Overblog
Follow this blog Administration + Create my blog
Cisco & Cisco Network Hardware News and Technology

cisco switches - cisco firewall

Cisco Nexus 5500 and Nexus 5600 Licensing Options

April 9 2018 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Switches - Cisco Firewall, #Cisco Technology - IT News, #Cisco & Cisco Network, #Technology, #Cisco License, #Cisco Switches-Software

Different types of licenses are required for the Nexus 5500 and Nexus 5600.

Table 1-15 describes each license and the features it enables.

Table 1-15 Nexus 5500 Product Licensing

Feature License

Product ID

Features

FabricPath Services Package

N5548-EL1-SSK9

FabricPath

ENHANCED_LAYER2_PKG

N5596-EL1-SSK9
N5671-EL1-SSK9
N56128-EL1-SSK9

 

FCoE NPV Package
FCOE_NPV_PKG

N5548-FNPV-SSK9
N5596-FNPV-SSK9
N56-FNPV-SSK9

FCoE NPV

Layer 3 Base Services Package
LAN_BASE_SERVICES_PKG 15

N55-BAS1K9
N56-BAS1K9

Unlimited static routes and maximum of 256 dynamic routes:

  • Static routes
  • RIPv2
  • OSPFv2 and OSPFv3
  • EIGRP
  • HSRP
  • VRRP
  • IGMP v2/v3
  • PIMv2 (sparse mode)
  • Routed ACL
  • NAT
  • MSDP
  • Static routes
  • RIPv2
  • OSPFv2 and OSPFv3

Layer 3 Enterprise Services Package
LAN_ENTERPRISE_SERVICES_ PKG 1819

N55-LAN1K9
N56-LAN1K9

N55-LAN1K9 includes the following features in addition to the ones under N55-BAS1K9 license:
BGP

  • VRF Lite
  • PBR
  • PIMv2 (all modes)


L3 IS-IS

Storage Protocols Services Package

N55-8P-SSK9

Native Fibre Channel

FC_FEATURES_PKG
ENTERPRISE_PKG

N55-48P-SSK9
N56-16p-SSK9
N5671-72P-SSK9
N56128-128P-SSK9
N55-8P-SSK9

  • FCoE
  • NPV
  • FC Port Security
  • Fabric Binding


Fibre Channel Security Protocol
(FC-SP) authentication

VM-FEX Package

N55-VMFEXK9

VM-FEX

NOTE: To manage the Nexus 5500 and Nexus 5600, two types of licenses are needed: the DCNM LAN and DCNM SAN. Each is a separate license.

More Notes:

Nexus switches have a grace period, which is the amount of time the features in a license package can continue functioning without a license.

Enabling a licensed feature that does not have a license key starts a counter on the grace period. You then have 120 days to install the appropriate license keys, disable the use of that feature, or disable the grace period feature.

If at the end of the 120-day grace period the device does not have a valid license key for the feature, the Cisco NX-OS software automatically disables the feature and removes the configuration from the device. There is also an evaluation license, which is a temporary license. Evaluation licenses are time bound (valid for a specified number of days) and are tied to a host ID (device serial number).

 

More info from http://www.ciscopress.com/articles/article.asp?p=2762085&seqNum=2

 

More Related

Cisco Nexus 5500 and Nexus 5600-Model Features

Cisco Nexus 7000 and Nexus 7700 Modular Switches, the Main Chassis

Cisco’s Data Center Architecture

Cisco Nexus 7000 and Nexus 7700 Series Power Supply Options

Cisco Nexus 7000 and Nexus 7700 Supervisor Module

Cisco Nexus 7000 and Nexus 7700 Licensing

Cisco Nexus 7000 and Nexus 7700 Line Cards

Read more

Cisco’s Data Center Architecture

April 3 2018 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco & Cisco Network, #IT, #Technology, #Cisco Switches - Cisco Firewall

Originally, most of the traffic data center network architects designed around was client-to-server communication or what we call “north-south.” With client-to-server traffic being the most dominant, network engineers/architects primarily built data centers based on the traditional Core/Aggregation/Access layer design, as seen in Figure1, and the Collapsed Core/Aggregation design, as seen in Figure2.

Figure1. Cisco Three-Tier Network Design

Figure2. Collapsed Core/Aggregation Network Design

In the three-tier and Collapsed Core designs, the architecture is set up for allowing optimal traffic flow for clients accessing servers in the data center, and the return traffic and links between the tiers are set for optimal oversubscription ratios to deal with traffic coming in to and out of the data center. As the increase in link speeds and virtualization became more prevalent, network engineers looked for a way to use all links in between any tiers and hide spanning tree from blocking certain links, as shown in Figure3. To do this in the data center, the Nexus product line introduced virtual Port Channel (vPC). vPC enables two switches to look like one, from a Layer 2 perspective, allowing for all links to be active between tiers, as seen in Figure4.

Figure3. Spanning Tree between Tiers

Figure4. Virtual Port Channel (vPC)

In the latest trends in the data center, the traffic patterns have shifted to virtualization and new application architectures. This new traffic trend is called “east to west,” which means the majority of the traffic and bandwidth being used is actually between nodes within the data center, such as when motioning a virtual machine from one node to another or application clustering.

This topology is a spine-leaf, as seen in Figure5. Spine-leaf has several desirable characteristics that play into the hands of engineers who need to optimize east-west traffic.

Figure5. Spine-Leaf Network Topology

Just to name a few benefits, a spine-leaf design scales horizontally through the addition of spine switches which add availability and bandwidth, which a spanning tree network cannot do. Spine-leaf also uses routing with equal-cost multipathing to allow for all links to be active with higher availability during link failures. With these characteristics, spine-leaf has become the de facto architecture of network engineers and architects for their next wave of data center architectures.

Describe the Cisco Nexus Product Family

The Cisco Nexus product family is a key component of the Cisco unified data center architecture, which is the Unified Fabric. The objective of the Unified Fabric is to build highly available, highly secure network fabrics.

Using the Cisco Nexus products, you can build end-to-end data center designs based on three-tier architecture or based on spine-leaf architecture. Cisco Nexus Product line offers high-density 10G, 40G, and 100G ports as well.

Modern data center designs need the following properties:

  • Effective use of available bandwidth in designs where multiple links exist between the source and destination and one path is active and the other is blocked by spanning tree, or the design is limiting you to use Active/Standby NIC teaming. This is addressed today using Layer 2 multipathing technologies such as FabricPath and virtual Port Channels (vPC).
  • Computing resources must be optimized, which happens by building a computing fabric and dealing with CPU and memory as resources that are utilized when needed. Doing capacity planning for all the workloads and identifying candidates to be virtualized help reduce the number of compute nodes in the data center.
  • Using the concept of a service profile and booting from a SAN in the Cisco Unified Computing system will reduce the time to instantiate new servers. This makes it easy to build and tear down test and development environments.
  • Power and cooling are key problems in the data center today. Ways to address them include using Unified Fabric (converged SAN and LAN), using Cisco virtual interface cards, and using technologies such as VM-FEX and Adapter-FEX. Rather than using, for example, eight 10G links, you can use two 40G links, and so on. Reducing cabling creates efficient airflow, which in turn reduces cooling requirements.
  • The concept of hybrid clouds can benefit your organization. Hybrid clouds extend your existing data center to public clouds as needed, with consistent network and security policies. Cisco is helping customers utilize this concept using CliQr/Cisco CloudCenter.
  • Improved reliability during software updates, configuration changes, or adding components to the data center environment, which should happen with minimum disruption.
  • Hosts, especially virtual hosts, must move without the need to change the topology or require an address change.

