- Cisco ONE Software License Portability is an important capability that allows you to reassign license entitlements from one hardware platform to another.
- It is very valuable when refreshing your hardware by eliminating the requirement to repurchase software licenses for new hardware.
Cisco ONE Software License Portability for You
License portability is a key benefit of Cisco ONE Software through Cisco Software Support Service (SWSS). Previously, software application licenses were node-locked to a specific device. Now, when you need to move to a different device, license portability entitles you to move your software licenses to that new device. This allows you to continue using your existing investment in Cisco software and may eliminate the need to repurchase licenses when doing a hardware refresh. Depending on the feature sets you use, license portability can lead to significant savings.
FAQ: More about Cisco ONE Software License Portability
Q. How do I get license portability?
A. First, you must have purchased your licenses through the Cisco ONE Software licensing model. Licenses purchased outside of Cisco ONE Software are not eligible for license portability.
Second, you must have maintained an active Cisco Software Support Services (SWSS) contract from the initial date of purchase, or reinstate support through Cisco’s standard support reinstatement policy.
Q. I currently have Cisco Smart Net Total Care but not Cisco SWSS. Am I eligible for license portability?
A. Cisco Smart Net Total Care provides support for hardware and the platform/OS software. It offers many business critical services like advance hardware replacement. However, Cisco Smart Net Total Care does not provide software license portability for Cisco ONE Software.
To take advantage of license portability, you must have a current Cisco SWSS agreement in place. Cisco SWSS provides the benefits of license portability, software technical support, continuous innovation, updates, and upgrades as well as future software enhancements to Cisco ONE Software products. Cisco SWSS delivers software support in a single offering, making it simple for you to purchase, manage, and renew licenses.
Q. I had a Cisco SWSS contract in the past. Can I reinstate it?
A. If you want to reinstate your software maintenance agreement, then the standard Cisco Application Software Support Contract Reinstatement Policy applies. The reinstatement policy is included in the Software Transfer Relicensing Policy document on Cisco.com. Cisco ONE Software does not have a separate reinstatement policy.
Q. How do these policies apply if I have a subscription agreement? Do I need Cisco SWSS with a subscription contract?
A. Subscription contracts include the equivalent coverage of Cisco SWSS (technical support and upgrades rights) along with the term-based right-to-use license for Cisco ONE Software products and portability rights. These are available at a single price and give you the benefits for the duration of your subscription term. You do not require a separate Cisco SWSS contract.
Cisco SWSS is sold separately only in support of a perpetual license.
Subscription-based licensing will be offered in a future release of Cisco ONE Software. More details will be made available with the future release. 
License Portability Use Cases
Q. What are the main use cases for license portability?
A. There are four main use cases for license portability:
1. Hardware Replacement
2. Equipment Refresh-One-to-One Swap
3. Equipment Refresh-One-to-Many or Many-to-One
4. Moving from a Physical Device to a Virtual Machine, or the Reverse
We will discuss each of these scenarios in detail in the following questions.
Q. I had a hardware failure. The device was/was not under warranty. I do/do not have a Cisco Smart Net Total Care contract. What do I do?
A. Since hardware replacement is outside the scope of the Cisco ONE Software license portability policy, you need to follow existing procedures for hardware replacement. Replacements many be covered under a Warranty Replacementor through Cisco Smart Net Total Care. Or you may replace the hardware with a spare device that you have available.
You need to transfer the existing entitlements - including software licenses and any software maintenance agreements (Cisco SWSS) - to the new device. To transfer the software license, use the Cisco Software Licensing Portal (Cisco.com login required). Service contracts can be updated through the Cisco Service Contract Center (Cisco.com login required).
Q. I need to perform a hardware refresh. Which policies are applicable to software portability when I perform a one-to-one swap of my older devices?
A. The hardware product family on which you have deployed your licenses determines your portability options. Licenses are portable only within a product family (for example, Cisco 2900 Series Integrated Services Routers (ISR) to 2900 Series ISR). Devices with greater capabilities are categorized in a higher series because they gain more benefit from the capabilities in Cisco ONE Software.
There is no cost associated for porting Cisco ONE Software to a device within the same or lower series of a product family, such as Cisco 2901 ISR to 2911 ISR or Cisco 3901 ISR to 2911 ISR. There is a software upgrade fee for refreshing to a higher-series device, such as Cisco 2901 ISR to Cisco 3925 ISR, as you receive greater capabilities. Cisco will publish upgrade SKUs to enable this type of transfer.
For a classification of device families and series for Cisco ONE Software, click here.
The price for Cisco ONE Software will be consistent within a given product family for a given software product.
Table1 provides a consolidated view of the license portability options in a one-to-one equipment refresh scenario.
Table1. Equipment Refresh: One-to-One Swap Use Cases
Refresh a device with a device in the same series
Example: Cisco 2901 ISR to 2911 ISR
If a Cisco SWSS contract is in place, the software can be used on the new device.
Refresh a device with a device in a higher series.
Example: Cisco 2901 ISR to 3925 ISR
You must pay a software upgrade fee to use the software from the original device on the replacement device.
You must purchase an upgraded Cisco SWSS contract for the new software. You will receive a credit for the old support contract.
The cost is the license cost on the new device minus the license cost on the old device, at current list prices, subject to customer-negotiated discounts.
You will also need to consider the cost of the upgraded Cisco SWSS contract.
Refresh a device with a device in a lower series.
Example: Cisco 3925 ISR to 2901 ISR
You are entitled to port the software deployed on your original device to a lower series device; your license entitlement would be set permanently to the lower series device family.
None. However, no reimbursements for the price difference between the higher/lower series is available The support contract remains with the original device family. You will have an option to renew your Cisco SWSS contract at a lower price based on software support for lower series device. Global credit & cancellation policy applies to SWSS contract for existing and new device.
Refresh a device with a next-generation device.
Example: Cisco 3925 ISR to 4000 Series ISR
In this case, the transfer depends on whether the next-generation Cisco 4000 Series ISR is considered to be the same series as the existing device or a higher or lower series. Depending on the series, the policies outlined above apply.
In all cases, you must migrate your software licenses to a next-generation device before your older device reaches end of support. At this stage, your Cisco SWSS contact will have expired and you will not meet the portability criteria.
The series of the next-generation device will determine the cost. Depending on the series, the policies outlined above apply.
