Data center customers are facing 2 big challenges today.
- How can they support data-hungry apps like streaming video, or apps that use artificial intelligence and machine learning?
- And how can they keep growing their networks, without having to replace them every time?
Now Cisco announces the new 400 Gigabit Ethernet (400G) switches that will give customers an edge to meet the need for bandwidth and scale.
• The new 400G switches allow customers to create more powerful networks, more cost-effectively and in a fraction of the space.
• They provide four times the bandwidth and four times the scale of existing switches without using four times the power.
• And since the new switches are built on Cisco’s leading Nexus portfolio, customers can choose to deploy 400G in the way that best meets their needs.
• They can be used on their own or in combination with Cisco’s leading security, automation, visibility and analytics software.
Cisco rolled out four models, two each in the Nexus 3400 and Nexus 9000 lines.
These next-generation 400G (Gigabit Ethernet) switches have four times more throughput than the networking giant’s current 100G offerings.
The two webscale 4300 switches are both built round the same single-chip 12.8Tbps ASIC, with a claim of 470ns latency. The 3432D-S packs 32 400Gbps ports into one rack unit (RU), while the 3408-S takes up four rack units to give a more flexible package to mix and match with lower speed ports.
The enterprise switches are slower, with a 6.4Tbps fabric and, as with the webscale products, there are two models: the Nexus 93600CD-GX, 1RU switch with 16 400Gbps ports, and the 9315D-GX, also a 1RU switch, but with 32 ports to allow lower capacity links to be included.
- Cisco’s two new Nexus 3400-S switches for hyperscale companies will be available for customer evaluations in December.
- The two new Nexus 9300-GX switches for large enterprises and service providers will be available for customer evaluations during the first quarter of 2019.
More Data Sheets of New Nexus 400G Switches:
- Nexus 9316D-GX data sheet
- Nexus 93600CD-GX data sheet
- Nexus 3432D-S data sheet
- Nexus 3408-S data sheet
In the last article we introduced the main Cisco ONE License portability use cases. In the following tables we continue to share the detailed guidance on which nexus switches, catalyst switches and wireless products belong to which tiers for the purposes of license portability. Some product tiers are still under discussion, so check back on this page for the latest information.
Table3. Cisco Nexus Switches and MDS license portability tiers
Cisco Nexus Data Center Switches and MDS
Nexus 3132, Nexus 3164, Nexus 3172, Nexus 31108
Nexus 3232, Nexus 3264
Nexus 3524, Nexus 3548
Nexus 5624, Nexus 5648, Nexus 5672, Nexus 5696, Nexus 56128
Nexus 6001, Nexus 6004
Nexus 9332, Nexus 9364, Nexus 9372, Nexus 9396, Nexus 93108, Nexus 93120, Nexus 93128, Nexus 93180
Nexus 7702, Nexus 7706-EN
Nexus 7009, Nexus 7010, Nexus 7018
Nexus 7706, Nexus 7710, Nexus 7718
Table4. Cisco Catalyst Switch license portability tiers
C3850-24xx - Fiber
Table5. Cisco Aironet Access Points license portability tiers1
1 Both physical and virtual wireless controllers are in the same tier for license portability purposes. In addition, Cisco ONE wireless controllers and unified access catalyst switch are classified in the same portability tier for Cisco ONE Wireless license portability. Cisco ONE Wireless license can be ported from a wireless controller to a unified access Cisco Catalyst switch and vice versa at no cost.
We know that Cisco ONE Software suites have been introduced to provide a cost-effective and flexible way for customers to acquire software for their data center, WAN, switching, and wireless needs. Do you know how to choose the Cisco ONE Software License for your Cisco hardware? In the following part it shows you the Cisco ONE Software Device Tiering Guide that tells you more…
As described in the FAQ for Cisco ONE Software License Portability, the hardware product series and/or tier on which you have deployed your licenses determines your portability options. Licenses are portable within a product tier (for example, Cisco 2900 Series Integrated Services Routers (ISR) to 2900 Series ISR).
Devices with greater capabilities are categorized in a higher tier because they gain more benefit from the capabilities in Cisco ONE Software. You can port your licenses to a higher tier, but an upgrade fee may be involved.
Table1 describes the different equipment refresh scenarios. Subsequent tables describe the tiers for each family of hardware.
Table1. License portability use cases
Refresh a device with a device in the same tier.
Example: Cisco 2901 ISR to 2911 ISR
If a Cisco Software Support Services (SWSS) contract is in place, the software can be used on the new device.