The following Figure shows the different product types available at the time this chapter was written.

Cisco Nexus Product Family

NOTE: Cisco is always innovating and creating new modules/switches. Therefore, while studying for your exam, it is always a good idea to check Cisco.com/go/nexus to verify new modules/switches and their associated features.

Info from http://www.ciscopress.com/articles/article.asp?p=2762085&seqNum=2

More Related

Make the Cisco Nexus 9000 Series Your Network Switch Today

Cisco Nexus Positioning: 2 and 3 Tier

Why Choose Cisco Nexus 9000 Series Switches? Top Five Reasons…

The Latest Cisco Nexus 9000 Innovations

Cisco Nexus 9000 Family: Nexus 9500 Modular Switches and the Nexus 9300 Fixed Configuration

 

Read more

The Latest Updated: SFP Modules for Cisco Catalyst 2960-X Series Switches

January 12 2018 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Cisco & Cisco Network, #Cisco Modules & Cards, #Networking

We are so familiar with the hot Catalyst 2960-X series, and what are the SFP Transceiver Models for 2960 X Series? Check the table below about the latest SFP models for 2960 X Series.

Catalyst 2960 X Series

Network Device

Transceiver Model

Minimum Software Release Required

DOM Support

Software Release

WS-C2960X-24TS-LL
WS-C2960X-48TS-LL

GLC-LH-SMD
GLC-SX-MMD
GLC-EX-SMD1
GLC-T
GLC-TE
GLC-LH-SM
GLC-SX-MM
GLC-GE-100FX

15.0(2)EX

15.0(2)EX

WS-C2960X-24PSQ-L

GLC-BX-D
GLC-BX-U
GLC-LH-SMD
GLC-SX-MMD
GLC-EX-SMD1
GLC-ZX-SMD
GLC-T
GLC-TE
GLC-ZX-SM
GLC-LH-SM
GLC-SX-MM

15.0(2)EX

15.0(2)EX

WS-C2960X-24PS-L
WS-C2960X-24TS-L
WS-C2960X-48TS-L
WS-C2960X-48LPS-L
WS-C2960X-48FPS-L
WS-C2960X-24TD-L
WS-C2960X-24PD-L
WS-C2960X-48TD-L
WS-C2960X-48LPD-L
WS-C2960X-48FPD-L

GLC-BX-D
GLC-BX-U
GLC-LH-SMD
GLC-SX-MMD
GLC-EX-SMD1
GLC-ZX-SMD
GLC-T
GLC-TE
GLC-ZX-SM
GLC-LH-SM
GLC-SX-MM
CWDM-SFP
GLC-GE-100FX

15.0(2)EX

15.0(2)EX

 

SFP Transceivers

Model Number

Transceiver Description

GLC-T=

1000BASE-T SFP transceiver module for Category 5 copper wire, RJ-45 connector

GLC-TE=

1000BASE-T SFP transceiver module for Category 5 copper wire, RJ-45 connector, Extended Temperature

GLC-SX-MM=

1000BASE-SX SFP transceiver module for MMF, 850-nm wavelength, dual LC/PC connector

GLC-LH-SM=

1000BASE-LX/LH SFP transceiver module for MMF and SMF, 1300-nm wavelength, dual LC/PC connector

GLC-ZX-SM=

1000BASE-ZX SFP transceiver module for SMF, 1550-nm wavelength, dual LC/PC connector

GLC-BX-D=

1000BASE-BX10 SFP module for single-strand SMF, 1490-nm TX/1310-nm RX wavelength, single LC/PC connector

GLC-BX-U=

1000BASE-BX10 SFP module for single-strand SMF, 1310-nm TX/1490-nm RX wavelength, single LC/PC connector

GLC-BX40-D-I

1000BASE-BX10 SFP module for single-strand SMF, 1550-nm TX/1310-nm RX wavelength, single LC/PC connector

GLC-BX40-U-I

1000BASE-BX10 SFP module for single-strand SMF, 1310-nm TX/1550-nm RX wavelength, single LC/PC connector

GLC-BX80-D-I

1000BASE-BX10 SFP module for single-strand SMF, 1570-nm TX/1490-nm RX wavelength, single LC/PC connector

GLC-BX80-U-I

1000BASE-BX10 SFP module for single-strand SMF, 1490-nm TX/1570-nm RX wavelength, single LC/PC connector

GLC-BX40-DA-I

1000BASE-BX10 SFP module for single-strand SMF, 1490-nm TX/1310-nm RX wavelength, single LC/PC connector

GLC-2BX-D=

Dual-channel 1000BASE-BX10 SFP module for single-strand SMF, 1490-nm TX/1310-nm RX wavelength, two single LC/PC connectors

SFP-GE-S=

1000BASE-SX SFP transceiver module for MMF, 850-nm wavelength, extended operating temperature range and DOM support, dual LC/PC connector

SFP-GE-L=

1000BASE-LX/LH SFP transceiver module for MMF and SMF, 1300-nm wavelength, extended operating temperature range and DOM support, dual LC/PC connector

GLC-EX-SMD=

1000BASE-EX SFP transceiver module for SMF, 1310-nm wavelength, extended operating temperature range and DOM support, dual LC/PC connector

SFP-GE-Z=

1000BASE-ZX SFP transceiver module for SMF, 1550-nm wavelength, extended operating temperature range and DOM support, dual LC/PC connector

SFP-GE-T=

1000BASE-T SFP transceiver module for Category 5 copper wire, extended operating temperature range, RJ-45 connector

GLC-SX-MM-RGD

1000BASE-SX SFP transceiver module for MMF, 850-nm wavelength, industrial Ethernet, dual LC/PC connector

GLC-LX-SM-RGD

1000BASE-LX/LH SFP transceiver module for MMF and SMF, 1300-nm wavelength, industrial Ethernet, dual LC/PC connector

GLC-ZX-SM-RGD

1000BASE-ZX SFP transceiver module for SMF, 1550-nm wavelength, industrial Ethernet, dual LC/PC connector

GLC-SX-MMD=

1000BASE-SX SFP transceiver module for MMF, 850-nm wavelength, extended operating temperature range and DOM support, dual LC/PC connector

GLC-LH-SMD=

1000BASE-LX/LH SFP transceiver module for MMF and SMF, 1300-nm wavelength, extended operating temperature range and DOM support, dual LC/PC connector

GLC-ZX-SMD=

1000BASE-ZX SFP transceiver module for SMF, 1550-nm wavelength, dual LC/PC connector

SFP-GPON-B

Gigabit passive optical network (GPON) Class B+ SFP OLT transceiver module, 1490-nm TX/1310-nm RX wavelength

SFP-GPON-B-I

Gigabit passive optical network (GPON) Class B+ SFP OLT transceiver module, 1490-nm TX/1310-nm RX wavelength, industrial temperature range

SFP-GPON-C

Gigabit passive optical network (GPON) Class C+ SFP OLT transceiver module, 1490-nm TX/1310-nm RX wavelength

SFP-GPON-C-I

Gigabit passive optical network (GPON) Class C+ SFP OLT transceiver module, 1490-nm TX/1310-nm RX wavelength, industrial temperature range

1CPN 10-2624-01 or later only.