Q. I have two 12-port switches that I want to combine into one 24-port switch. Or I have one 24-port switch that I want to break out into two 12-port switches. Does license portability apply in these cases?
A. Cisco ONE Software supports one-to-one license portability. Please refer to one-to-one device swap use case section for additional details.
Table2. Equipment Refresh: One-to-Many or Many-to-One Use Case
I would like to combine two or more devices into a single device, or the reverse.
This is not allowed - only 1:1 license portability is permitted; Further details are provided in the one-to-one swap use case section.
Q. I want to run some of my Cisco software on a virtual machine. Can I port my licenses over to a virtual machine?
A. Yes, you can, but there is an upgrade fee to use your software on a virtual machine (VM). This fee is required because the software contained within the base platform of the device, such as with the operating system, was not included in the original Cisco ONE Software product, but now would be within the VM offer.
The upgrade price is calculated as the license cost of the Cisco ONE Software product as a VM minus the license cost of the Cisco ONE Software product on the physical device. This fee is calculated at current list prices, subject to customer-negotiated discounts. Virtual device licensing will be offered in a future release of Cisco ONE Software. More details and upgrade SKUs will be made available at that time.
Q. Can I port my software licenses to a virtual machine in every use case?
A. No, you can’t. Not all software included in Cisco ONE Software is capable of running on virtual machines. When it can be run on a virtual machine, it is subject to the software license policies described above.
Q. I purchased Cisco ONE Software for a virtual machine, but have changed my mind and would like to run it on a physical device. Can I port my licenses from a virtual machine to a physical device?
A. Yes, but you must purchase the physical device with its base software platform, such as the operating system. You would then be entitled to use the Cisco ONE Software product(s) originally contained on the VM on your new device at no additional charge.
You also retain license portability rights associated with the original VM, so you could subsequently refresh the physical device back to a VM at no additional charge.
License Portability Operations
Q. How do I port the licenses to a new device?
A. Initially, licenses are deployed to physical devices in the same way as in today’s model. Cisco will provide you with activation keys and the correct software images for the new devices. Cisco is working on tools to improve the customer experience with easier deployment of the software products, license management, and capabilities.
Q. I am interested in porting one of the licenses in my product to a different device. Can I do that?
A. Your entitlement for portability is at the product level; for example, Foundation for Data Center Networking. These products cannot be unbundled into their components for portability to different devices. You can, however, deactivate all licenses from the original device and port them to a new device.
Q. Are all of the software capabilities included within Cisco ONE Software portable between different devices, virtual machines, generations of hardware, and so on?
A. The entitlement to the software capabilities is portable, but that doesn’t imply that all devices can run all the software within a Cisco ONE Software product. Cisco will maintain a table that shows what features can be enabled on each device. While you are entitled to the features within your purchased software, you need to verify that the device you intend to operate actually supports those features.
Q. How will I know whether my company is compliant with the software licensing policies?
A. You are responsible for verifying that you remain compliant with the licenses purchased. This typically matters only at times of hardware refresh. Cisco reserves the right to audit the customer environment through a third party to help ensure compliance.
Cisco is creating a software licensing portal that will assist you in tracking your software license entitlements and help you determine whether you are in compliance. These capabilities will be available in a future release.
Q. Is the software included in the base software platform, such as device operating system, controllers and APIs, included in these portability policies?
A. Because the cost of base platform software is included in a device purchase, it is not purchased as part of Cisco ONE Software. In general, base platform capabilities may differ between devices, similar to the hardware differences between devices.
Q. Where can I get more information about Cisco ONE Software?
A. Please visit our website at http://www.cisco.com/go/one or talk to your authorized Cisco representative.
Info from https://www.cisco.com/c/en/us/products/collateral/software/one-software/q-and-a-c67-732981.html
The Cisco Catalyst 2960-L Series is available in 8-port to 48-port configurations and supports Power over Ethernet (PoE). Make your network ready for the mobile devices and applications it needs to support with the 2960-L, all at a great value.
The Cisco Catalyst 2960-L is the one meeting your needs and helping you increase reliability in branches and other deployments.
FAQ-Cisco Catalyst 2960-L Series Switches
There are many questions and answers (FAQ) helping you know about the bright features of Catalyst 2960-L switches.
Q. What pluggable transceiver modules are supported by the Cisco Catalyst 2960-L switches?
A. Refer to the Cisco Transceiver Module Compatibility Matrixes for a complete list of supported modules.
Q. What input voltage is required by the Cisco Catalyst 2960-L?
A. The AC input voltage range is 100V–240V. The AC frequency range is 50Hz–60Hz.
Q. Can the Cisco Catalyst 2960-L be stacked?
A. The 2960-L does not support stacking. The 2960-L switches support clustering for single IP management.
Q. What are the flash and DRAM sizes on the switches?
A. All the switches have 256 MB flash and 512 Mb DRAM.
Q. Do the Cisco Catalyst switches support line rate?
A. Yes, all switches are nonblocking line-rate switches.
Q. What is the software supported on the 2960-L?
A. The Cisco Catalyst 2960-L supports the classic Cisco IOS Software.
Q. How do you manage the Cisco Catalyst 2960-L?
A. The 2960-L can be configured and managed with a CLI or an on-box GUI.
Q. How can a new Cisco Catalyst 2960-L box be configured?
A. The 2960-L switch supports a day-zero GUI that can be used for the initial configuration of the switch.
The switch can also be configured with the CLI using the console port (RJ 45 or USB type B).
Q. Does the Cisco Catalyst 2960-L support routing?
A. No, the 2960-L does not support routing. A default gateway can be configured on the switch pointing to the next hop router.
Q. What is the switch database management (SDM) template for Cisco Catalyst 2960-L switches?
A. Cisco Catalyst 2960-L switches support unique default templates that cannot be modified.
The switch supports this level of features for 1 SVIs and 64 VLANs:
● Number of IPv4 multicast groups: 1024
● Number of unicast MAC addresses: 8192
● Number of IPv4/IPv6/MAC access control entries: 988
Q. What is the license level on the Cisco Catalyst 2960-L?
A. The 2960-L has a LAN lite feature set.
Q. Can the license on the Cisco Catalyst 2960-L be upgraded?
A. No, the license level on the 2960-L is fixed. It cannot be upgraded.
Q. What mounting options are available with the Cisco Catalyst 2960-L?
A. The switches are designed for easy and flexible mounting. They can be mounted vertically or horizontally, using one of the following options:
● 8-/16-port SKUs:
◦ Magnet mount (on a desk, wall, or shelf)
◦ DIN rail mount
◦ Rack mount (with rack mount kit)
● 24-/48-port SKUs:
◦ Rack mount (with rack mount kit)
◦ Wall mount
◦ On a desk or shelf
For more information about switch mounting options, see the Cisco Catalyst 2960-L Switch Hardware Installation Guide.