Refresh a device with a device in a higher tier.
Example: Cisco 2901 ISR to 3925 ISR
You must pay a software upgrade fee to use the software from the original device on the replacement device.
You must purchase an upgraded Cisco SWSS contract for the new software. You receive a credit for the old support contract.
The cost is the license cost on the new device minus the license cost on the old device, at current list prices, subject to customer-negotiated discounts.
You also need to consider the cost of the upgraded Cisco SWSS contract.
Refresh a device with a device in a lower tier.
Example: Cisco 3925 ISR to 2901 ISR
You are entitled to use the software deployed on your original device on a lower tier replacement device. You retain license portability rights associated with the original device family, so you can subsequently refresh the device back to the original device family.
You can opt to downgrade the license permanently to the lower tier device family, which would allow you to renew your Cisco SWSS contract at a lower price. In that case, the license entitlement is set permanently to the lower-tier family.
None. The support contract remains with the original device family.
If you permanently downgrade, you may renew your Cisco SWSS contract at a lower price.
Refresh a device with a next‑generation device.
Example: Cisco 3925 ISR to 4000 Series ISR
In this case, the transfer depends on whether the next-generation Cisco 4000 Series ISR is considered the same tier as the existing device, or a higher or lower tier. Depending on the tier, the policies outlined above apply.
In all cases, you must migrate your software licenses to a next-generation device before your older device reaches end of support. At this stage, your Cisco SWSS contact will have expired and you will not meet the portability criteria.
The tier of the next-generation device determines the cost. Depending on the tier, the policies outlined above apply.
Table2. Cisco routers and license portability tiers
Cisco Integrated Services Routers
ISR 819, 860, 880, and 890
Cisco ISR 29xx Series
Cisco Aggregation Services Routers
ASR 1006, ASR 1006X
* ASR 9K will have separate tiers specific to that platform (to be updated very soon)
In the next article we will continue to share the guidance on which Cisco switches, data center switches, wireless products belong to which tiers for the purposes of Cisco ONE license portability.
...To be continued...
Catalyst 9000 Switches Enabling Higher Speeds in Enterprise with Investment Protection
Cisco Catalyst 9000 fixed and modular, core and access LAN switches have been designed for an entirely new era of networking. Now your network can learn, adapt, and evolve.
An intuitive network recognizes your intent, mitigates threats through segmentation and encryption, and learns and changes over time. It's simple. You can unlock opportunities, enhance security, improve business agility, and dramatically increase operational efficiencies.
Get unmatched scale for perpetual Cisco UPOE/POE+/PoE with our Catalyst 9000 switches. They're a critical part of an integrated security architecture--one that works before, during, and after a threat occurs to reduce attack surface, detect malware and threats, and rapidly contain those threats. Catalyst 9000 switches are flexible in scale and port speed, from 1 Gigabit Ethernet to multigigabit (1,2.5,5,10 Gbps), 25 GE, 40 GE, and 100 GE.
New Speeds Transitions in Enterprise
40GE has gained momentum as a potential migration option for aggregation layer upgrades requiring scale beyond 10GE.
40GE is a great option for green-field deployments, but suffers from some challenges for brown-field environments. 40GE optics use QSFP+ form factor that require expensive adapters for backward compatibility with existing 10G SFP+ optics. Moreover, in deployments that use multimode fiber, 40GE can be quite restrictive since it supports only one-third the reach as that of 10GE based deployments.
25GE is a good alternative that provides a seamless migration path from 10GE with better price-to-value, avoiding cable upgrade expenses, and reducing total cost of ownership (TCO).
Emergence of SFP28 has changed the network speed upgrade path from 10GE->40GE to 10GE->25GE->100GE.
SFP28 based 25GE optics use the same form factor as SFP+, while providing 2.5 times the bandwidth. Dell’Oro predicts that that Ethernet industry will be heading to 25GE/100GE technologies instead of 40GE; and 25GE is expected to outgrow 10GE by 2021.
One of the main drivers for this phenomenon is availability of new optics with SFP28 technology that offers a better cost curve along with longer reach capabilities suitable for Campus deployments. Enterprises can significantly reduce the number of cables, power, and device footprint with SFP28 technology in aggregation layer. Considering the compelling economics of 25GE, core layer with 100GE in a three-tier architecture is a no brainer! Using four lanes of 25GE, 100GE backbone platforms require lesser cabling relative and thus benefit from reduced space requirements and cost savings. Further, 4x25GE breakout cable support provides Enterprises additional options for conveniently migrating to an extensible 100GE network with investment protection.
