to 240
million in November 2006 securing a non-competing agreement in the Enterprise/SMB routing 19-xx): Modular Configurations with
up to 4 interface slots (SIC), up to 4
Kpps performance.
September 2007 offering $2.2 billion for 3Com, but the deal fell through in early 2008 because Huawei AR46XX (3Com 6000):
Modular configurations, 3RU and
of security concerns of US lawmakers related to the TippingPoint division. In November 2009, Huawei AR28XX (3Com 5000):
5RU, 2-8 network interface slots,
claimed performance up to 350
Modular Configurations, 1-2 RU, Kpps.
Hewlett-Packard has announced the intent to acquire 3Com for $2.7 billion in cash, citing H3C R&D 1-8 Network Interface slots (NIM),
Up to 150 Kpps performance claimed.
facilities, intellectual property and inroads into the Chinese markets as reasons for the acquisition. Huawei AR18XX
(3Com 3000): Fixed Configurations,
4 Port FE, Serial, DSL, HDSL.
Fiscal year 2009 was the first profitable year for 3Com after 8 straight years of losses. Market share
3Com
Small Offices Small – Medium Businesses Medium – Large Businesses
grew considerably in fixed switches helped by demand for low cost solution in the economic Small Enterprise Branch Enterprise Branch Large Enterprise Branch
downturn. In the first nine months of 2009, roughly 54% of sales come from China (60% when
combined to the rest of the Asia Pacific region) reflecting the crucial role of the H3C joint venture.
Typical 3Com Network Configurations
Figure 4: Typical 3Com Network Configuration
Table 3: 3Com Financial Profile and Enterprise Router Market Share
Marketing and
$106.2 $452.3 $445.1 $413.6 $347.3
Administration
Headcount 5868 6,03 6309 5572 Figure 4 above shows a typical 3Com solution for a branch-office network, which closely resembles
3Com Market Share 2006-2009 2009 2008 2007 2006 a Huawei solution because their partnership shares many products.
Access Router Share (revenue)2 3.2% 2.8% 2.2% 0.4% This solution portrays a typical corporate data center with distributed branch offices connected
High End Enterprise Router Share (revenue) 0.0 % 0.0% 0.0% 0.0% across the WAN. 3Com has focused on delivering a base set of products upon reentering the
Total Enterprise Router Market Share 2.7% 2.4% 1.8% 0.4% enterprise market to satisfy basic customer connectivity, density, and performance requirements
and has not focused on the more comprehensive needs of enterprise customers.
1
Yahoo Finance.
2
Dell’Oro Group, Routers Report 4Q09, Vol. 14, No. 4 R1A, Market Summary and Vendor Information A Cisco Borderless Network architecture and branch-office solutions provide more integrated
services that allow customers to reduce total cost of ownership (TCO) and improve productivity.
Table 5 gives information about 3Com access routers.
3Com
Table 4: 3Com/H3C Access Router Product Details Table 4: 3Com/H3C Access Router Product Details
3Com Product Name Router 3000 Family Router 5000 Family Router 6000 Family 3Com Product Name Router 3000 Family Router 5000 Family Router 6000 Family
Cisco 800 and 1900 Series Cisco 2900 Series Integrated Cisco 3900 Series Integrated Cisco 800 and 1900 Series Cisco 2900 Series Integrated Cisco 3900 Series Integrated
Cisco Equivalent Cisco Equivalent
Integrated Service Routers Services Routers Services Routers Integrated Service Routers Services Routers Services Routers
Positioning Small Office Mid-size Branch Office Large Office Positioning Small Office Mid-size Branch Office Large Office
Performance Security
Performance
Not applicable
(supports up to HDSL rates)
60-100 kpps 350-1000 kpps Stateful Firewall, NAT · · ·
VRF-aware Firewall
IPsec Throughput 110 Mbps Up to 600 Mbps
IPS
Firewall Throughput
Antivirus and Anti-spam
WAN Connectivity
URL (web filtering)
ISDN BRI Fixed · ·
3Com
DDoS Protection (Clean
xDSL Fixed · · Pipes, NetFlow, uRPF) · ·
T1/E1 Fixed · · Application-level
· ·
Security
DS-3 · ·
Frame Relay · ·
IPsec VPN (3DES, AES) · · ·
SSL VPN
ATM · ·
Dynamic Site-to-site
LAN Connectivity Secure VPN · ·
Built-in LAN Ports 1-4 FE 0-2 FE 2 FE (3 GE for ERPU Engine) Voice
Modular LAN Capability · · Call Processing,
Signaling
Layer 2 Features
(PoE) 802.3af
PSTN Gateway · ·
Voice Mail
Cisco Discovery
Protocol and Cisco WAN
Phone Discovery
Caching
Layer 3 Features
Compression
OSPF, BGP OSPF Only · · Application-specific
IPv6 Acceleration
CBWFQ, WRED · · · • Limited voice support: Provides little more than DSP cards for PSTN interface and phone,
no PoE
Multiprotocol: SNA • Limited MPLS: No support for mVPN, advanced VPLS features (H-VPLS Ethernet, MPLS,
(DLSw, SNASw, SDLC Product Vulnerabilities
Tunneling, Bisync · · and autodiscovery), Layer 2 VPN QoS, or MPLS OAM features
Tunneling), IPX, DECnet, (DLSw, IPX Only) (DLSw, IPX Only) • No IPv6
AppleTalk
• Support for only basic QoS SLAs, limited policing, shaping, queuing, and rudimentary
Multicast · · · traffic classification; no QoS automation capabilities
Note: All information in these charts is from H3C or 3Com product data sheets available on the 3Com or H3C web sites..
3Com
Table 5: 3Com/H3C Multiple Service Routers Table 5: 3Com/H3C Multiple Service Routers
3Com/H3C Multiple Service Routers (MSRs) 3Com/H3C Multiple Service Routers (MSRs) (continued)
Product Name MSR 20 MSR 30 MSR 50 Product Name MSR 20 MSR 30 MSR 50
MSR 20-20, MSR 20-21, MSR 30-20, MSR 30-40, MSR 50-40 MSR 20-20, MSR 20-21, MSR 30-20, MSR 30-40, MSR 50-40
Product Numbers Product Numbers
and MSR 20-40 and MSR 30-60 and MSR 50-60 and MSR 20-40 and MSR 30-60 and MSR 50-60
Cisco 2900 Integrated Cisco 2900 Integrated Cisco 3900 Integrated Cisco 2900 Integrated Cisco 2900 Integrated Cisco 3900 Integrated
Cisco Equivalent Cisco Equivalent
Services Router Services Router Services Router Services Router Services Router Services Router
Performance Security
Performance Up to 160 kpps 220-240 kpps Up to 1280 kpps Stateful Firewall, NAT · · ·
VRF-aware Firewall
IPsec Throughput 100 Mbps 250 Mbps Up to 600 Mbps
IPS
Firewall Throughput 200 Mbps 600 Mbps Up to 1.5 Gbps
3Com
Antivirus and Anti-spam
WAN Connectivity
URL (web filtering)
ISDN BRI · · ·
DDoS Protection (Clean
xDSL · · · Pipes, NetFlow, uRPF) · · ·
T1/E1 · · · Application-level
· · ·
Security
DS-3 · ·
IPsec VPN (3DES, AES) · · ·
Frame Relay · · · SSL VPN · · ·
ATM · · · Dynamic Site-to-site
LAN Connectivity Secure VPN · · ·
Built-in LAN Ports 2 FE (10 FE for MSR 20-21) 2 GE 2 GE Voice
AppleTalk • Support for only basic QoS SLAs, limited policing, shaping, queuing, and rudimentary
traffic classification; no QoS automation capabilities
Multicast · · · Note: All information in these charts is from H3C or 3Com product data sheets available on the 3Com or H3C web sites.
3Com
3Com Weaknesses
NOTES
•C
onsistent financial losses, management turnover, and prolonged uncertainties hindered the
company strategy and focus, with negative effects on customers. HP announcement reignites the
uncertainties around the company’s future.
•C
onstant change of strategies (exit and re-entry in enterprise), constant product shuffling (exit from
modular switches and then decision revised).
•H
eavily relied on Huawei to deliver critical products and technology in the past, as well as to drive
sales. Huawei was responsible for 26% of H3C revenue and 15% of 3Com consolidated revenue
in 2008, down from 41% at the end of 2006.
• Competing simultaneously in many networking segments may have proven a distracting and
ineffective strategy leading to consistent financial losses.
•B
ack-end support could have been impacted by sales force turnover and company downsizing.
3Com
• An inconsistent strategy and in-out-in posture within the enterprise segment, may have risen
questions, among enterprise IT managers and professional, about 3Com credibility. The purchase
of H3C seems to indicate greater commitment, but the company track-record and past behavior
may have undermined irreparably customer trust.
• 3Com can offer broad solutions that are best deployed in relatively small networks. 3Com’s
in-out-in again posture in the enterprise is not likely to inspire customer confidence in its long-term
commitment. Despite its broad portfolio, 3Com has not provided the level of integration offered
by the Cisco integrated services router portfolio of access routers. Unlike Cisco, 3Com access
solutions may require the deployment of multiple devices.
• Cisco has convergence products (voice, video, data, and IPTV) and expertise coupled with a long-
term commitment to implement them successfully.
• 3Com relies on third party ISVs and partners in the OSN (Open Serivces Networking) program and
the OSN module to provide services and features that are not available on the MSR routers.
Huawei
Table 7: Huawei AR Series Router Product Details
• Established 14 R&D centers around the world in Silicon Valley and Dallas in the United States, Cisco 2900 Integrated Cisco 3900 Integrated Cisco 3900 Integrated
Cisco Equivalent
Services Router Services Router Services Router
Stockholm in Sweden, Moscow in Russia, and Bangalore in India to ensure global R&D with
outstanding people. Mid-size to Large
Positioning Mid-size Branch Office Large Branch Office
Branch Office
• Huawei invests 10% of annual sales to research and development.
