Table of Contents

Cisco Systems Users Magazine



Cisco Systems Users Magazine

Cisco Systems Users Magazine

Volume 8 Number 1, First Quarter 1996

Broadcast Address


Several developments are converging to extend the reach of enterprise internetworks, even as far as the home. Among these changes are the proliferation of low-cost PCs and high-speed modems, the growing availability of ISDN, and the stellar popularity of the World Wide Web. Together these events have broken the barrier of the human factor, making it convenient and affordable to extend the Internet and the enterprise intranet to the living quarters.

The number of US telecommuters and "casual network users" (those who dial in to the office after hours) will grow by 60 percent this year according to the META Group. Cisco Systems anticipated a surge in dial-up access years ago and began to address users' needs with a targeted line of access products. But with the phenomenon of the Internet, users told us they also needed universal access technologies for mixed dial-in environments and ironclad security capabilities. Now, as the dial-up market nears critical mass, we're meeting it with an end-to-end solution set that fully leverages the new availability and price points of PCs, 28.8-kbps modems, and ISDN services.

The Cisco AS5200, the first in our new universal access server family, gives enterprise network managers and Internet service providers the convenience of a single telephone number for multiuser access and the flexibility to support mixed communication types. The AS5200 addresses key requirements for serving dial-up users. These requirements include low operating costs, scalability, and strong security controls.

Cisco's AS5100 access server remains the product of choice for sites that need targeted capabilities to serve asynchronous dial-up environments. Responding to the needs of remote users and IS managers, we've added an ISDN PRI connection and enhanced network management and modem functionality.

Five other new products extend our solutions for enterprise telecommuters, mobile professionals, and home users. CiscoRemote Plus Version 2.0 and CiscoRemote Lite Version 2.0 for Windows-based PCs enable users to access computing resources within an enterprise network or across the Internet. Three new models of the Cisco 200 series remote-node products, tailored for telecommuters and small, single-user offices that use ISDN for network access, provide transparent access to enterprise LAN resources and the Internet.

Security is critical for all networks, centralized or dispersed, but risks can increase with remote connections. To create a solid line of defense from home to headquarters, we've complemented our products with the new CiscoSecure server. CiscoSecure arms network managers with the ability to prevent unauthorized access, establish user classes, and provide accounting information for security audits and billing. We've also launched the CiscoAdvantage(TM) product line to help network managers cope with several challenges posed by the growing popularity of the Internet. Part of this line is the PIX(TM) product, which supports a range of Internet security options such as an adaptive security firewall and encryption technologies. PIX and CiscoSecure work with security features of our Cisco Internetwork Operating System (Cisco IOS(TM)) software to build a multitiered network stronghold.

These capabilities already cast us in a leadership role, but that's not enough. Our advanced routing and universal access technologies enable a whole new breed of applications for which the world---not just the networking industry, but consumers at large---has been waiting. Web-based commerce into the home and safe, mission-critical financial transactions over a corporate intranet, for example, are the caliber of applications that are emerging. Such transactions are viable today---but as a leader in this market, the onus to secure them is ours. Working with our customers and partners, we'll rise to the challenge.


Don Listwin
Vice President and General Manager
Cisco Systems Access Business Unit


Expanding the Network Habitat beyond Walls

Cisco Dial-up Access Products Connect Users Near and Far

Most users think of connecting to the network as something they do only at the office. Yet many users today are highly mobile---working sometimes in the office and sometimes at home, in a hotel, at a customer location, or from a vendor site. With the goal of creating "one enterprise, one network," organizations must also serve the remote access needs of branch offices, customers, vendors, and business partners.

Cisco products serve a wide variety of access requirements for remote offices, mobile users, and telecommuters.


All of these users want to maintain their productivity by accessing LAN-based applications, electronic mail, the Internet, and other resources regardless of where they work or the type of communication facilities available. In short, users want network access that extends beyond walls.

To serve these needs for remote access, many organizations want solutions based on the most widely available communications links: analog dial-up lines and Integrated Services Digital Network (ISDN). "For enterprises and network service providers alike, Cisco Systems has incorporated a vision of simple, yet powerful access for dial-up and ISDN links in its comprehensive line of access products," says Dale Jantzen, Senior Product Line Manager for Cisco's Access Business Unit.

Dial-Up Access Products Deliver Performance and Flexibility

Delivering the broadest range of solutions for both remote offices and individual users, Cisco's access products give organizations the ability to extend their internetworks beyond walls, with high flexibility and performance.

The Cisco dial-up solutions include access hardware and software at remote and central sites, client software for users, and security products. These solutions deliver "anytime, anywhere" access to users, with simple installation and operation. For network managers, Cisco's dial-up access products offer the assurance of interoperability, security, scalability to accommodate a growing user population, protection of existing investments in Cisco technology, and end-to-end Cisco quality.

At the central site, Cisco's core routers and access servers can consolidate access to enterprise resources while improving the overall capacity, availability, and security of an enterprise internetwork.

For remote access, Cisco offers a range of products to meet an organization's needs for:

To maintain high levels of protection in an increasingly accessible network, Cisco also offers a choice of security solutions. Supporting the most popular security protocols, these solutions provide essential features for authenticating users, authorizing their access to the network, and accounting for their activity.

All of these hardware and software components are linked by the comprehensive, powerful features of the Cisco Internetwork Operating System (Cisco IOS(TM)) software. These features ensure interoperability among all Cisco products in an internetwork, enable consistent and centralized management, and optimize utilization of expensive wide-area links.

Cisco's product families serve requirements for remote access at all network sites.

Cisco Access Solutions

Mobile Users and Telecommuters Remote Offices Central Site
Cisco 200 series telecommuting system Cisco 4000 Series access routers Cisco 7000 and 7500 series core routers
Cisco 750 series ISDN routers Cisco 2500 series access routers Cisco 4000 series access routers
CiscoRemote software Cisco 1000 series access routers Cisco 2500 series access routers
Cisco AS5100 and AS5200 access servers
CiscoSecure server software

Network Access Anytime, Anywhere

The demand for dial-up access to networks will grow as more users travel, telecommute, and work at different locations. Cisco Systems offers a broad selection of products for dial-up access, delivering flexibility and performance for networks that extend beyond walls.


Cisco Rolls Out New Choices for Connecting Remote Users

Meeting the diverse requirements of remote users for access to enterprise networks demands equally diverse choices in access solutions. Cisco Systems is offering new and enhanced access products that are specifically suited to the different needs of central and remote sites.

New Cisco AS5200 Access Server Delivers Universal Access

Cisco has announced the AS5200, the first product in its new generation of universal access servers that support both analog and Integrated Services Digital Network (ISDN) lines. The AS5200 gives users the convenience of a single telephone number for access and network managers the flexibility to support a mix of communication types.

"The explosion in demand for dial-up access to online services and enterprise networks has created an urgent need for an access platform that supports growth in both numbers of users and types of communications services," says Lee Franzen, Product Manager in Cisco's Access Business Unit. "The AS5200 delivers this platform through high port density and by leveraging the unique functionality and scalability of the Cisco IOS(TM) software."

The AS5200 is the first product in a family of platforms designed to address the key requirements for serving dial-up users. Among these requirements are scalable deployment, high utilization of network resources, low operating costs, and strong security controls. These capabilities are made possible by features in the Cisco IOS software, such as support for a full set of access protocols and standards-based implementation of the multichassis Multilink Point-to-Point Protocol (MP). For more information on Cisco's support for multichassis MP, see "Access Enhancements in Cisco IOS Software."

