Cisco EMEAR en Catalog v5
Cisco EMEAR en Catalog v5
Cisco EMEAR en Catalog v5
Index
Cisco Catalyst 2960-L Series Switches P27
Security
Cisco Catalyst 2960-X Series P28
Cisco Catalyst 3650 Series P28
Cisco Catalyst 3850 Series P31
Cisco Catalyst 4500E Series P33
Cisco Catalyst 4500-X Series P35
Cisco Catalyst 6800 Series P36
Cisco Nexus 7700 Switches P37
Cisco Meraki
Cisco Catalyst 9300 Series Switches P40
Cisco Catalyst 9400 Series Switches P41
Cisco Catalyst 9500 Series Switches P42
Modules & Accessories P45
What's New Subscription-based software P46
Wireless
Switches Cisco Virtual Beacon P54
Revolutionar y Cisco Aironet Access Points P57
DNA-Center
■ Indoor Access Points P57
Catalyst 9000 Series ■ Outdoor Access Points P59
P16 ■ Cisco Aironet Antennas and Accessories P60
Cisco Wireless Controllers P62
Subscription-based software P64
Cisco DNA for Access
Routing
Wireless and Switching Subscription
Cisco ISR 800 Series P69
Introducing New Sof t ware Cisco ISR 1000 Series P70
Subscription Licensing Cisco ISR 4000 Series P71
SMB
P17
Modules & Accessories P72
Cisco Enterprise Network Functions Virtualization (ENVF) P74
Cisco 5000 Series Enterprise Network Compute System P75
Wireless
Cisco SD WAN P76
Cisco Wide Area Application Services (WAAS) P78
Cisco® Aironet® 1540 Series
Security
Cisco 3504 Wireless Controller
Cisco Encrypted Traffic Analytics (ETA) P80
Software
3802 AP with Vir tual Beacons ETA Components P81
P18 ISE Update – whats new in ISE 2.3? P82
Cisco Meraki
Routers Cloud Managed Wireless P88
Cisco ISR1000 series Cloud Managed Switches P88
Cloud Managed Security Appliances P88
P18 Cloud Managed Security Cameras P90
Financing
DNA-Center P92
Cisco Meraki Small Business
Cisco Meraki Z3 Cisco 95 - 500 Series P94
Cisco WAP Access Points P96
Vir tual MX for Amazon Web Cisco Aironet Access Points P97
Ser vices & Microsof t A zure Cisco RV Series P98
P19
Cisco ISR 800 Series P99
Cisco
Services
Software
Cisco
vices
03
A network that knows
what you want and does it
The intuitive network.
Ushering in a new era in It's built to evolve as you do.
networking, built on Cisco® Digital
Network Architecture (Cisco DNA™). The new network is informed by context, is
powered by your intent, and grows more intuitive
every day. And when it's built on intent-based
Intent-based networking is the difference between
networking solutions of the Cisco Digital Network
a network that needs continuous attention and one
Architecture (DNA), suddenly your network doesn't
that simply understands what you need and makes it
slow you down. In fact, it helps you deliver better
happen. It’s the difference between doing thousands
experiences, more security. So IT can quickly
of tasks manually and having an automated system
respond to the demands of your business.
that helps you focus on business goals.
04
Introducing an entirely new era of networking.
t Automation Analytics j
Virtualization
Security
05
Below a summary of
the new solutions
we have introduced:
Cisco Software-
Software
DNA Center is a better way to manage a network.
Defined Access
It offers centralized, intuitive management that
make it fast and easy to design, provision, and Introducing an entirely
apply policy across an entire network environment. new era in networking.
Software-Defined Access. Industry’s first The Network. Intuitive.
policy-based automation from the edge to the
cloud takes a logical policy-based approach that Cisco® Software-Defined Access (SD-Access).
deploys and secures services faster and adapts to built on the principles of the Cisco Digital
changes quicker. Network Architecture (Cisco DNATM), provides
a transformational shift in building and managing
networks: faster, easier and with improved business
Analytics and Assurance abstracts network
efficiency. By decoupling network functions
insights by collecting data from the network and
from hardware, SD-Access helps ensure policy
then identifies service impacting issues before
consistency, enables faster launches of a new
users do while enabling faster troubleshooting.
business services and significantly improves issue
resolution times while being open and extensible
Encrypted Traffic Analytics enhances the
and reducing operational expenses.
ability of the Cisco network to act as a sensor
and uncovers threats hidden in encrypted traffic Digital transformation is forcing enterprises to
using network analytics (without decryption). search for new ways to enable digital capabilities,
These threats are viewed within the Stealthwatch deliver IT services and manage assets. We’re
Management Console. ETA enhances the ability of moving toward a very different world. We need a
the Cisco network to act as a sensor. very different network to get us there.
Benefits
Hardware • Secure your organization and achieve
regulatory compliance with end-to-
end segmentation that keeps user, device
To support these innovations, we are also releasing
and application traffic separate without
new physical infrastructure components that are
redesigning the network
designed to release the total value of a digital-
ready architecture. • Improve the workforce experience by
automating user access policy and applying
Cisco Catalyst 9000 Series is the first purpose- the right policies for users or devices to any
built platform designed for Cisco DNA. An open application across the network
and programmable platform with integrated
• Boost operational effectiveness by
support for wireless and IoT devices. It extends our
enabling a consistent user experience
existing wireless, switch and routing DNA-ready
anywhere without compromise – all with a
infrastructure.
single network fabric
06
What does SD-Access do?
07
Cisco’s Software Defined Access solution?
Cisco’s Software-Defined Access (SD-Access) across the wired and wireless campus. In addition
architecture is the Cisco DNA evolution from to network virtualization, campus fabric technology
traditional campus LAN designs. SD-Access uses provides software-defined segmentation and policy
DNA Center for designing, provisioning, applying enforcement based on user identity and group
policy, and providing campus wired and wireless membership. Software-defined segmentation
network assurance for an intelligent network. is seamlessly integrated using Cisco TrustSec
Campus fabric technology, an integral part of technology, providing micro-segmentation through
SD-Access, introduces programmable overlays the use of scalable groups within a virtual network.
enabling easy-to-deploy network virtualization
SD-Access Components
The SD-Access solution combines the DNA Center enterprise controller, identity services, and wired and
wireless fabric functionality. Within the SD-Access solution, the fabric is composed of fabric control plane
nodes, edge nodes, intermediate nodes, and border nodes. Wireless integration adds fabric WLC and fabric
mode AP components.