Performance
• Huawei’s 2008 globalrevenue totaled $18.329 billion USD.
Performance 110-130 kpps 220-240 kpps 600 kpps
• The company has four corporate divisions organized functionally: products and services, strategy IP Security (IPsec)
and marketing, sales and support, and operations and delivery. 100 Mbps 250 Mbps Up to 600 Mbps
Throughput
• Huawei sold its stake in its joint venture interest in H3C to 3Com for $882 million. As part of the Firewall Throughput 200 Mbps 600 Mbps Up to 1.500 Gbps
agreement, Huawei cannot compete in the enterprise or small and medium-sized business (SMB)
WAN Connectivity
routing and switching markets for 18 months after final approval (noncompete expires September
29, 2008). Huawei can supply products to the service provider markets ISDN Basic Rate
Interface (BRI) · · ·
• Huawei concentrates on five primary areas: data communications, mobile networks, optical
networks, software, and applications. xDSL · · ·
T1/E1 · · ·
Table 6: Huawei Enterprise Router Market Share
DS-3 · ·
Huawei Enterprise Router Market Share
Frame Relay · · ·
Huawei Market Share 2006-2009 2009 2008 2007 2006
Huawei
Access Router Share (revenue)1 1.4% 2.5% 2.9% 3.4%
ATM · · ·
LAN Connectivity
High End Enterprise Router Share (revenue) 5.9 % 5.8% 5.9% 4.8%
Total Enterprise Router Market Share 2.5% 3.0% 3.4% 3.6% Built-in LAN Ports 2 FE (10 FE for MSR 20-21) 2 GE 2 GE
Modular LAN
1
Dell’Oro Group, Routers Report 4Q09, Vol. 14, No. 4 R1A, Market Summary and Vendor Information Capability · · ·
Layer 2 Features
Typical Huawei Network Configurations PoE 802.3af
Huawei’s documentation lacks connection to the problems faced by enterprise IT managers. Cisco Discovery
Protocol and Cisco
Huawei products focus primarily on speeds, feeds, and low cost, with the emphasis on port density Phone Discovery
and uplink speeds. Huawei’s solutions do not produce a scalable architecture such as the Cisco’s
Layer 3 Features
Borderless Networks. The Cisco Network Admission Control (NAC) architecture, for example, was
derived from interaction with customers and a common understanding of the problems customers Open Shortest Path
First (OSPF), Border
face. Gateway Protocol · · ·
(BGP)
IPv6 · · ·
Multiprotocol Label
Switching (MPLS) · · ·
Huawei
Table 7: Huawei AR Series Router Product Details Table 8: Huawei Multiple Service Router Product Details
Product Name Quidway AR19-xx Quidway AR29-xx Quidway AR49-xx Product Name Quidway AR19-xx Quidway AR29-xx Quidway AR49-xx
Huawei Product MSR 20-20, MSR 20-21, MSR 30-20, MSR 30-40, Huawei Product MSR 20-20, MSR 20-21, MSR 30-20, MSR 30-40,
MSR 50-40, MSR 50-60 MSR 50-40, MSR 50-60
Numbers MSR 20-40 MSR 30-60 Numbers MSR 20-40 MSR 30-60
Cisco 2900 Integrated Cisco 3900 Integrated Cisco 3900 Integrated Cisco 2900 Integrated Cisco 3900 Integrated Cisco 3900 Integrated
Cisco Equivalent Cisco Equivalent
Services Router Services Router Services Router Services Router Services Router Services Router
Application-level Security · · ·
IPsec VPN (Triple Digital
Encryption Standard (3DES),
and Advanced Encryption · · ·
Huawei
Standard (AES))
Secure Sockets Layer
(SSL) VPN
Dynamic Site-to-site
Secure VPN · · ·
Voice
WAN Connectivity
Caching
Compression
Application-specific
Acceleration
• Lack of security: No IPS, antivirus or antispam, and no web filtering
• No PoE
Product • Limited voice support: Provides little more than DSP cards for PSTN interface and phone
Vulnerabilities
• Limited MPLS: Huawei VRP (OS): No support for mVPN, advanced VPLS features
(H-VPLS Ethernet, MPLS, or autodiscovery), Layer 2 VPN QoS, or MPLS operations,
or administration, and management (OAM) features
Note: All information in these tables is from H3C or Huawei product data sheets available on the Huawei or H3C web sites.
Huawei
Huawei Weaknesses
NOTES
•L
ack of security integration as well as security and wireless products.
•H
eavily reliant on direct sales and original-equipment-manufacturer (OEM) model.
•W
eak feature support for QoS and Multicast.
•L
imited international enterprise experience and acceptance.
Huawei
166 Cisco Confidential Cisco Confidential 167
Cisco Access Routing Competitive Reference Guide
Juniper
Figure 5: Juniper J-series Access Routers and SSG Series
Security Focus
Features/
• Initially focused on high-end routers for the carrier market, Juniper moved into the enterprise
Performance SSG 520M: 2 RU, Modular configuration
WAN up to DS3, 600 Mbps Firewall, 300
market with the acquisition of NetScreen in 2004, Peribit and Redline Networks in 2005, and Funk Mbps IPSec ScreenOS based.
• Juniper sells its enterprise access routers mostly through indirect channels and partners. Mbps Firewall (IMIX), 175 Mbps IPSec, ScreenOS
based, upgradeable to JUNOS.
• For access routing, Juniper offers the J-series Services Routers (J2320, J2350, J4350, and
Mbps Firewall (IMIX), 100 Mbps IPSec, ScreenOS
based.
J6350: 2 RU, 4 GE built in, IP Sec HW
J6350) based on JUNOS or JUNOS ES and the SSG series based on ScreenOS (SSG 550M, SSG SSG 20: optional WLAN, Modular chassis, WAN up
to T1/E1, 90 Mbps Firewall (IMIX), 40 Mbps IPSec,
Acceleration, Modular configuration with 6
slots, JUNOS Based, DS3 or Ethernet WAN.
ScreenOS based.
520M, SSG320M, SSG350M, SSG 5, SSG 20, and SSG 140), and the SRX series for branch office SSG 5: optional WLAN, Fixed Chassis
WAN (ISDN BRI, serial, V.92), 90 Mbps Firewall (IMIX),
(SRX100, SRX210, SRX240, SRX650) 40 Mbps IPSec, ScreenOS based.
J4350: 2 RU, 4 GE built in,
IPSec HW acceleration,
Modular configuration with 6
• Enterprise core and aggregation routing offerings include the range of M-series Multiservice Edge
slots, JUNOS Based, DS3 or
Ethernet WAN.
Routing Focus
Table 9: Juniper Financial Profile and Router Market Share Small offices Small – Medium Businesses Medium – Large Businesses
Small enterprise branch Enterprise Branch Large Enterprise Branch
Gross Margin $2158.1 $2406.4 $1908.5 $1549.3 Juniper SRX for Branch
Juniper
SRX240 and SRX240 ICS: Modular chassis, PoE
option, WAN up to T1/E1, 500 Mbps Firewall (IMIX),
Access Router Share (revenue)2 2.2% 1.5% 1.2% 0.7% 250 Mbps IPSec, Junos based.
High End Enterprise Router Share (revenue) 25.8% 24.9% 24.1% 19.8% SRX210 and SRX210 ICS: Modular chassis, PoE
option, WAN up to T1/E1, 250 Mbps Firewall (IMIX),
75 Mbps IPSec, Junos based.
Total Enterprise Router Market Share 5.5% 5.2% 5.0% 4.0%
SRX100, Fixed Chassis, WAN (Ethernet), 200 Mbps
Firewall (IMIX), 65 Mbps IPSec, Junos based.
1
Yahoo Finance
2
Dell’Oro Group, Routers Report 4Q09, Vol. 14, No. 4 R1A, Market Summary and Vendor Information
Juniper
Typical Juniper Network Configurations Juniper does not set out a scalable and intelligent network architecture like the Cisco Borderless
Network. With Juniper, customers might need to integrate multiple third-party solutions to provide
Figure 7 shows a typical Juniper enterprise network architecture.
critical business-class services, increasing their costs and time spent on problem identification
Figure 7: Typical Juniper Enterprise Network Configurations and resolution. If a customer chooses to use one of Juniper’s integrated solutions such as the
SRX for branch series, as an example, they may have to settle for a voice solution that is missing
many features due to its lack of maturity. For example, according to JUNOS 10.0 documentation,
Integrated Convergence Services for the SRX can only support up to 24 users, does not support
T.38 for fax machines, does not support common voice codecs such as G.722, iLBC or iSAC,
secure RTP, and voice mail.
Despite an increased level of integration with other technologies available within Juniper and three
current product lines (SSG, J-Series, and SRX for branch), Juniper has not been able to grow their
market share above 2%.
Juniper entered the enterprise market in 2004 with the acquisition of NetScreen. Since then,
Juniper has acquired Peribit WAN Acceleration and Funk Software for its authentication,
authorization, and accounting (AAA) and 802.1X software. Juniper also acquired Redline for data
center acceleration, but recently canceled the product line. Juniper’s enterprise product portfolio
has grown substantially.
To further strengthen its solutions offerings, Juniper developed partnerships with other enterprise
infrastructure vendors such as Avaya which resulted in a voice offering for the J-series. In 2009,
Juniper also launched the SRX series for the branch office. These products are Juniper’s third
product line targeted at the branch office. The SRX series run Junos software which incorporates
security features previously only available on NetScreen products. This code was initially named
JUNOS ES and is now simply JUNOS. With the release of JUNOS 10.0, the SRX product line now
includes a new voice solution named “Integrated Convergence Services” and also includes a
Juniper
WLAN controller that works with a new WLAN access point, AX11 WLAN Access Point , available
from Juniper.