The AS5200 hardware supports scalable deployment by integrating the functionality of standalone data service units (DSUs), channel banks, modems, communication servers, switches, and routers in a single chassis. By accommodating a range of physical layers including native ISDN, V.34 modems, and V.120 through integrated ISDN Primary Rate Interface (PRI) access, the AS5200 can support any call, using any physical layer and any higher-level protocol.

The AS5200 offers flexibility for mixed-media networks that are migrating from analog to digital access. Customers will have a choice of modems for the 48 channels on the dual T1 model and 60 channels on the dual E1 model. The AS5200 will be available in North America in the second quarter of 1996 and worldwide in the third quarter of 1996.

Cisco Enhances AS5100 Access Server

Asynchronous modems and traditional telephone service remain the most cost-effective and universally available way of addressing user demands for remote access. The Cisco AS5100 access server is the product of choice for sites that need targeted capabilities to serve asynchronous dial-up environments. The latest hardware and software enhancements for the AS5100 access server improve functionality for both remote users and network managers.

Enhancements to Cisco's AS5100 include new network management features, modem functionality, and a new ISDN PRI connection.


The AS5100 product has been enhanced in three areas: network management features, modem functionality, and a new ISDN PRI connection.

CiscoRemote Software Makes Connection Easy and Productive

The CiscoRemote software for Microsoft Windows-based personal computers offers a scalable and comprehensive solution for remote users. With the CiscoRemote client software, users can access computing resources within an enterprise network or across the Internet. Transferring files, connecting to remote hosts, browsing the World Wide Web, and participating in collaborative computing are among the user activities that can be conducted via the CiscoRemote software.

Cisco now offers two versions, CiscoRemote Lite and CiscoRemote Plus. Both are optimized for easy installation and operation with Cisco's family of access servers and support Microsoft Windows and Windows 95. These products also extend the benefits of the Cisco IOS software to users' desktops through both ISDN and traditional modems.

CiscoRemote Lite is available free of charge with the purchase of a Cisco access server and provides basic remote-node connectivity to enterprise networks. CiscoRemote Plus Version 2.0 is the first client software to include a rich set of applications for access to the Internet, including electronic mail, File Transfer Protocol (FTP), and a World Wide Web browser. It also includes acceleration features that increase performance on the remote link. This set of capabilities, known as PowerBurst, is made possible by software from AirSoft, Inc. The CiscoRemote products will be available in the second quarter of 1996.

Cisco 200 Series Delivers a Complete ISDN Package

The new Cisco 200 series of remote-node products is ideal for telecommuters working from home and small, single-user offices that use ISDN lines for network access. These users can gain transparent access to enterprise LAN resources such as databases, hosts, printers, and electronic mail as well as high-speed access to network service providers. The Cisco 200 series also provides single-user, high-speed connection to the Internet.

The Cisco 200 series currently encompasses four products. Shipping now, the Cisco 201 and 202 models combine ISDN and connectivity software with an ISDN adapter. The Cisco 201 is appropriate for ISDN users worldwide, while the Cisco 202 adapter includes a built-in Network Termination 1 (NT1) device for North American users.

Available later this year, the Cisco 203 and Cisco 204 models will provide the same hardware and software as the Cisco 201 and 202 products, but will also include the CiscoRemote software.


Access Enhancements in Cisco IOS Software

Several new features of the Cisco Internetwork Operating System (Cisco IOS(TM)) software enhance communication over ISDN links.

IP Address Negotiation for ISDN

Cisco's IP address negotiation feature allows the user's remote-node PPP client software (such as CiscoRemote) to "borrow" an IP address from a Cisco core router. The address assignment remains in effect only for the current session. Address negotiation is especially useful for home or mobile users who access the network from a personal computer that does not contain a routing device. Network managers can choose to assign IP addresses from a pool maintained on the core router, from an external Terminal Access Controller Access Control System Plus (TACACS+) or Dynamic Host Configuration Protocol (DHCP) server, or from a combination of these sources.

Routing Information Protocol (RIP) Version 2

With the explosive growth of the Internet, preserving Internet addresses has become a critical challenge for all network managers. Several routing protocols use classless addresses, including the enhanced Interior Gateway Routing Protocol (IGRP), Open Shortest Path First (OSPF), and now RIP v.2, which Cisco supports in Release 11.1 of the Cisco IOS software. The Cisco 750 series access routers use RIP v.2 for compatibility with other Cisco products, which support the Classless Interdomain Routing (CIDR) technique. For more information on CIDR, see "No Class Barriers on the Internet," Packet, Second Quarter 1994 (Volume 6, Number 2).

Multilink Point-to-Point Protocol (MP)

MP fragments packets before passing them to the network, allowing the protocol to send different fragments from the same packet over different ISDN B channels, then reassemble them correctly on the receiving router. This capability maximizes the utilization and performance of both ISDN B channels.

Cisco's support for interoperability of MP is especially helpful for networks that must accommodate many different types of user equipment. Multilink PPP is supported on all Cisco ISDN Basic Rate Interface (BRI) and PRI interfaces and can be used with other Cisco ISDN features, including PPP compression and IP address negotiation.

Multichassis MP

Cisco will extend MP support across multiple routers and access servers with the Multichassis MP feature, available as part of the Cisco IOS software in the second half of 1996. This feature will enable multiple systems to operate as a single, large dial-up pool, with a single network address and ISDN access number. Multichassis MP correctly handles packet fragmenting and reassembly when a user connection is split between two physical access devices, enabling network managers to maximize their utilization of all ports and bandwidth on their Cisco access equipment.


New York University Connects Students with Cisco Access Servers

New York University (NYU) is easily the USA's largest private university, with a student population of more than 50,000. One corollary of this large student body is an increasing need for dial-in connections from off campus to the university's campus network. Working with Cisco Systems, NYU Operations Associate Carlo Cernivani thinks he may have found a way to meet the demand.

Access Demands Increase

"Last June, we found the requirements for modem services to be growing geometrically," recounts Cernivani. "We notified the Telecommunications Department that we expected significant growth in the coming year. Despite upgrading their phone system, they told us they would not be able to handle the additional loads we were projecting. Therefore, we looked into mass voice delivery in the form of T1 and T3 to support our services."

Another concern to Cernivani was a huge rise in the number of incoming students arriving with their own computers. Cernivani's objective was to provide all NYU students with access to both internal computing resources and to the Internet, whether they were connecting from campus computing facilities, dorm rooms, or off-campus residences.

Cernivani notes that the Academic Computing Facility examined numerous options for addressing the dial-up access problem. "We moved modems around until we had about 270 on the NYU switch, then we went looking for a digital solution."

NYU evaluated a proposal from a local telecommunications services provider, but settled instead on a solution proposed by Cisco Systems. "Our Assistant Network Manager, Jimmy Kyriannis, and Senior Network Engineer, Bill Russell, were very familiar with the Cisco routers we have installed around campus," notes Cernivani. "Their experience with Cisco helped make me comfortable with moving to this solution."

In late summer, the university tapped into an existing DS3 connection from NYNEX, a regional telecommunications carrier, to help with its own growing telecommunications needs. Independently, Cernivani leased T1 lines directly from NYNEX and installed four Cisco AS5100 access servers on its Ethernet backbone. The AS5100s, in turn, enabled Cernivani to install 192 modems for use by the student population.

The cutover went smoothly, according to Cernivani, who reports that the beta version of the AS5100 product worked very well "right out of the box." The Cisco AS5100 integrates the functions of a DSU/CSU, channel bank, modem, communications server, and router in a single device. Each AS5100 provides dial-up access to enterprise networks for up to 48 modems.