Identity Store
DNA Center
ISE + AD
Wireless LAN
Controller(s) Fabric Control-
Plane Nodes
Fabric Border Nodes
Fabric Intermediate
Nodes (Underlay)
08
SD-Access Platforms support
This solution supports both current and next-generation network devices, including routers, switches,
wireless controllers, and access points. Table 1 summarizes the platforms supported. For a more detailed
information you can check the SD-Access Ordering Guide (http://cs.co/rp1113a) and the SD-Access CVD
(http://cs.co/rp1113b)
Fabric border and control plane Cisco Catalyst 9500 Series Switches
Cisco Catalyst 3850 Series Fiber Module
Cisco Catalyst 6807-XL Switch (Sup6T, Sup2T)
Cisco Catalyst 6500 Series Switches
Cisco Catalyst 6880-X Switch
Cisco Catalyst 6840-X Switch
Cisco Nexus® 7700 Switch (Sup 2E, M3 line cards only)
Cisco 4000 Series Integrated Services Routers
Cisco ASR 1000 Series Aggregation Services Routers
Cisco Cloud Services Router 1000v (control plane only)
Note:
• Wave 1 access points won’t support the following functions when deployed for SD-Access:
IPv6, Application Visibility and Control (AVC), NetFlow.
• A device cannot act as fabric edge and fabric border at the same time.
• A device can act as fabric border and fabric control plane at the same time.
09
Cisco DNA Center
DNA Center is the latest solution that Cisco recently announced as part of the Network. Intutitive. It provides
a single command and control for the network automation and provisioning tasks. DNA Center also provides
a built-in analytic engine called Assurance that uses network insights to optimize network performance.
Your network infrastructure is the enabler for digital transformation and crucial to your organization’s
success. Cisco® Digital Network Architecture (DNA) Center is a centralized management application for
your network. DNA Center simplifies network management so IT can move more quickly, using automation
to lower costs, assurance and analytics to improve network performance, and security to reduce risk.
DNA Center
Policy Design
Provision Assurance
Cisco DNA Center can manage your end-to-end network from the campus, branch, and WAN to the cloud.
It runs on Cisco’s Software-Defined Networking (SDN) controller, the DNA Center. Using intuitive workflows,
DNA Center makes it easy to design, provision, and apply policy across your network. It also delivers end-
to-end visibility and uses network insights to optimize network performance and deliver the best user and
application experience.
Benefits
• Simplify network management. Manage your
enterprise network over a centralized dashboard.
10
DNA Analytics and Assurance
(built-in as an application inside DNA Center)
Cisco Digital Network Architecture (DNA) The insights you gather from your network
Analytics and Assurance helps you get the most devices can influence your automation
from your network. The solution proactively configuration and deployment decisions. Cisco
monitors your network, gathering and processing DNA Center provides an integrated automation
information from your devices, applications and and assurance/analytics workflow, enabling you to
users and presenting it in Cisco DNA Center, an quickly take action to remediate the issue. Think
easy-to-use single dashboard for managing all of it as a closed feedback loop.
your analytics tasks.
Cisco DNA Analytics and Assurance delivers three key values for IT:
1. Troubleshooting
Analytics and Assurance correlates network information so it’s easier and faster to identify faults and
subsequently perform a root cause analysis of an issue. Cisco domain expertise informs the correlations as
well as the remediation options
11
Cisco Encrypted Traffic Analytics (ETA) -
Network security for a new world
60%
FY05 FY06 FY07 FY08 FY09 FY10 FY11 FY12 FY13 FY14 FY15 FY16 FY17
12
Cisco Catalyst 9000
Series Switches
The result: a network that constantly learns, constantly • Gain extraordinary visibilty into wired and
adapts, constantly protects and the new Cisco Catalyst® wireless networks
Series switches.
The Catalyst 9300 Series Cisco's leading modular- The Catalyst 9500 Series
is our top fixed-access access switches for is the industry's first fixed-
enterprise network switch enterprise, the Catalyst 9400 core 40-Gbps switch for the
series, stacked to 480 Gbps. Series supports up to 9 Tbps. enterprise.
13
Sophisticated automation
Security, automation
The Catalyst 9000 Series is designed to do more tasks and programmability
in less time. With Cisco DNA and SD-Access, these
switches can be part of a network that brings together The Cisco Catalyst 9000 also combines a new
and learns from information across the network to onboard x86-based CPU (which has container
create a simpler, more fluid experience. By automating based app hosting) with the open Cisco IOS®
mundane day-to-day operations you can shift IT time XE 16, a converged operating system. Together
and money to focus on creativity and design. they deliver advanced programmability, stronger
security, greater wireless access point densities,
Transformational magic support for higher bandwidth uplinks and a more
advanced operating system than either the
The Cisco Catalyst 9000 Series is based on the Cisco competition or our current Cisco Catalyst product
UADP ASIC, which continually evolves to anticipate line offers.
customer needs with exponential results, driving new
industries and fostering innovations that have yet to be The network edge is the first line of defense
envisioned. where policy is applied to determine who
or what has access to your network and to
sense suspicious activity-even for encrypted
Expansive security and traffic. It takes only one data breach to affect
intelligence your organization. With so much potential for
infiltration, it's critical to have a trusted solution to
Cisco DNA casts a wide-net. It gathers information from
identify and control what gets on the network.
a constellation of data points, connecting more devices
and device types, making correlations and applying With that in mind, Catalyst 9000 Series switches
insights. It sees invisible threats and automates security support Trustworthy Systems and advanced
responses. And it constantly adapts and protects by security capabilities that help enable segmentation
learning about threats across the world to stay ahead of and micro-segmentation.
the threats you face.
Encrypted Traffic Analytics (ETA) help you detect
malware and other threats on encrypted traffic.
• Support advanced security capabHfties like These turn your wired and wireless networks into
Encrypted Traffic Analytics (ETA), AES256/ a single fabric by decoupling network functions
MACSEC256 and Trustworthy Systems from hardware. The time it takes to deploy, secure
and adapt network services and user access is
• Deliver loT convergence with industry-leading scale reduced from months to minutes. And you can
and hardware-ready capabilities like perpetual easily customize the network for user groups as
UPOE/PoE Audio Visual Bridging (AVB)/IEEE 1588 needed.
and service discovery
14
Catalyst 9300 Series Catalyst 9400 Series Catalyst 9500 Series
The Cisco Catalyst 9300 is our The Cisco Catalyst 9400 is Cisco’s The Cisco Catalyst 9500 is our leading
leading fixed enterprise switching leading modular enterprise switching access purpose-built fixed-core/aggregation
access platform built for security, platform built for security, mobility, IoT and enterprise switching platform built for
mobility, IoT and the cloud. It is the the cloud. security, mobility, IoT and the cloud. Cisco
next generation of the industry’s most Catalyst 9500 Series switches are the
widely deployed switching platform. The platform gives you investment industry’s first purpose-built 40-Gbps
protection with a chassis architecture that switches targeted for the enterprise
The 9300 Series is the industry’s first is capable of supporting up to 9 Tbps of campus, delivering exceptional table scales
platform optimized for 802.11ac Wave system bandwidth. It provides exceptional and buffering for enterprise applications.