Juniper’s strategy can be product-centric with a strong emphasis on performance. This strategy
is great for those who need point products for specialized needs but falls short when customers
need solutions to IT problems and want to reduce their CapEx and OpEx.
Juniper
Table 10: Juniper SSG Series Product Features Table 10: Juniper SSG Series Product Features
Product Name SSG 5 SSG 20 SSG 140 SSG 320M SSG 350M SSG 520M SSG 550M Product Name SSG 5 SSG 20 SSG 140 SSG 320M SSG 350M SSG 520M SSG 550M
Cisco 800 Layer 3 Features (continued)
Integrated Cisco 3900
Services Cisco 2900 Integrated MPLS
Cisco 3900 Cisco 3900
Router and Series Services
Cisco 1900 Cisco 1900 Integrated Integrated
Cisco Equivalent Cisco 1900 Integrated Router and CBWFQ, WRED
Series Series Services Services
Series Services ASR 1000
Router Router
Integrated Routers Series Multiprotocol: SNA
Services Routers (DLSw, SNASw, SDLC
Routers tunneling, Bisync
Tunneling), IPX,
Small Small DECnet, AppleTalk
offices offices
Regional Regional Regional Regional Regional
and small and small Multicast
Positioning and branch and branch and branch and branch and branch
enterprise enterprise
offices offices offices offices offices
branch branch Security
offices offices
Performance
Stateful Firewall, NAT · · · · · · ·
VRF-aware Firewall
Recommended
WAN Capacity IPS · · · · · · ·
IPsec Throughput 40 Mbps 40 Mbps 100 Mbps 175 Mbps 225 Mbps 300 Mbps 500 Mbps Antivirus/Anti-spam · · · · · · ·
Firewall Throughput 160 Mbp 160 Mbps 350 Mbps 450 Mbps 550 Mbps 650 Mbps 1 Gbps
URL (Web filtering) · · · · · · ·
DDoS Protection
WAN Connectivity (Clean Pipes,
NetFlow, uRPF)
· · · · · · ·
ISDN BRI · · · Application-level
· · · · · · ·
Security
xDSL · · · · IPsec VPN (3DES,
AES) · · · · · · ·
T1/E1 · · · · · · SSL VPN
DS-3 · · · · Dynamic Site-to-
site Secure VPN · · · · · · ·
Frame Relay · · · · · · · Voice
ATM
Call Processing,
Signaling
LAN Connectivity
PSTN Gateway
4
4 4 10/100/1000 4 Voice Mail
Built-in LAN Ports 7 10/100 5 10/100 8x 10/100
10/100/1000 10/100/1000 2x 10/100/1000
10/100/1000 WAN Acceleration
Modular LAN
· · · ·
Juniper
Caching
Capability
Compression
Layer 2 Features
Application-specific
(PoE) 802.3af Acceleration
Cisco Discovery • No voice capabilities, application-delivery features, or wireless LAN (WLAN)
Protocol/Phone
Discovery • Limited routing features: No MPLS or Multicast; limited QoS
Layer 3 Features Product • Limited management instrumentation capabilities such as NetFlow and IP SLA
Vulnerabilities • Limited WAN interface choices; no ISDN or dialup backup capability (SSG 500 Series)
OSPF, BGP · · · · · · · • Limited expandability for additional branch-office services
IPv6 · · · · · · · • No multiprotocol (IBM or desktop) capability
Note: Juniper product information from data sheets on Juniper Network’s website.
Juniper
Table 11: Juniper J-series Product Features Table 11: Juniper J-series Product Features
Product Name J2320 J2350 J4350 J6350 Product Name J2320 J2350 J4350 J6350
Performance Security
Throughput
(Firewall + Routing)
150 Kpps 175 Kpps 225 Kpps 400 Kpps
Stateful Firewall, NAT · · · ·
IPsec Throughput 125 Mbps 175 Mbps 400 Mbps 1 Gbps
VRF-aware Firewall · · · ·
IPS · · · ·
Firewall Throughput 400 Mbps (IMIX) 500 Mbps (IMIX) 600 Mbps (IMIX) 500 Mbps (IMIX)
Antivirus/Anti-spam · · · ·
WAN Connectivity URL (web filtering) · · · ·
ISDN BRI · · · · DDoS Protection (Clean
Pipes, NetFlow, uRPF) · · · ·
xDSL · · · · Application-level
Security · · · ·
T1/E1 · · · · IPsec VPN (3DES, AES) · · · ·
DS-3 · · SSL VPN
Frame Relay · · · · Dynamic Site-to-site
Secure VPN · · · ·
ATM Voice
Call Processing,
LAN Connectivity
Signaling · · · ·
Built-in LAN Ports 4 GE 4 GE 4 GE 4 GE IP Private-branch-
exchange (PBX) Functions
Modular LAN Capability · · · · PSTN gateway · · · ·
Layer 2 Features Voice Mail · · · ·
(PoE) 802.3af WAN Acceleration
Cisco Discovery
Protocol/Phone
Caching · · · ·
Discovery Compression · · · ·
Application-specific
Layer 3 Features Acceleration · · · ·
OSPF, BGP · · · · • The J-Series offers no WLAN or switching cards with PoE.
Juniper
• The Avaya IG550 voice solution must work with the Avaya Communications Manager
IPv6 · · · · call-control server, typically located in an enterprise headquarters. The IG550 cannot
operate as a standalone PBX solution, although local survivability is provided.
MPLS · · · · • Advanced security features based on NetScreen and WAN acceleration require JUNOS
(formerly JUNOS ES). Configuration commands for security are different from those in
CBWFQ, WRED · · · · ScreenOS, requiring some retraining.
Multiprotocol: SNA Product Vulnerabilities • Interface choices are limited (no ATM, wireless, cable, V92, high-density Layer 3
(DLSw, SNASw, SDLC Etherswitch, asynchronization, High-Speed Serial Interface [HSSI], satellite, or circuit
tunneling, Bisync · · · · emulation over IP [CEoIP]).
Tunneling), IPX, (DLSw Only) (DLSw Only) (DLSw Only) (DLSw Only)
• Multiprotocol capability is limited (only basic DLSw).
DECnet, AppleTalk
• Investment protection is limited because of the following incompatibilities: Protocol
Multicast · · · · Independent Multicast [PIM] is not compatible with SSG 5/20 or M-series routers, EPIMs
are not compatible with old J-series, and PIMs available for the SRX are not compatible
Note: Juniper product information from data sheets on Juniper Network’s website. with the J-series or SSG.
Juniper
Table 12: Juniper SRX Series Product Features Table 12: Juniper SRX Series Product Features
Product Name SRX210 (and SRX SRX240 (and SRX Product Name SRX210 (and SRX SRX240 (and SRX
SRX100 SRX650 SRX100 SRX650
210 ICS) 240 ICS) 210 ICS) 240 ICS)
Cisco 800 Series Cisco 800 and 1900 Cisco 800 Series Cisco 800 and 1900
Cisco 2900 Integrated Cisco 3900 and ASR Cisco 2900 Integrated Cisco 3900 and ASR
Cisco Equivalent Integrated Services Series Integrated Cisco Equivalent Integrated Services Series Integrated
Services Router 1000 Series Routers Services Router 1000 Series Routers
Routers Services Routers Routers Services Routers
Firewall Throughput 200 Mbps (IMIX) 250 Mbps (IMIX) 500 Mbps (IMIX) 2.5 Gbps (IMIX)
Stateful Firewall, NAT · · · ·
WAN Connectivity
VRF-aware Firewall · · · ·
ISDN BRI
IPS · · · ·
xDSL · ·
Antivirus/Anti-spam · · · ·
T1/E1 · · ·
URL (web filtering) · · · ·
DDoS Protection (Clean
DS-3 Pipes, NetFlow, uRPF) · · · ·
Application-level
Frame Relay · · · Security · · · ·
ATM
IPsec VPN (3DES, AES) · · · ·
SSL VPN
LAN Connectivity
Dynamic Site-to-site
2 x 10/100/1000 +
Secure VPN · · · ·
Built-in LAN Ports 8 x 10/100 16 x 10/100/1000 4 x 10/100/1000
6 x 10/100 Voice
Call Processing,
Modular LAN Capability · · · Signaling · · · ·
IP Private-branch-
Layer 2 Features exchange (PBX) Functions · · · ·
(PoE) 802.3af · · · PSTN gateway · · · ·
Cisco Discovery Voice Mail
Protocol/Phone
Discovery WAN Acceleration
Juniper
OSPF, BGP · · · · Compression
Application-specific
IPv6 · · · · Acceleration
MPLS · · · · Note: Juniper product information from data sheets on Juniper Network’s website.
CBWFQ, WRED · · · ·
Multiprotocol: SNA
(DLSw, SNASw, SDLC
tunneling, Bisync
Tunneling), IPX,
DECnet, AppleTalk
Juniper
Table 12: Juniper SRX Series Product Features
Juniper Weaknesses
Juniper SRX Series (continued)
•P
oor integration: Many vendors today, including Cisco, have answered market demands for
Product Name SRX210 (and SRX SRX240 (and SRX lower TCO and ease of use by integrating several functions such as voice, security, routing, and
SRX100 SRX650
210 ICS) 240 ICS)
switching into a single branch-office device. Despite the addition of Avaya voice capabilities to
Cisco 800 Series Cisco 800 and 1900
Cisco Equivalent Integrated Services Series Integrated
Cisco 2900 Integrated Cisco 3900 and ASR Juniper’s new J-series and the addition of Integrated Convergence Services on the SRX for
Services Router 1000 Series Routers
Routers Services Routers branch, Juniper lags behind and does not deliver a high level of integration.