Onto the Net

With the network facility and hardware in place, the new configuration was ready for testing. "All access to the new service was 100 percent secure, with users being authenticated via a TACACS server," says Cernivani. "The service provides full NYU-network and Internet access."

"We started to generate fixed accounts slowly to test the solution," observes Cernivani. "Once we were confident, we opened up the accounts for general enrollment and went to about 2500 accounts strictly by word of mouth. We found the solution very robust."

Cernivani and Assistant Network Manager Kyriannis monitored use of the new configuration. "We're currently averaging over 2000 calls daily, but we're in a midyear break," Cernivani observes. "These numbers will keep growing. Even if we don't generate additional accounts---and we will---the current user base will easily generate over 4000 calls daily." Cernivani reports that he is getting class accounts worked out to enable more students to have Internet logins. "Our waiting list stands at 600 now and, when the students return for the Spring '96 term, we can expect an average of 20 to 25 new account requests per day for at least the first several weeks."

Even without advertising, Kyriannis expects a stampede when all dormitories are wired into the campus backbone and more students learn about dial-up access to the Internet. "The NYU Telecom department is responsible for all dorm wiring projects. They have dorms lined up to be wired over the next several years. When this happens, the demand for Internet access will increase."

In the meantime, Cernivani reports, "Our overall modem services (including the older pool of modems connected to the NYU telecommunications switch) averaged over 1.2 million completed calls during the Fall '95 term. These numbers continue to rise, and I have no doubt that we'll see a growing proportion of these calls handled by the Cisco access servers."

With the enhanced dial-up access provided by the Cisco access servers, NYU has joined Cornell University and others in integrating computers and networks into the academic process. Cernivani reports that he is very pleased with the Cisco solution and views it as an important component of the Academic Computing Facility's efforts to make computing resources available to all NYU students---both on and off campus.

NYU Topology
The NYU campus is networked for greater access to the school's computing resources by students, faculty, and administration. A dual-attached station FDDI ring provides the campus backbone, while a redundant Ethernet backbone supports network management purposes and campus connectivity in the event of a ring failure.
A second, switched FDDI backbone provides support for multiple 100-Mbps FDDI sessions without conflict. This FDDI network reduces congestion on the campus-wide FDDI backbone by switching traffic between the main campus ring, large departments connected directly to the central switch, and the Cisco 7000 router.
To facilitate dial-up connections to the campus networks, four AS5100 access servers on an Ethernet backbone interface to both the campus FDDI and the switched FDDI networks via a Cisco 7513 router. The AS5100s enable up to 192 simultaneous modem connections and provide access to campus and Internet resources.


Remote Access: Security Tightens on Cisco Networks

As internetworks serve more remote users, controlling access security becomes a critical challenge. Network managers need comprehensive tools that establish strong security measures while not burdening users with lengthy and complex login procedures.

To meet these needs, Cisco's new Lock and Key security software and CiscoSecure server provide essential security capabilities based on Cisco's Terminal Access Controller Access Control System (TACACS+) protocol. In addition, Cisco has enhanced its implementation of the Remote Authentication Dial-In User Service (RADIUS) protocol and added Kerberos support.

Lock and Key Controls Multiuser Network Access

The new Cisco Lock and Key software provides a solution for branch offices and network access points where multiple users communicate over a single router and communications link. Lock and Key couples Cisco's access list capability with a challenge/ response system. It first authenticates the remote router, then authenticates individual users when they access the network. With this dual authentication process, intruders cannot gain access simply because the router has been authenticated.

The Lock and Key software can operate on any security server, but is ideal for the CiscoSecure TACACS+ server. Lock and Key fits easily into existing networks without requiring additional equipment or cumbersome reconfiguration of the topology.

Cisco's Lock and Key security features prevent "hackers" from entering a network by following an authorized user through an authenticated router.


CiscoSecure Server Software for TACACS+

The new CiscoSecure family provides the server portion of Cisco's distributed security solution for the TACACS+ protocol. Running on a UNIX platform, CiscoSecure allows a security administrator to centrally control dial-in access to the network and to management of the routers within the network.

CiscoSecure maintains a central database of user and group profiles for authentication, authorization, and accounting (AAA). Security administrators can address each of these functions independently, enabling them to embrace security strategies that can scale easily as their networks grow.

Password maintenance features protect against stale or easily guessed passwords. With these features, users can change their own passwords at will or undergo mandatory password changes initiated by the password-aging feature.

RADIUS Protocol Support

Cisco's implementation of the RADIUS protocol gives network managers a choice of security methods for Cisco access server products. RADIUS is a distributed system that encompasses an authentication server and client security protocols. The RADIUS and TACACS+ protocols can be mixed in the same network, enabling network managers to implement different security models according to the needs of specific applications or groups of users. The RADIUS implementation is available beginning with Release 11.1 of the Cisco Internetwork Operating System (Cisco IOS(TM)) software.

First Phase of Kerberos Support

Cisco IOS Version 11.1 also includes the first phase of Cisco's implementation of the Kerberos Version 5 security protocol. Kerberos authenticates a user through a process in which the user's readable text password never travels over the network during the login handshake process. Instead, Kerberos uses an encrypted key to grant network access.

In this first phase implementation, Cisco routers and access servers support user authentication on a Kerberos server. In a future phase, Cisco will implement features that forward a Kerberos authentication key to other devices automatically as the user connects to different parts of the internetwork.


CiscoAdvantage Boosts Internet Productivity

A new line from Cisco Systems introduces a wide range of Internet products to leverage the intelligence of routed internetworks.

Getting companies up and running on the Internet often resembles defensive driving: getting to the destination quickly may be the goal, but unplanned diversions may happen along the way. Some of the more common Internet roadblocks include setting up unique IP addresses for each server, connecting IPX-based LANs to the TCP/IP-based Internet, and scaling a single Web site or FTP site among multiple servers in a way that is transparent to users.

Cisco Systems is smoothing out the bumps in these rocky roads with a comprehensive new line of products for Internet users called CiscoAdvantage(TM). Some of CiscoAdvantage's capabilities include:

CiscoAdvantage products currently include LocalDirector and DistributedDirector hardware and software solutions, Private Internet Exchange (PIX(TM)) series firewall hardware and software, and Cisco Internet Junction(TM) gateway hardware and software.

A Matter of Scale

As Web and File Transfer Protocol (FTP) sites grow in popularity, it becomes more and more difficult to scale networks and servers to effectively service the exploding number of Internet users. The CiscoAdvantage LocalDirector and DistributedDirector products leverage the intelligence of the routed network to transparently distribute Internet sessions, track sessions among servers, and balance the load among multiple sites and locations.

LocalDirector allows many servers that are geographically collocated to appear as one virtual server. New servers can be added and removed transparently, yet users perceive the site as a single, consistent entity. DistributedDirector has Domain Name Server (DNS) capability to provide the "best available" server address. During this transaction, geographically distributed servers can appear as a single virtual server, and new servers can be added and removed transparently. For example, FTP servers in London, Tokyo, and New York could improve response time for users while offering them a single URL. DistributedDirector and LocalDirector will be available during the second quarter of 1996.

IP Address Flexibility

One of the biggest challenges to Internet access involves the scarcity of registered IP addresses. According to long-standing convention, a unique IP address is required for each host connected to the Internet. CiscoAdvantage's PIX products include a network address translator that allows a small set of registered IP addresses to serve an entire network in a secure, scalable manner. They work by mapping the reusable, nonunique IP addresses in a particular network to the globally unique (registered) ones required for communication with the Internet. PIX Private Link is an add-on encryption card that offers Data Encryption Standard (DES) hardware encryption. Taken together, these products allow for secure communication between multiple PIX units within a corporate LAN or WAN or over the public Internet.