Q. What are the recommended switch orientations?
A. Following are the recommended switch orientation options:
● 8-/16-port SKUs:
◦ Upright (on a table)
◦ Inverted (under a desk)
◦ Vertical (on wall, ports facing down)
● 24-/48-port SKUs
◦ Upright (in a rack)
◦ Vertical (on wall, ports facing down)
Q. What are best practices for mounting the fanless switches in closets, under tables, or in other closed environments?
A. Be sure that temperature around the unit does not exceed its maximum limit. Switches are rated to 113°F/45°C (WS-C2960-16PS-LL is rated to 104°F/40°C). Best practices allow for at least 3 inches (7.6 cm) of clearance on all sides and ventilation openings and at least 1.75 inches (4 cm) of clearance above each switch if placed in a rack. Access to ports should be sufficient for unrestricted cabling. The rear-panel power connector should be within reach of an AC power receptacle. When wall-mounting the switch, have the switch align with ports facing down. For more information about best installation practices, see the Cisco Catalyst 2960-L Switch Hardware Installation Guide.
Q. Are all the 2960-L models fanless?
A. No, the WS-C2960L-48PS-LL has a fan.
Q. What is the use of the mode button on the switch?
A. The mode button is used for resetting the switch, entering day-zero setup mode, or changing an LED mode.
Q. Do the switches have a front panel out-of-band (OOB) Ethernet management interface?
A. No, the switches do not support the OOB Ethernet management interface.
Q. What can I do with the USB Type A port located on the front of the Cisco Catalyst 2960-L Series?
A. As additional storage, the USB Type A port can be used to perform software upgrades, store configurations, and write memory core dumps for troubleshooting purposes. The switch supports Cisco 64 MB, 256 MB, 512 MB, 1 GB, 4 GB, and 8 GB flash drives.
Q. Can a third-party USB flash drive be used with the Cisco Catalyst 2960-L?
A. No, third-party USBs are not supported.
Q. How does cooling work in the Cisco Catalyst 2960-L Series switches?
A. Because most of the PIDs of 2960-L Series switches do not have fans, they are cooled by convection. Only the WS-C2960-48PS-LL has a fan inside.
Q. What is the noise level on the Cisco Catalyst 2960-L switches?
A. The switches are silent and produce ambient noise levels. Noise levels for the WS-C2960-48PS-LL:
● Sound pressure at 25°C ambient: LpA (typical) = 35dBA, LpAD (maximum) = 39dBA
● Sound power at 25°C ambient: LwA (typical) = 4.8B, LwAD (maximum) = 5.2B
Q. Do the Cisco Catalyst 2960-L switches support Smart Install?
A. Yes. The switches support Smart Install client functionality.
Q. Do the Cisco Catalyst 2960-L switches support the Network Plug and Play (PnP) agent?
A. Yes. PnP technology automates the installation and configuration of Cisco IOS Software using an embedded PnP agent on Cisco Catalyst switches. It requires a preconfigured network PnP server that manages sites; site devices; and their images, configurations, files, and licenses for deployment.
Q. What is the default baud rate of the serial port on the Cisco Catalyst 2960-L?
A. The default baud rate is 9600.
Q. Can both console ports be used simultaneously?
A. No. When the USB console is used, the RJ-45 console receives the output of the USB console as well. This design allows the administrator to see when the USB console port is in use. This capability is useful for remote administrators.
Q. Does the switch support autobaud on the console port?
Power and PoE
Q. Do Cisco Catalyst 2960-L switches support field-replaceable power supplies?
A. No. Power supplies on all the models are built into the switch.
Q. Does the switch support PoE?
A. Yes, the 2960-L supports PoE. The models that support PoE and the PoE budget are listed in Table 2.
Table2. Models That Support PoE
Available PoE Power
Q. What is the maximum power that can be drawn from a port on the PoE switch?
A. A maximum of 30W can be supported on a single port.
Q. What are the power management features the 2960-L supports?
A. The 2960-L supports IEEE 802.3az Energy Efficient Ethernet (EEE) and Cisco EnergyWise.
Q. Can the switches be powered using RPS/XPS?
QoS and Security
Q. Does 2960-L support QoS?
A. The Cisco Catalyst 2960-L Series Switches offer intelligent traffic management that keeps everything flowing smoothly. Flexible mechanisms for marking, classification, and scheduling deliver superior performance for data, voice, and video traffic, all at wire speed. Primary QoS features include:
● Up to four egress queues per port and strict priority queuing so that the highest priority packets are serviced ahead of all other traffic
● Weighted round robin (WRR) scheduling and weighted tail drop (WTD) congestion avoidance
Q. What is the egress buffer size?
A. The egress buffer is 1.5 Mb on all 2960-L switches.
Q. How do Cisco Catalyst compact switches help keep unauthorized users from accessing the network?
A. Cisco Catalyst 2960-L switches provide superior Layer 2 threat defense capabilities for mitigating man-in-the-middle attacks (such as MAC, IP, and ARP spoofing). They also provide storm control protection and dynamic ARP inspection.
These switches also support advanced security features such as protected port, port-based ACLs, port security, TACACS+, and RADIUS authentication.
Q. What Cisco cyberthreat defense security features do the Cisco Catalyst 2960-L switches support?
A. The 2960-L switches support threat defense features such as port security, DHCP snooping, and dynamic ARP inspection.
Q. How can I protect administration passwords and traffic going to the switch during configuration or troubleshooting?
A. To protect administration traffic during the configuration or troubleshooting of a switch, the best approach is to encrypt the data using both Secure Shell (SSH) Protocol and Simple Network Management Protocol (SNMP) v3.
Q. Does the 2960-L support a GUI to perform a day-zero switch installation?
A. Yes, the 2960-L supports a day-zero GUI to help with easy deployment of the switch without the need for a CLI. For more details, refer to the day-zero setup document.