Cisco leading the industry with 25GE Enterprise optimized Optics
Progressive Enterprises that start evaluating options to embrace these new speeds face some key questions – how to maintain same supported distances as 10GE (300m/400m), how to stage seamless network upgrades, will cost/performance justify new investments? Designed to overcome the challenges of 40GE, Cisco’s SFP28 portfolio offers customers a wide variety of high-density and low-power options addressing these considerations.
Some of the key benefits include:
- Longer Reach Cisco’s innovations, SFP10/25-CSR, to support high-density multi-rate optics enables Enterprises to drive up to 300m/400m over standard dual strand OM3/OM4 fiber.
- Ease of Adoption–Cisco’s dual rate optics, SFP10/25G-CSR for multi-mode fiber and SFP10/25G-LR for single-mode fiber provide seamless migration path with un-surpassed investment protection.
- Better Price-to-Performance–Cisco’s single laser low cost optics consume less power and provide higher density relative to quad laser based 40GE optics, thus resulting in OpEx savings from power and cooling and lower TCO.
Along with introduction of new optics, Cisco has continued to innovate with new generation of programmable ASIC that enables network upgrades to 25GE and 100GE in Enterprise possible now
Info from https://communities.cisco.com/community/technology/enterprise_networks/enterprise_switching/blog/2018/04/17/catalyst-9000-switches-enabling-higher-speeds-in-enterprise-with-investment-protection?ccid=000006&oid=psten008469&dtid=esootr000515
How many factors do you consider to choose a server? For example, VM and container consolidation, as well as visualization and scientific computing, each affect the decision. Yes, server selection is a quandary for IT, as security, the use of file servers and whether multiple servers of CPU systems will meet enterprise demand plague enterprises.
In the following part, Stephen J. Bigelow (Senior Technology Editor in the Data Center and Virtualization media group at TechTarget Inc.) discussed some important factors on server purchases for your enterprise.
1. Enhanced server security plays a role in server purchases
Although server purchases aren't based solely on security capabilities, there is a proliferation of protection, detection and recovery features to consider for most enterprise tasks. Modern security features now extend well beyond traditional Trusted Platform Modules.
For example, secure servers can offer protection through a hardware-based root of trust, which uses hardware validation of server management platforms, such as an integrated Dell Remote Access Controller, and server firmware as the system boots. Validation typically includes cryptographic signatures to ensure that only valid firmware and drivers are running on the server. Similarly, firmware and driver updates are usually cryptographically signed to verify their authenticity or source. You can execute validations periodically even though the system might not reboot for months. Native data encryption is increasingly available at the server processor level to protect data in flight and at rest.
An increasing number of systems can detect unauthorized or unexpected changes in system firmware images and firmware configurations, enforcing a system lockdown to prevent such changes and alerting administrators when change attempts occur at the firmware level. Servers frequently include persistent event logging, which includes an indelible record of all activity.
And servers benefit from various recovery capabilities. For example, automatic BIOS/firmware recovery can restore firmware to a known goodstate after the system detects any flaw or compromise in the firmware code base. Some systems can apply similar restoration to the OS by detecting possible malicious activity and restoring the OS to a known good state as well. And system erasure features can be used to wipe all hardware configuration settings of the server, including BIOS data, diagnostic data, management configuration states, nonvolatile cache and internal SD cards. System erasure can be particularly important before redeploying the server or removing it from service.
When choosing a server, evaluate the importance of certain features based on the use cases.
When choosing a server, evaluate the importance of certain features based on the use cases.
2. For data servers, focus on network I/O
File servers, or data servers, can take many shapes and sizes depending on the needs of each specific business. The actual compute resources needed in a data server are typically light. For example, file servers rarely process data or make computations that demand extensive processor or memory capacity. Web servers may include more resources if the system will also be running code or back-end applications, such as databases. If the organization plans to employ virtualization to consolidate multiple data servers onto a single physical box, the processor and memory requirements will need a closer look.
However, the emphasis for data servers is more frequently focused on network I/O, which can be critical for accessing shared/centralized storage resources and exchanging files or web content with many simultaneous users -- network bottlenecks are commonplace. If the data server will employ internal storage, the choice of disk types and capacity can have a significant influence on storage access performance and resilience. Data servers can deploy a fast 10 Gigabit Ethernet port or multiple 1 GbE ports, which you can trunk together for more speed and resilience.