The full data sheet of Cisco Gigabit Ethernet Transceiver Modules Compatibility Matrix you can visit here:

https://www.cisco.com/c/en/us/td/docs/interfaces_modules/transceiver_modules/compatibility/matrix/GE_Tx_Matrix.html

 

Read more Related Topics

What Are SFP Ports Used For?

GLC-T vs. SFP-GE-T

GLC-T vs. GLC-TE

Updated: Cisco Gigabit Ethernet Transceiver Modules for ASR 1000 Series Router

 

 

Read more

Updated-5 Tips for Choosing a Next-Generation Firewall/NGFW

November 28 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Switches - Cisco Firewall, #Cisco & Cisco Network, #IT, #Technology

Not sure this is the firewall for you? Read the 5 tips for Choosing a Next-Generation Firewall today.

If you decide to invest in a threat-focused Next-Generation Firewall (NGFW), you can ask like this: If it delivers…

1. Integrated Threat Defense

Get actionable, multi-layered protection.

Today’s multi-vector and persistent threats slip through gaps in protection and evade detection. A threat-focused NGFW provides best-in-class security technologies that work together across the network and endpoints and are managed through a central console. Built on a comprehensive stateful ­firewall foundation, threat-focused NGFW technologies should include:

  • Next-Generation IPS
  • Advanced Malware Protection
  • Application Visibility and Control
  • Reputation-based URL filtering
  • Application-level VPN
  • With integrated threat and advanced malware protection that continuously correlates threat intelligence across security layers, you can identify and protect against sophisticated attacks.

 

2. Actionable Indicators of Compromise

Accelerate malware detection to mitigate risk.

The current industry standard time to detect a threat is between 100 to 200 days; that’s far too long. An NGFW should provide actionable indicators of compromise (IoCs) that:

  • Correlate network and endpoint security intelligence
  • Provide highly accurate visibility into suspect and malicious ­le and host behavior
  • Prioritize infected hosts for rapid remediation
  • Actionable IoCs let you see malware activity on hosts and endpoints, understand the impact, and quickly contain and remediate.

 

3. Comprehensive Network Visibility

Increase security effectiveness with a holistic view.

You can’t protect what you can’t see. You need to monitor what’s happening on your network at all times. An NGFW should provide full contextual awareness of:

  • Users, operating systems, and devices
  • Communications between virtual machines
  • Threats and vulnerabilities
  • Applications and website access
  • File transfers, and more
  • This level of insight helps you identify and address security gaps and fine-tune policies so as to reduce the number of significant events requiring additional action.

 

4. Reduced Complexity and Costs

Unify security layers and automate for efficiencies.

A combination of advanced threats and a shortage of skilled IT security professionals is stretching IT departments to the max. Look for an NGFW that:

  • Consolidates multiple layers of defenses on a single platform
  • Delivers consistent and robust security at scale
  • Automates routine security tasks like impact assessment, policy tuning, and user identi­fication
  • By reducing complexity and costs your team is freed up to focus on events that matter most.

 

5. Integration with Third-Party Solutions

Maximize existing security investments.

You need to be able to share intelligence and better leverage existing security technologies to consolidate and streamline response. Look for an NGFW that is open and integrates smoothly with an ecosystem of third-party security solutions like:

  • Vulnerability management systems
  • Network visualization and SIEM systems
  • Workflow remediation and ticketing systems
  • Network access control (NAC), and more
  • Third-party solution integration reduces your IT burden and total cost of ownership (TCO) and strengthens multi-layered protection.

Attacks will continue to evolve as will the IT environment you need to protect. Make sure the NGFW you select provides tightly integrated, multi-layered threat protection. By sharing context and intelligence among security functions you accelerate threat detection and response across your organization, and get the most from your investments.

The tips from https://www.cisco.com/c/dam/en/us/products/collateral/security/next-gen-firewall.pdf

More Related…

Migrate from the Cisco ASA5505 to Cisco ASA5506X Series

Cisco ASA with Firepower Services, Setup Guide-Part1

Cisco ASA with Firepower Services, Setup Guide-Part2

Cisco ASA with Firepower Services, Setup Guide-Part3

Cisco ASA with Firepower Services, Setup Guide-Part4

Read more

Cisco Catalyst 2960-L Series Switches FAQ

September 26 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Networking, #Cisco & Cisco Network, #IT, #Technology

The Cisco Catalyst 2960-L Series is available in 8-port to 48-port configurations and supports Power over Ethernet (PoE). Make your network ready for the mobile devices and applications it needs to support with the 2960-L, all at a great value.

The Cisco Catalyst 2960-L is the one meeting your needs and helping you increase reliability in branches and other deployments.

FAQ-Cisco Catalyst 2960-L Series Switches

There are many questions and answers (FAQ) helping you know about the bright features of Catalyst 2960-L switches.

Q. What pluggable transceiver modules are supported by the Cisco Catalyst 2960-L switches?

A. Refer to the Cisco Transceiver Module Compatibility Matrixes for a complete list of supported modules.

Q. What input voltage is required by the Cisco Catalyst 2960-L?

A. The AC input voltage range is 100V–240V. The AC frequency range is 50Hz–60Hz.

Q. Can the Cisco Catalyst 2960-L be stacked?

A. The 2960-L does not support stacking. The 2960-L switches support clustering for single IP management.

Q. What are the flash and DRAM sizes on the switches?

A. All the switches have 256 MB flash and 512 Mb DRAM.

Q. Do the Cisco Catalyst switches support line rate?

A. Yes, all switches are nonblocking line-rate switches.

Q. What is the software supported on the 2960-L?

A. The Cisco Catalyst 2960-L supports the classic Cisco IOS Software.

Q. How do you manage the Cisco Catalyst 2960-L?

A. The 2960-L can be configured and managed with a CLI or an on-box GUI.

Q. How can a new Cisco Catalyst 2960-L box be configured?

A. The 2960-L switch supports a day-zero GUI that can be used for the initial configuration of the switch.

The switch can also be configured with the CLI using the console port (RJ 45 or USB type B).

Q. Does the Cisco Catalyst 2960-L support routing?

A. No, the 2960-L does not support routing. A default gateway can be configured on the switch pointing to the next hop router.