Q. Does support for GUI require any additional files to be loaded on the 2960-L?
A. No the tar Cisco IOS Software file contains all the files required for web GUI support.
Q. What browsers can be used for the web GUI?
A. You can use these browsers:
● IE version 8 or later
Hardware and Warranty
Q. What are the hardware warranty and return policy on the Cisco Catalyst 2960-L switches?
A. Cisco Catalyst 2960-L Series Switches come with an enhanced limited lifetime warranty (E-LLW). The E-LLW provides the same terms as Cisco’s standard limited lifetime warranty but adds next-business-day delivery of replacement hardware, where available, and 90 days of 8x5 Cisco Technical Assistance Center (TAC) support.
Q. What is the software update policy for the Cisco Catalyst 2960-L?
A. Customers with Cisco Catalyst LAN Lite software feature sets will be provided with maintenance updates and bug fixes designed to maintain the compliance of the software with published specifications, release notes, and industry standards compliance as long as the original end user continues to own or use the product or up to one year from the end-of-sale date for this product, whichever occurs earlier.
If you need some Catalyst 2960-L models, you can get a quote for 2960-L Series
More info of FAQ-Catalyst 2960-L from
What the Cisco Software-Defined Access (SD-Access) Services can do for you? Accelerate your journey to the new network with SD-Access Services
By automating day-to-day tasks such as configuration, provisioning, and troubleshooting, SD-Access reduces the time it takes to adapt the network, improves issue resolution, and reduces the impact of security breaches. This results in significantly simpler operations and lower costs.
The core components that make up the SD-Access solution are:
● Cisco DNA Center
● Cisco Identity Services Engine (ISE)
● Network platforms: See the following Table
SD-Access Use Cases: Building on the foundation of industry-leading capabilities, SD-Access can now deliver key business-driven use cases that truly realize the promise of a digital enterprise while reducing total cost of ownership.
Security and segmentation
● Onboard users with 802.1X, Active Directory, and static authentication
● Group users with Cisco TrustSec (security group tags)
● Automate VRF configuration (lines of business, departments, etc.)
● Traffic analysis using AVC and NetFlow is further enhanced using Encrypted Traffic Analytics (ETA)
● Reduced time to provision network segmentation and user groups
● Foundation to enforce network security policies
● Ability to detect and intercept threats at line rate (not samples) from the center to the last mile, including all devices on the network edge
● Single point of definition for wired and wireless users ● Seamless roaming between wired and wireless
● Distributed data plane for wireless access
● Simplified guest provisioning for wired and wireless
● Management of wired and wireless networks and users from a single interface (Cisco DNA Center)
● Ability to offload wireless data path to network switches (reduce load on controller)
● Scalable fabric-enabled wireless with seamless roaming across campus
● Define specific groups for guest users
● Create policy for guest users’ resource access (such as Internet access)
● Simplified policy provisioning
● Time savings when provisioning policies
● Segment and group IoT devices
● Define policies for IoT group access and management
● Device profiling with flexible authentication options
● Simplify deployment of IoT devices
● Reduce network attack surface with device segmentation
Monitoring and troubleshooting
● Multiple data points on network behavior (syslog, stats, etc.)
● Contextual data available per user and device
● Significantly reduce troubleshooting time
● Use rich context and analytics for decision making
Cloud/data center integration
● Identity federation allows exchange of identity between campus and data center policy controllers
● Administrator can define user-to-application access policy from a single interface
● End-to-end policy management for the enterprise
● Identity-based policy enforcement for optimized ACL utilization
● Flexibility when enforcing policy at campus or data center
● Create a single fabric across multiple regional branch locations
● Use Cisco routers as fabric border nodes
● Simplified provisioning and management of branch locations
● Enterprisewide policy provisioning and enforcement
SD-Access 1.0 Hardware and Software Compatibility Matrix
Catalyst 3850 and 3650 Series Switches
Catalyst 4500E Series Switches (Sup8E, Sup9E)
IOS XE 16.6.1
IOS XE 16.6.1
IOS XE 16.6.1
IOS XE 3.10.0E
Fabric border and control plane
Catalyst 3850 Series Fiber Module
Catalyst 6807-XL Switch (Sup6T, Sup2T)
Catalyst 6500 Series Switches
Catalyst 6880-X Switch
Catalyst 6840-X Switch
Nexus 7700 Switch (Sup 2E, M3 line cards only)
4000 Series Integrated Services Routers
ASR 1000 Series Aggregation Services
Cloud Services Router (CSR) 1000V (control plane only)
IOS XE 16.6.1
IOS XE 16.6.1
IOS 15.4(1)SY2 IOS 15.4(1)SY2 IOS 15.4(1)SY2 IOS 15.4(1)SY2 NxOS 8.2(1)
IOS XE 16.6.1
IOS XE 16.6.1
IOS XE 16.6.1
Catalyst 3560-CX Series
Catalyst Digital Building Series
802.11 Wave 2 access points: Aironet 1800, 2800 and 3800 Series
802.11 Wave 1 access points: Aironet 1700, 2700 and 3700 Series
Cisco 3504, 5520 and 8540 Series Wireless Controllers
AireOS 126.96.36.199 AireOS 188.8.131.52 AireOS 184.108.40.206
● Wave 1 access points won’t support the following functions when deployed for SD-Access: IPv6, Application Visibility and Control (AVC), NetFlow.
● A device cannot act as fabric edge and fabric border at the same time.
● A device can act as fabric border and fabric control plane at the same time
More info about the Cisco Software-Defined Access you can read here:
- DNA Center is a better way to manage your network. Offers centralized, intuitive management that make it fast and easy to design, provision, and apply policy across your entire network environment.
- Software-Defined Access. The industry’s first policy-based automation from the edge to the cloud takes a logical, policy-based approach that deploys and secures services and adapts to changes faster.
- Analytics and Assurance. Abstracts network insights by collecting data from the network using the Network Data Platform and then identifies service-impacting issues before users do while enabling faster troubleshooting.
- Encrypted Traffic Analytics (ETA). Enhances the ability of the Cisco network to act as a sensor and uncovers threats hidden in encrypted traffic using network analytics (without decryption). These threats are viewed within the Stealthwatch Management Console. ETA enhances the ability of the Cisco network to act as a sensor.
- Network Data Platform collects data from the network, normalizes that data and then sends it to DNA Center to be viewed in the Assurance screen.