As just one example, a modestly configured Dell EMC PowerEdge R430 rack server offers two processor sockets, 16 GB of memory, four 1 GbE ports and a 1 TB 7.2K rpm Serial Advance Technology Attachment (SATA) 6 Gbps disk drive by default. However, you can select the R430 chassis to accept varied disk configurations with up to 10 hot-pluggable Serial-Attached SCSI, SATA, nearline SAS or solid-state drives if the business chooses to place storage in the server itself. You can also enhance network performance through a choice of Peripheral Component Interconnect Express network adapters or storage host bus adapters.
Systems versus CPUs
Many data centers are shrinking as virtualization, fast networking and other technologies allow fewer servers to host more workloads. The quandary for server purchases then becomes server count versus CPU count. Is it better to have more servers or more resources within fewer servers? Packing more capability into fewer boxes can reduce overall capital expenses, data center floor space and power and cooling demands. But hosting more workloads on fewer boxes can also increase risk to the business because more workloads are affected if the server fails or requires routine maintenance. Clustering, snapshot restoration and other techniques can help to guard against hardware failures, but a business still needs to establish a comfortable balance between server count and server capability, regardless of how the servers are used.
The original article from http://searchdatacenter.techtarget.com/tip/Security-vendor-choices-affect-server-purchases-for-IT-buyers
Outside of cost, what are the biggest factors in your server selection process? Join the Discussion
Read More: HPE Servers Topics
What makes Nexus 3100-V unique? Here is a summary of the most important highlights:
- Support of 100G uplinks
- Bigger buffer (16MB)
- Double System memory (16GB)
- Quadruple Ingress ACL: increased from 4,000 to 16,000
- VxLAN routing
Watch this video if you’d like to get a brief tour on Cisco campus and watch Houfar Azgomi present the Nexus 3100V.
Cisco Nexus 3100-V platform switches summary
Cisco Nexus 3132Q-V Switch
32 x 40-Gbps QSFP+ ports (all ports are capable of 10 or 40 Gbps)
Cisco Nexus 31108PC-V Switch
48 x 10-Gbps SFP+ ports and 6 x QSFP28 ports (all QSFP ports can operate at 40 or 100 Gbps)
Cisco Nexus 31108TC-V Switch
48 x 10GBASE-T ports and 6 x QSFP28 ports (all QSFP ports can operate at 40 or 100 Gbps)
Cisco Nexus 31108TCV-32T Switch
32 x 10GBASE-T ports and 6 x QSFP28 ports (all QSFP ports can operate at 40 or 100 Gbps)
More Info about Nexus 3100-V Models
The Cisco Nexus 3132Q-V is a 40-Gbps Quad Small Form-Factor Pluggable (QSFP) switch with 32 Enhanced QSFP (QSFP+) ports. It also has 4 SFP+ ports that are internally multiplexed with the first QSFP port. Each QSFP+ port can operate in native 40-Gbps mode or 4 x 10-Gbps mode, with up to a maximum of 104 x 10-Gbps ports.
Cisco Nexus 3132Q-V Switch
The Cisco Nexus 31108PC-V is a 10-Gbps SFP+)–based ToR switch with 48 SFP+ ports and 6 QSFP28 ports. Each SFP+ port can operate in 100-Mbps, 1 Gbps, or 10-Gbps mode, and each QSFP28 port can operate in native 100-Gbps or 40-Gbps mode or 4 x 10-Gbps mode, offering flexible migration options. This switch is a true PHY-less switch that is optimized for low latency and low power consumption.
Cisco Nexus 31108PC-V Switch
The Cisco Nexus 31108TC-V is a 10GBASE-T switch with 48 10GBASE-T ports and 6 QSFP28 ports. This switch is well suited for customers who want to reuse existing copper cabling while migrating from 1-Gbps to 10-Gbps servers. QSFP28 port can operate in native 100-Gbps or 40-Gbps mode or 4 x 10-Gbps mode. The 48 ports support 100MBASE, 1GBASE, and 10GBASE-T, and the 6 QSFP ports support 10, 40, and 100 Gbps.
The Cisco Nexus 31108TCV-32T is the Cisco Nexus 31108TC-V with 32 10GBASE-T ports and 6 QSFP+ ports enabled. The ports are enabled through software licensing. This switch provides a cost-effective solution for customers who require up to 32 10GBASE-T ports per rack. This switch comes with a 32-10GBASE-T port license preinstalled. To enable the remaining 16 10GBASE-T ports, the customer installs the 16-port upgrade license.