Q. What is the switch database management (SDM) template for Cisco Catalyst 2960-L switches?

A. Cisco Catalyst 2960-L switches support unique default templates that cannot be modified.

The switch supports this level of features for 1 SVIs and 64 VLANs:

● Number of IPv4 multicast groups: 1024

● Number of unicast MAC addresses: 8192

● Number of IPv4/IPv6/MAC access control entries: 988

Q. What is the license level on the Cisco Catalyst 2960-L?

A. The 2960-L has a LAN lite feature set.

Q. Can the license on the Cisco Catalyst 2960-L be upgraded?

A. No, the license level on the 2960-L is fixed. It cannot be upgraded.

Switch Mounting

Q. What mounting options are available with the Cisco Catalyst 2960-L?

A. The switches are designed for easy and flexible mounting. They can be mounted vertically or horizontally, using one of the following options:

● 8-/16-port SKUs:

◦ Magnet mount (on a desk, wall, or shelf)

◦ DIN rail mount

◦ Rack mount (with rack mount kit)

● 24-/48-port SKUs:

◦ Rack mount (with rack mount kit)

◦ Wall mount

◦ On a desk or shelf

For more information about switch mounting options, see the Cisco Catalyst 2960-L Switch Hardware Installation Guide.

Q. What are the recommended switch orientations?

A. Following are the recommended switch orientation options:

● 8-/16-port SKUs:

◦ Upright (on a table)

◦ Inverted (under a desk)

◦ Vertical (on wall, ports facing down)

● 24-/48-port SKUs

◦ Upright (in a rack)

◦ Vertical (on wall, ports facing down)

Q. What are best practices for mounting the fanless switches in closets, under tables, or in other closed environments?

A. Be sure that temperature around the unit does not exceed its maximum limit. Switches are rated to 113°F/45°C (WS-C2960-16PS-LL is rated to 104°F/40°C). Best practices allow for at least 3 inches (7.6 cm) of clearance on all sides and ventilation openings and at least 1.75 inches (4 cm) of clearance above each switch if placed in a rack. Access to ports should be sufficient for unrestricted cabling. The rear-panel power connector should be within reach of an AC power receptacle. When wall-mounting the switch, have the switch align with ports facing down. For more information about best installation practices, see the Cisco Catalyst 2960-L Switch Hardware Installation Guide.

Hardware

Q. Are all the 2960-L models fanless?

A. No, the WS-C2960L-48PS-LL has a fan.

Q. What is the use of the mode button on the switch?

A. The mode button is used for resetting the switch, entering day-zero setup mode, or changing an LED mode.

Q. Do the switches have a front panel out-of-band (OOB) Ethernet management interface?

A. No, the switches do not support the OOB Ethernet management interface.

Q. What can I do with the USB Type A port located on the front of the Cisco Catalyst 2960-L Series?

A. As additional storage, the USB Type A port can be used to perform software upgrades, store configurations, and write memory core dumps for troubleshooting purposes. The switch supports Cisco 64 MB, 256 MB, 512 MB, 1 GB, 4 GB, and 8 GB flash drives.

Q. Can a third-party USB flash drive be used with the Cisco Catalyst 2960-L?

A. No, third-party USBs are not supported.

Q. How does cooling work in the Cisco Catalyst 2960-L Series switches?

A. Because most of the PIDs of 2960-L Series switches do not have fans, they are cooled by convection. Only the WS-C2960-48PS-LL has a fan inside.

Q. What is the noise level on the Cisco Catalyst 2960-L switches?

A. The switches are silent and produce ambient noise levels. Noise levels for the WS-C2960-48PS-LL:

● Sound pressure at 25°C ambient: LpA (typical) = 35dBA, LpAD (maximum) = 39dBA

● Sound power at 25°C ambient: LwA (typical) = 4.8B, LwAD (maximum) = 5.2B

Management

Q. Do the Cisco Catalyst 2960-L switches support Smart Install?

A. Yes. The switches support Smart Install client functionality.

Q. Do the Cisco Catalyst 2960-L switches support the Network Plug and Play (PnP) agent?

A. Yes. PnP technology automates the installation and configuration of Cisco IOS Software using an embedded PnP agent on Cisco Catalyst switches. It requires a preconfigured network PnP server that manages sites; site devices; and their images, configurations, files, and licenses for deployment.

Q. What is the default baud rate of the serial port on the Cisco Catalyst 2960-L?

A. The default baud rate is 9600.

Q. Can both console ports be used simultaneously?

A. No. When the USB console is used, the RJ-45 console receives the output of the USB console as well. This design allows the administrator to see when the USB console port is in use. This capability is useful for remote administrators.

Q. Does the switch support autobaud on the console port?

A. No.

Power and PoE

Q. Do Cisco Catalyst 2960-L switches support field-replaceable power supplies?

A. No. Power supplies on all the models are built into the switch.

Q. Does the switch support PoE?

A. Yes, the 2960-L supports PoE. The models that support PoE and the PoE budget are listed in Table 2.

Table2. Models That Support PoE

Product ID

Available PoE Power

WS-C2960L-8TS-LL

WS-C2960L-8PS-LL

67W

WS-C2960L-16TS-LL

WS-C2960L-16PS-LL

120W

WS-C2960L-24TS-LL

WS-C2960L-24PS-LL

195W

WS-C2960L-48TS-LL

WS-C2960L-48PS-LL

370W

Q. What is the maximum power that can be drawn from a port on the PoE switch?

A. A maximum of 30W can be supported on a single port.

Q. What are the power management features the 2960-L supports?

A. The 2960-L supports IEEE 802.3az Energy Efficient Ethernet (EEE) and Cisco EnergyWise.

Q. Can the switches be powered using RPS/XPS?

A. No.

QoS and Security

Q. Does 2960-L support QoS?

A. The Cisco Catalyst 2960-L Series Switches offer intelligent traffic management that keeps everything flowing smoothly. Flexible mechanisms for marking, classification, and scheduling deliver superior performance for data, voice, and video traffic, all at wire speed. Primary QoS features include:

● Up to four egress queues per port and strict priority queuing so that the highest priority packets are serviced ahead of all other traffic

● Weighted round robin (WRR) scheduling and weighted tail drop (WTD) congestion avoidance

Q. What is the egress buffer size?

A. The egress buffer is 1.5 Mb on all 2960-L switches.

Q. How do Cisco Catalyst compact switches help keep unauthorized users from accessing the network?

A. Cisco Catalyst 2960-L switches provide superior Layer 2 threat defense capabilities for mitigating man-in-the-middle attacks (such as MAC, IP, and ARP spoofing). They also provide storm control protection and dynamic ARP inspection.

These switches also support advanced security features such as protected port, port-based ACLs, port security, TACACS+, and RADIUS authentication.

Q. What Cisco cyberthreat defense security features do the Cisco Catalyst 2960-L switches support?

A. The 2960-L switches support threat defense features such as port security, DHCP snooping, and dynamic ARP inspection.

Q. How can I protect administration passwords and traffic going to the switch during configuration or troubleshooting?

A. To protect administration traffic during the configuration or troubleshooting of a switch, the best approach is to encrypt the data using both Secure Shell (SSH) Protocol and Simple Network Management Protocol (SNMP) v3.