The NetWare Connection

CiscoAdvantage Internet Junction software gives Novell NetWare users secure access to the Internet and the ability to run TCP/IP applications---such as Web browsers and File Transfer Protocol (FTP) software---using a single IP address for an entire LAN. This software eliminates the need to configure and maintain a TCP/IP stack on every desktop or to run NetWare routing protocols on the corporate network.

ISP Bonanza

Until now, ISPs built their businesses primarily around single users and single-host sites. Cisco Internet Junction software allows ISPs to expand their services to support not only small business customers but larger companies as well---all with the same overhead. By simplifying the IP addressing issues and offering expanded services to Novell NetWare sites, ISPs can significantly expand their markets.

HTML for Management

The CiscoAdvantage product line incorporates the Hypertext Markup Language (HTML), as used with the World Wide Web, for its primary means of device management. HTML will be available both for configuration and ongoing management of the CiscoAdvantage products. The Cisco Internet Junction software currently supports a Web browser interface that uses HTML, and the solid-state implementation of the server will support a similar interface. Other elements of the CiscoAdvantage product line, such as DistributedDirector, will also support an HTML management interface during 1996.

Questions and Answers

Q Does the CiscoAdvantage line include any unique security features?

A In conjunction with the Cisco IOS software, the PIX product provides a wide range of Internet security options that include an adaptive security firewall and new data encryption technologies. While PIX secures LAN data and systems from Internet intruders, PIX Private Link's data encryption turns the Internet into a secure channel for clients on its users' LANs and those of their business partners. These capabilities complement the bullet-proof security inherent in the Cisco IOS software itself, which includes packet filtering, user authentication, and route authentication.

Q Are there other advantages to the PIX method of IP network addressing?

A Absolutely. The PIX product's network address assignment capabilities not only simplify the process of getting organizations on line, they offers customers some unique business advantages, such as:

Q Is there a way to route World Wide Web traffic intelligently to multiple servers through a single URL?

A Cisco's DistributedDirector product includes sophisticated capabilities for load sharing and scaling among servers. It redirects Internet traffic at busy sites by taking into account such factors as how close a user is to a particular server, what the current load is on that server, and how many users are currently being served.


Wall Data Teams with Cisco, Easing Move to SNA over TCP/IP

TCP/IP, once almost exclusively the tool of government and academic WANs, is now used by many organizations to link dissimilar computers and to extend local networks into internetworks. The benefits of TCP/IP's open architecture, Internet and client/server access, scalability, better price performance, and wide range of media are attractive to large companies that need to unite PC-based networks with their legacy Systems Network Architecture (SNA) systems.

Larger companies evaluating this move place emphasis on maintaining high availability and consistent response times to support the enterprise-wide, mission-critical applications that typically reside on mainframe and midrange IBM systems. Router-based solutions such as data-link switching (DLSw) meet these requirements and move SNA-based applications over TCP/IP reliably and efficiently. However, extending TCP/IP all the way to the SNA desktop introduces additional challenges. Some end-to-end TCP/IP solutions limit SNA functionality, increase costs, and complicate network management.

The Bidermann Corporation, an Atlanta, Georgia-based holding company and the maker of Arrow shirts, was facing these challenges and more. Bidermann needed to connect its legacy SNA systems to a UNIX-based, client/server network that would eventually link up to 200 PCs and several disparate servers.

"We looked at several solutions," said Tony Parziale, Director of Enterprise Computing at Cluett Peabody, a division of Bidermann. "Most solutions seriously limited SNA functionality or forced us to put an expensive TCP/IP stack on each AS/400. We're running our financial and production software on six AS/400s. Implementing TCP/IP dramatically improved our performance, which provided users with a more efficient access method to the AS/400 and resulted in improved customer service. The production software was especially critical to my client/server users, some 40 of them, in Canada, North Carolina, New York, and Georgia."


After evaluating the various solutions available, Bidermann decided that a solution based on Cisco routers and Wall Data RUMBA software was the best way to transport SNA data over TCP/IP. For Bidermann, the close cooperation between Cisco and Wall Data solved the problem: support for Cisco's Native Client Interface Architecture (NCIA) in RUMBA software provided an end-to-end TCP/IP solution for SNA users.

In conjunction with the Cisco Internetwork Operating System (Cisco IOS(TM)) software, RUMBA software allows Bidermann users to access business-critical information located anywhere across the enterprise directly from their PCs. In short, RUMBA provides the SNA emulation that allows business users to access information that resides on enterprise servers, mainframes, and minicomputers directly from their desktops.

Using Native Client Interface Architecture (NCIA), Wall Data RUMBA software and the Cisco IOS software allow PC users to access any of the AS/400 systems on the Token Ring network across a TCP/IP connection without sacrificing SNA functionality.


"The collaboration between Cisco and Wall Data, combined with each of their technology advantages and strong relationships with IBM, made the decision easy," said Parziale. "We believe Cisco's product is the industry standard, and we chose Wall Data's RUMBA software because it works best with Cisco routers."

Parziale credits Wall Data's and Cisco's strong alliance and the fact that they leveraged each other's technology to help Bidermann easily and successfully migrate from SNA to TCP/IP.

"The metrics the two companies met were these: lowest possible cost, highest level of routability, no changes to the host, and the ability to access multiple AS/400s while using an existing IP network. All this without losing any SNA functionality," said Parziale.

What Is NCIA?
The Cisco IOS(TM) software provides the ability to encapsulate SNA and NetBIOS packets in TCP/IP. The benefit of encapsulating SNA and NetBIOS is that doing so allows these protocols to be routed over a multiprotocol network using standard IP routing.
NCIA is an architecture that allows third-party vendors to implement Cisco's SNA and NetBIOS encapsulation in desktop software such as remote node clients or SNA emulators. When NCIA is implemented in PC software, the SNA and NetBIOS packets leave the PC encapsulated in TCP/IP, enabling the PC to connect over any media, including asynchronous lines using standard Serial Line Internet Protocol (SLIP) or Point-to-Point Protocol (PPP) drivers. Because the NCIA driver that is implemented in the desktop software encapsulates the data in TCP/IP using the same formats and protocols that Cisco routers use, a Cisco access server or router at the host end can recognize the encapsulated data, de-encapsulate it, and present native SNA or NetBIOS data to the host.
Many MIS organizations are searching for ways to provide flexible, cost-effective remote access to SNA and NetBIOS applications for mobile users. At the same time, they want to reduce the total cost of network ownership by integrating SNA and LAN traffic in a single network. A third objective of many enterprises is to converge on a single backbone protocol, in most cases TCP/IP. NCIA can help MIS managers accomplish all of these objectives.
NCIA allows mobile users to employ a single dial-up connection to access all of their applications. For example, a remote user could dial in to a Cisco access server and open an accounts payable application on a mainframe using SNA, a Lotus Notes server using NetBIOS, and the Internet using TCP/IP. And NCIA reduces training requirements by allowing employees to use the same SNA emulation software whether they are on LAN connections in their offices or remote dial-up connections.
NCIA supports dial-up SNA host access using the same network infrastructure used to support dial-up LAN connectivity. Eliminating separate SNA links saves money in equipment and recurring line charges. A single integrated network can also reduce the load on the network management staff.
NCIA uses TCP/IP to support SNA and NetBIOS across asynchronous links or any other links supported by TCP/IP. By doing so, NCIA allows enterprises that have made a strategic decision to use TCP/IP as their primary backbone protocol to continue to support SNA and NetBIOS applications.