- Cisco Catalyst 9000 Series is the first purpose-built platform designed for Cisco DNA. An open and programmable platform with integrated support for wireless and IoT devices. It extends our existing wireless, switch and routing DNA-ready infrastructure.
Cisco is always keeping creative, innovative and upgrading. From Cisco ISR G1, G2 to new ISR 4000, Cisco 3560-X/3750-X, 2960 to Catalyst 3650, 3850, 2960-X, and now migrating to the new powerful Catalyst 9000, ASA 5500 to FirePower 2100, 4100, etc. Cisco is the great innovator.
If you are a Cisco user or Cisco fan, you should know how to upgrade your Cisco equipment for less? In the following part we will share some guides that can help you upgrade Cisco items in the very right way.
How to upgrade your Cisco routers, Cisco switches, Cisco firewalls and Wireless products? You can check the 4 simple tables below.
ISR G1 & ISR G2 to Cisco ISR 4000 Series
Cisco ISR G1 & ISR G2
The Recommended Router
Cisco 2800 Series (EOL&EOS)
Cisco 2801 ISR
Cisco 2811 ISR
Cisco 2821 ISR
Cisco 2851 ISR
Cisco 3800 Series (EOL&EOS)
Cisco 3825 ISR
Cisco 3845 ISR
Cisco 1900 Series
Cisco 2900 Series
Cisco 2901 ISR
Cisco 4321 ISR
Cisco 2911 ISR
Cisco 2921 ISR
Cisco 2951 ISR
Cisco 4351 ISR
Cisco 2935E ISR
Cisco 4451 ISR
Cisco 3900 Series
Cisco 3925 ISR
Cisco 4431 ISR
Cisco 3945 ISR
Cisco 3945E ISR
Cisco 4451 ISR
Upgrade to Full-featured Campus & Branch Switches
Access/EOL & EOS
Cisco Catalyst 2960-C
Cisco Catalyst 2960-CX Series
Cisco Catalyst 3560-CX Series
Cisco Catalyst 2960 (any)
Cisco Catalyst 3560-C
Cisco Catalyst 3560-CX Series
Cisco Catalyst 3560 (any)
Cisco Catalyst 3850 Series
Cisco Catalyst 3750 (any)
Cisco Catalyst 4500 non-E
Cisco Catalyst 4500E (Supervisor 8L-E)
Cisco Catalyst 4500E (Supervisor 8-E)
Cisco Catalyst 4500 without Supervisor 7L-E or 8-E (any)
Cisco Catalyst 6500 (any)
Cisco ASA 5500-X Series Migration Options
Migration to Cisco NGFW
Cisco ASA 5505
Cisco ASA 5510
Cisco ASA 5512-X
Cisco ASA 5515-X
Cisco ASA 5520
Cisco ASA 5525-X or Cisco FirePower 2100 Series
Cisco ASA 5540
Cisco ASA 5545-X or Cisco FirePower 2100 Series
Cisco ASA 5550
Cisco ASA 5555-X or Cisco FirePower 2100 Series
Cisco ASA 5580
Cisco FirePower 4100 Series
Cisco ASA 5585-X
Cisco FirePower 4100 Series
Learn more: Find the Right Cisco Firewall for your Needs
Cisco Aironet Access Points Transition
802.11ac Wave 1
802.11ac Wave 2
Cisco Aironet 1040 Series
Cisco Aironet 1700 Series
Cisco Aironet 2700 Series
Cisco Aironet 1250 Series
Cisco Aironet 2600 Series
Cisco Aironet 3500 Series
Cisco Aironet 3700 Series
Learn more: The Cisco Aironet Access Points and Prices
Router-switch.com is providing the Big Summer Sale 2017.
Enjoy selected, hot Cisco, Huawei, HPE and Dell products at promotional prices now.
Cisco DNA is a trending solution that matters for your organization. Why? With Cisco DNA, you get the benefits like this:
- Innovate faster by delivering differentiated experiences through contextual insights
- Achieve greater business agility with faster network services provisioning
- Lower costs with reduced network installation time
- Reduce risk with faster threat detection
- Protect investment with license portability and access to ongoing innovations
Cisco Digital Network Architecture (DNA) is an open, programmable architecture that turns business intent into business results.
Most Cisco routers, switches and wireless systems shipping today support Cisco DNA now or with a software update. And with Cisco ONETM Software, you can continue to protect your investments and benefit from new architecture innovations that can be activated through software.
The Main Cisco Digital Network Architecture Products and Solutions
Read more: Cisco DNA Products and Solutions
The Cisco DNA-Ready Products
The foundation for the Cisco Digital Network Architecture (Cisco DNA) is the world’s most modern network infrastructure. This infrastructure gives you innovative wired, wireless and router solutions, combined with a robust architecture, DNA.
With it, you can create and apply policies over the entire network with a few clicks and have the ability to diagnose past issues.
As data traffic is expected to grow exponentially, Cisco’s innovation with switching, wireless and routing provides a solid foundation that enables Cisco DNA.
You can roll out new services and applications more easily for the best possible experience with Cisco DNA. And policy compliance can be automated on a per-user-group basis.
The Cisco DNA-ready routing products combine two unique features that speed up the time it takes to deploy your branch office. With the Cisco Intelligent WAN (IWAN) app with the APIC-EM, IT can automate the provisioning of multiple branch offices and provide intelligent path selection and application control—with minimal programming and customization. These capabilities will simplify and streamline your network operations, reducing costs and saving time.
Cisco DNA-ready router products:
• Cisco Cloud Service Router 1000v and Cisco Integrated Services Virtual Router
• Cisco Meraki MX
The Cisco switching products offer a function called Unified Access Data Plane Application-Specific Integrated Circuit (UADP ASIC) for wired and wireless convergence. This feature enables converged wired and wireless access for operational simplicity and scale.
Cisco DNA-ready switching products:
• Cisco Catalyst 3650 and 3850 Series
• Cisco Catalyst 4500E Series + Supervisor 8E
• Cisco Catalyst 6500 Series + Supervisor 6T
• Cisco Catalyst 6800 Series
• Cisco Nexus 7700+M3 Card
• Cisco Meraki MS
An exclusive function that the Cisco Aironet Access Points offer is Flexible Radio Assignment. This feature allows the access point to automatically adjust the network when client surges occur.