GUI

Q. Does the 2960-L support a GUI to perform a day-zero switch installation?

A. Yes, the 2960-L supports a day-zero GUI to help with easy deployment of the switch without the need for a CLI. For more details, refer to the day-zero setup document.

Q. Does support for GUI require any additional files to be loaded on the 2960-L?

A. No the tar Cisco IOS Software file contains all the files required for web GUI support.

Q. What browsers can be used for the web GUI?

A. You can use these browsers:

● IE version 8 or later

● Chrome

● Firefox

● Safari

Hardware and Warranty

Q. What are the hardware warranty and return policy on the Cisco Catalyst 2960-L switches?

A. Cisco Catalyst 2960-L Series Switches come with an enhanced limited lifetime warranty (E-LLW). The E-LLW provides the same terms as Cisco’s standard limited lifetime warranty but adds next-business-day delivery of replacement hardware, where available, and 90 days of 8x5 Cisco Technical Assistance Center (TAC) support.

Q. What is the software update policy for the Cisco Catalyst 2960-L?

A. Customers with Cisco Catalyst LAN Lite software feature sets will be provided with maintenance updates and bug fixes designed to maintain the compliance of the software with published specifications, release notes, and industry standards compliance as long as the original end user continues to own or use the product or up to one year from the end-of-sale date for this product, whichever occurs earlier.

If you need some Catalyst 2960-L models, you can get a quote for 2960-L Series

More info of FAQ-Catalyst 2960-L from

https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-2960-l-series-switches/q-and-a-c67-737798.html

 

More Related

Entry-Level Cisco Catalyst GE Switches-Catalyst 2960-L Series

General Questions to Know the Cisco Catalyst 2960-L Series

Migrating to Cisco Catalyst 2960 and 2960XR Switches?

Read more

Upgrade Your Cisco Equipment for Less

August 31 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Cisco Routers, #Cisco Wireless - Cisco Wireless AP, #IT, #Cisco & Cisco Network

Cisco is always keeping creative, innovative and upgrading. From Cisco ISR G1, G2 to new ISR 4000, Cisco 3560-X/3750-X, 2960 to Catalyst 3650, 3850, 2960-X, and now migrating to the new powerful Catalyst 9000, ASA 5500 to FirePower 2100, 4100, etc. Cisco is the great innovator.

If you are a Cisco user or Cisco fan, you should know how to upgrade your Cisco equipment for less? In the following part we will share some guides that can help you upgrade Cisco items in the very right way.

How to upgrade your Cisco routers, Cisco switches, Cisco firewalls and Wireless products? You can check the 4 simple tables below.

ISR G1 & ISR G2 to Cisco ISR 4000 Series

Cisco ISR G1 & ISR G2

 

Upgrade to

The Recommended Router

Cisco 2800 Series (EOL&EOS)

Cisco 2801 ISR

Cisco 4321 ISR

Cisco 2811 ISR

Cisco 4351 ISR

Cisco 2821 ISR

Cisco 2851 ISR

Cisco 4431 ISR

Cisco 3800 Series (EOL&EOS)

Cisco 3825 ISR

Cisco 3845 ISR

Cisco 4451 ISR

Cisco 1900 Series

---

Cisco 4221 ISR

Cisco 2900 Series

Cisco 2901 ISR

Cisco 4321 ISR

Cisco 2911 ISR

Cisco 4331 ISR

Cisco 2921 ISR

Cisco 2951 ISR

Cisco 4351 ISR

Cisco 2935E ISR

Cisco 4451 ISR

Cisco 3900 Series

Cisco 3925 ISR

Cisco 4431 ISR

Cisco 3945 ISR

Cisco 3945E ISR

Cisco 4451 ISR

Learn more: Find the right Cisco routing solution for your business

 

Upgrade to Full-featured Campus & Branch Switches

Access/EOL & EOS

 

 

Upgrade to

Baseline Switch

Full-Featured Switch

Cisco Catalyst 2960-C

Cisco Catalyst 2960-CX Series

Cisco Catalyst 3560-CX Series

Cisco Catalyst 2960 (any)

Cisco Catalyst 2960-X Series

Cisco Catalyst 3650 Series

Cisco Catalyst 3560-C

Cisco Catalyst 3560-CX Series

---

Cisco Catalyst 3560 (any)

Cisco Catalyst 3650 Series

Cisco Catalyst 3850 Series

Cisco Catalyst 3750 (any)

Cisco Catalyst 3850 Series

 

Cisco Catalyst 4500 non-E

Cisco Catalyst 4500E (Supervisor 8L-E)

Cisco Catalyst 4500E (Supervisor 8-E)

Cisco Catalyst 4500 without Supervisor 7L-E or 8-E (any)

Cisco Catalyst 6500 (any)

Learn more: Cisco Switches for Networks of All Types and Sizes

 

Cisco ASA 5500-X Series Migration Options

Legacy Firewalls

Migration to Cisco NGFW

Cisco ASA 5505

Cisco ASA 5506-X

Cisco ASA 5510

Cisco ASA 5508-X

Cisco ASA 5512-X

Cisco ASA 5516-X

Cisco ASA 5515-X

Cisco ASA 5520

Cisco ASA 5525-X or Cisco FirePower 2100 Series

Cisco ASA 5540

Cisco ASA 5545-X or Cisco FirePower 2100 Series

Cisco ASA 5550

Cisco ASA 5555-X or Cisco FirePower 2100 Series

Cisco ASA 5580

Cisco FirePower 4100 Series

Cisco ASA 5585-X

Cisco FirePower 4100 Series

Learn more: Find the Right Cisco Firewall for your Needs

 

Cisco Aironet Access Points Transition

802.11n

 

802.11ac Wave 1

 

802.11ac Wave 2

 

Cisco Aironet 1040 Series

 

Cisco Aironet 1700 Series

Cisco Aironet 1830 Series

 

Cisco Aironet 1600 Series

 

Cisco Aironet 1140 Series

 

Cisco Aironet 2700 Series

Cisco Aironet 1850 Series

 

Cisco Aironet 1250 Series 

 

Cisco Aironet 1260 Series 

 

Cisco Aironet 2800 Series

 

Cisco Aironet 2600 Series

 

Cisco Aironet 3500 Series

 

Cisco Aironet 3700 Series

 

Cisco Aironet 3800 Series

 

Cisco Aironet 3600 Series

 

Learn more: The Cisco Aironet Access Points and Prices

 

Router-switch.com is providing the Big Summer Sale 2017

Enjoy selected, hot Cisco, Huawei, HPE and Dell products at promotional prices now.

Read more

Cisco Catalyst 2960-X Switches: Enterprise Ready

August 3 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Switches - Cisco Firewall, #Cisco & Cisco Network, #IT

Cisco continually updates its Catalyst 2960-X Series Switches to meet customers’ needs.

Catalyst 2960-X series, the stackable fixed configuration Gigabit Ethernet (10/100/1000) switches, offers network connectivity for enterprise, midmarket, and branch locations.