High-End Routing Customers Gain New Upgrade Paths

Cisco Formalizes Pledge to Investment Protection

Cisco Systems has always emphasized providing users with a high degree of investment protection, offering innovative ways to fully leverage investments in existing systems, interface cards, and software. A new four-point program from Cisco takes this protection to a higher level.

As of February 1996, the program provides four incentive packages to help customers upgrade from existing products to new products and technologies that offer advanced capabilities.

RSP7000---Platform for the Future

The RSP7000 card, a Route Switch Processor like that used in the Cisco 7500, is a major new initiative that allows current Cisco 7000 users to upgrade their hardware to obtain speed and features approaching that of the Cisco 7500. The RSP7000 card replaces existing system processors in this upgrade.

The RSP7000 card enhances Cisco 7000 series routers by increasing processing power while preserving customer investment in the router chassis and interface processor cards.


Steve Collen, Product Manager in Cisco' s Core Business Unit, explains how the RSP7000 makes the Cisco 7000 a platform for the future. "With its 100-MHz RISC processor and custom ASICs, the RSP7000 enables users with installed Cisco 7000s to gain four to five times their current system performance for most protocols and services. Plus, when used with VIP cards, the RSP7000 provides the benefits of distributed switching, distributed services, and increased port density."

Distributed switching allows the VIP card to make local switching decisions based on routing information received from the RSP. This ability further improves throughput and scalability because the processing power of the RSP is conserved during traffic switching.

With distributed services, the VIP can perform processor-intensive activities such as encryption and compression without RSP intervention, again providing the dual benefits of performance and scalability. Collen sees the RSP7000 as a boon to users of the thousands of installed Cisco 7000 routers who want the performance and features of the Cisco 7500, but may not need its interface capacity or processor redundancy. The Cisco 7500 offers up to eleven slots for interface processors, compared with five in the Cisco 7000. "The density in the Cisco 7500 makes multirouter consolidation possible and is ideal for very large networks," notes Collen.

Another advantage of the Cisco 7500 is its range of high system-availability features. For example, dual RSPs can be installed in a single chassis to provide a "hot backup" against the failure of either board. That level of reliability gives the Cisco 7500 an edge in mission-critical, online applications.

Collen acknowledges that not every customer may have an immediate need to move to a Cisco 7500 platform. "For those customers who haven't yet encountered a business requirement for the brawn of the Cisco 7500, there' s now a cost-effective migration path to obtain the brains of the RSP7000," he concludes.


New Modules for Catalyst 2800 Workgroup Switch Offer Bandwidth and Flexibility

Cisco Systems now offers several high-performance modules for its Catalyst(TM) 2800 workgroup switch, providing a choice of 100BaseT Fast Ethernet or Fiber Distributed Data Interface (FDDI) connections. Users can install the new "hot-swappable" modules in the field---they can be inserted directly into the Catalyst 2800's expansion slots with no interruption to network service.

The 100BaseT and FDDI modules for the Catalyst 2800 provide the flexibility to change network configurations without sacrificing investments in the base switch.


Each module offers 100 Mbps of bandwidth. The 100BaseT and FDDI modules plug directly into high-speed expansion slots on the Catalyst 2800 switch, giving users the flexibility to change their network configurations while preserving their investments in the base switch. The hot-swappable design lets network administrators install the modules while the switch is operational, minimizing network downtime.

Single-port modules support a dedicated connection to a 100BaseT- or FDDI-equipped server. Additionally, single-port 100BaseT modules support CollisionFree® full-duplex operation, allowing up to 200-Mbps throughput across a 2-kilometer fiber connection to a Cisco 7000 or 7500 series router or a Catalyst workgroup switch. Multiple-port modules provide 100-Mbps shared connections to "server farms" and backbones over unshielded twisted pair (UTP) or fiber.

New Catalyst 2800 Module Options

100BaseTX 100BaseFX FDDI
One-port UTP One-port fiber Fiber (DAS)
Eight-port UTP Four-port fiber Fiber (SAS)

SAS---Single Attachment Station
DAS---Dual Attachment Station

Any combination of modules can be used in a single Catalyst 2800 to support users' particular needs. All modules are available now; a future Asynchronous Transfer Mode (ATM) module is planned for connectivity to ATM switches.

Catalyst 5000 Scores High in Performance Tests
In recent tests conducted by Scott Bradner of Harvard University (Cambridge, Massachusetts), the Catalyst 5000 distinguished itself through outstanding throughput in several testbeds. To view the results of these tests, connect to the URL: http://www-tac/wbu/Switches/C5000.html.


Cisco and Netscape Offer Easy Internet Access for PC Users

Cisco Systems and Netscape Communications are bringing network PC users simplified and secure connection to the Internet under a software licensing agreement that brings together Cisco Internet Junction(TM) gateway software and Netscape Navigator client software.

Part of the new CiscoAdvantage(TM) product line, Internet Junction software enables PCs on a Novell NetWare network to speak the Internet's "native tongue," Transmission Control Protocol/Internet Protocol (TCP/IP), without the need for TCP/IP networking software on every connected PC. Netscape Navigator client software offers an easy point-and-click interface and delivers advanced Internet security features using the Secure Sockets Layer (SSL) open protocol. The bundled Internet access solution is simple to install and ready for use on existing NetWare PC networks.

Cisco Internet Junction Gateway Software
More information on Cisco Internet Junction gateway software is available in the article, "CiscoAdvantage Boosts Internet Productivity."


Cisco Invests in Objective Systems Integrators

Cisco recently made a small equity investment in Objective Systems Integrators, Inc. (OSI), the leading independent developer of network management software for service providers. The two companies plan to codevelop network management applications for Cisco's internetworking technology, enabling service providers to quickly deploy new, enhanced internetworking services over their networks.

Cisco and OSI plan to develop enhancements for OSI's NetExpert family of graphical user interface (GUI)-based development tools and management applications. NetExpert is designed to manage many types of network devices, such as computers, transmission equipment, and switches, regardless of the transmission technologies used in the network. It can be used for a diverse range of management functions, such as fault management, provisioning, billing, data collection, network traffic reporting, and performance analysis.


Cisco to Acquire TGV Software

Target Is Secure, Scalable Web-Based Computing

Cisco Systems has agreed to purchase TGV Software, Inc., a leading developer of Transmission Control Protocol/Internet Protocol (TCP/IP) internetworking software products. The acquisition will enable Cisco to provide end-to-end connectivity for enterprise internetworks. Cisco will also broaden its solutions for secure access to the Internet, supporting both existing network environments and growing corporate intranets---private internetworks connecting disparate and geographically dispersed networks.

TGV's expertise in TCP/IP technology will contribute to Cisco's multiplatform support of TCP/IP, the native language of the Internet and the World Wide Web. Cisco will integrate TGV technology to offer value-added services such as client-to-server bandwidth reservation.

By year-end Cisco expects to implement value-added links between TGV software and the Cisco Internetwork Operating System (Cisco IOS(TM)) software. Cisco plans to leverage this interoperability to advance application support in several areas, including networked multimedia applications.

Background on TGV
TGV Software was founded in 1988 in Santa Cruz, California, to develop and market software products for heterogeneous client/server systems. TGV's leading product, MultiNet software, delivers a suite of server-oriented TCP/IP internetworking applications. TGV products will be available through Cisco's regular sales channels upon the completion of the acquisition.


Cisco Expands Options for Native Open Networking

Cisco and Unisys Corporation recently announced that the Cisco Internetwork Operating System (Cisco IOS(TM)) software and routers support native prioritization of BNA data, the Unisys A Series networking protocol, within IP data packets. This capability gives Unisys A Series clients the ability to connect with and build open enterprise network solutions that are based on industry-standard networking protocols while preserving current Unisys A Series premium networking services, including end-to-end prioritization.