Medium Enterprise
Positioning Small Branch Office Small Branch Office
Branch Office
Large Branch Office •H
igh initial cost and high TCO: To outfit a branch office with routing, switching, voice, security, and
application-delivery capabilities, customers must consider several Juniper products, making the
•N
o WAN Acceleration capability
initial purchase and the cost to manage higher because of the multiple appliances and operating
•M
issing features with the Integrated Convergence services voice capability including:
support for T.38 for fax machines, support for common voice codecs such as G.722, iLBC systems.
or iSAC, secure RTP, and voice mail.
•C
onfusion over choice of product to deploy: Juniper would like to sell the SSG series, the J-series
•A
dvanced security features based on NetScreen and WAN acceleration require JUNOS
(formerly JUNOS ES). Configuration commands for security are different from those in and the SRX series into the branch office, but because of the lack of feature parity between the
ScreenOS, requiring some retraining.
three product lines, customers cannot easily choose one product or the other. In many cases, both
Product Vulnerabilities
• Interface choices are limited (no ATM, no BRI, cable, V92, high-density Layer 3 Etherswitch, products may need to be deployed to implement the capabilities needed by the enterprise, where
asynchronization, High-Speed Serial Interface [HSSI], satellite, or circuit emulation over IP
[CEoIP]). only a single Cisco integrated services router could be deployed.
• Multiprotocol capability is limited.
•S
till evolving enterprise strategy: Although Juniper has certainly launched a wide variety of
• Investment protection is limited—PIMs from the J-series or SSG are not compatible with
the SRX for branch. products for the enterprise and entered into arrangements with other vendors such as Avaya and
•N
o PoE on SRX100 Extreme, it is unclear what Juniper’s overall objective and strategy is for delivering solutions for the
enterprise. Why hasn’t Juniper provided higher levels of integration where they are needed? Why
are they targeting three dissimilar product lines with big feature mismatches at the same branch-
office segment?
• Juniper wants to introduce traditional service provider features such as MPLS and carrier-class
redundancy into the enterprise. Juniper touts the modularity of the JUNOS operating system.
Although MPLS may work well for some large enterprises, many enterprises are not ready for
the move and it is beyond the needs of many SMBs. Carrier-class features certainly improve
uptime and reduce maintenance costs, but not all products or enterprises need or can afford
carrier-class features.
Juniper
• Juniper claims that Junos is one operating system but there is clearly seprate Junos images for
each major product line and the SSG still runs ScreenOS.
• Juniper may lead a sale with its security appliances and then up-sells J-series and M-series
routers.
• Juniper has multiple enterprise partnerships for WLAN, LAN switching, and voice. Some of these
partners can resell Juniper equipment, and some have performed solutions testing to various
levels. With the SRX for branch, Juniper introduced their own WLAN device (AX11) creating
possible confusion with the choice of using a Juniper WLAN partner or Juniper’s solution.
Cisco
Why Work With Cisco? • Inter-Switch Link (ISL) was the basis for 802.1Q VLANs.
• Layer 2 Tunneling Protocol (L2TP): Cisco developed Layer 2 Forwarding (L2F) and a Microsoft
Cisco Offers Business and Technical Value
consortium developed Point-to-Point Tunneling Protocol (PPTP). Cisco cooperated actively with
Cisco offers value beyond a switch, router, wireless access point, or other networking device. Cisco the Microsoft consortium and helped develop a new standard, L2TP, which took the best ideas
Integrated Services Routers Generation 2 (ISR G2) delivers the borderless network experience from both groups.
through new video-ready capabilities, service virtualization, and operational excellence.
• Interior Gateway Routing Protocol (IGRP) and Enhanced IGRP (EIGRP) later became much of the
Video-Ready Architecture: Built for video-delivery from the ground up, the ISR G2 is a medianet- basis for Open Shortest Path First (OSPF).
compliant solution that promotes greater collaboration with comprehensive rich-media services
• Cisco developed the technology for Tag Switching, which was later developed into Multiprotocol
to branches; including TelePresence, video surveillance, digital signage, and scalable WebEx
Label Switching (MPLS).
and desktop conferencing. The media-services engine is a voice- and video-ready digital signal
processor that enables both voice and video capabilities in a single module.
Cisco Innovation
Service Virtualization: Cisco Services Ready Engines (SRE) provide new services flexibility, cloud
extensibility, and services “on-demand” that decouple hardware and software so that virtual The following examples highlight the ways that Cisco is leading the network industry in innovation:
services can be remotely deployed and managed, eliminating service calls. • Cisco employees chair 20 IETF working groups in various networking areas, turning innovations
Operational Excellence: ISR G2 delivers the greatest savings in total cost of ownership by providing into standards.
operational simplicity through a single universal Cisco IOS Software image, Services Ready Engine, • More than 100 Cisco employees have written Internet drafts and RFCs.
EnergyWise innovations, and a high-degree of investment protection that offers a rapid return on
• Cisco actively participates in virtually every group concerned with networking standards. This
investment.
participation helps ensure that Cisco products remain current and compatible with standards.
Cisco customers can deploy Cisco devices without concern over incompatibility. By focusing
Why Choose Cisco? on standards, Cisco also quickly brings to market products that meet customer needs — when
• Cisco has one of the most experienced networking design and implementation staff in the world. they need them. And the emphasis on standards addresses the needs of a broad market, giving
This staff has designed thousands of networks of varying size and complexity worldwide. Cisco customers more choices in how they solve their networking problems and tailor their networks to
has incorporated this experience into product development, design, and delivery. meet specific business objectives.
• Cisco has successfully navigated through good and tough times, growing from a small startup to a • Cisco actively looks for new opportunities to grow and serve its customers through internal
large multinational company with a constant focus on customer and partner needs. development, acquisition, or a combination of both, taking the most effective approach possible.
• Cisco develops leading-edge features that others brand as proprietary. Cisco is a leader in • Cisco invested over $5 billion in product development (R&D) in FY08
technology innovation. Cisco works proactively with peers and competitors to incorporate these • Cisco has one of the largest networking support staff in the world, with five TACs and more than
innovations as standards. This scenario has occurred numerous times during the history of Cisco. 1300 support engineers devoted to network support and problem resolution.
A few examples follow: • Cisco offers multiple purchase alternatives such as direct purchase or leases when desired by
• Cisco worked actively with many other companies to develop the initial Fast Ethernet specification, customers.
later adopted by IEEE as the 802.3u standard. • Cisco IOS Software unifies all Cisco switches, routers, and other equipment, providing a solid
• Power over Ethernet (PoE): Cisco began shipping prestandard PoE in mid-2000. This standard foundation for Internet applications, helping companies extend common services and interfaces
became the basis for the ratification of standards-based PoE (802.3af) in late 2003. across the entire network, and reducing training and administrative costs.
• Cisco EtherChannel® technology was central to the creation of the 802.3ad specification. • Cisco management software supports remote monitoring, configuration, fault detection, and
troubleshooting. A complete line of tools simplifies and automates the delivery of intelligent
• Multiple Instance Spanning Tree (MIST) was a key source used by the creators of the 802.1s
services throughout the network, whatever the organization’s size.
specification.
• Spanning Tree Protocol fast enhancements provided the basis for 802.1w (Rapid Spanning Tree
Protocol).
Cisco
180 Cisco Confidential Cisco Confidential 181
Cisco Access Routing Competitive Reference Guide
Cisco
For more information about Cisco routing platforms,
please refer to the Cisco Router Guide, located at: NOTES
www.cisco.com/go/routerguide
Cisco Router Guide
For Teleworkers, Small Offices, Small To Medium-sized Businesses,
and Enterprise Branch and Head Offices
Content based on publicly available information current as of the date of release of this guide.
Cisco
182 Cisco Confidential Cisco Confidential 183
Section Title
NOTES
NOTES
Introduction
Table 1: Network Solutions Compared
WAN Deployment Scenarios
Network Solutions Compared
In the Enterprise market, there currently five fundamental deployment scenarios or use cases
defined: Branch, WAN Aggregation, Private WAN, Internet Edge and Data Center Interconnect. Cisco Huawei 3Com/H3C Juniper
Introduction
These scenarios are defined by the unique requirements and technologies. Prescriptive solutions Cisco® 7200 Series
NE05 M7i
and platform positioning for these requires an understanding of the business and technology Routers , ASR 1002-F
requirements, along with the alignment of features and roadmaps to the existing and emerging Cisco ASR 1000 Series
NE08E, NE16E,
requirements within each of the deployment use cases. Aggregation Services SR6600 M7i, M10i, M120, and MX80
and NE 20E/20
Routers
Branch deployments are focused on the customer premise edge (CPE), where multiple services Cisco Catalyst® 6500
M120, M320 , MX240,
are focused into a single platform to provide scale and simplicity to the branch architecture. The Switch, CRS-1 and NE40 SR6600
MX480, and MX960
Nexus 7000
access to the branch may take on one of several forms—serial or Ethernet, frame relay or MPLS
L3 VPN. Within these, there are specific requirements that, along with the services provided for
the branch such as Unified Communications and WAN acceleration, will influence the platform High level Definition and Architecture
positioned as the CPE device.
The Private WAN represents a virtualized network infrastructure allowing enterprises to connect
In conjunction with a public Wan and branch deployment, there is a corresponding WAN their employees, partners, vendors and other third parties securely. MPLS VPN over DMVPN
aggregation deployment. Typically positioned in the Data Center, physically, this use case involves (2547oDMVPN) and self-deployed Multi-VRF with mGRE/DMVPN are examples of available
the aggregation of multiple layer 2 (frame relay, hdlc, atm, etc.) circuits or provides high speed deployment models for virtualization of branches. The deployment models should support
connectivity to an MPLS L3 VPN from a service provider, yielding access to the data center integration of branches ranging from 10s to 1000s of branches. The interface types on the headend
for remote branches and campus locations. Scalability for bandwidth with services such as are expected to range from the DS3 to 10GE.
hierarchical QoS are fundamental criteria within this scenario.