2 with the support for 2.5-Gbps/ power delivery scale with the industry’s
multigigabit downlinks and for Cisco highest density of UPOE ports. The Cisco The platform offers non-blocking 40-Gbps
perpetual UPOE and PoE+. It provides Catalyst 9400 also delivers state-of- Quad Small Form-Factor Pluggable (QSFP)
support for connecting a high density the-art high availability with capabilities and 10-Gbps (SFP+) switches with granular
of 802.11ac Wave 2 access points (48) like our In-Service Software Upgrade port densities that meet diverse campus
in a single RU box. (ISSU), NSF/ SSO, uplink resiliency, N+1/ needs. The Cisco Catalyst 9500 supports
N+N redundancy for power supplies and advanced routing and infrastructure
The Cisco Catalyst 9300 has the most perpetual Power over Ethernet (PoE). The services, SD-Access border capabilities
flexible uplink architecture, with support platform is designed for the enterprise and network system virtualization with
for 1 Gbps, multigigabit, 10 Gbps and with an innovative dual serviceable fan-tray StackWise® virtual technology, which are
40 Gbps. the platform offers a choice design and side-to-side airflow. It’s even critical for its placement in the campus core.
of multigigabit, 2.5-Gbps, or 1-Gbps crammed-closet friendly with a depth of
copper Ethernet switches with uplink about 16 inches. A single system can scale The platform also supports all the
bandwidth of 80 Gbps and a 480- up to 384 access ports witha choice of foundational high-availability capabilities like
Gbps stacking bandwidth solution. multigigabit, 1-Gbps copper SFP, 10-Gbps patching, Graceful Insertion and Removal
SFP+, Cisco UPOE and PoE+ options. (GIR), Nonstop Forwarding with Stateful
Switchover (NSF/SSO), redundant platinum-
rated power supplies and fans.
What's new
Our new Cisco Catalyst 9000 Series switches are the with breakthrough innovations in security, mobility, the
next generation in the Iegendary Cisco Catalyst family of Internet of Things (loT) and the cloud. The Catalyst 9000
enterprise LAN access, aggregation and core switches. Series is also the first in the Iine to offer more flexible
They form the foundational building block for Cisco Digital licensing options. New subscription b ased software
Network Architecture (Cisco DNATM) and for an entirely licenses mean you can purchase the features and
new era of networking. The Network. Intuitive. capabilities you need.
These are the first purpose-built platforms designed to Like its predecessor, Cisco Catalyst 9000 Series
take advantage of the DNA and Cisco Software-Defined switches leverage the strengths of the Cisco Unified
Access (SD-Access). As a significant addition to the AccessTM Data Plane (UADP) Application Specific Circuit
“DNA ready” portfolio, the Catalyst 9000 Series delivers (ASIC). With the new UADP 2.0, the Catalyst 9000 Series
high performance and functionality, plus exceptional delivers twice the performance with comparable pricing
power delivery scale with industry’s highest density of while adding a host of new features and functionality.
Cisco Universal Power Over Ethernet (Cisco UPOE™)
ports. These switches extend our networking leadership
15
What's New
Enterprise networks today are required to be secure, reliable, and connectable seamlessly anywhere, anytime,
for any user, and on any device. This catalog introduces the lineup of new products designed to deliver
enterprise networks that help steer small- and medium-sized companies toward business success.
Please contact your authorized Cisco partner, authorized Cisco distributor or Cisco reseller for details on the release date.
Switches
Revolutionary Catalyst 9000 Series
The Cisco® Catalyst® 9000 switches are the next generation of enterprise-class switches built for security, Internet of Things (IoT), mobility,
and cloud. These switches form the foundational building block for Cisco Software-Defined Access (SD-Access), the company’s lead enterprise
architecture. The Cisco Catalyst 9000 switches are based on x86 CPU and Cisco Unified Access Data Plane (UADP) Version 2.0, which support
full programmability and serviceability as well as convergence between wired and wireless over a single platform. The switches provide superior
high availability and unmatched security features for the next-generation enterprise network designs. Wired and wireless security and application
visibility are natively built into the switches.
The Cisco Catalyst 9000 switches also support full IEEE 802.3at Power over Ethernet
Plus (PoE+), and Universal Power over Ethernet (UPoE). These switches enhance
productivity by enabling applications such as IP telephony, wireless, IoT, and video for
a true borderless network experience.
16
Cisco DNA for Access Wireless and Switching Subscription
Switches
Introducing New Software Subscription Licensing
Cisco Digital Network Architecture services will be delivered through Cisco ONE™ Software, a simple, straightforward approach to consuming
high-value solutions with license portability and purchase flexibility. Customers can start their Cisco Digital Network Architecture journey today
Wireless
on our current portfolio with the confidence of knowing that they can adopt network innovations in the future, when it suits their business
needs. That’s the power of software.
Routing
● Access to ongoing innovation gives the customer software upgrades and new features at no cost.
● Software license agility means licenses are portable between generations of hardware, eliminating the need to repurchase software when
upgrading to new hardware.
● Software suites with 3-, 5-, or 7-year subscription license agreements provide simplicity.
Security
Cisco Meraki
DNA-Center
SMB
Switching P46
Software
Financing
Cisco
Services
Cisco
vices
Ser-
limited functionality
Wireless P64
17
Wireless
Cisco® Aironet® 1540 Series outdoor access points
Cisco® Aironet® 1540 Series outdoor access points offer the latest 802.11ac Wave 2 functions in a rugged, ultra-low-profile housing
that service providers and enterprises can deploy easily.
The Cisco Aironet 1540 Series is ideal for applications requiring rugged outdoor Wi-Fi coverage and supports the latest 802.11ac Wave 2
radio standard. Housed in a compact, aesthetically pleasing, easy-to-deploy package, the 1540 Series offers flexible deployment options for
service providers and enterprise networks that need the fastest links possible for mobile outdoor clients (smartphones, tablets, and laptops)
and wireless backhaul.