Cisco Nexus 31108TC-V and 31108TCV-32T Switch
Learn More: Nexus 3000 Model Comparison & Licensing Options
5 Benefits You Get When Buying a Top of Rack Switch Nexus 3100V:
- 100G uplinks: Cisco predicts that global data center IP traffic will grow 31% every year in the next 5 years. For this, it is obvious that 100G is the new norm for higher bandwidth, big data, and IP storage workloads.
- 16 MB enhanced buffers: Compared to 12MB buffer from previous generation, the Nexus 3100V models offer 16 MB enhanced buffers to absorb bursts of traffic and applications. You won’t have to worry when you need to expand your network in the future, because these deep buffers are designed for highly oversubscribed environments.
- 16 GB Increased system memory: In the previous model – Cisco Nexus 3100XL – Cisco already increased the system memory from 4GB to 8GB in order to introduce network programmability features developed in NXOS 7.x. But as networks are becoming more complex, competitive businesses need more memory to store more objects. Hence, Cisco has doubled the capacity again in the Nexus 3100V models from 8GB to 16GB to improve capacity for object-model programming.
- Quadrupled ingress ACL table size to 16,000: for more greater security，traffic control, enhanced security, and policy management flexibility
- Support full VxLAN routing (layer 3 VxLAN): With this, workloads in different segment IDs can directly communicate, whereas with VxLAN bridging (layer 2 VxLAN), workloads need to be in the same segment ID to interact.
Cisco continues to bring you true flexibility and scalability through rich architectural options for any size of data center to address increasing business requirements. You can never go wrong with more connectivity options and a diverse set of form factors to meet ever-changing data center needs.
The original article from
25G Speeds Up Data Centers and Campus Backbones NOW. With the massive increase in demand for data, equipment providers are responding with 25Gbps edge devices that require more bandwidth than can be provided on a traditional 10Gbps interface.
Whether it’s a server or a campus backbone, high speed data needs to be delivered cost-effectively in a small and low-power package.
In these bandwidth-intensive applications, the choice to go with 25G is clear. To get the same or better bandwidth, the number of 10G interfaces must be 3x (6x for redundancy) or the application needs to move to the larger, more expensive and power-hungry 40G QSFP.
SFP28: For 25G the dominant form factor is SFP28. The SFP28 standard relies on the 10G SFP+ (Small Form Factor Pluggable) standard for mechanical specifications, and the electrical specifications have been improved from one 10Gbps lane that operates at 10.312Gbps to one 28Gbps lane that operates at 25Gbps + error correction. 25G transceivers can be plugged into SFP+ sockets and 10G transceivers can be plugged into SFP28 sockets because they have the same electrical and mechanical pin-out, however the associated host needs to have the software support for associated devices.
Cisco’s 25G transceiver choices include 25G Copper DAC (Direct Attached Cables), 25G AOC (Active Optical Cables) and 25G SR-S (Short Reach) transceivers.
These 25G devices are plugged into Cisco’s data center, campus and service provider switches and routers to provide high speed 25Gbps connectivity. See Cisco’s 25G compatibility matrix for currently supported devices .
25G DACs are generally used in data center applications and provide the lowest cost fixed length interconnect for TOR (Top of Rack) switches to high-performance servers. Depending upon the bandwidth and distance, DACs can be either passive or active and are generally based on Twin-AX cable. For 25G, DACs can generally operate up to 5 meters without active components in the data path. Up to 2 meters, no FEC (Forward Error Correction) is needed. For 3 meters FC-FEC (Fire Code Forward Error Correction) is needed, and for 5 meters RS-FEC (Reed Solomon Forward Error Correction) is needed to correct errors. Generally, at 25Gbps beyond 5 meters, active components are needed in the data path to amplify and correct the signal. These components drive up cost which causes network designers to consider optical interfaces.
25G AOCs also provide a cost effect solution for those same data center applications that require longer distances than 5m. Generally, AOCs are provided in standard lengths of 1m, 2m, 3m, 5m and 10m. However, they are usually limited to about 25 meters because of inventory stock and slack storage issues. Often a data center will be wired with only AOCs for consistency reasons, instead of a combination of AOCs and DACs.
25G-SR is used with standard OM3 or OM4 multimode fiber and is suitable for:
• Data centers that require up 100 meters over OM4 fiber or 70 meters over OM3 fiber for interconnect between TOR switches and leaf or spine switches.
• Breakout configurations in conjunction with 100G-SR4 transceivers where the distances are less than 100 meters for OM4 fiber or 70 meters for OM3 fiber.