Priority recognition and encapsulation enable BNA information to be transmitted over open networks using TCP/IP networking protocols. End-to-end prioritization facilitates subsecond performance for critical applications.

Through its Network Enable organization---which specializes in multivendor network integration---Unisys offers planning, design, procurement, configuration, staging, installation, maintenance, and other services for building and supporting custom open network solutions. Unisys is currently Cisco's second-largest reseller in the USA.


Zenith Joins with Cisco to Offer High-Speed Cable Network Solutions

Zenith Electronics Corporation recently joined forces with Cisco, becoming the first cable vendor to port the Cisco Internetwork Operating System (Cisco IOS(TM)) software to Zenith's new cable system architecture. In addition, Cisco will provide routers, switches, and Cisco IOS software that will allow cable operators to receive data at 45 Mbps over DS3 telecommunications lines. By providing high-speed internetworking equipment at the front end, this arrangement prevents bottlenecks between cable operators and switched public telecommunications networks.

Zenith's new family of cable modems will deliver up to 40 Mbps of digital data over a 6-MHz cable channel. This modem, combined with the Cisco IOS software, will allow cable operators to provide high-speed data services to many subscribers simultaneously. The high-speed cable modems will operate on a flexible new data communications architecture that is compatible with emerging standards, paving the way for mass deployment of industry- standard cable modems.

Background on Zenith
Zenith is an industry leader in cable modem technology. The Zenith Network Systems division is a leading developer of video entertainment and information services over broadband networks.


New Electronic Commerce Applications Simplify Business with Cisco

Extending its leadership position in the internetworking industry, Cisco Systems is pioneering new ways of doing business using electronic media. Cisco has introduced Commerce Agents to simplify and expedite business transactions by providing users with the ability to place and track orders online 24 hours a day, 365 days a year via the World Wide Web.

Users of Commerce Agents enjoy increased efficiency, shortened lead times, reduced business costs, and customized service and support.

Commerce Agent applications provide these benefits:

Additional Commerce Agents will be available in the second quarter of 1996.

To access Commerce Agents, register at URL: and provide purchase order and bill-to information. For more details, call 800 553-NETS (6387) in North America or 408 526-7208 from outside of North America, or send e-mail to


Residency Program Explores IBM Environment Solutions

As part of Cisco's continuing efforts to bring its users the most complete and up-to-date product information, the company's InterWorks Business Unit recently created the Residency Program. This unique program brings experienced Cisco field sales engineers to Cisco's site in Research Triangle Park, North Carolina, where they are immersed in studies designed to fine-tune their problem-solving skills and produce new information for use in the field.

With all the resources of a controlled, laboratory environment available to them, the residents study field situations for specific Cisco internetworking capabilities. Their results are published and placed in a library for Cisco's field engineering and sales staff to apply toward Cisco IBM-environment solutions, adding valuable information that they can offer Cisco users.

The first two teams of sales engineers in this new program worked on cases involving Systems Network Architecture (SNA) data traffic on the Channel Interface Processor (CIP) card for the Cisco 7000 family of routers. They also dealt with issues relating to Cisco's data-link switching capability, DLSw+. An upcoming session of the Residency Program will address cases involving IP and TCP offload over the CIP card. In this session, participants will cover host and remote configurations, functional descriptions, diagnostics, and troubleshooting.


Certified Partner Listings

Certified Channel Partners

High-quality service and support are the hallmarks of Cisco Systems' certified channel partners. Gold and Silver Certified Partners have achieved Cisco-defined levels of sales and support excellence. Certification on a country-by-country basis ensures that partners have resources in place to sell and support multinode networks within the region for which they have achieved certification.

Gold Certified
Company Location Company Location
ABS Austria ITS UK
Alcatel ARE France NIL Slovenia
Alcatel BSG Belgium Realtech Systems USA
Alcatel Business Systems UK Siemens AG Germany
Alcatel Data Networks UK Siemens Albis Switzerland
Alcatel MDS Switzerland Siemens Data Networks UK
Alcatel SEL Germany Telemation GmbH Germany
AT&T Germany Telindus Belgium
AT&T GIS UK UB Networks UK
Bell Atlantic Network Integration USA UB Networks USA
Bell Canada Canada Unisys Belgium
BT UK Unisys France
Chernikeeff Ltd. UK Unisys Germany
Comtech Belgium Unisys Portugal
Consorcio Red Uno Mexico Unisys Switzerland
Cray Communications New Zealand Unisys UK
Datrac AG Switzerland Unitronics Spain
Dimension Data South Africa Upnet AB Sweden
Enterprise Networking Systems USA !nterprise Networking Services from US West USA
Geveke The Netherlands

Silver Certified
Company Location Company Location
Alcatel Comunicaçao de empresa, SA Portugal ITS France
AllTech Data Systems USA NetCom Israel
Arche Communications France Olivetti SMS Finland
Ascom TCS Italy Open Systems Austria
BISS Ltd UK Prolan Brazil
Convex Portugal RCS France
Cygnus Venezuela SAG Thailand
Datacraft Hong Kong Tandem Chile
Datacraft New Zealand TRT/Experdata France
Expert & Partner Engineering Czech Republic Unisys Spain
Hong Kong Telecom Ltd. CSL Hong Kong Unisys Sweden
Interact Systems France

TAC-Certified Partners

Technical Assistance Center (TAC) certification puts Cisco Systems' partners in Europe, the Middle East, and South Africa in partnership with Cisco's networking experts to deliver prompt and effective solutions to Cisco customers.

TAC-Certified Partners
Company Location Company Location
Alcatel France Netcom Israel
Alcatel Germany NIL Ltd. Slovenia
Alcatel Bell Belgium Olivetti SMS Finland
Alcatel Data Networks UK RCS France
Alcatel MDS Switzerland Siemens Germany
Arche Communications France Siemens Albis Switzerland
Ascom TCS Italy Siemens UK UK
AT&T Germany Telemation Germany
AT&T GIS UK Telindus Belgium
BISS Ltd. UK TRT/Experdata France
Chernikeeff Ltd. UK UB Networks UK
Comtech Belgium Unisys Belgium
Convex Portugal Unisys France
Datrac Switzerland Unisys Germany
Dimension Data South Africa Unisys Portugal
Expert & Partner Czech Republic Unisys Spain
F. Hoffman La Roche Switzerland Unisys Sweden
Geveke The Netherlands Unisys Switzerland
Interact Systems France Unisys UK
ITS France Unitronics Spain
ITS UK Upnet Sweden


Cisco Seminar Series

Open to IS professionals, data communications managers, and network managers, Cisco seminars provide up-to-date information covering a range of topics from the basics of internetworking to emerging LAN and WAN technologies. Networking experts help attendees make complex decisions about designing and implementing new networks, growing and managing existing networks, or expanding into new technologies.

[NEW] Moving to Fast Ethernet with Cisco and Intel S134147

Cisco and Intel, the leaders in Fast Ethernet, demonstrate how 100-Mbps technology allows you to leverage your current network investment to dramatically increase your network's capabilities. Systems engineers from Cisco and Intel, along with network consultants from Decisys, Inc., use a special interactive case study to explain the latest trends, applications, and how Fast Ethernet compares to---and complements---ATM and FDDI.

[NEW] Data Center Internetworking S138147

Learn how to integrate a data center and an internetwork. Cisco's Channel Interface Processor (CIP) merges the power of the mainframe with the network, a solution that cuts costs, meets multiprotocol requirements, and delivers high-performance network connections to the mainframe. This seminar presents Cisco solutions that support current system requirements while making the mainframe the most efficient server in a client/server environment.

