new software on FWSM
Pojawiła sie nowa wersja software’u do FWSMa, Version 4. Pełen release notes dostępny na stronie Cisco. Jedną z ciekawszych rzeczy jest:
The most obvious additions are in using the power of the supervisor to accelerate flows in hardware. There are two implementations of this:
Trusted Flow Acceleration – the FWSM programs a “cut-through” on the PFC so that trusted flows get forwarded in hardware without hitting the FWSM after the first packet. This is for a Sup720 or Sup32 in the same chassis. Targeted performance is 20 – 50+ Gbps Aggregate Throughput and 10+ Gbps Throughput per Flow, but your mileage may vary. Nothing is free, and this takes entries away from the NetFlow TCAM.
PISA Integration – a Sup32-PISA can tag packets, so that a FWSM elsewhere in the network can detect them. For example, an edge PISA can do deep packet inspection of the data and determine that it is safe based on the application layer; the packet is then tagged so that when it arrives at the Datacentre the FWSM does not inspect it again.
Note that both features rely on new versions of supervisor code that are currently expected in an Autumn release.