• Campus backbones, where the distances between distribution and aggregation switches are less than 100 meters for OM4 fiber or 70 meters for OM3 fiber.
Learn more about how Cisco’s 25G transceiver products are transforming the industry here
Original article from https://blogs.cisco.com/sp/too-slow-25g-speeds-up-data-centers-and-campus-backbones
What the Cisco Software-Defined Access (SD-Access) Services can do for you? Accelerate your journey to the new network with SD-Access Services
By automating day-to-day tasks such as configuration, provisioning, and troubleshooting, SD-Access reduces the time it takes to adapt the network, improves issue resolution, and reduces the impact of security breaches. This results in significantly simpler operations and lower costs.
The core components that make up the SD-Access solution are:
● Cisco DNA Center
● Cisco Identity Services Engine (ISE)
● Network platforms: See the following Table
SD-Access Use Cases: Building on the foundation of industry-leading capabilities, SD-Access can now deliver key business-driven use cases that truly realize the promise of a digital enterprise while reducing total cost of ownership.
Security and segmentation
● Onboard users with 802.1X, Active Directory, and static authentication
● Group users with Cisco TrustSec (security group tags)
● Automate VRF configuration (lines of business, departments, etc.)
● Traffic analysis using AVC and NetFlow is further enhanced using Encrypted Traffic Analytics (ETA)
● Reduced time to provision network segmentation and user groups
● Foundation to enforce network security policies
● Ability to detect and intercept threats at line rate (not samples) from the center to the last mile, including all devices on the network edge
● Single point of definition for wired and wireless users ● Seamless roaming between wired and wireless
● Distributed data plane for wireless access
● Simplified guest provisioning for wired and wireless
● Management of wired and wireless networks and users from a single interface (Cisco DNA Center)
● Ability to offload wireless data path to network switches (reduce load on controller)
● Scalable fabric-enabled wireless with seamless roaming across campus
● Define specific groups for guest users
● Create policy for guest users’ resource access (such as Internet access)
● Simplified policy provisioning
● Time savings when provisioning policies
● Segment and group IoT devices
● Define policies for IoT group access and management
● Device profiling with flexible authentication options
● Simplify deployment of IoT devices
● Reduce network attack surface with device segmentation
Monitoring and troubleshooting
● Multiple data points on network behavior (syslog, stats, etc.)
● Contextual data available per user and device
● Significantly reduce troubleshooting time
● Use rich context and analytics for decision making
Cloud/data center integration
● Identity federation allows exchange of identity between campus and data center policy controllers
● Administrator can define user-to-application access policy from a single interface
● End-to-end policy management for the enterprise
● Identity-based policy enforcement for optimized ACL utilization
● Flexibility when enforcing policy at campus or data center
● Create a single fabric across multiple regional branch locations
● Use Cisco routers as fabric border nodes
● Simplified provisioning and management of branch locations
● Enterprisewide policy provisioning and enforcement
SD-Access 1.0 Hardware and Software Compatibility Matrix
Catalyst 3850 and 3650 Series Switches
Catalyst 4500E Series Switches (Sup8E, Sup9E)
IOS XE 16.6.1
IOS XE 16.6.1
IOS XE 16.6.1
IOS XE 3.10.0E
Fabric border and control plane
Catalyst 3850 Series Fiber Module
Catalyst 6807-XL Switch (Sup6T, Sup2T)
Catalyst 6500 Series Switches
Catalyst 6880-X Switch
Catalyst 6840-X Switch
Nexus 7700 Switch (Sup 2E, M3 line cards only)
4000 Series Integrated Services Routers
ASR 1000 Series Aggregation Services
Cloud Services Router (CSR) 1000V (control plane only)
IOS XE 16.6.1
IOS XE 16.6.1
IOS 15.4(1)SY2 IOS 15.4(1)SY2 IOS 15.4(1)SY2 IOS 15.4(1)SY2 NxOS 8.2(1)
IOS XE 16.6.1
IOS XE 16.6.1
IOS XE 16.6.1
Catalyst 3560-CX Series
Catalyst Digital Building Series
802.11 Wave 2 access points: Aironet 1800, 2800 and 3800 Series
802.11 Wave 1 access points: Aironet 1700, 2700 and 3700 Series
Cisco 3504, 5520 and 8540 Series Wireless Controllers
AireOS 126.96.36.199 AireOS 188.8.131.52 AireOS 184.108.40.206
● Wave 1 access points won’t support the following functions when deployed for SD-Access: IPv6, Application Visibility and Control (AVC), NetFlow.
● A device cannot act as fabric edge and fabric border at the same time.