The Applied Science of Enterprise Network Management S120147

Because a network is only as manageable as its hardware and software components, this seminar highlights the features of the Cisco Internetwork Operating System (Cisco IOS(TM)) software that facilitate network management solutions: built-in Simple Network Management Protocol (SNMP) agents, Dynamic Host Configuration Protocol (DHCP) proxy, and Hot Standby Routing Protocol (HSRP). Cisco technical representatives demonstrate how to save bandwidth, control costs, minimize downtime, and optimize the performance of enterprise networks.

[NEW] Switched Internetworking: Managing the Change of Speed S133147

Effective implementation of switched internetworking technology maximizes the performance of existing networks. By covering a variety of technologies, such as 100-Mbps LANs, "smart" switches, Asynchronous Transfer Mode (ATM), Fast Ethernet, and virtual LANs (VLANs), this seminar helps IS professionals make informed decisions in the design, implementation, and management of switched internetworks.

ATM and Switched Internetworking: A Technology Overview S113147

This highly technical seminar emphasizes the role of ATM in switched internetworking. Cisco consulting engineers cover advanced topics including ATM signaling, Private Network-to-Network Interface (PNNI), ATM routing protocols, native-mode protocol operation over ATM, and VLANs.

Access Routing: Access by Cisco[sm] S108147

As networks continue to grow both in size and in number of remote connections, access and ease of use become critical. Cisco experts demonstrate how remote user sites can access resources that were once the exclusive realm of large, multiprotocol core networks.

Introduction to Internetworking Solutions S115147

Using a comprehensive case study, this seminar illustrates how to construct a successful, cost-effective enterprise internetwork from basic building blocks that combine seamlessly with the Cisco IOS software.

Dates, locations, and registration

Complete information is available online at the World Wide Web URL:,or in the USA call 800 829-NETS (6387) and refer to the priority code next to each seminar title. For information on seminars offered in Canada, call 800 668-0856. For information on seminars offered outside the USA and Canada, call the Cisco regional sales office nearest you as listed on the back cover of this magazine or contact your local authorized Cisco partner/reseller.


Routing Updates

Cisco Collects Food for Second Harvest Food Bank

During November and December 1995, employees at Cisco's US headquarters and field sales locations participated in the annual holiday food drive for the nonprofit Second Harvest Food Bank, setting up theme weeks to target donations for the types of food most needed. With sponsorship from Cisco Chairman John Morgridge---who was also the chairman of the overall 1995 holiday drive for the food bank---and other executives, the drive garnered so many donations that Cisco quickly exceeded its initial goal of 250,000 pounds of food. At last count, the company had collected over 914,000 pounds for the Second Harvest Food Bank in San Jose, California.

Cisco President and CEO John Chambers and Ed Kozel, Vice President and Chief Technology Officer, prepared and served sandwiches in one of the special theme events designed to gather food and raise money for the Second Harvest food drive.


"Cisco's performance in the drive places it ahead of many states and regions, and we can legitimately claim to be the home of the nation's largest food drive," says Steve Mangold, Communications Manager for Second Harvest.

The staff of Cisco's site in Research Triangle Park, North Carolina, also held a food drive for the local Second Harvest Food Bank. In January, they raised over 52,000 pounds of food.


Cisco Products Earn Top Honors

Readers of CCO magazine selected the Cisco 2514 dual-LAN router as the "Readers' Choice" in the Firewalls category of the 1995 CCO Readers' Choice Awards for Internet Products/Services. The Cisco 2514 was the clear winner in all areas evaluated, including ease of use, feature sets, service, and support.

The Cisco 750 router series recently received a "Hot Products" award from Data Communications magazine. The magazine featured the Cisco 750 in its January 1996 issue. Other industry honors for the Cisco 750 include an "Editor's Choice" award from PC Magazine awarded last fall.


Cisco Worldwide Events Calendar

March 7-9 Internet World Asia, Kuala Lumpur, Malaysia
March 19-22 Exponet `96, Sao Paulo, Brazil
March 27-30 Telexpo `96, Sao Paulo, Brazil
April 1-5 NetWorld+Interop 96, Las Vegas, Nevada, USA
April 18-20 Networkers `96 Australia, Gold Coast, Australia
April 24-25 Networkers `96 Japan, Tokyo, Japan
April 29-May 2 Internet World, San Jose, California, USA
May 7-9 Networkers `96 USA, Dallas, Texas, USA
May 14-18 Compu and Net Shanghai, Shanghai, China
May 22-25 ComExpo `96, Caracas, Venezuela
May 28-31 China Computerworld South, Guangzhou, China
June 10-16 Info Com `96, Buenos Aires, Argentina


Networkers `96 USA

Cisco Systems invites customers to attend its 7th annual user symposium.

Dallas Convention Center Dallas,
Texas, USA
May 7--9, 1996


New! Register on line!

Find out more about classes, speakers, and events, and exchange messages with
colleagues from around the world at the Networkers `96 Online Information Center.

Starting March 15, qualified Cisco customers can also register on line and sign up for
symposium sessions.

Join us on the World Wide Web at URL:

Register now to reserve your place!

For more information, in North America call 800 NETWKRS (800 638-9577) or from
outside North America call 408 972-2694.


Networkers `96 Australia

Queensland, Australia
April 18--20, 1996


Networkers `96 Japan

Tokyo, Japan
April 24--25, 1996


More information on these events is available at the World Wide Web URL:


Cisco Training Worldwide

Cisco training delivers the information you need to design and maintain scalable internetworks. Cisco-certified training partners around the world offer a variety of courses for network planners, network technicians, and network administrators. The Cisco Training Broadcast brings you complete registration information, including course descriptions, worldwide schedules, and a complete listing of Cisco-certified training partners.

Access the Cisco Training Broadcast online at World Wide Web URL: To request a paper copy, call the Cisco sales office nearest you as listed on the back cover of this magazine or in the USA call 800 553-NETS (6387) or 408 526-7290.


Cisco Systems Worldwide Offices

Cisco Systems has over 125 sales offices worldwide. To contact your local account representative, call Cisco's corporate headquarters (California, USA) at 408 526-4000 or, in North America call 800 553-NETS (6387).

Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
World Wide Web URL:
Tel: 408 526-4000 800 553-NETS (6387)
Fax: 408 526-4100

Europe, Middle East, and Africa
European Headquarters
Ciusco Systems Europe, s.a.r.l.
Parc Evolic-Batiment L2
16 avenue du Quebec
BP 706 Villebon
91961 Courtaboeuf Cedex, France
Tel: 33 1 6918 61 00
Fax: 33 1 6928 83 26

Austria, Cisco Systems Austria GmbH
Vienna, Austria
Tel: 43 1 7007 6256
Fax: 43 1 7007 6027

Norway, Cisco Systems
Oslo, Norway
Tel: 47 22 83 06 31
Fax: 47 22 83 22 12

Belgium, Cisco Systems Bruxelles
Brussels, Belgium
Tel: 32 2 778 42 00
Fax: 32 2 778 43 00

Portugal, Cisco Systems Portugal
Lisbon, Portugal
Tel: 351 1 340 45 31
Fax: 351 1 340 45 75
Denmark, Cisco Systems
Copenhagen, Denmark
Tel: 45 33 37 71 57
Fax: 45 33 37 71 53

South Africa, Cisco Systems S. Africa
Rivonia, South Africa
Tel: 27 11 807 4444
Fax: 27 11 807 4447