Routers
Cisco 1000 Series Integrated Services Routers
Reliability, security, and performance
Get Internet access, advanced security, and wireless services in one
device. Cisco 1000 Series Integrated Services Routers (ISRs) are fixed,
high-performance routers that are easy to deploy and manage. Small
yet powerful, they provide highly secure broadband, Metro Ethernet, and
wireless LAN connectivity.
18
Cisco Meraki
Switches
Cisco Meraki Z3
The Cisco Meraki Z-Series teleworker gateway is an enterprise class
firewall, VPN gateway and router. Each model offers five gigabit ethernet
Wireless
ports and wireless for connectivity. Each model is designed to securely
extend the power of Meraki cloud managed networking to employees,
IT staff, and executives working from home.
Routing
technology with MU-MIMO support to provide reliable and high speed
network access for most demanding business applications and latest devices. Cisco Meraki Z3 P87
Security
Virtual MX is a virtual instance of a Meraki security appliance, dedicated specifically to
providing the simple configuration benefits of site-to-site Auto VPN for customers running
or migrating IT services to an Amazon Web Services or Microsoft Azure Virtual Private
Cisco Meraki
Cloud (VPC). A virtual MX is added as an instance on EC2 or Azure and then configured
in the Meraki dashboard, just like any other MX. It functions like a VPN concentrator.
DNA-Center
& Microsoft Azure
SMB
Small Business
Software
New Models of Stackable 10 Gigabit Managed Switches
The Cisco Small Business 350X Series Stackable Managed Switches and the Cisco Small Business 550X Series Stackable Managed
Switches are an ideal line of stackable managed switches for small business, that provides the rich capabilities you need to support a more
demanding network environment, at a very affordable price. Now additional new models provide 24 or 48 ports of Gigabit Ethernet and
Financing
Fast Ethernet connectivity with 10 Gigabit uplinks, and also support 60W PoE on selected ports to power compact switches, high-power
wireless access points, or connected lighting.
Cisco
Services
Cisco
vices
19
Switches
Switches
No SDA/SDA Switches
Core
Cisco Catalyst Cisco Catalyst Cisco Catalyst
Cisco Nexus 9500 Series
4500-X Series 6800 Series 7700 Series
mGig mGig
Cisco Catalyst
2960-Plus Series
mGig
Compact
NO SDA SDA
Cisco Catalyst L2 compact switches suitable for deployment in the access layer.
See page 26.
2960-CX Series These switches deliver basic network services even outside the wiring closet.
Cisco Catalyst L3 compact switches suitable for deployment in the access layer.
See page 26.
3560-CX Series These switches deliver advanced network services even outside the wiring closet.
Cisco Catalyst L2 fixed-configuration switches suitable for deployment in the access layer.
See page 27.
2960-Plus Series FE is supported on all downlink ports.
Cisco Catalyst L2 Fix Gigabit Ethernet switches that provide entry-level enterprise-class Layer 2 access
See page 27.
2960-L Series for branch offices, conventional workspaces, and out-of-wiring closet applications
Cisco Catalyst L2/L3 fixed-configuration switches suitable for deployment in the access layer.
See page 28.
2960-X/XR Series GE and stacking are supported on all downlink ports.
Cisco Catalyst L2/L3 fixed-configuration switches suitable for deployment in the access layer or core layer.
See page 28.
3650 Series Provide a wireless controller function to server as an integrated platform for wired/wireless LAN networks.
Cisco Catalyst Next-generation L2/L3 fixed-configuration switches suitable for deployment in the access layer or core layer.
See page 31.
3850 Series Provide a wireless controller function to server as an integrated platform for wired/wireless LAN networks.
Cisco Catalyst L2/L3 modular switches suitable for deployment in the access layer or core layer.
See page 33.
4500E Series The superior cost performance of these switches ensure the protection of investment over long periods.
Cisco Catalyst L3 fixed-configuration switches suitable for deployment in the core layer.
See page 35.
4500-X Series Deliver excellent expandability and performance in environments with space constraints.
Cisco Catalyst L3 fixed-configuration/modular switches suitable for deployment in the core layer.
See page 36.
6800 Series Provide network services optimized for 1/10/40 Gigabit Ethernet.
Cisco Nexus Core switches to deliver exceptional availability, outstanding scalability with high-density 10, 40, and 100
See page 37 .
7700 Series Gigabit Ethernet ports and the proven and comprehensive Cisco NX-OS Software switching feature set.
20
Cisco Catalyst 2960-CX/2960-Plus/2960-X Series Cisco Catalyst 3560-CX/3650/3850 Series
Switches
How
■ Modelto Distinguish Specifications from SKU of Cisco Catalyst Switches
Type
CX : Compact model
The+SKU of each
: FE modelCisco Catalyst Switch contains a broad description of the product's specification.