The diagram in Figure 1 shows a Private WAN topology with P/PE routers.
The Private WAN deployment is focused on the customer use case where the entire Layer 3 routing
Figure 1: Private WAN Topology
infrastructure is owned and deployed by the enterprise customer itself. Typical usage is for internal
L3 networking including self deployed MPLS networks and IPv6. The scope is inclusive of all of
the CPE devices, as well as the backbone routing—in contrast to a public WAN where a service
provider owns the L3 backbone (typically a MPLS VPN offering). Inclusive within this deployment
use case are several unique features for enterprise routing, including MPLS L3 VPNs and IPv6
functionality including 6VPE for MPLS L3 VPN’s.
In providing connectivity with the Internet for external user and extranet partners, security
becomes an integral part of the solution. The Internet Edge deployment provides for large scale
IPsec solutions, along with providing load balancing among multiple connections, scale to large
bandwidth requirements, and control plane scale for full Internet routing table support.
The interconnection of multiple data centers requires the ability to not only provide IP connectivity,
but for server clustering and other applications, Layer 2 connectivity is also required. Within
this deployment scenario, both Layer 2 and IP connectivity are provided, as well as the potential
requirement for Layer 3 segmentation. Consideration needs to also be taken into account for the
scale of the solution, including the number of data centers as well as bandwidth requirements.
The following table illustrates competititve offerings roughly equivalent to Cisco’s solutions for the Private WAN key challenges are:
above deployment scenarios.
• Increasingly mobile and distributed workforce, partners and vendors which need to be connected
to a company’s network
• Provide non-stop, secure access to applications and business tools
• Reduce operational complexity and maintenance cost
Introduction
Table 2: WAN Challenges and Key Requirements Figure 2: WAN Aggregation Topology with DMVPN
Key Requirements
Introduction
Increasingly mobile and distributed workforce, The WAN edge routing solution should be able to connect
partners and vendors which need to be connected all locations using Layer 1 and Layer 3 virtual extensions
to a company’s network with a number of different transport mechanisms
Provide non-stop, secure access to applications The WAN Edge routing solution needs to be part of an
and business tools overall secure end-to-end homogenous solution
WAN Aggregation
Introduction
Figure 4: WAN Aggregation Topology with Easy VPN Table 3: WAN Challenges and Key Requirements
Key Requirements
Introduction
The Enterprise WAN Edge has become the key
The WAN Edge aggregation routing solution must be able
aggregation point for higher performing business
to adopt existing and emerging business models
applications, IT SLAs and network optimization
Provide flexibility, high availability The WAN Edge aggregation routing solution needs to be
and service performance for current and purpose-built with carrier class routing, resiliency and
emerging WAN technologies services’ delivery in mind
Introduction
Internet Edge Internet Edge Routing Solution key challenges are:
• Provide Connectivity between Internet SP and the Enterprise
High level Definition and Architecture
Introduction
• Protect corporate network from the Internet
The Internet edge is the network infrastructure that provides connectivity to the Internet and that
acts as the gateway for the enterprise to the rest of the cyberspace. It serves most areas of the • Securely connect branch offices via corporate network
enterprise network, including the data center, campus, and remote branches. • Provide full, highly scalable routing
The diagram in Figure 5 shows users at the campus accessing the Internet through the Internet • Offer redundancy
edge; the enterprise website and other public resources are accessible to clients and partners
through the Internet edge, mobile and home-based employees may access corporate resources • Offer variety of interface connectivity
and applications through the Internet edge; and the Internet edge can also provide backup access • O ffer back up functionality for branches which adopt an Internet connection to provide
to remote and branch offices in case the primary WAN links fail. a backup link
Key Requirements
Challenge for the Internet Edge Key Requirements for the Internet Edge
Provide full, highly scalable routing Highly scalable IPv4 and IPv6 BGP peering
Offer back up functionality for branches which adopt an Highly scalable and high performing
Internet connection to provide a backup link Aggregation Capabilities
As the gateway to the Internet, the Internet edge infrastructure plays a critical role in supporting
the services and activities that are fundamental to the operation of the modern enterprise. For this
Lead Cisco Platform
reason, the Internet edge has to be designed to provide service availability and resiliency, to be
compliant with regulations and standards, to provide flexibility in accommodating new services and The Cisco ASR 1000 Series is a very flexible and modular, and highly scalable and high
adapt with the time, to be secure, and to facilitate administration (reducing OPEX). performing routing solution with a variety of modular chassis solutions scaling from 2.5 Gbps to
currently 20 Gbps throughput offering different port density. This addresses the Internet Edge
requirements for various sizes of Enterprise networks.
Scalable to millions of IPv4/IPv6 Internet routers, the option of software and hardware
redundancy with a switchover time of fewer than 50 milliseconds, and built-in security
capabilities (firewall, encryption), Cisco ASR 1000 Series is the industry’s leading Enterprise
Internet Edge Routing solution. In addition, key functionalities for the internet edge such as
efficient traffic scheduling, hierarchical Quality-of-Service, netflow, application awareness
via Network based application recognition (NBAR) are also all built into the ASR 1000 Series
hardware.
Introduction
Table 5: Competitive Differentiators
Top-5 Competitive Differentiators for Private WAN, WAN Aggregation, Data Center Interconnect (DCI)
and Internet Edge Deployment Scenarios
High level Definition and Architecture
ASR 1000 delivers instant-on service by only requiring a software license to
Introduction
activate key services. Today’s business is more distributed and mobile than ever, and companies are moving existing
High Performance “Instant-on” The Cisco ASR 1000 Series security (2.5-20 Gbps of Firewall and 1-7 Gbps servers, building new data centers, and clustering servers in geographically separate locations
Services (e.g. Firewall and IPSec) IPSec encryption) and forwarding performance (2.5 -20 Gbps) helps
accelerate the delivery of network services to enterprises. (geoclustering) to provide high-performance, nonstop access to critical business applications and
Refer to Miercom Green Certification Report and Performance Report for information (Figure 6).
more information.
ASR 1006 chassis allows for the option of dual control plane and forwarding Figure 6 also shows the main considerations when deploying a DCI solution. They are:
plane processors within the same router for hardware redundancy support.
ASR 1000 Series provides separate control and data plane architecture with 1. Layer 3 interconnect (typically over an existing enterprise IP core)
High Availability fewer than 50 milliseconds switchover, soft switchover, and DDOS protection.
ASR1002-F, ASR1002 and ASR1004 provide industry’s first dual OS (Cisco IOS 2. SAN interconnect
XE Software) redundancy facilitating change management with less disruption
and fewer errors. 3. Layer 2 Interconnect
ASR 1000 includes Deep Packet Inspection (DPI) features such as Flexible
Packet Matching and Network Based Application Recognition (NBAR) with Figure 6: Data Center Interconnect: Business Needs and IT Solutions
more than 90+ protocols supported (with IOS XE 2.5.0-end of CY2009) at a
WAN Security and very high throughput, implicitly built into the Cisco Quantum Flow Processor
Application Intelligence (QFP) architecture.
Flexible Packet Matching supports custom filters that can be defined and
deployed more rapidly, before IPS signatures or antivirus patterns are updated.
On the CISCO ASR 1000, intelligent flexible WAN Aggregation features such as
Group Encrypted Transport VPN (GET VPN) allow for security with automatic
deployment. JUNIPER does support an auto-vpn feature but it is only available
on SRX products with several caveats (e.g. auto-vpn and MPLS are mutally
exclusive) With Cisco IOS IP SLAs, users can verify service guarantees,
increase network reliability by validating network performance, proactively
Intelligent WAN Aggregation identify network issues, and increase Return on Investment (ROI) by easing
and Performance Enhancing the deployment of new IP services. IPSLA uses active monitoring to generate
Functionalities traffic in a continuous, reliable, and predictable manner, thus enabling the
measurement of network performance and health.
Performance Routing (PfR) extends the capabilities of IP SLA so that networks
can make automatic, intelligent, flow-based routing decisions. Rather than Consideration (1) is well-understood and several solutions exist today to deploy robust
depending on “next hop” and timed failovers, PfR enables routing decisions
based on delay, MOS, jitter, and other advanced mechanisms. inter-DC L3 Interconnects.
Consideration (2) is an important aspect for DC Interconnect deployments, however this document
does not define the playbook for SAN Interconnects. The focus of this document is to define
Key Customer References for Private WAN, WAN Aggregation and the Enterprise DC Interconnect playbook for Consideration (3) – the Enterprise DC LAN
Internet Edge Deployment Scenarios extension problem.
For a list of key customer case studies for ASR 1000 Series, please refer to: The DC LAN extension solutions can be classified into the following three categories based on the
http://www.cisco.com/en/US/products/ps9343/prod_case_studies_list.html transport options in the WAN connecting the DCs. (Figure 7):
• L AN extension over L2/WDM fiber (Dark fiber): This can be considered a Layer 1 type of service.
Dark fiber offerings are typically limited in the distance they can span.