Cisco DNA-ready wireless products:
• Cisco Aironet 3800 Series
• Cisco Aironet 2800 Series
• Cisco Aironet 1800 Series
• Cisco 8540 Wireless Controller
• Cisco 5520 Wireless Controller
• Cisco Meraki MR
Cisco continually updates its Catalyst 2960-X Series Switches to meet customers’ needs.
Catalyst 2960-X series, the stackable fixed configuration Gigabit Ethernet (10/100/1000) switches, offers network connectivity for enterprise, midmarket, and branch locations.
Cisco Catalyst 2960-X switches feature:
• 24 or 48 Gigabit Ethernet ports with line-rate forwarding performance
• Gigabit Small Form-Factor Pluggable (SFP) or 10G SFP+ uplinks
• FlexStack Plus for stacking of up to 8 switches with 80 Gbps of stack throughput (optional)
• Power over Ethernet Plus (PoE+) support with up to 740W of PoE budget
• Reduced power consumption and advanced energy management features
• USB and Ethernet management interfaces for simplified operations
• Application visibility and capacity planning with integrated NetFlow-Lite
• LAN Base or LAN Lite Cisco IOS software features
• Enhanced limited lifetime warranty (E-LLW) offering next-business-day hardware replacement
Cisco Catalyst 2960-XR models also offer:
• Power resiliency with optional dual field-replaceable power supplies
• IP Lite Cisco IOS software with dynamic routing and Layer 3 features
The Cisco Catalyst 2960-XR models offer all the features of the Cisco Catalyst 2960-X. In addition, they have two field-replaceable redundant power supply modules for power redundancy. They also introduce Layer 3 routing functionality for the first time in the Cisco Catalyst 2960 Series.
Read the Cisco Catalyst 2960-X switches’ features in Details
FlexStack-Plus on Cisco Catalyst 2960-X Series Switches
Build for application visibility and control, these switches support NetFlow-Lite, which can be used to monitor, capture, and record traffic flows through the network.
With industry-leading energy management capabilities such as Cisco EnergyWise to measure and control power usage, Energy Efficient Ethernet (EEE) and Switch and Downlink Hibernation modes to conserve power during periods of inactivity in the network, the Cisco Catalyst 2960-X with up to 80 percent energy savings is the greenest switch in the industry.
The Cisco Catalyst 2960-X Series is SDN ready to enable customers to build applications that automate various services across the campus.
Cisco Catalyst 2960-X Series Switches are simple to deploy, manage, and troubleshoot. As part of the Cisco Unified Access portfolio, the Cisco Catalyst 2960-X Series Switches are fully integrated with Cisco Prime to offer simple operation from a central location.
They can also be managed by Cisco Network Assistant, which features an intuitive GUI where users can easily apply common services across Cisco switches and routers.
The Cisco Catalyst 2960-X makes deployment and ongoing management easy with Cisco Smart Operations, which enable customers to reduce switch installation, configuration, troubleshooting time, and operational costs.
Cisco Smart Install and Configuration are transparent automated technology to configure the Cisco IOS Software image and switch configuration without user intervention.
Cisco Auto SmartPorts provide automatic Ethernet interface level configuration as devices connect to the switch port, allowing auto detection and plug and play of the device onto the network. It configures the Ethernet interface port with predefined configurations, including security, quality of service (QoS), and manageability features, with minimal effort and expertise.
Smart Call Home provides proactive diagnostics and remediation of hardware and software issues.
The Cisco Catalyst 2960-X switches deliver a range of features that secure access to the network and enforce security policies.
These features include flexible authentication with robust 802.1x, SXP Cisco TrustSec for policy enforcement, role-based security access and control with Cisco ISE and IPv6 First Hop Security. Furthermore, these Cisco switches protect network data confidentiality and integrity with switch port–level encryption.
Cisco Catalyst 2960-X Series Switches preserve customer investment by allowing mixed stacking with existing Cisco Catalyst 2960-S and 2960-SF switches.
Customers can grow their access networks by adding the new Cisco Catalyst 2960-X switches to their existing Cisco Catalyst 2960-S and 2960-SF stacks.
Warranty Coverage and Technical Service Options
The Cisco Catalyst 2960-X Series Switches come with an enhanced limited lifetime hardware warranty (E-LLW) that includes 90 days of Cisco Technical Assistance Center (TAC) support and next-business day hardware replacement where available.
Migrating to Cisco Catalyst 2960 and 2960XR Switches
Cisco Catalyst 2960-X Series Switches, the stackable Gigabit Ethernet Layer 2 and Layer 3 access switches, give you enterprise-class features at a great price.
Designed for simplicity, they are easy to deploy, manage, and troubleshoot and offer automated software installation and port configuration.
Improvements over previous generations include:
- Better customer and employee experiences through higher performance and improved support for mobility
- Advanced security to handle increasing threats
- Reduced cost and complexity through support for software defined networking (SDN) and innovations in energy efficiency Without the right switching solutions—the applications, services, and devices you deploy cannot live up to their potential.
Digital transformation makes having the right foundation to stay competitive more important than ever before.
Why migrate to the Cisco Catalyst 2960-X/XR? Read the Benefits of Migrating to Cisco Catalyst 2960 and 2960XR Switches. Compare and see what you’ve been missing.
Cisco Catalyst 2960-X Series Configurations
The 2960-X and XR Series Switches include configurations to fit in any enterprise network. Choose the best switch for your needs from more than 20 models.
- FlexStack-Plus Stacking: A hot swappable module that provides true stacking with up to 8 switches in a stack acting as a single unit
- PoE: Power over Ethernet
- PoE+: Power over Ethernet Plus
- LAN Base: Advanced Layer 2 Feature set
- IP Lite: Basic Layer 3 Feature set
Is Your Network Ready for the New Era? Cisco announced its new Catalyst series switches-the Catalyst 9000 Series, introducing an entirely new era of networking. The Network. Intuitive.
There are three series in the new Catalyst 9000 switch family:
1. Catalyst 9300 Series (LAN Access Switches): the top fixed-access enterprise network switch series, stacking to 480 Gbps.
2. Catalyst 9400 Series (LAN Access Switches): the leading modular-access switches for enterprise, the Catalyst 9400 Series supports up to 9 Tbps.
3. Catalyst 9500 Series (LAN Core and Distribution Switches): the industry’s first fixed-core 40-Gbps switch for the enterprise.