Finland, Cisco Systems
Helsinki, Finland
Tel: 358 1594 3090
Fax: 358 1594 3093
Spain, Cisco Systems Spain
Madrid, Spain
Tel: 34 1 383 2178
Fax: 34 1 383 8008

Germany, Cisco Systems GmbH
Unterschleissheim, Germany
Tel: 49 89 32 15070
Fax: 49 89 32 150710

Sweden, Cisco Systems AB
Stockholm, Sweden
Tel: 46 8 681 41 60
Fax: 46 8 19 04 24

Ireland, Cisco Systems Ltd.
Dublin, Ireland
Tel: 35 3 1 475 4244
Fax: 35 3 1 475 4778

Switzerland, Cisco Systems Switzerland
Naenikon, Switzerland
Tel: 41 1 905 20 50
Fax: 41 1 941 50 60

Italy, Cisco Systems Italy Srl
Milan, Italy
Tel: 39 2 26 97 31
Fax: 39 2 26 92 9006

United Arab Emirates, Cisco Systems
(Middle East)
Dubai, UAE
Tel: 971 4 318 788
Fax: 971 4 313 681

The Netherlands, Cisco Systems
Gorinchem, The Netherlands
Tel: 31 183 622 988
Fax: 31 183 622 404

United Kingdom, Cisco Systems Ltd.
Feltham, United Kingdom
Tel: 44 181 818 1400
Fax: 44 181 893 2824

Intercontinental Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Tel: 408 526-7660
Fax: 408 526-4646

Japanese Headquarters
Nihon Cisco Systems K.K.
Seito Kaikan 4F
5, Sanbancho, Chiyoda-ku
Tokyo 102, Japan
Tel: 81 3 5211 2800
Fax: 81 3 5211 2810

Argentina, Cisco Systems Argentina
Buenos Aires, Argentina
Tel: 54 1 811 7526
Fax: 54 1 811 7495

Indonesia, Cisco Systems, Indonesia
Jakarta, Indonesia
Tel: 62 21 523 9132
Fax: 62 21 523 9259

Australia, Cisco Systems Australia Pty. Ltd.
North Sydney, Australia
Tel: 61 2 9935 4100
Fax: 61 2 9957 4077

Korea, Cisco Systems Korea
Seoul, Korea
Tel: 82 2 3453 0850
Fax: 82 2 3453 0851

Brazil, Cisco Systems Do Brasil
Sao Paulo, Brazil
Tel/Fax: 55 11 822 6095
Tel/Fax: 55 11 822 6396

Malaysia, Cisco Systems (HK) Ltd, Kuala Lumpur Office
Kuala Lumpur, Malaysia
Tel: 60 3 236 5147
Fax: 60 3 236 5146

Canada, Cisco Systems Canada Limited
Toronto, Ontario, Canada
Tel: 416 217-8000
Fax: 416 217-8099

Mexico, Cisco Systems de Mexico, S.A. de C.V.
Mexico City, Mexico
Tel: 52 5 328 7600
Fax: 52 5 328 7699

Central America/Caribbean, Cisco Systems Inc.
Miami, Florida, USA
Tel: 305 228-1200
Fax: 305 222-8456

New Zealand, Cisco Systems New Zealand
Auckland, New Zealand
Tel: 64 9 358 3776
Fax: 64 9 358 4442

China, PRC, Cisco Systems (HK) Ltd, Beijing Office
Beijing, PRC
Tel: 86 10 501 8888 x821
Fax: 86 10 501 4531

Philippines, Cisco Systems Manila Office
Makati City, Philippines
Tel: 632 892 4476
Fax: 632 811 5998
Colombia, Cisco Systems Colombia
Bogota, Colombia
Tel: 57 1 296 0067
Fax: 57 1 616 3030

Singapore, Cisco Systems (HK) Ltd,
Singapore Office
Tel: 65 320 8398
Fax: 65 320 8307

Hong Kong, Cisco Systems (HK) Ltd
Wanchai, Hong Kong
Tel: 852 2583 9110
Fax: 852 2824 9528

Taiwan, ROC Cisco Systems (HK) Ltd,
Taipei Office
Taipei, Taiwan, ROC
Tel: 88 62 577 4352
Fax: 88 62 577 0248

India, Cisco Systems (HK) Ltd,
New Delhi Liaison Office
New Delhi, India
Tel: 91 11 688 1234 x119
Fax: 91 11 611 7688

Thailand, Cisco Systems (HK) Ltd,
Bangkok Office
Bangkok, Thailand
Tel: 662 253 5315
Fax: 66 253 8440

Venezuela, Cisco Venezuela
Caracas, Venezuela
Tel/Fax: 58 2 963 6140

United States
Central Operations
Cleveland, Ohio
Tel: 216 520-1720
Fax: 216 328-2102

Northern Operations
Bloomington, Minnesota
Tel: 612 851-8300
Fax: 612 851-8311

Eastern Operations
Berwyn, Pennsylvania
Tel: 610 695-6000
Fax: 610 695-6006

Service Provider Operations
San Ramon, California
Tel: 510 855-4800
Fax: 510 855-4896

Federal Operations
Reston, Virginia
Tel: 703 715-4000
Fax: 703 715-4004

Southwestern Operations
Dallas, Texas
Tel: 214 774-3300
Fax: 214 774-3344

Northeastern Operations
New York, New York
Tel: 212 330-8500
Fax: 212 330-8505

Western Operations
San Mateo, California
Tel: 415 377-5600
Fax: 415 377-5699


Publisher's Box

Packet(TM) magazine is published quarterly and distributed free of charge to users of Cisco Systems products. Direct address corrections and other correspondence to, or to Packet, in care of:

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California, 95134-1706
USA Phone: 408 526-4000
World Wide Web URL:

Editor-in-Chief, Joanna Holmes
Assistant Editor, Patrice Snell Steiner
Design and Production, Donna Helliwell
Project Coordinators, Amanda Burr and Carol Rolin

Special thanks to the following contributors: David Baum, Carlo Cernivani (NYU), Olivier Cognet, Barbara Dallenbach, Anne McLeod Haynes, Janice King (MarkeTech), Jimmy Kyriannis (NYU), Stacey Pollard, Silvère Pradella (CEA), Adam Stein, Jon Toigo, and the Cisco Graphics Group.

AtmDirector, Catalyst, CD-PAC, CiscoAdvantage, CiscoFusion, Cisco IOS, the Cisco IOS logo, CiscoPro, Cisco Systems, CiscoView, CiscoVision, CiscoWorks, ClickStart, ControlStream, EtherChannel, HubSwitch, Internet Junction, IOS, LAN2LAN Enterprise, LAN2LAN Remote Office, LightSwitch, Newport Systems Solutions, Packet, PIX, Point and Click Internetworking, RouteStream, SMARTnet, StreamView, SwitchBank, SwitchProbe, SwitchVision, SynchroniCD, The Cell, TokenSwitch, TrafficDirector, VirtualStream, VlanDirector, WNIC, Workgroup Director, Workgroup Stack, and XCI are trademarks; Access by Cisco, and Bringing the power of internetworking to everyone are service marks; and Cisco, EtherSwitch, IGRP, Kalpana, the Kalpana logo, LightStream, Cisco Connection Documentation CD-ROM, and the Cisco logo are registered trademarks of Cisco Systems, Inc. All other products or services mentioned in this document are the trademarks, service marks, registered trademarks, or registered service marks of their respective owners.

Packet, copyright ©1996 by Cisco Systems, Inc. All rights reserved. Printed in the USA.

No part of this publication may be reproduced in any form, or by any means, without prior written permission from Cisco Systems, Inc. This magazine is printed on recycled paper.


Copyright 1988-1996 © Cisco Systems Inc.