Introduction
• L AN extension over MPLS/VPLS: In this case, the LAN extension can be achieved by directly The DCI LAN extension solution has to meet the key requirements as listed in table below.
using the provider services or using an overlay Layer 2 VPN solution on the service provider
service, giving the enterprise additional operational flexibility. Table 6: Key Requirements
Introduction
• L AN extension over L3/IP service : Here , the LAN extension can be achieved over a L3 service Key Requirements
from a Service provider where the enterprise typically deploys an IP overlay solution to perform
the LAN extension between the various sites. DCI LAN Extension Requirements Details
Typically, WAN links are expensive, so the WAN uplinks carrying the DCI
WAN load balancing LAN extension traffic need to be fully utilized with ability to traffic load-
balance across all available uplinks
The LAN extension solution should not affect the existing data center
Data center site transparency
network deployment
HQoS is typically needed at the WAN edge to shape traffic for cases such
Hierarchical quality of service HQOS
as when an enterprise subscribes to a subrate service provider service or
(Optional)
a multipoint EVPL service
Introduction
Table 7: Competitive Differentiators
DCI Reference Platforms Top-5 Competitive Differentiators for Private WAN, WAN Aggregation and Internet Edge
The Reference Architectures and Solutions for DCI Deployments are illustrated in table 7 on the Deployment Scenarios
following page. The solutions can be grouped into three broad categories: Top Competitive Differentiators Why Cisco?
Introduction
1. Enterprise High-End MPLS option: This is the reference architecture for Enterprise/SP High-end Enterprise-focused DCI solutions
Enterprise-Focused DCI Solutions Leveraging Existing DC Infrastructure to
provide solutions with minimal infrastructure changes and complexity; No
customers with high 10GE port density requirements who insist on a MPLS-based DCI solution leveraging DC Expertise
need for complex Service Provider based DCI Solutions
on a collapsed WAN and Core device—the CRS-1 is the recommended choice for the collapsed
Cisco’s Multichassis EtherChannel (MEC) provided by the Catalyst 6500
WAN and Core. VSS and the Nexus 7000 VPC features is a unique redundancy and load
balancing solution for Intra-DC and Inter-DC deployments that reduces
2. Cisco Innovative Architectures: This is the set of DCI architectures for customers desiring an dependence on STP for Network Convergence –MEC/VPC for stackable
Ethernet switching leadership and modular switches
IP-based DCI LAN extension solution or a L2/WDM Dark Fiber solution.Two sets of solutions are
recommended here :
MEC/FAT Psuedowirefor DCI LAN Extension across optical, IP and MPLS
networks
• Nexus 7000-based Over the Top Virtualization (OTV) for IP based solution or a vPC/L2MP
based Dark Fiber solution to counter the Juniper MX threat using Cisco innovations where Versatile LAN encapsulation options
Cisco offers a variety of DCI LAN extension solutions with Native Ethernet, IP
or MPLS Encapsulations developed specifically for Enterprise requirements
customers plan to build a Nexus based green-field datacenter design.
Broad portfolio of DC switches which allow design flexibility to implement as
Or many or few of tiers in the DC as requirements dictate— for example DCI on
Architectural Adaptibility
standalone WAN or Collapsed WAN
• Cat6K-based VPLSoGRE or VSS Dark Fiber innovative solution: This option is recommended & Core or Collapsed Core & Aggregation
for existing Cat6500 DC customers who are not ready to transition to Nexus-based DC Secure, Redundant solutions with Integrated Encryption, Service Modules
Comprehensive End-to-End
architecutures and desire a DCI LAN extension standards-based IP solution with IPSec DCI Solution
and Versatile Connectivity options; Comprehensive DCI solution for LAN,
Layer 3, and SAN extensions
encryption or a Dark Fiber based solution to differentiate against Juniper MX.
3. Mainstream DCI: This is the recommended architecture for mainstream customers who do not
fit into either category # 1 or #2 where they don’t need density needs of a CRS-1, would like to
leverage IOS/Catalyst 6000 installed based and need a standards based VPLS design with In addition to the competitive differentiation above, the table below lists suggested Cisco
HQoS, POS/GE/10GE with a future-proofed roadmap. responses to common competitive arguments against Cisco.
Introduction
Key Takeaways
NOTES
• VSS/VPC for loop-free LAN extension with no STP dependency.
Introduction
• Flexible Encapsulation Options for DC Interconnect with Native Ethernet, MPLS or IP
encapsulations
• Solution adaptibility to wide-variety of DC designs based on Customer needs/requirements
• Integrated Encryption with CTS/IPsec and Advanced QOS for optimal WAN traffic utilization
• WAN traffic optimization with Integrated WAAS appliances
• Versatile connectivity options for WAN connectivity
3Com
3Com Overview Figure 8 shows a typical 3Com/H3C solution for a core router of an enterprise network.
3Com sells LAN switches, routers, wireless devices, security, connectivity (network interface
Figure 8: Typical 3Com Network Configuration
cards [NICs]), and IP telephony products worldwide primarily through indirect channels. 3Com has
a strong SMB franchise, but re-entered the enterprise segment in 2003 after exiting this area in
2000. Most products designed for higher-density enterprise networking environments have been
developed as part of the H3C joint venture with Huawei, designed to increase product velocity
and lower costs. 3Com took control of the H3C venture buying out partner Huawei for $882
million in November 2006 securing a non-competing agreement in the Enterprise/SMB routing
and switching markets until September 2008. Huawei and Bain Capital Partners teamed up in
September 2007 offering $2.2 billion for 3Com, but the deal fell through in early 2008 because
of security concerns of US lawmakers related to the TippingPoint division. In November 2009,
Hewlett-Packard has announced the intent to acquire 3Com for $2.7 billion in cash, citing H3C R&D
facilities, intellectual property and inroads into the Chinese markets as reasons for the acquisition.
Fiscal year 2009 was the first profitable year for 3Com after 8 straight years of losses. Market share
3Com
grew considerably in fixed switches helped by demand for low cost solution in the economic
downturn. In the first nine months of 2009, roughly 54% of sales come from China (60% when
combined to the rest of the Asia Pacific region) reflecting the crucial role of the H3C joint venture.
High End Enterprise Router Share (revenue) 0.0% 0.0% 0.0% 0.0%
1
Yahoo Finance
2
Dell’Oro Group, Routers Report 4Q09, Vol. 14, No. 4 R1A, Market Summary and Vendor Information
Most of 3Com’s router market share is concentrated in H3C-built access routers sold in China.
3Com
Table 10: 3Com WAN Router Product Detail Table 10: 3Com WAN Router Product Detail
Cisco Equivalent Cisco ASR 1000 Series Cisco ASR 1000 Series Cisco Equivalent Cisco ASR 1000 Series Cisco ASR 1000 Series
3Com
Firewall Throughput (Gbps) Not Available Not Available Session Border Controller (SBC)
3Com
Table 10: 3Com WAN Router Product Detail Table 10: 3Com WAN Router Product Detail
3Com WAN Router Products (continued) 3Com WAN Router Products (continued)
3Com
Firewall Throughput (Gbps) Not Available Not Available Session Border Controller (SBC)
3Com
3Com WAN Product Weaknesses 3Com Sales Tactics
• The SR6600 series claims to support firewall and IPSec features, but performance is not specified • 3Com delivers affordable technology. The company claims to offer features similar to those that
in the company’s data sheets. Cisco offers, but priced 25-30% lower. 3Com’s use of merchant silicon enables them to reach a
low price point, but the products offer less manageability, security, and quality-of-service (QoS)
• Like Huawei, 3Com/H3C sales are focused mostly in China; support in the United States is limited,
features than comparable Cisco products, thereby increasing long-term operating costs. 3Com
with a handful of sales offices.
support has deteriorated, as evidenced by the earlier comment from Marc Harrison. Cisco has
• 3Com SR6600 routers do not support SBC features. five Technical Assistance Centers (TACs), more than 1400 support engineers, and a reputation for
• 3Com SR6600 routers do not support dynamic site-to-site VPN; Cisco supports DMVPN and delivering consistent high levels of support.
Group Encrypted VPN. These Cisco features greatly ease the deployment of site-to-site VPNs in • 3Com can offer broad solutions that are best deployed in relatively small networks. 3Com’s in-
the enterprise and lower OpEx. out-in again posture in the enterprise is not likely to inspire customer confidence in its long-term
• 3Com SR6600 routers do not support routing features similar to Cisco Performance Routing, commitment. Despite its broad portfolio, 3Com has not provided the level of integration offered
which uses intelligence within the router to help optimize WAN connections for the best voice and by the Cisco integrated services router portfolio of access routers. Unlike Cisco solutions, 3Com
application performance at the lowest cost. access solutions may require the deployment of multiple devices.
• Cisco has convergence products (voice, video, data, and IPTV) and expertise coupled with a long-
3Com
• 3Com offers limited high-availability features compared to the Cisco ASR 1000. Unlike 3Com’s
SR routers, the Cisco ASR 1000 supports ISSU, control-plane software failover, and sub-50-ms term commitment to implement these products successfully.
failover.
• 3Com has limited international enterprise experience and acceptance.
3Com Weaknesses
• Consistent financial losses, management turnover and prolonged uncertainties hindered the
company strategy and focus, with negative effects on customers. HP announcement reignites the
uncertainties around the company’s future.
• Constant change of strategies (exit and re-entry in enterprise), constant product shuffling (exit from
modular switches and then decision revised).
• Heavily relied on Huawei to deliver critical products and technology in the past, as well as to drive
sales. Huawei was responsible for 26% of H3C revenue and 15% of 3Com consolidated revenue
in 2008, down from 41% at the end of 2006.
• Competing simultaneously in many networking segments may have proven a distracting and
ineffective strategy leading to consistent financial losses.
• Back-end support could have been impacted by sales force turnover and company downsizing.
• An inconsistent strategy and in-out-in posture within the enterprise segment, may have risen
questions, among enterprise IT managers and professional, about 3Com credibility. The purchase
of H3C seems to indicate greater commitment, but the company track-record and past behavior
may have undermined irreparably customer trust.
