Cisco Cisco ACE Application Control Engine Module Information Guide
© 2006 Cisco Systems, Inc. All rights reserved.
Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.
Page 6 of 10
Q.
Does the Cisco ACE Services Module support failover?
A.
Yes. Failover is supported per virtual partition between application instances using a redundant Cisco ACE Services Module. Stateful
redundancy is available for traditional active-standby and active-active configurations. Stateful failover is supported both within the chassis and
across chassis between peer ACE modules. In combination with the Cisco Global Site Selector (GSS) 4400, the ACE module can be used for
failover scenarios involving remote data centers.
Q.
How many virtual partitions are supported by the Cisco ACE Services Module?
A.
The Cisco ACE Services Module supports up to 250 virtual partitions.
Q.
Does the Cisco ACE Services Module work in any Cisco Catalyst 6500 or Catalyst 7600 Series chassis?
A.
Yes. The Cisco ACE Services Module is fabric-enabled and should work in any Cisco Catalyst 6500 or Catalyst 7600 Series chassis form
factor. However, at first ship the ACE has only been tested inside the Cisco Catalyst 6500 Series enterprise-class switch.
Q.
How much flash and DRAM memory is available on board? Can the DRAM be upgraded?
A.
The Cisco ACE Services Module comes with 256 MB of removable flash memory and 3 GB of DRAM. The DRAM is not upgradable.
Q.
Is the Cisco ACE Services Module supported in both native Cisco IOS Software and hybrid systems?
A.
Yes.
Q.
How is geographic diversity supported with a Cisco ACE Services Module for a high-availability data center?
A.
Global SLB is offered by the Cisco GSS 4400 Global Site Selector. It can support high availability of Cisco ACE Services Modules that are
deployed in separate geographic areas.
COMPONENTS
Q.
What are the components of the Cisco ACE Module?
A.
In first release, the new Cisco ACE product line is available as a services module for the Cisco Catalyst 6500. The Cisco ACE is a line card
for the Cisco Catalyst 6500 and can be used in any Cisco Catalyst 6500 chassis running a Supervisor Engine 720 and Cisco IOS Software Release
12.00(0). The Cisco ACE Module contains no I/O ports and relies on the Cisco Catalyst switch for network connectivity.
CISCO AVS QUESTIONS
Q.
What is the new Cisco AVS 6.0 Web Application Firewall feature set and what problem does it solve?
A.
Web application security is important because Web applications open a large and potentially dangerous hole in an organization’s security
fabric. Traditional firewalls protect at the port and source/destination levels, but do very little to identify and protect against dangerous traffic
type and content. As a result, hackers are able to target business applications to obtain information or money or to disrupt service.
The new Cisco AVS 3120 Web Application Firewall Module delivers the highest level of attack protection available for Web applications. By
scanning all application protocols and content and applying business-specific policies, the AVS can protect the infrastructure and the organization
against application-layer attacks such as Structured Query Language (SQL) injection, data theft, parameter tampering, cookie poisoning and much
more. It can be deployed easily and rapidly by network security professionals, making the Cisco AVS 3120 an ideal solution for immediate risk
remediation for all enterprise applications. With unprecedented application layer visibility, the Cisco AVS 3120 provides real-time threat protection
and analysis with no-risk network deployment options.
Q.
What are the new features in Cisco AVS 6.0?
A.
The new features in Cisco AVS 6.0 software focus on improving the Web application security functions (Table 2).