In this article we will talk about the new Catalyst 9300 Series, the Next Level of the Market-Leading Fixed Access Switching Platform.
Will the Catalyst 9300 replace the Catalyst 3850 Series? Definitely, it is the best replacement for the Catalyst 3850 Series. Why? Let’s check the more detailed features of the Cisco Catalyst 9300 Series.
Switch models and configurations
The Cisco Catalyst 9300 Series is made up of seven different switch models. Any of the models can be used together in a stack of up to eight units.
The Table below lists port scale and power details for the Cisco Catalyst 9300 Series models.
Cisco Catalyst 9300 Series Switch configurations
Total 10/100/1000 or Multigigabit Copper Ports
Default AC Power Supply
Available PoE Power
24 Cisco UPOE
48 Cisco UPOE
24 Multigigabit Cisco UPOE (100 Mbps or 1, 2.5, 5, or 10 Gbps)
The Cisco Catalyst 9300 Series Switches support optional network modules for uplink ports. The default switch configuration does not include the network module. When you purchase the switch, you can choose from the network modules described in the following Table.
- Uplink modules supported on all 9300 Series copper models
- Online Insertion and Removal (OIR) supported on all uplink modules
Network module numbers and descriptions
9300 Series 4x 1G Network Module
9300 Series 8x 10G Network Module
9300 Series 2x 40G Network Module
9300 Series 4x Multigigabit Network Module
Please note: Existing 3850 network modules are also supported in the Catalyst 9300 Series platforms.
The Cisco Catalyst 9300 Series Switches support dual redundant power supplies. The switches ship with one power supply by default, and the second power supply can be purchased when the switch is ordered or at a later time. If only one power supply is installed, it should always be in power supply bay #1. The switches also ship with three field-replaceable fans.
Table3 lists the different power supplies available in these switches and available PoE power.
Table3. Power supply models
Default Power Supply
Available PoE Power
24-port data switch
48-port data switch
24-port PoE+ switch
48-port PoE+ switch
24-port Cisco UPOE switch
48-port Cisco UPOE switch
24-port Multigigabit Cisco UPOE switch
490W – Support in Open IOS-XE 16.6
Power supply requirements for PoE and PoE+
24-Port PoE Switch
48-Port PoE Switch
PoE on all ports (15.4W per port)
1 PWR-C1-1100WAC or 2 PWR-C1-715WAC
PoE+ on all ports (30W per port)
1 PWR-C1-1100WAC or 2 PWR-C1-715WAC
2 PWR-C1-1100WAC or 1 PWR-C1-1100WAC and 1 PWR-C1-715WAC
Power supply requirements for Cisco UPOE
24-Port UPOE Switch
48-Port UPOE Switch
24-Port Multigigabit UPOE Switch
Cisco UPOE (60W per port) on all ports (24-port switch) or up to 30 ports (48-port switch)
1 PWR-C1-1100WAC and 1 PWR-C1-715WAC
● Perpetual PoE: With Perpetual PoE, the PoE power is maintained during a switch reload. This is important for IoT endpoints such as PoE-powered lights, so that there is no disruption during switch reboot.
● Fast PoE: When power is restored to a switch, PoE starts delivering power to endpoints without waiting for the operating system to fully load, thereby speeding up the time for the endpoint to start up.
Cisco Catalyst 9300 Series Switches run on Open IOS XE 16.5.1a release or later. This software release includes all the features listed earlier in the Platform Benefits section.
- Up to 8 Switches can be stacked together using back stacking cables
- All 9300 models are supported in the stack
- All the switches in the stack should run the same IOS and License
- Mixed stacking between 9300 and 9300 is not supported
Cisco Catalyst 9300 Series StackPower
“Zero-Footprint” RPS Deployment
• Provides RPS functionality with Zero RPS Footprint
• Pay-as-you-grow architecture–similar to the Data Stack
• 1+N Redundancy with Inline Power
• Up to 4 Switches in a StackPower Ring
• Multiple StackPower Possible within one Data Stack
• Up to 9 Switches in a star topology with XPS
Mapping Between Cisco Catalyst 3850 and 9300
Catalyst 9300 24-port data only switch
Catalyst 9300 24-port PoE+ switch
Catalyst 9300 24-port UPOE switch
Catalyst 9300 24-port mGig and UPOE switch
Catalyst 9300 48-port data only switch
Catalyst 9300 48-port PoE+ switch
Catalyst 9300 48-port UPOE switch
Learn More: Why Migrate to Cisco Catalyst 9300 Switches?
With the new Cisco RV340W's intuitive user interface, you'll have your Internet access set up and running in minutes.
It is easy-to-use, flexible, high-performance, and durable which makes this well suited for small businesses.
The RV340W extends the basic capabilities of Cisco RV routers:
- Dynamic web filtering helps enable business efficiency and security when connecting to the web.
- Client and application identification allow Internet access policies for end devices and cloud applications, helping to ensure performance and security.
- 4 Gigabit LAN ports facilitate high-speed connectivity of your network devices.
- The RV340W has integrated 802.11ac Gigabit Wi-Fi for your mobile devices.
The Cisco RV340W can also boost employee productivity and overall network performance. It can limit Internet surfing to appropriate site categories and can eliminate unwanted network traffic.
Features and Benefits
- 2 WAN ports (RJ-45) allow load balancing and resiliency
- 4 LAN ports (RJ-45) provide high-performance connectivity
- Integrated 802.11ac WLAN access point with external antennas (Wave 2 MU-MIMO)
- 2 USB ports support a 3G/4G modem or flash drive
- Flexible VPN functionality for secure interconnectivity
- Support for the Cisco AnyConnect Secure Mobility Client, ideal for remote access by mobile devices
- Dynamic web filtering, enabling business efficiency and security while connecting to the Internet
- Client and application identification that allows Internet access policies for end devices and Internet applications, to help ensure performance and security
Cisco RV340W Dual WAN Gigabit Wireless AC VPN Router-Ordering Information
RV Security – 1 year: Enables dynamic web filter/Internet security and Application Visibility and Client identification (no license required for a 90-day trial period)
AnyConnect Server license
RV AnyConnect Server – 1 year: Upgrade to 25 tunnels
Increases the number of supported tunnels from 2 to 25
Depending on the user device, an AnyConnect Secure Mobility User Client license is required. Recommended: L-AC-PLS-LIC=. To download the AnyConnect client from Cisco.com, you also need a support contract
USA, Canada, Mexico, and the rest of LATAM
EU, Vietnam, Ukraine, Saudi Arabia, UAE, Egypt, Qatar, Kuwait, Israel, Hong Kong, Indonesia, Malaysia, Philippines, Singapore, Thailand, South Africa
Australia, New Zealand
Cisco switches are constantly learning, constantly adapting, constantly protecting in your data center, core, or edge.