Huawei
Huawei Overview Typical Huawei Network Configurations
• Huawei is a privately held Chinese high-tech company established in 1988. Huawei’s Datacom group is heavily focused on service provider solutions and much less on
• According to Huawei’s corporate web site and 2008 annual report: enterprise solutions. Huawei’s website (http://www.huawei.com/products/datacomm/catalog.
do?id=6) outlines 13 solutions for service provider networks but only 3 for government, enterprise
• More than 37,00 employees, 43% of the entire workforce, engaged in research and
and education. Huawei products focus primarily on speeds, feeds, and low cost, with the emphasis
development.
on port density and uplink speeds. Huawei’s solutions do not set out a scalable architecture such as
•Established 14 R&D centers around the world such as in the Silicon Valley and Dallas of the Cisco’s Borderless Network.
United States, Stockholm in Sweden, Moscow in Russia and Bangalore in India to ensure
global R&D with outstanding people. Huawei’s “Enterprise informatization network solutions” (http://www.huawei.com/products/
datacomm/detailitem/view.do?id=1160&rid=109) solution description helps the customer
• Huawei’s 2008 global revenue totaled $18.329 billion USD.
understand some basic information about how a Huawei’s products would fit into a typical
• The company has four corporate divisions organized functionally: products and services, strategy enterprise network, but offers no detailed implementation guidance like you would find in a Cisco
and marketing, sales and support, and operations and delivery. CVD document, nor does Huawei provide any proof points that their solution would improve ROI or
• Huawei sold its stake in its joint venture interest in H3C to 3Com for $882 million. As part of the decrease TCO.
agreement, Huawei cannot compete in the enterprise or small and medium-sized business (SMB)
Table 12, on the following page, gives details of Huawei’s products.
routing and switching markets for 18 months after final approval (noncompete expires September
29, 2008). Huawei can supply products to the service provider markets
• Huawei concentrates on five primary areas: data communications, mobile networks, optical
networks, software, and applications.
Huawei
Huawei Market Share 2006-2009 2009 2008 2007 2006
Access Router Share (revenue)2 1.4% 2.5% 2.9% 3.4%
High End Enterprise Router Share (revenue) 5.9% 5.8% 5.9% 4.8%
2
Dell’Oro Group, Routers Report 4Q09, , Vol. 14, No.4 R1A, Market Summary and Vendor Information
Huawei
Table 12: Huawei WAN Router Product Detail Table 12: Huawei WAN Router Product Detail
Huawei
Ethernet Minimum Fast Ethernet (FE) FE FE Intrusion Prevention System/Intrusion
Detection System (IPS/IDS)
Ethernet Maximum Gigabit Ethernet (GE) GE GE
Routing
Firewall/Network Address Translation
(NAT) · · ·
With Optional Card
IPv6 · · · Secure Sockets Layer (SSL) VPN
Border Gateway Protocol (BGP) · · · Dynamic Site-to-site Secure VPNs
Open Shortest Path First (OSPF) · · · Network Instrumentation
Multiprotocol Label Switching (MPLS) · · · Flow Monitoring · ·
(NetStream) (NetStream)
Systems Network Architecture (SNA)
and Internetwork Packet Exchange (IPX) Detailed Performance Monitoring,
Including Voice Mean-opinion-score
MPLS VPN and Tunnel Support (MOS) Scoring
MPLS Layer 2 VPN · · · Device and Network Management
MPLS Layer 3 VPN · · · RADIUS (authentication, authorization,
· · ·
and accounting [AAA])
Multilink Point-to-Point Protocol
(MLPPP) · · · Simple Network Management Protocol
(SNMP) Versions 1, 2, and 3 · · ·
Link Fragmentation and Interleaving (LFI)
Note: All information from these charts is from Huawei Product Data Sheets and website.
Generic Routing Encapsulation (GRE)
Tunneling · · ·
Huawei
Huawei WAN Product Weaknesses
NOTES
• NE Routers claim to support firewall features but performance is not specified in their data sheets.
• IPsec VPN support requires an optional service card that consumes I/O slots.
• Huawei NE05 to NE40 routers do not support SBC features.
• Huawei NE05 to NE40 routers do not support dynamic site-to-site VPN; Cisco routers support
Dynamic Multipoint VPN (DMVPN) or Group Encrypted Transport VPN. These Cisco features
greatly ease the deployment of site-to-site VPNs in the enterprise and lower operating expenses
(OpEx).
• Huawei NE05 to NE40 routers do not support routing features similar to Cisco Performance
Routing, which uses intelligence within the router to help optimize WAN connections for the best
voice and application performance at the lowest cost.
• Huawei products offer weaker high-availability features compared to those offered by the Cisco
ASR 1000. Unlike Huawei NE routers, the Cisco ASR 1000 supports ISSU, control-plane software
failover, and sub-50-ms failover.
• Huawei has limited international enterprise experience and acceptance.
• Huawei NE router sales are focused mostly in China; support in the United States is weak, with
very few sales offices.
Huawei
innovator.
• Huawei claims technical feature performance to be superior to performance that Cisco features
offer, with little or no substantiation.
• Huawei uses partnerships and joint ventures to offer customers a complete solution.
Juniper
Juniper Networks Overview Typical Juniper Network Configurations
• Founded in 1996, Juniper Networks is a publicly traded company, with revenues of $3.5 billion Figure 9 shows a typical Juniper branch office network architecture.
in 2008.
Figure 9: Typical Juniper Branch Office Network Configuration
• Initially focused on high-end routers for the carrier market, Juniper moved into the enterprise
market with the acquisition of NetScreen in 2004, Peribit and Redline Networks in 2005, and
Funk Software in 2006.
• Juniper sells its enterprise access routers mostly through indirect channels and partners.
• For access routing, Juniper offers the J-series Services Routers (J2320, J2350, J4350, and J6350)
based on JUNOS or JUNOS ES and the SSG series based on ScreenOS (SSG 550M, SSG 520M,
SSG320M, SSG350M, SSG 5, SSG 20, and SSG 140) and the SRX series for branch office
(SRX100, SRX210, SRX240, SRX650).
• Enterprise core and aggregation routing offerings include the range of M-series Multiservice Edge
Routers and MX Series.
Gross Margin $1533.3 $2406.4 $1908.5 $1549.3 Juniper entered the enterprise market in 2004 with the acquisition of NetScreen. Since then,
Marketing and Administration $647.4 $927.8 $783.2 $691.6 Juniper has acquired Peribit WAN Acceleration and Funk Software for its authentication,
Research and Development $554.5 $731.2 $623.0 $480.2
authorization, and accounting (AAA) and 802.1X software. Juniper also acquired Redline for data
center acceleration, but recently canceled the product line. Juniper’s enterprise product portfolio
Other Expenses $33.3 $38.5 $85.9 $91.8
has grown substantially.
Operating Income/Loss $298.1 $709.0 $416.4 $285.6
To further strengthen its solutions offerings, Juniper developed partnerships with other enterprise
Operating Profit/Loss % 12.6% 19.8% 14.7% 12.4%
infrastructure vendors such as Avaya which resulted in a voice offering for the J-series. In 2009,
Headcount 7014 5879 4833
Juniper also launched the SRX series for the branch office. These products are Juniper’s third
Juniper Market Share 2006-2009 2009 2008 2007 2006 product line targeted at the branch office. The SRX series run Junos software that incorporates
Access Router Share (revenue)2 2.2% 1.5% 1.2% 0.7% security features that had previously only been available on netscreen products. This code was
Juniper
High End Enterprise Router Share (revenue) 25.8% 24.9% 24.1% 19.8% initially named JUNOS ES and is now named JUNOS. With the release of JUNOS 10.0, the SRX
product line now includes a new voice solution called “Integrated Convergence Services” and also
Total Enterprise Router Market Share 5.5% 5.0% 5.0% 4.0%
includes a WLAN controller that works with a new WLAN access point, AX11 WLAN Access Point,
1
Yahoo Finance available from Juniper.
2
Dell’Oro Group, Routers Report 4Q09, Vol. 14, No. 4 R1A, Market Summary and Vendor Information
Juniper’s strategy can be product-centric with a strong emphasis on performance. This strategy
is great for those who need point products for specialized needs but falls short when customers
need solutions to IT problems and want to reduce their CapEx and OpEx.
Juniper
Table 14: Juniper WAN Router Product Detail
Juniper does not set out a scalable and intelligent network architecture like the Cisco’s Borderless
Network. With Juniper, customers might need to integrate multiple third-party solutions to provide Juniper WAN Router Products
critical business-class services, increasing their costs and time spent on problem identification and
Product Name M7i M10i M120
resolution.
Cisco ASR 1000 Series
Juniper positioning in the WAN is more solutions oriented than in the past. Today Juniper is talking Cisco Equivalent Cisco ASR 1000 Series Cisco ASR 1000 Series and Cisco Catalyst
6500
about “Distributed Enterprise Solutions” as an umbrella for all of their products used across the
WAN. Their key messages that remain consistent: Physical
• Using an open architecture and open standards gives users choice and flexibility and doesn’t lock Device Height (rack unit [RU]) 2 5 12
• Lower TCO by using a group of products that run a single OS. Performance
Table 14 gives details of the Juniper WAN products. System Packet Forwarding
10 16 120
Performance (Gbps)
Interface Scalability
Time-division Multiplexing (TDM)
T1/E1 T1/E1 T1/E1
Minimum
Ethernet Minimum FE FE FE
Ethernet Maximum GE GE 10 GE
Routing
IPv6 · · ·
Border Gateway Protocol (BGP) · · ·
Open Shortest Path First (OSPF) · · ·
Multiprotocol Label Switching (MPLS) · · ·
Systems Network Architecture (SNA)
and Internetwork Packet Exchange (IPX)
· · ·
Juniper
MPLS Layer 2 VPN
Juniper
Table 14: Juniper WAN Router Product Detail Table 14: Juniper WAN Router Product Detail
Juniper WAN Router Products (continued) Juniper WAN Router Products (continued)
Product Name M7i M10i M120 Product Name MX80 MX240 MX480
Cisco ASR 1000 Series Cisco ASR 1000 Series Cisco ASR 1000 Series
Cisco Equivalent Cisco ASR 1000 Series Cisco ASR 1000 Series and Cisco Catalyst Cisco Equivalent Cisco ASR 1000 Series and Cisco Catalyst and Cisco Catalyst
6500 6500 6500
Note: All information from these charts is from Juniper product data sheets available on the Juniper website. MPLS VPN and Tunnel Support
· · ·
Juniper
MPLS Layer 2 VPN
Juniper
Table 14: Juniper WAN Router Product Detail
Juniper WAN Product Weaknesses
Juniper WAN Router Products (continued)
• To implement a service such as IPsec VPNs, firewall, or GRE tunnels on an M-series router,
Product Name MX80 MX240 MX480 customers need to install a services PIC. Depending on the mix of services and the scale of the
Cisco ASR 1000 Series Cisco ASR 1000 Series
services performance requirements, the customer may have to purchase several of these services
Cisco Equivalent Cisco ASR 1000 Series
and Cisco Catalyst 6500 and Cisco Catalyst 6500 PICs. These PICs take up valuable I/O slots. With the Cisco ASR 1000, there are no trade-offs with
High Availability services and I/O slots because all services capabilities are built into the router and can be enabled
with software.