X : GE model with stacking support *1 *2
XR : GE model with power supply redundancy
Cisco Catalyst 2960-CX/2960-Plus/2960-X
and stacking support Series Cisco Catalyst 3560-CX/3650/3850 Series
■ Number of Ports WS-C 2 9 6 0 X-24 T S-L ■ Number of Ports WS-C 3 8 5 0 -24 XU-S
Wireless
8, 24, or 48 8, 12, 24, or 48
■ Series Number ■ Series Number
■ Downlink
Cisco Catalyst Ports
2960-CX/2960-Plus/2960-X Series ■ Downlink
Cisco Catalyst Ports
3560-CX/3650/3850 Series
■ Model Type
WS-C 2 9 6 0 X-24 T S-L
T : Data-only port T : Data-only port
CX :: Port
L Compact
+ :: Port
P
model
with PoE
FE model
power supply support (Full 15.4 W power on 8 ports)
with PoE power supply support (Full 15.4 W power on 24 ports) *3
P WS-C 3 8 5 0 -24 XU-S
: Port with PoE power supply support (Full 15.4 W power on 24 ports) *4
PF/F/PW : Port with PoE power supply support (Full 15.4 W power on 48 ports)
X : GE model with stacking
LP : Port with PoE power support(Full
supply support
*1 *2
15.4 W power on 24 ports) U : Port with UPOE power supply support
■ Series
XR GENumber
FP :: Portmodel with
with PoE power
power supply
supply redundancy
support (Full 15.4 W power on 48 ports) ■ Series
S Number
: SFP module slot
and stacking support X : mGig port or SFP/SFP+ module slot
■ Model Type
■ Uplink Ports
Routing
■ Number of Ports
CX : Compact model ■ Number of Ports
Q
+ :: GE port
FE 48
model 8, 12, 24, or 48
8, 24, or
T :: GE
X GE port
model with stacking support *1 *2
C : GE/SFP
XR : GE model port
with power supply redundancy
■ Downlink
S : SFP Ports
module slot ■ Downlink Ports
and stacking support
D
T : SFP/SFP+ module slot
Data-only port T : Data-only port
L : Port with PoE power supply support (Full 15.4 W power on 8 ports) P : Port with PoE power supply support (Full 15.4 W power on 24 ports) *4
■ Number of PoE
Ports ■ Number :of Ports
P : Port
■ Cisco IOS with power supply support (Full 15.4 W power on 24 ports) *3 ■ Cisco
PF/F/PWIOS Port with PoE power supply support (Full 15.4 W power on 48 ports)
8,
LP24, : or 48with PoE power supply support (Full 15.4 W power on 24 ports)
Port 8,
U 12, 24, or 48 with UPOE power supply support
: Port
S or LL : LAN Lite L : LAN Base
Cisco
FP Catalyst
: Port with2960-CX/2960-Plus/2960-X
PoE power supply support (Full 15.4 WSeries
power on 48 ports) Cisco
S Catalyst 3560-CX/3650/3850
: SFP module slot Series
S : IP Base
Security
L : LAN Base
WS-C 2 9 6 0 X-24 T S-L WS-C 3 8 5 0 -24 XU-S
■ Downlink Ports X
■ Downlink : mGig
Ports port or SFP/SFP+ module slot
I : IP Lite E : IP Services
■ Uplink Ports port
T : Data-only T : Data-only port
L :: Port
Q with PoE power supply support (Full 15.4 W power on 8 ports)
GE port P : Port with PoE power supply support (Full 15.4 W power on 24 ports) *4
■ Series
P
Cisco : Number
Port
T Catalyst
: GE portwith PoE power supply support (Full 15.4 W power on 24 ports) *3
4500-X Series (no Network Module) ■ Series
PF/F/PW Number
Cisco
: Port with PoE power supply support (Full 15.4 W power on 48 ports)
Catalyst 4500-X Series (with Network Module)
LP : Port with PoE
portpower supply support (Full 15.4 W power on 24 ports) U : Port with UPOE power supply support
WS-C 4 5 0 0 X-F -16 SFP+
C : GE/SFP
FP :: SFP
■ Model
S Port with
Type
D :: SFP/SFP+
CX
PoE power
module slot supply support (Full 15.4 W power on 48 ports)
module slot
Compact model
S
X WS-C 4 5 0 0 X- 24 X - ES
: SFP module slot
: mGig port or SFP/SFP+ module slot
■ Uplink
+ : FE Ports
model
Cisco Meraki
■ Cooling Fan ■ Number of Ports
■ Cisco IOS
■ Cisco
X IOS
Q :: GE
GE model
port with stacking support
*1 *2
None
XR : GE: port
Front air
model withintake/Rear exhaust
power supply redundancy 16 or 32
T
F or :LLGE
S : :Rear
LANairLite
intake/Front exhaust L : LAN Base
C and stacking support S : IP Base
L : GE/SFP : LAN port
Base
S
I : SFP module
: IP Lite slot ■ Cisco
E : IPIOSServices
■ Number
D : SFP/SFP+ of Ports
module slot ■ Number of Ports
IPB : IP Base
1624,
8, or 32or 48 ES12,: 24,
8, Enterprise
or 48 Services
■ Cisco
Cisco IOS 4500-X Series (no Network Module)
Catalyst ■ Cisco
Cisco IOS 4500-X Series (with Network Module)
Catalyst
DNA-Center
I
L : Port:with
IP Lite
PoE power supply support (Full 15.4 W power on 8 ports) E
P : IP Services
: Port with PoE power supply support (Full 15.4 W power on 24 ports) *4
■ Cooling
P : Port withFanPoE power supply support (Full 15.4 W power on 24 ports) *3 PF/F/PW :of
■ Number Port with PoE power supply support (Full 15.4 W power on 48 ports)
Ports
LP : Port with PoE power supply support (Full 15.4 W power on 24 ports) U : Port with UPOE power supply support
■ None
Number : Front air intake/Rear exhaust
of4500-X
Slots ■ 16 or 32
Bandwidth per Slot
FP Catalyst
Cisco : Port with PoE powerSeries
supply support (Full 15.4 W
(no Network power on 48 ports)
Module) S Catalyst
Cisco : SFP module
4500-X slot (with Network Module)
Series
F : Rear air intake/Front exhaust
SMB
■ Number of Ports IPB
SFP : IP Base
: SFP module slot
■ Cisco IOS ■ Cisco IOS
16 or 32 ES
X2 : Enterprise Services
: X2 module slot
■ Number
S or LL : of
LANSlots
Lite L
SFP+: LAN :Base
■ Bandwidth per Slot
SFP/SFP+ module slot
L S : IP Base
3, 6, 7, or :10LAN Base 46 : 24 Gbps
Cisco
I Catalyst
: IP4500E Series (Chassis) E : IP Services
Cisco
Lite 47 Catalyst
: 48 Gbps4500E Series (Line Card)
WS-C 4 5 0 7UX-A
R+E
Cisco Catalyst 9300 Cisco Catalyst 9500
■ C 9 3 0 0-24
Supervisor Engine Redundancy ■ Port Interface
WS-XC49500-24
7 4 8 -RJ 45
Q-A-E
Cisco Catalyst 4500-X Series (no Network Module) Cisco Catalyst 4500-X Series (with Network Module)
Software
None : Not supported RJ45 : GE port
■ Series WS-C 4 5 0 0 X-F -16 SFP+ WS-C 4 5 0 0 X- 24 X - ES
■ Number of Slots
R : Supported
■ Bandwidth per Slot
RJ45V+ : GE port with PoE+ power supply support
Number
3, 6, 7, or 10 ■ Series
46 : 24 Number
Gbps
U, UPOE : GE port with UPOE power supply support
47
X : 48 Gbps : mGig port
■ Cooling
Number Fan
of Ports ■ Number
SFP :of
SFPPorts
module slot
■ Supervisor
24,48 : FrontEngine
None Redundancy
air intake/Rear exhaust X2
■ Port
16 or 32
12,24,40 : X2 module slot
Interface
F : Rear air intake/Front exhaust SFP+ : SFP/SFP+ module slot
None : Not supported RJ45 : GE port
■ Downlink
R Ports
: Supported Downlink
■ Cisco
RJ45V+ IOS Ports
: GE port with PoE+ power supply support
■ Number
U Catalyst
Cisco of9300
Ports
: Port with UPOE power supply support U,
Q UPOE
Cisco
IPB : : 40G
Catalyst :ports
GE
IP Base9500port with UPOE power supply support
Data-only port
T or: 32 X
X : : 10G : mGig port
ports (SFP+)
Financing
47 : 48 Gbps
■ Series Number ■ Series Number
Services
UX
24,48 and UPOE 12,24,40
R : Supported ■ Subscription
RJ45V+ : GE portLevel
with PoE+ power supply support
U, UPOE : GE port with UPOE power supply support
E=Essentials
■ Downlink
■ Ports
Subscription Level ■ Downlink
X
Ports
: mGig port
A=Advantage
U : Port with UPOE power supply support
E=Essentials Q : 40G:ports
SFP SFP module slot
T : Data-only port
A=Advantage X : 10G ports
X2 : X2 (SFP+)
module slot
P : Port with PoE/PoE+ support
Programs &
Promotions
Number
■Lite
*1 LAN ofnot
model does Ports ■ Number
support stacking. *2 WS-C2960X-24PSQ-L is not supported. *3 Compact switches of Ports
support full 15.4 W power on 8 ports.