Cisco Catalyst 2960-X switches feature:

24 or 48 Gigabit Ethernet ports with line-rate forwarding performance

• Gigabit Small Form-Factor Pluggable (SFP) or 10G SFP+ uplinks

FlexStack Plus for stacking of up to 8 switches with 80 Gbps of stack throughput (optional)

• Power over Ethernet Plus (PoE+) support with up to 740W of PoE budget

Reduced power consumption and advanced energy management features

• USB and Ethernet management interfaces for simplified operations

• Application visibility and capacity planning with integrated NetFlow-Lite

• LAN Base or LAN Lite Cisco IOS software features

• Enhanced limited lifetime warranty (E-LLW) offering next-business-day hardware replacement

Cisco Catalyst 2960-XR models also offer:

• Power resiliency with optional dual field-replaceable power supplies

• IP Lite Cisco IOS software with dynamic routing and Layer 3 features

The Cisco Catalyst 2960-XR models offer all the features of the Cisco Catalyst 2960-X. In addition, they have two field-replaceable redundant power supply modules for power redundancy. They also introduce Layer 3 routing functionality for the first time in the Cisco Catalyst 2960 Series.

Learn more: Cisco Catalyst 2960-X vs. 2960-XR Series Switches

 

Read the Cisco Catalyst 2960-X switches’ features in Details

FlexStack-Plus on Cisco Catalyst 2960-X Series Switches

Build for application visibility and control, these switches support NetFlow-Lite, which can be used to monitor, capture, and record traffic flows through the network.

With industry-leading energy management capabilities such as Cisco EnergyWise to measure and control power usage, Energy Efficient Ethernet (EEE) and Switch and Downlink Hibernation modes to conserve power during periods of inactivity in the network, the Cisco Catalyst 2960-X with up to 80 percent energy savings is the greenest switch in the industry.

The Cisco Catalyst 2960-X Series is SDN ready to enable customers to build applications that automate various services across the campus.

Simple

Cisco Catalyst 2960-X Series Switches are simple to deploy, manage, and troubleshoot. As part of the Cisco Unified Access portfolio, the Cisco Catalyst 2960-X Series Switches are fully integrated with Cisco Prime to offer simple operation from a central location.

They can also be managed by Cisco Network Assistant, which features an intuitive GUI where users can easily apply common services across Cisco switches and routers.

The Cisco Catalyst 2960-X makes deployment and ongoing management easy with Cisco Smart Operations, which enable customers to reduce switch installation, configuration, troubleshooting time, and operational costs.

Cisco Smart Install and Configuration are transparent automated technology to configure the Cisco IOS Software image and switch configuration without user intervention.

Cisco Auto SmartPorts provide automatic Ethernet interface level configuration as devices connect to the switch port, allowing auto detection and plug and play of the device onto the network. It configures the Ethernet interface port with predefined configurations, including security, quality of service (QoS), and manageability features, with minimal effort and expertise.

Smart Call Home provides proactive diagnostics and remediation of hardware and software issues.

Secure

The Cisco Catalyst 2960-X switches deliver a range of features that secure access to the network and enforce security policies.

These features include flexible authentication with robust 802.1x, SXP Cisco TrustSec for policy enforcement, role-based security access and control with Cisco ISE and IPv6 First Hop Security. Furthermore, these Cisco switches protect network data confidentiality and integrity with switch port–level encryption.

Investment Protection

Cisco Catalyst 2960-X Series Switches preserve customer investment by allowing mixed stacking with existing Cisco Catalyst 2960-S and 2960-SF switches.

Customers can grow their access networks by adding the new Cisco Catalyst 2960-X switches to their existing Cisco Catalyst 2960-S and 2960-SF stacks.

Warranty Coverage and Technical Service Options

The Cisco Catalyst 2960-X Series Switches come with an enhanced limited lifetime hardware warranty (E-LLW) that includes 90 days of Cisco Technical Assistance Center (TAC) support and next-business day hardware replacement where available.

 

Migrating to Cisco Catalyst 2960 and 2960XR Switches

Cisco Catalyst 2960-X Series Switches, the stackable Gigabit Ethernet Layer 2 and Layer 3 access switches, give you enterprise-class features at a great price.

Designed for simplicity, they are easy to deploy, manage, and troubleshoot and offer automated software installation and port configuration.

Improvements over previous generations include:

  • Better customer and employee experiences through higher performance and improved support for mobility
  • Advanced security to handle increasing threats
  • Reduced cost and complexity through support for software defined networking (SDN) and innovations in energy efficiency Without the right switching solutions—the applications, services, and devices you deploy cannot live up to their potential.

Digital transformation makes having the right foundation to stay competitive more important than ever before.

Why migrate to the Cisco Catalyst 2960-X/XR? Read the Benefits of Migrating to Cisco Catalyst 2960 and 2960XR Switches. Compare and see what you’ve been missing.

Read more:

Compare the Catalyst 2960-X/XR to the Previous 2960 Access Switches

Comparison of Cisco Catalyst 2960 Switches

 

Cisco Catalyst 2960-X Series Configurations

The 2960-X and XR Series Switches include configurations to fit in any enterprise network. Choose the best switch for your needs from more than 20 models. 

  • FlexStack-Plus Stacking: A hot swappable module that provides true stacking with up to 8 switches in a stack acting as a single unit
  • PoE: Power over Ethernet
  • PoE+: Power over Ethernet Plus
  • LAN Base: Advanced Layer 2 Feature set
  • IP Lite: Basic Layer 3 Feature set

See more Cisco 2960-X/XR Models at a great price.

 

More Related…

Cisco 2960S and 2960-X Series’ Problems from Users

Cisco Catalyst 2960-X/XR vs. Catalyst 3650 vs. Cisco 3850 Series

How to Install or Replace an AC Power Supply in a Cisco 2960-X Switch?

How to Configure the Voice VLAN Feature on the Catalyst 2960 and 2960-S Switches?

Read more

Cisco Catalyst 9300 Series Will Replace the Catalyst 3850 Series

July 26 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Switches - Cisco Firewall, #Cisco Technology - IT News, #IT, #Cisco Switches-Software, #Technology

Is Your Network Ready for the New Era? Cisco announced its new Catalyst series switches-the Catalyst 9000 Series, introducing an entirely new era of networking. The Network. Intuitive.

There are three series in the new Catalyst 9000 switch family:

1. Catalyst 9300 Series (LAN Access Switches): the top fixed-access enterprise network switch series, stacking to 480 Gbps.

2. Catalyst 9400 Series (LAN Access Switches): the leading modular-access switches for enterprise, the Catalyst 9400 Series supports up to 9 Tbps.

3. Catalyst 9500 Series (LAN Core and Distribution Switches): the industry’s first fixed-core 40-Gbps switch for the enterprise.

Learn more: The New Catalyst 9000 Switches Simplify IoT & Cloud Requirements

In this article we will talk about the new Catalyst 9300 Series, the Next Level of the Market-Leading Fixed Access Switching Platform.

Will the Catalyst 9300 replace the Catalyst 3850 Series? Definitely, it is the best replacement for the Catalyst 3850 Series. Why? Let’s check the more detailed features of the Cisco Catalyst 9300 Series.