● A device can act as fabric border and fabric control plane at the same time
More info about the Cisco Software-Defined Access you can read here:
Cisco DNA is a trending solution that matters for your organization. Why? With Cisco DNA, you get the benefits like this:
- Innovate faster by delivering differentiated experiences through contextual insights
- Achieve greater business agility with faster network services provisioning
- Lower costs with reduced network installation time
- Reduce risk with faster threat detection
- Protect investment with license portability and access to ongoing innovations
Cisco Digital Network Architecture (DNA) is an open, programmable architecture that turns business intent into business results.
Most Cisco routers, switches and wireless systems shipping today support Cisco DNA now or with a software update. And with Cisco ONETM Software, you can continue to protect your investments and benefit from new architecture innovations that can be activated through software.
The Main Cisco Digital Network Architecture Products and Solutions
Read more: Cisco DNA Products and Solutions
The Cisco DNA-Ready Products
The foundation for the Cisco Digital Network Architecture (Cisco DNA) is the world’s most modern network infrastructure. This infrastructure gives you innovative wired, wireless and router solutions, combined with a robust architecture, DNA.
With it, you can create and apply policies over the entire network with a few clicks and have the ability to diagnose past issues.
As data traffic is expected to grow exponentially, Cisco’s innovation with switching, wireless and routing provides a solid foundation that enables Cisco DNA.
You can roll out new services and applications more easily for the best possible experience with Cisco DNA. And policy compliance can be automated on a per-user-group basis.
The Cisco DNA-ready routing products combine two unique features that speed up the time it takes to deploy your branch office. With the Cisco Intelligent WAN (IWAN) app with the APIC-EM, IT can automate the provisioning of multiple branch offices and provide intelligent path selection and application control—with minimal programming and customization. These capabilities will simplify and streamline your network operations, reducing costs and saving time.
Cisco DNA-ready router products:
• Cisco Cloud Service Router 1000v and Cisco Integrated Services Virtual Router
• Cisco Meraki MX
The Cisco switching products offer a function called Unified Access Data Plane Application-Specific Integrated Circuit (UADP ASIC) for wired and wireless convergence. This feature enables converged wired and wireless access for operational simplicity and scale.
Cisco DNA-ready switching products:
• Cisco Catalyst 3650 and 3850 Series
• Cisco Catalyst 4500E Series + Supervisor 8E
• Cisco Catalyst 6500 Series + Supervisor 6T
• Cisco Catalyst 6800 Series
• Cisco Nexus 7700+M3 Card
• Cisco Meraki MS
An exclusive function that the Cisco Aironet Access Points offer is Flexible Radio Assignment. This feature allows the access point to automatically adjust the network when client surges occur.
Cisco DNA-ready wireless products:
• Cisco Aironet 3800 Series
• Cisco Aironet 2800 Series
• Cisco Aironet 1800 Series
• Cisco 8540 Wireless Controller
• Cisco 5520 Wireless Controller
• Cisco Meraki MR
Cisco switches are constantly learning, constantly adapting, constantly protecting in your data center, core, or edge.
This is the new era in networking. The Network. Intuitive.
Now here comes the Cisco Catalyst 9000 Series.
Cisco’s new Catalyst 9000 switches, switching for a changing world, constantly adapt to help you solve new challenges.
- Their integrated security helps you address ever-changing threats.
- They simplify management of your evolving mobility, Internet-of-Things (IoT), and cloud requirements.
There are three series in Catalyst 9000 family:
Catalyst 9300 Series: The Catalyst 9300 Series is our top fixed-access enterprise network switch series, stacking to 480 Gbps.
Catalyst 9400 Series: Cisco’s leading modular-access switches for enterprise, the Catalyst 9400 Series supports up to 9 Tbps.
Catalyst 9500 Series: The Catalyst 9500 Series is the industry’s first fixed-core 40-Gbps switch for the enterprise.
More fast questions and answers help you learn more about the new Catalyst 9000 Series.
Cisco Catalyst 9000 network features and services (common to all Cisco Catalyst 9000 Switches)
Q: What feature sets do the Cisco Catalyst 9000 Switches support?
A: The Cisco Catalyst 9000 Series Switches support the packaging of features into Essentials and Advantage packages. The details of the features in each package are listed in the data sheets–link provided below in the Pricing and Ordering section.
Q: What programmability capabilities are available on the Cisco Catalyst 9000?
A: The Cisco Catalyst 9000 opens a completely new paradigm in network configuration, operation, and monitoring through network automation. The Cisco automation solution is open, standards-based, and extensible across the entire network lifecycle of a network device.