*4 Compact switches support full 15.4 W power on 8 or 12 ports.
24,48 12,24,40
21
■ Downlink Ports ■ Downlink Ports
U : Port with UPOE power supply support Q : 40G ports
New Switch Selection Decision Tree
Switches
N7700 / M3
Yes + DNA–A
Modular SDA
No
N7700 / F3
High Density
(1/10/40 Gbps)
Catalyst 9500
Yes + DNA–A
Standalone SDA
No Catalyst 9500 /
4500–X
Backbone
Catalyst 6800 /
Yes 9400 +DNA–A
Modular SDA
No Catalyst
6800 / 9400
Low Density
(1/10 Gbps)
Catalyst 9500 /
Yes 3850 +DNA–A
Standalone SDA
No Catalyst 9500 /
3850 / 4500X
4500E SUP8 / 9
Catalyst 9400
Yes + DNA–A
Modular SDA
No
SUP8-L
Campus
Catalyst
3650/3850/9300
Yes + DNA–A
Stackable SDA
No Catalyst 2960-X /
3650 / 3850 /
9300
SUP8 / 9 /
Catalyst 9400
Yes + DNA–A
Modular SDA
No
SUP8-L
Access Branch
Catalyst
3650/3850/9300
Yes + DNA–A
Yes
Stackable SDA
No Catalyst 2960-X
/ 3650 / 3850 /
9300
No
Catalyst
2960L
Catalyst
Advanced
3560-CX
Carpeted
Area
Catalyst
Basic
2960-CX
22
Switches
Cisco IOS on Cisco Catalyst Switches
Wireless
solution is open, standards-based, and extensible across the entire lifecycle
of a network device. The various automation mechanisms are outlined below. IP Services Network Advantage DNA Advantage
Full L3 and Core Differentiators Full L3 with flexible Software Defined Access.
Segmentation and Assurance and ETA
Network Resiliency Solution Package
Automated device provisioning is the ability to automate the process of
IP Base
upgrading software images and installing configuration files on Cisco Catalyst Routed Access and
Access Differentiators
switches when they are being deployed in the network for the first time. Cisco
DNA Essentials
provides both turnkey solutions such as Plug and Play and off-the-shelf tools Network Essentials Simplified Network
LAN Base Competitive Parity with Full
Operations Solutions
such as Zero-Touch Provisioning (ZTP) and Preboot Execution Environment L2 and Routed Access
Routing
L2 Features and Package
Competitive Parity
(PXE) that enable an effortless and automated deployment.
DNA subscriptions required (min 3-year term) at time of order
● API-driven configuration is available with modern network switches such
as the Cisco Catalyst 9300 Series. It supports a wide range of automation
features and provides robust open APIs over NETCONF using YANG data ● Seamless software upgrades and patching supports OS resilience. Open
models for external tools, both off-the-shelf and custom built, to automatically IOS-XE supports patching, which provides fixes for critical bugs and security
Security
provision network resources. vulnerabilities between regular maintenance releases. This support lets you
● Granular visibility enables model-driven telemetry to stream data from add patches without having to wait for the next maintenance release.
a switch to a destination. The data to be streamed is identified through
subscription to a data set in a YANG model. The subscribed data set is
streamed to the destination at specified intervals. Additionally, Open IOS-XE
enables the push model. It provides near-real-time monitoring of the network,
Cisco Meraki
leading to quick detection and rectification of failures.
Packaging
The Cisco Catalyst 9000 family of switches introduces a new and simplified ■ Licensing Combinations
DNA-Center
licensing package in the form of base and add-on licenses.
Cisco DNA Essentials Cisco DNA Advantage
● The base licensing package includes the Network Essentials and Network Network Essentials Yes No
Advantage licensing options that are tied to the hardware. Between them, Network Advantage Yes* Yes
the base licensing packages cover switching fundamentals, management
* For this combination, the Cisco DNA Essentials license must be ordered separately using
automation, troubleshooting, and advanced switching features. Cisco Smart Software Manager.