Switch models and configurations

The Cisco Catalyst 9300 Series is made up of seven different switch models. Any of the models can be used together in a stack of up to eight units.

The Table below lists port scale and power details for the Cisco Catalyst 9300 Series models.

Cisco Catalyst 9300 Series Switch configurations

Model

Total 10/100/1000 or Multigigabit Copper Ports

Default AC Power Supply

Available PoE Power

Cisco StackWise-480

Cisco StackPower

C9300-24T

24

350WAC

 

Yes

Yes

C9300-48T

48

350WAX

C9300-24P

24 POE+

715WAC

445W

C9300-48P

48 POE+

715WAC

437W

C9300-24U

24 Cisco UPOE

1100WAC

830W

C9300-48U

48 Cisco UPOE

1100WAC

822W

C9300-24UX*

24 Multigigabit Cisco UPOE (100 Mbps or 1, 2.5, 5, or 10 Gbps)

1100WAC

490W

 

Network modules

The Cisco Catalyst 9300 Series Switches support optional network modules for uplink ports. The default switch configuration does not include the network module. When you purchase the switch, you can choose from the network modules described in the following Table.

  • Uplink modules supported on all 9300 Series copper models
  • Online Insertion and Removal (OIR) supported on all uplink modules

Network module numbers and descriptions

Network Module

Description

C9300-NM-4G

9300 Series 4x 1G Network Module

C9300-NM-8X

9300 Series 8x 10G Network Module

C9300-NM-2Q

9300 Series 2x 40G Network Module

C9300-NM-4M

9300 Series 4x Multigigabit Network Module

Please note: Existing 3850 network modules are also supported in the Catalyst 9300 Series platforms.

 

Power Supplies

The Cisco Catalyst 9300 Series Switches support dual redundant power supplies. The switches ship with one power supply by default, and the second power supply can be purchased when the switch is ordered or at a later time. If only one power supply is installed, it should always be in power supply bay #1. The switches also ship with three field-replaceable fans.

Table3 lists the different power supplies available in these switches and available PoE power.

Table3. Power supply models

Models

Default Power Supply

Available PoE Power

24-port data switch

PWR-C1-350WAC

48-port data switch

24-port PoE+ switch

PWR-C1-715WAC

445W

437W

48-port PoE+ switch

24-port Cisco UPOE switch

PWR-C1-1100WAC

830W

822W

48-port Cisco UPOE switch

24-port Multigigabit Cisco UPOE switch

PWR-C1-1100WAC

490W – Support in Open IOS-XE 16.6

Power supply requirements for PoE and PoE+

 

24-Port PoE Switch

48-Port PoE Switch

PoE on all ports (15.4W per port)

1 PWR-C1-715WAC

1 PWR-C1-1100WAC or 2 PWR-C1-715WAC

PoE+ on all ports (30W per port)

1 PWR-C1-1100WAC or 2 PWR-C1-715WAC

2 PWR-C1-1100WAC or 1 PWR-C1-1100WAC and 1 PWR-C1-715WAC

Power supply requirements for Cisco UPOE

 

24-Port UPOE Switch

48-Port UPOE Switch

24-Port Multigigabit UPOE Switch

Cisco UPOE (60W per port) on all ports (24-port switch) or up to 30 ports (48-port switch)

1 PWR-C1-1100WAC and 1 PWR-C1-715WAC

2 PWR-C1-1100WAC

2 PWR-C1-1100WAC

●   Perpetual PoE: With Perpetual PoE, the PoE power is maintained during a switch reload. This is important for IoT endpoints such as PoE-powered lights, so that there is no disruption during switch reboot.

●   Fast PoE: When power is restored to a switch, PoE starts delivering power to endpoints without waiting for the operating system to fully load, thereby speeding up the time for the endpoint to start up.

Software requirements

Cisco Catalyst 9300 Series Switches run on Open IOS XE 16.5.1a release or later. This software release includes all the features listed earlier in the Platform Benefits section.

 

  • Up to 8 Switches can be stacked together using back stacking cables
  • All 9300 models are supported in the stack
  • All the switches in the stack should run the same IOS and License
  • Mixed stacking between 9300 and 9300 is not supported

 

Cisco Catalyst 9300 Series StackPower

“Zero-Footprint” RPS Deployment

• Provides RPS functionality with Zero RPS Footprint

• Pay-as-you-grow architecture–similar to the Data Stack

• 1+N Redundancy with Inline Power

• Up to 4 Switches in a StackPower Ring

• Multiple StackPower Possible within one Data Stack

• Up to 9 Switches in a star topology with XPS

 

Mapping Between Cisco Catalyst 3850 and 9300

3850 PIDs

9300 PID

Short description

WS-C3850-24T

C9300-24T

Catalyst 9300 24-port data only switch

WS-C3850-24P

C9300-24P

Catalyst 9300 24-port PoE+ switch

WS-C3850-24U

C9300-24U

Catalyst 9300 24-port UPOE switch

WS-C3850-24XU

C9300-24UX

Catalyst 9300 24-port mGig and UPOE switch

WS-C3850-48T

C9300-48T

Catalyst 9300 48-port data only switch

WS-C3850-48P

C9300-48P

Catalyst 9300 48-port PoE+ switch

WS-C3850-48U

C9300-48U

Catalyst 9300 48-port UPOE switch

Learn More: Why Migrate to Cisco Catalyst 9300 Switches?

More Related…

Why Migrate to the Cisco Catalyst 9400 Series Switches?

Why Migrate to Cisco Catalyst 9500 Switches?

Q and A: Cisco Catalyst 9400 Overview

The New Catalyst 9000 Switches Simplify IoT & Cloud Requirements

Read more

New Catalyst 9000 Switches for a Changing World

July 11 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Switches - Cisco Firewall, #IT, #Technology, #Data Center, #Cisco & Cisco Network, #Cisco Technology - IT News

Cisco switches are constantly learning, constantly adapting, constantly protecting in your data center, core, or edge.

This is the new era in networking. The Network. Intuitive.

Now here comes the Cisco Catalyst 9000 Series.

Cisco’s new Catalyst 9000 switches, switching for a changing world, constantly adapt to help you solve new challenges.

  • Their integrated security helps you address ever-changing threats.
  • They simplify management of your evolving mobility, Internet-of-Things (IoT), and cloud requirements.

There are three series in Catalyst 9000 family:

Catalyst 9300 Series: The Catalyst 9300 Series is our top fixed-access enterprise network switch series, stacking to 480 Gbps.

Catalyst 9400 Series: Cisco’s leading modular-access switches for enterprise, the Catalyst 9400 Series supports up to 9 Tbps.

Catalyst 9500 Series: The Catalyst 9500 Series is the industry’s first fixed-core 40-Gbps switch for the enterprise.

More fast questions and answers help you learn more about the new Catalyst 9000 Series.

Cisco Catalyst 9000 network features and services (common to all Cisco Catalyst 9000 Switches)

Q: What feature sets do the Cisco Catalyst 9000 Switches support?