• Device provisioning: Through Plug-and-Play (PnP), Zero-Touch Provisioning (ZTP), and Preboot Execution (PXE)
• Configuration: Model-driven operation through open Application Programming Interfaces (APIs) over NETCONF, Python Scripting
• Customization and monitoring: Streaming telemetry
• Upgrade and manageability: In-Service Software Upgrade (ISSU), patchability, and config/replace
Q: What management capabilities are available for the Cisco Catalyst 9000?
A: You can manage it using the Cisco IOS Software Command-Line Interface (CLI), using Cisco Prime® Infrastructure 3.1.7 DP13, Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM), onboard Cisco IOS XE Software Web User Interface (WebUI), Simple Network Management Protocol (SNMP), or Netconf/YANG.
Q: Is there an onboard web GUI on the Cisco Catalyst 9000?
A: Yes. An onboard web GUI is available.
Q: What is the purpose of the blue beacon LED on the Cisco Catalyst 9000?
A: The blue beacon LED is common across the Cisco Catalyst 9000 Series Switches to simplify the operations. It makes chassis identification easier when several such switches are mounted on racks. A remote administrator can enable the LED to blink to help the local operator quickly locate the chassis. The local operator presses the mode button to acknowledge.
Q: What is the maximum number of VRF instances that I can configure on a Cisco Catalyst 9000?
A: The maximum number of VRFs that you can configure on a Cisco Catalyst 9000 is 256.
Q: What is Cisco’s direction for wireless?
A: Cisco believes that the best solution for a wired or wireless network is achieved when integrated into SD-Access, Cisco’s lead architecture for the next-generation enterprise network. This solution delivers consistency with wired infrastructure around policy, segmentation, orchestration and automation, and assurance. This new architecture delivers the best experience for mobility, guest, IoT, multicast services, and overall network performance with its distributed data plane and centralized control-plane architecture.
Q: What wireless support is provided with the Cisco Catalyst 9000 platforms?
A: Cisco Catalyst 9000 products are instrumental in supporting the following wireless capabilities in the SD-Access architecture:
• Connect access points and integrate them into the SD-Access fabric. The switch integrates with the fabric control plane (LISP), thereby providing reachability for the access points and clients in the fabric.
• Deliver macro (VRF) and micro (Scalable Group Tag (SGT) [SGT] group-based) segmentation to the access points to deliver end-to-end policies.
• Can terminate guest VXLAN traffic, so there is no need for a dedicated guest anchor controller.
The support for wireless capability at launch will be together with the AireOS 8.5 Controller running on an Cisco 8540 Wireless Controller, Cisco 5520 Wireless Controller, or Cisco 3504 Wireless Controller appliance with the Cisco Catalyst platforms functioning as Fabric Edge and Fabric Border nodes.
Q: What are the SD-Access wireless capabilities?
A: The new Cisco Catalyst 9000 Series switches provide a complete solution for Campus with Cisco AireOS Conrollers and Wave 2 access points.
Q: What are the advantages of integrating wireless in the SD-Access fabric architecture?
A: • Highest performance and scale: Distributed data-plane forwarding in hardware distributed in the network paired with the large control-plane scale offered by the dedicated controller appliances.
• Best guest: You don’t need a dedicated guest anchor controller in the Demilitarized Zone (DMZ): Traffic is sent directly to the fabric border to exit the fabric. Also, there is no sub-optimal traffic forwarding such as from an access point to a foreign controller and on to a guest anchor controller.
• Best mobility: IP addressing is simpler; there is one subnet for the entire wireless SSID across the network, and no hairpin of traffic when roams occur.
• Simple operation: Operation is simple because wired and wireless are treated the same and operated together; they have common policies and controller-based automation.
• Wired innovations applied to wireless: First-hop security innovations available for wired can also be applied to wireless; for example, Dynamic ARP Inspection (DAI), IP Source Guard (IPSG), and DHCP Snooping.
• Segmentation across wired and wireless:
-The virtual network now passes all the way to wired as well as wireless devices.
-This segmentation is important for separation of certain devices from others, such as IoT and building automation devices connected over wireless.
-It is also important for security reasons to reduce attack the surface; if someone gets into a segment, the person can move only within that segment.
-Because segmentation is handled by the fabric, the number of SSIDs can be limited.
• Best multicast:
-The solution offers the best performance of distributed replication in hardware across the network.
These switches truly deliver the best of wired and wireless together.