This is the new era in networking. The Network. Intuitive.
Now here comes the Cisco Catalyst 9000 Series.
Cisco’s new Catalyst 9000 switches, switching for a changing world, constantly adapt to help you solve new challenges.
- Their integrated security helps you address ever-changing threats.
- They simplify management of your evolving mobility, Internet-of-Things (IoT), and cloud requirements.
There are three series in Catalyst 9000 family:
Catalyst 9300 Series: The Catalyst 9300 Series is our top fixed-access enterprise network switch series, stacking to 480 Gbps.
Catalyst 9400 Series: Cisco’s leading modular-access switches for enterprise, the Catalyst 9400 Series supports up to 9 Tbps.
Catalyst 9500 Series: The Catalyst 9500 Series is the industry’s first fixed-core 40-Gbps switch for the enterprise.
More fast questions and answers help you learn more about the new Catalyst 9000 Series.
Cisco Catalyst 9000 network features and services (common to all Cisco Catalyst 9000 Switches)
Q: What feature sets do the Cisco Catalyst 9000 Switches support?
A: The Cisco Catalyst 9000 Series Switches support the packaging of features into Essentials and Advantage packages. The details of the features in each package are listed in the data sheets–link provided below in the Pricing and Ordering section.
Q: What programmability capabilities are available on the Cisco Catalyst 9000?
A: The Cisco Catalyst 9000 opens a completely new paradigm in network configuration, operation, and monitoring through network automation. The Cisco automation solution is open, standards-based, and extensible across the entire network lifecycle of a network device.
• Device provisioning: Through Plug-and-Play (PnP), Zero-Touch Provisioning (ZTP), and Preboot Execution (PXE)
• Configuration: Model-driven operation through open Application Programming Interfaces (APIs) over NETCONF, Python Scripting
• Customization and monitoring: Streaming telemetry
• Upgrade and manageability: In-Service Software Upgrade (ISSU), patchability, and config/replace
Q: What management capabilities are available for the Cisco Catalyst 9000?
A: You can manage it using the Cisco IOS Software Command-Line Interface (CLI), using Cisco Prime® Infrastructure 3.1.7 DP13, Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM), onboard Cisco IOS XE Software Web User Interface (WebUI), Simple Network Management Protocol (SNMP), or Netconf/YANG.
Q: Is there an onboard web GUI on the Cisco Catalyst 9000?
A: Yes. An onboard web GUI is available.
Q: What is the purpose of the blue beacon LED on the Cisco Catalyst 9000?
A: The blue beacon LED is common across the Cisco Catalyst 9000 Series Switches to simplify the operations. It makes chassis identification easier when several such switches are mounted on racks. A remote administrator can enable the LED to blink to help the local operator quickly locate the chassis. The local operator presses the mode button to acknowledge.
Q: What is the maximum number of VRF instances that I can configure on a Cisco Catalyst 9000?
A: The maximum number of VRFs that you can configure on a Cisco Catalyst 9000 is 256.
Q: What is Cisco’s direction for wireless?
A: Cisco believes that the best solution for a wired or wireless network is achieved when integrated into SD-Access, Cisco’s lead architecture for the next-generation enterprise network. This solution delivers consistency with wired infrastructure around policy, segmentation, orchestration and automation, and assurance. This new architecture delivers the best experience for mobility, guest, IoT, multicast services, and overall network performance with its distributed data plane and centralized control-plane architecture.
Q: What wireless support is provided with the Cisco Catalyst 9000 platforms?
A: Cisco Catalyst 9000 products are instrumental in supporting the following wireless capabilities in the SD-Access architecture:
• Connect access points and integrate them into the SD-Access fabric. The switch integrates with the fabric control plane (LISP), thereby providing reachability for the access points and clients in the fabric.
• Deliver macro (VRF) and micro (Scalable Group Tag (SGT) [SGT] group-based) segmentation to the access points to deliver end-to-end policies.
• Can terminate guest VXLAN traffic, so there is no need for a dedicated guest anchor controller.
The support for wireless capability at launch will be together with the AireOS 8.5 Controller running on an Cisco 8540 Wireless Controller, Cisco 5520 Wireless Controller, or Cisco 3504 Wireless Controller appliance with the Cisco Catalyst platforms functioning as Fabric Edge and Fabric Border nodes.
Q: What are the SD-Access wireless capabilities?
A: The new Cisco Catalyst 9000 Series switches provide a complete solution for Campus with Cisco AireOS Conrollers and Wave 2 access points.
Q: What are the advantages of integrating wireless in the SD-Access fabric architecture?
A: • Highest performance and scale: Distributed data-plane forwarding in hardware distributed in the network paired with the large control-plane scale offered by the dedicated controller appliances.
• Best guest: You don’t need a dedicated guest anchor controller in the Demilitarized Zone (DMZ): Traffic is sent directly to the fabric border to exit the fabric. Also, there is no sub-optimal traffic forwarding such as from an access point to a foreign controller and on to a guest anchor controller.
• Best mobility: IP addressing is simpler; there is one subnet for the entire wireless SSID across the network, and no hairpin of traffic when roams occur.
• Simple operation: Operation is simple because wired and wireless are treated the same and operated together; they have common policies and controller-based automation.
• Wired innovations applied to wireless: First-hop security innovations available for wired can also be applied to wireless; for example, Dynamic ARP Inspection (DAI), IP Source Guard (IPSG), and DHCP Snooping.
• Segmentation across wired and wireless:
-The virtual network now passes all the way to wired as well as wireless devices.
-This segmentation is important for separation of certain devices from others, such as IoT and building automation devices connected over wireless.
-It is also important for security reasons to reduce attack the surface; if someone gets into a segment, the person can move only within that segment.
-Because segmentation is handled by the fabric, the number of SSIDs can be limited.
• Best multicast:
-The solution offers the best performance of distributed replication in hardware across the network.
These switches truly deliver the best of wired and wireless together.