● The add-on licensing package includes the Cisco DNA Essentials and Cisco
DNA Advantage options. In addition to on-box capabilities, the features ■ Simplified Packaging for the New Era of Networking
available with this package provide Cisco innovations on the switch, as well as
SMB
on Cisco DNA Center. What customer bought Price-neutral C9300 license
Advantage–7Y
IP Services
License consumption is easily determined by the package itself. While base (Network Advantage + DNA Advantage for 7Y)
licenses are always permanent and without an expiration date, add-on licenses
Advantage–3Y
have to be purchased for a 3-, 5-, or 7-year term (and hence are also known IP Base
(Network Advantage + DNA Advantage for 3Y)
as term-based licenses). Table 7 shows the combinations of base and add-on
Software
licenses that must be purchased. Essentials–3Y
LAN Base
(Network Advantage + DNA Advantage for 3Y)
Financing
License Type
6840, 6880
3850 Fiber
Cat 9300
Cat 9400
Cat 9500
2960-CX
3560-CX
3560-XR
2960-C
2960-P
2960-X
2960-L
4500 X
3750
CDB
Cisco
Services
Network Essentials - - - - - - - - - - ● - - ● - - ● - -
Cisco
vices
DNA Essentials1 ● ● ● - - ● ● ● - ● ● ● ● ● ● ● ● ● ●
Network Advantage - - - - - - - - - - ● - - ● - - ● - -
Ser-
DNA Advantage1 - ● - - - - - ● - ● ● ● ● ● ● ● ● ● ●
Programs &
Promotions
23
Switches
Switch features
Switch features
Spanning Tree Protocol (STP), Rapid STP (RSTP), VLAN Trunking Protocol (VTP), trunking, Private VLAN
(PVLAN), dynamic voice VLAN, IPv6, PnP, Cisco Discovery Protocol, 802.1Q tunneling (Q-in-Q), Routed
Access – OSPF and RIP, Policy-Based Routing (PBR), Virtual Router Redundancy Protocol (VRRP),
● ● - -
Internet Group Management Protocol (IGMP), PIM Stub, Weighted Random Early Detection (WRED),
First Hop Security (FHS), 802.1X, MACsec-128, Control Plane Policing (CoPP), Cisco TrustSec® SGT
Exchange Protocol (SXP), IP SLA Responder, SSO, EIGRP Stub, Microflow Policing, Class-Based Weighted
Fair Queuing (CBWFQ), hierarchical QoS (H-QoS), Application Reporting, Syslog, SNMP
Switch features
Spanning Tree Protocol (STP), Rapid STP (RSTP), VLAN Trunking Protocol (VTP), trunking, - ● - -
Private VLAN (PVLAN), dynamic voice VLAN, IPv6, PnP, Cisco Discovery Protocol, 802.1Q tunneli
Network segmentation
VPN Routing and Forwarding (VRF), Virtual Extensible LAN (VXLAN), Cisco Locator/ID Separation Protocol
- ● - -
(LISP), Cisco TrustSec, SD-Wireless, Multiprotocol Label Switching (MPLS), Layer 3 VPN (L3VPN), Multicast
VPN (mVPN)
Automation
● ● - -
Netconf/YANG, PnP Agent, ZTP/Open PnP
Advanced automation
- - ● ●
Containers, Python, Cisco IOS Embedded Event Manager (EEM), Autonomic Networking Infrastructure
Security
- ● - -
MACsec-256
Advanced security
- - - ●
Encrypted Traffic Analytics (ETA)
Element management
- - ● ●
Discovery, inventory, topology, software image, licensing, and configuration management
Element management
- - - ●
Patching
Network monitoring
Product Security Incident Response Team (PSIRT) compliance, end-of-life/end-of-sale reporting, telemetry - - ● ●
quotient, client 360, device 360, top talkers/ NetFlow/streaming telemetry collection and correlation
Policy-based automation
SD-Access, group-based policy for access, app prioritization, monitoring, and path selection; - - - ●
SD-Access with Integrated Wireless
24
Switches
Cisco Catalyst Switches incorporate the Cisco IOS (Internetwork Operating
■ Activating Features via a License (For Catalyst 3650/3850 Series)
System), which is a high-performance network infrastructure software. LAN
Lite and LAN Base feature sets provide the L2 level features, and IP Lite, IP
IP Universal
Base, IP Services, Advanced IP Services, Enterprise Services, and Advanced image
Services
Enterprise Services feature sets provide the L3 level features, respectively.
Cisco IOS provided with the Cisco Catalyst 3560-CX/3650/3850/4500- L3
X/4500E Series is delivered in a single universal image. The universal image
IP
Wireless
contains the entire Cisco IOS feature set that can be activated via a software Base
license. A software image needed to be installed in order to use the new
functions on previous Cisco Catalyst Switches. However, on the Cisco Catalyst
3560-CX/3650/3850/4500-X/4500E Series Switches, advanced functions can LAN
be activated immediately using the Cisco IOS Upgrade License. L2+ Base
Routing
■ Series Compatibility Comparison (Cisco Catalyst 2960-CX/3560-CX/2960-Plus/2960-L/2960-X/3650/3850/4500-X/4500E Series)
LAN Lite LAN Base IP Lite IP Base IP Servises Enterprise Servises
Supported Series
(LL) (LB) (IPL) (IPB) (IPS) (ES)
Catalyst 2960-CX - ● - - - -
Catalyst 3560-CX - - - ● ● -
Catalyst 2960-Plus ● ● - - - -
Catalyst 2960-L ● - - - - -
1
Catalyst 2960-X - - -
Security
● ● ●
Catalyst 3650 - ● - ● ● -
Catalyst 3850 - ● - ● ● -
Catalyst 4500-X - - - ● - ●
Catalyst 4500E - ● - ● - ●
■ Cisco IOS Specification Comparison (L2 Features) ■ Cisco IOS Specification Comparison (L3 Features)
Cisco Meraki
Feature LL LB IPL IPB IPS ES Feature LL LB IPL IPB IPS ES
IEEE 802.1Q Trunking ● ● ● ● ● ● Static Routing - ● ● ● ● ●
DTP ● ● ● ● ● ● RIP - - ● ● ● ●
UDLD ● ● ● ● ● ● EIGRP Stub - - ● ● ● ●
VTP ● ● ● ● ● ● EIGRP - - - - ● ●
CDP ● ● ● ● ● ● OSPF for Routed Access - - ● ● ● ●
LLDP ● ● ● ● ● ● OSPF v2/v3 - - - - ● ●
LLDP-MED - ● ● ● ● ● BGP - - - - ● ●
DNA-Center
STP (Spanning Tree Protocol) ● ● ● ● ● ● IS-IS - - - - ● ●
Flex Link - ● ● ● ● ● Policy Based Routing (PBR) - - ● ● ● ●
EtherChannel ● ● ● ● ● ● VRF-Lite - - - - ● ●
LACP ● ● ● ● ● ● PIM Stun - - ● ● ● ●
Link State Tracking - ● ● ● ● ● PIM - - - - ● ●
*2
Resilient Ethernet Protocol (REP) - - - ● ● ● WCCP - - ● ● ● ●
*3 *4
Per-Port Storm Control ● ● ● ● ● ● SSO - ● - ● ● ●
NSF - - - ● ● ●
SMB
■ Cisco IOS Specification Comparison (Managability) ■ Cisco IOS Specification Comparison (Security)
Feature LL LB IPL IPB IPS ES Feature LL LB IPL IPB IPS ES
SNMP ● ● ● ● ● ● SSH ● ● ● ● ● ●
RMON ● ● ● ● ● ● SSL ● ● ● ● ● ●
SPAN ● ● ● ● ● ● SCP ● ● ● ● ● ●
RSPAN - ● ● ● ● ● HTTPS ● ● ● ● ● ●
TDR TACACS+
Software
● ● ● ● ● ● ● ● ● ● ● ●
Smart Ports ● ● ● ● ● ● RADIUS ● ● ● ● ● ●
Smart Install (client) ● ● ● ● ● ● Port Security ● ● ● ● ● ●
*3
Smart Install (director) - ● - ● ● ● DHCP Snooping - ● ● ● ● ●
Cisco IOS IP SLA (responder) - ● ● ● ● ● Dynamic ARP Inspection (DAI) - ● ● ● ● ●
Cisco IOS IP SLA (initiator) - - - ● ● ● IP Source Guard - ● ● ● ● ●
Cisco IOS EEM - - - ● ● ● MAC Authentication Bypass for Voice ● ● ● ● ● ●
*4 *4
Wireshark - - - ● ● ● Private VLAN Edge ● ● ● ● ● ●
Financing
*5
Feature LL LB IPL IPB IPS ES TrustSec SGT/SGACL - ● ● ● ● ●
Cisco
vices
SRR ● ● ● ● ● ● MACsec - - - ● ● ●
Priority Queue ● ● ● ● ● ● NEAT - ● ● ● ● ●
Ser-
Auto QoS - ● ● ● ● ●
DSCP - ● ● ● ● ●
*6 *6
Weighted Tail Drop (WTD) - ● - ● ● -
*7 *7 *7
Dynamic Buffer Limiting (DBL) - ● - ● - ●
Programs &
Promotions
*3 *4 *4
Control Plane Policing (CoPP) - ● - ● ● ●
Per VLAN Policy - - ● ● ● ●
*1 Cisco Catalyst 2960-XR Series only.*2 Cisco Catalyst 3650/3850 Series are to be supported in future software release.*3 Cisco Catalyst 2960-CX/2960-X Series are not supported.