Redundant Control Plane · ·
• Another trade-off with Juniper M-series routers is that you have to choose between a PIC-based
Redundant Forwarding Plane · · security service and Juniper’s Netscreen Firewall and VPN appliances. Customers who need the
In Service Software Upgrades
(ISSU) · · appliance will experience an increase in OpEx simply because two devices instead of one must be
managed, powered, and cooled. With the Cisco ASR 1000, you can get high-performance, feature-
Voice
rich security features without additional devices.
cRTP Requires Services DPC Requires Services DPC
• Juniper M-series routers do not support dynamic site-to-site VPN; Cisco supports DMVPN and
SBC Requires Services DPC Requires Services DPC Group Encrypted Transport VPN. These Cisco features greatly ease the deployment of site-to-site
Security VPNs in the enterprise and they lower OpEx.
IPsec Requires Services DPC Requires Services DPC • Juniper M-series routers do not support routing features similar to Cisco Performance Routing,
IPS/IDS Requires Services DPC Requires Services DPC
which uses intelligence within the router to help optimize WAN connections for the best voice and
application performance at the lowest cost.
Firewall and NAT Requires Services DPC Requires Services DPC
• The Juniper M10i offers weak high-availability features compared to the Cisco ASR 1000. The M10i
SSL VPN
forwarding-plane failover time is greater than 60 seconds, whereas the Cisco ASR 1000 supports
Dynamic Site-to-site Secure VPNs ISSU, control-plane software failover, and sub-50-ms failover.
Network Instrumentation • The MX80 does not offer advanced features such as firewall or IPSec.
Flow Monitoring · · · • MX Series requires a 2 slot wide DPC card to enable the use of type 2 and type 3 PICs. This is how
Detailed Performance Monitoring, the MX series can implement non Ethernet interfaces and is not available on the low end MX80.
Including Voice Mean-opinion-
score (MOS) Scoring
Potential Juniper Sales Tactics
Device and Network Management
• Juniper focuses on high-performance products offering particular functions (such as security
RADIUS (AAA) · · · and routing) at the expense of TCO, ease of use, and architectural efficiencies.
SNMP v1, v2, and v3 · · · • Juniper wants to introduce traditional service provider features such as MPLS and carrier-class
redundancy into the enterprise. Juniper touts the JUNOS operating system modularity. Although
Note: All information from these charts is from Juniper product data sheets available on the Juniper website.
MPLS may work well for some large enterprises, many enterprises are not ready for the move, and
Juniper
it is beyond the needs of many SMBs. Carrier-class features certainly improve uptime and reduce
maintenance costs, but not all products or enterprises need or can afford carrier-class features.
• Juniper may lead a sale with its security appliances and then up-sells J-series and M-series routers.
• Juniper has multiple enterprise partnerships for wireless LAN (WLAN), LAN switching, and voice.
Some of these partners can resell Juniper equipment, and some have performed solutions testing
to various levels.
Cisco
Why Work with Cisco? • Inter-Switch Link (ISL) was the basis for 802.1Q VLANs.
• Layer 2 Tunneling Protocol (L2TP): Cisco developed Layer 2 Forwarding (L2F) and a Microsoft
Cisco Offers Business and Technical Value
consortium-developed Point-to-Point Tunneling Protocol (PPTP). Cisco cooperated actively with
Having a network platform that facilitates technological innovation and supports critical services is the Microsoft consortium and helped develop a new standard, L2TP, which took the best ideas
an essential business requirement. Cisco routers can help your business build the foundation for from both groups.
an intelligent, self-defending network that features best-in-class security services and advanced
• Interior Gateway Routing Protocol (IGRP) and Enhanced IGRP (EIGRP) later became much of the
routing technologies.
basis for Open Shortest Path First (OSPF).
In addition to providing a platform that helps optimize the delivery of applications and
• Cisco developed the technology for Tag Switching, which was later developed into Multiprotocol
communications, Cisco routers:
Label Switching (MPLS).
• Use an integrated systems approach that provides inherent manageability.
Cisco is a networking market leader and has a broad product portfolio of networking products,
• Deliver low total cost of ownership and the high return on investment. services, and solutions. Cisco can provide a complete solution or provide critical product and
service elements as desired by customers.
• Include integrated network router solutions that are highly secure, flexible, and built to be
compatible with future technologies.
Cisco Innovation
• Provide a framework for wireless LAN solutions to take advantage of the existing tools, knowledge,
and resources of the wired infrastructure. The following examples highlight the ways that Cisco is leading the network industry in innovation:
• Optimize services at branch locations with multi-service solutions that deliver the performance, • Cisco employees chair 20 IETF working groups in various networking areas, turning innovations
scalability, availability, and reliability you need. into standards.
• More than 100 Cisco employees have written Internet drafts and RFCs.
Why Choose Cisco? • Cisco actively participates in virtually every group concerned with networking standards. This
• Cisco has one of the most experienced networking design and implementation staff in the world. participation helps ensure that Cisco products remain current and compatible with standards.
This staff has designed thousands of networks of varying size and complexity worldwide. Cisco Cisco customers can deploy Cisco devices without concern about incompatibility. By focusing
has incorporated this experience into product development, design, and delivery. on standards, Cisco also quickly brings to market products that meet customer needs — when
they need them. And the emphasis on standards addresses the needs of a broad market, giving
• Cisco has successfully navigated through good and tough times, growing from a small startup to a
customers more choices in how they solve their networking problems and tailor their networks to
large multinational company with a constant focus on customer and partner needs.
meet specific business objectives.
• Cisco develops leading-edge features that others brand as proprietary. Cisco is a leader in
• Cisco actively looks for new opportunities to grow and serve its customers through internal
technology innovation. Cisco works proactively with peers and competitors to incorporate these
development, acquisition, or a combination of both, taking the most effective approach possible.
innovations as standards. This scenario has occurred numerous times during the history of Cisco.
• Cisco invested over $5 billion in product development (R&D) in FY08
A few examples follow:
• Cisco has one of the largest networking support staff in the world with five TACs and more than
• Cisco worked actively with many other companies to develop the initial Fast Ethernet specification,
1300 support engineers devoted to network support and problem resolution.
later adopted by IEEE as the 802.3u standard.
• Cisco offers multiple purchase alternatives such as direct purchase or leases when desired by
• Power over Ethernet (PoE): Cisco began shipping prestandard PoE in mid-2000. This standard
customers.
became the basis for the ratification of standards-based PoE (802.3af) in late 2003.
• Cisco IOS® Software unifies all Cisco switches, routers, and other equipment, providing a solid
• Cisco EtherChannel® technology was central to the creation of the 802.3ad specification.
foundation for Internet applications, helping companies extend common services and interfaces
• Multiple Instance Spanning Tree (MIST) was a critical source used by the creators of the 802.1s across the entire network, and reducing training and administrative costs.
specification.
• Cisco management software supports remote monitoring, configuration, fault detection, and
• Spanning Tree Protocol fast enhancements provided the basis for 802.1w (Rapid Spanning Tree troubleshooting. A complete line of tools simplifies and automates the delivery of intelligent
Protocol). services throughout the network, whatever the organization’s size.
Cisco
224 Cisco Confidential Cisco Confidential 225
Cisco WAN Edge Competitive Reference Guide
Cisco
For more information about Cisco routing platforms,
please refer to the Cisco Router Guide, and located at: NOTES
www.cisco.com/go/switchguide
Fixed-Configuration Switches
Services Aggregation Routers: Cisco 7200/7301, 7304, 7600 Series
Spring 2006 V.2
SPRING 2006 V.3
Cisco is committed to customer and partner success. That commitment, in addition to consistent
product development, market commitment, and technical focus, are and have been critical factors
in Cisco growth. Cisco is proud of its success and looks forward to a bright future working with its
partners and customers.
Content based on publicly available information current as of the date of release of this guide.
Cisco
226 Cisco Confidential Cisco Confidential 227
NOTES
Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices.
CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco StadiumVision, the Cisco logo, DCE, and Welcome to the Human Network are trademarks.; Changing the Way We Work, Live, Play, and Learn is a service mark; and Access
Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS,
iPhone, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MGX, Networkers, Networking Academy, Network Registrar, PCNow,
PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of
Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0804R)
www.cisco.com
Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices.
CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco StadiumVision, the Cisco logo, DCE, and Welcome to the Human Network are trademarks.; Changing the Way We Work, Live, Play, and Learn is a service mark; and Access
Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems,
Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS,
iPhone, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MGX, Networkers, Networking Academy, Network Registrar, PCNow,
PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of
Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0804R)
Cisco Confidential