A: The Cisco Catalyst 9000 Series Switches support the packaging of features into Essentials and Advantage packages. The details of the features in each package are listed in the data sheets–link provided below in the Pricing and Ordering section.

Q: What programmability capabilities are available on the Cisco Catalyst 9000?

A: The Cisco Catalyst 9000 opens a completely new paradigm in network configuration, operation, and monitoring through network automation. The Cisco automation solution is open, standards-based, and extensible across the entire network lifecycle of a network device.

• Device provisioning: Through Plug-and-Play (PnP), Zero-Touch Provisioning (ZTP), and Preboot Execution (PXE)

• Configuration: Model-driven operation through open Application Programming Interfaces (APIs) over NETCONF, Python Scripting

• Customization and monitoring: Streaming telemetry

• Upgrade and manageability: In-Service Software Upgrade (ISSU), patchability, and config/replace

Q: What management capabilities are available for the Cisco Catalyst 9000?

A: You can manage it using the Cisco IOS Software Command-Line Interface (CLI), using Cisco Prime® Infrastructure 3.1.7 DP13, Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM), onboard Cisco IOS XE Software Web User Interface (WebUI), Simple Network Management Protocol (SNMP), or Netconf/YANG.

Q: Is there an onboard web GUI on the Cisco Catalyst 9000?

A: Yes. An onboard web GUI is available.

Q: What is the purpose of the blue beacon LED on the Cisco Catalyst 9000?

A: The blue beacon LED is common across the Cisco Catalyst 9000 Series Switches to simplify the operations. It makes chassis identification easier when several such switches are mounted on racks. A remote administrator can enable the LED to blink to help the local operator quickly locate the chassis. The local operator presses the mode button to acknowledge.

Q: What is the maximum number of VRF instances that I can configure on a Cisco Catalyst 9000?

A: The maximum number of VRFs that you can configure on a Cisco Catalyst 9000 is 256.

Q: What is Cisco’s direction for wireless?

A: Cisco believes that the best solution for a wired or wireless network is achieved when integrated into SD-Access, Cisco’s lead architecture for the next-generation enterprise network. This solution delivers consistency with wired infrastructure around policy, segmentation, orchestration and automation, and assurance. This new architecture delivers the best experience for mobility, guest, IoT, multicast services, and overall network performance with its distributed data plane and centralized control-plane architecture.

Q: What wireless support is provided with the Cisco Catalyst 9000 platforms?

A: Cisco Catalyst 9000 products are instrumental in supporting the following wireless capabilities in the SD-Access architecture:

• Connect access points and integrate them into the SD-Access fabric. The switch integrates with the fabric control plane (LISP), thereby providing reachability for the access points and clients in the fabric.

• Deliver macro (VRF) and micro (Scalable Group Tag (SGT) [SGT] group-based) segmentation to the access points to deliver end-to-end policies.

• Can terminate guest VXLAN traffic, so there is no need for a dedicated guest anchor controller.

The support for wireless capability at launch will be together with the AireOS 8.5 Controller running on an Cisco 8540 Wireless Controller, Cisco 5520 Wireless Controller, or Cisco 3504 Wireless Controller appliance with the Cisco Catalyst platforms functioning as Fabric Edge and Fabric Border nodes.

 

Q: What are the SD-Access wireless capabilities?

A: The new Cisco Catalyst 9000 Series switches provide a complete solution for Campus with Cisco AireOS Conrollers and Wave 2 access points.

Q: What are the advantages of integrating wireless in the SD-Access fabric architecture?

A: • Highest performance and scale: Distributed data-plane forwarding in hardware distributed in the network paired with the large control-plane scale offered by the dedicated controller appliances.

• Best guest: You don’t need a dedicated guest anchor controller in the Demilitarized Zone (DMZ): Traffic is sent directly to the fabric border to exit the fabric. Also, there is no sub-optimal traffic forwarding such as from an access point to a foreign controller and on to a guest anchor controller.

• Best mobility: IP addressing is simpler; there is one subnet for the entire wireless SSID across the network, and no hairpin of traffic when roams occur.

• Simple operation: Operation is simple because wired and wireless are treated the same and operated together; they have common policies and controller-based automation.

• Wired innovations applied to wireless: First-hop security innovations available for wired can also be applied to wireless; for example, Dynamic ARP Inspection (DAI), IP Source Guard (IPSG), and DHCP Snooping.

• Segmentation across wired and wireless:

-The virtual network now passes all the way to wired as well as wireless devices.

-This segmentation is important for separation of certain devices from others, such as IoT and building automation devices connected over wireless.

-It is also important for security reasons to reduce attack the surface; if someone gets into a segment, the person can move only within that segment.

-Because segmentation is handled by the fabric, the number of SSIDs can be limited.

• Best multicast:

-The solution offers the best performance of distributed replication in hardware across the network.

These switches truly deliver the best of wired and wireless together.

 

More Related

The New Catalyst 9000 Switches Simplify IoT & Cloud Requirements

Why Migrate to the Cisco Catalyst 9400 Series Switches?

http://www.router-switch.com/Price-cisco-wireless-ap-cisco-wlan-controller_c60

Read more

Cisco ASA FirePOWER Services Sizing

June 30 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Networking, #IT, #Technology

It is really important that you understand the capabilities of each Cisco ASA model before you select the one that is appropriate for your specific deployment.

The following Table lists the maximum application visibility and control (AVC) and NGIPS throughput on each Cisco ASA–supported model.

Table.The Maximum Concurrent Connections and AVC/NGIPS Throughput

ASA Model

Maximum Concurrent Connections

Maximum AVC and NGIPS Throughput

ASA 5506-X (with Security Plus license)

50,000

125 Mbps

ASA 5506W-X (with Security Plus license)

50,000

125 Mbps

ASA 5506H-X (with Security Plus license)

50,000

125 Mbps

ASA 5508-X

100,000

250 Mbps

ASA 5512-X (with Security Plus license)

100,000

150 Mbps

ASA 5515-X

250,000

250 Mbps

ASA 5516-X

250,000

450 Mbps

ASA 5525-X

500,000

650 Mbps

ASA 5545-X

750,000

1,000 Mbps

ASA 5555-X

1,000,000

1,250 Mbps

ASA 5585-X with SSP10

500,000

2 Gbps

ASA 5585-X with SSP20

1,000,000

3.5 Gbps

ASA 5585-X with SSP40

1,800,000

6 Gbps

ASA 5585-X with SSP60

4,000,000

10 Gbps

For a complete and up-to-date Cisco ASA model comparison, visit Cisco’s ASA website, at cisco.com/go/asa.

Reference from http://www.ciscopress.com/articles/article.asp?p=2730336&seqNum=4

More Related

How to Deploy the ASA FirePOWER Services in the Internet Edge, VPN Scenarios and Data Center?

Finding the Sweet Spot–Firepower 2100

The Most Common NGFW Deployment Scenarios

Migration to Cisco NGFW

How to Recover the Password for Your ASA?

Read more
<< < 1 2 3 4 5 6 7 8 9 10 > >>