*4 Cisco Catalyst 3560-CX Series are not supported. *5 Cisco Catalyst 3650/3850 Series are not supported.*6 Cisco Catalyst 3560/3850 Series only.*7 Cisco Catalyst 4500E Series only.
25
Cisco Catalyst 2960-CX Series
Switches
The compact switches are Layer 2 switches that are purpose built to enhance scalability and reduce costs through cable
consolidation. Extend enterprise-class services to wherever you want, far from the wiring closet. They provide advanced
networking features for security and management, equivalent to Cisco Catalyst 2960-X Series.
■ Highlights
● Stylish, compact, fan-less design and silent in operation.
● Deep-sleep mode: average 60 %, max 80 % on power saving.
● Operating temperature advantage: -5 °C to 45°C.
● Various mounting options: under a desk, on a shelf, on a wall, on a DIN rail or even in a rack using mounting brackets.
● IT simplicity: zero-touch deployments & maintenance, Plug-n-Play (PnP).
● Traffic visibility: support Cisco NetFlow-Lite up to Layer 4, supported both on all downlink and uplink ports.
■ Highlights
● Stylish, compact, fan-less design and silent in operation.
● Deep-sleep mode: average 60 %, max 80 % on power saving, 3.8 Watt only for a 8 port switch in deep-sleep mode.
● Operating temperature advantage: -5 °C to 45°C.
● Various mounting options: under a desk, on a shelf, on a wall, on a DIN rail or even in a rack using mounting brackets.
● IT simplicity: zero-touch deployments & maintenance, Plug-n-Play (PnP).
● Traffic visibility: support Cisco NetFlow-Lite up to Layer 4, supported both on all downlink and uplink ports.
● PoE pass-through: industry’s first UPOE powered switch that can pass through up to 146 W to power up the devices
connected to the switch (WS-C3560CX-8PT-S)
● new DC-DC powering option for usage in trains, buses, etc.
● Horizontal Stacking: stacking using the 10G SFP+ or mGig Front Panel Ports for up to 8 switches
*1 On roadmap. *2 SGACL is not supported. *3 WS-C3560CX-8XPD-S & WS-C3560CX-12PD-S only. *4 WS-C3560CX-8XPD-S only.
26
Cisco Catalyst 2960 Series Transition Guide
Switches
■ Cisco Catalyst 2960-SF/2960-Plus Series*1 ■ Cisco Catalyst 2960-S/2960-X Series*1
Stacking Supported Stacking Not Supported Stacking Supported
Legacy Models Current Models Legacy Models Current Models
WS-C2960+24TC-S WS-C2960S-24TS-S*2 WS-C2960X-24TS-LL*2
WS-C2960S-F24TS-S*2 WS-C2960+24LC-S
WS-C2960+24PC-S WS-C2960S-48TS-S*2 WS-C2960X-48TS-LL*2
WS-C2960X-24TS-L
Wireless
WS-C2960+48TC-S WS-C2960S-24TS-L
WS-C2960S-F48TS-S*2 WS-C2960XR-24TS-I
WS-C2960+48PST-S
WS-C2960X-24TD-L
WS-C2960S-F24TS-L WS-C2960+24TC-L WS-C2960S-24TD-L
WS-C2960XR-24TD-I
WS-C2960+24LC-L WS-C2960X-24PSQ-L*2
WS-C2960S-F24PS-L
WS-C2960+24PC-L WS-C2960S-24PS-L WS-C2960X-24PS-L
WS-C2960S-F48TS-L WS-C2960+48TC-L WS-C2960XR-24PS-I
WS-C2960X-24PD-L
WS-C2960S-F48LPS-L WS-C2960+48PST-L WS-C2960S-24PD-L
WS-C2960XR-24PD-I
Routing
WS-C2960S-F48FPS-L WS-C2960+48PST-L WS-C2960X-48TS-L
WS-C2960S-48TS-L
WS-C2960XR-48TS-I
■ Comparison of Main Features
WS-C2960X-48TD-L
WS-C2960S-48TD-L
2960-SF WS-C2960XR-48TD-I
2960-Plus 2960-X
2960-S WS-C2960X-48LPS-L
WS-C2960S-48LPS-L
Cisco IOS 15.0(2)SE and higher ● ● ● WS-C2960XR-48LPS-I
Cisco IOS IP Lite - - *3
● WS-C2960X-48FPS-L
WS-C2960S-48FPS-L
Security
WS-C2960XR-48FPS-I
IPv6 ● ● ● WS-C2960X-48LPD-L
WS-C2960S-48LPD-L
Full PoE ● ● ● WS-C2960XR-48LPD-I
WS-C2960X-48FPD-L
PoE + - ● ● WS-C2960S-48FPD-L
WS-C2960XR-48FPD-I
Duplexed power supply - - ●
FlexStack -
Cisco Meraki
● ●
FlexStack Plus - - ●
DNA-Center
model of the Cisco Catalyst 2960-SF/S Series.
■ Combined Stacks (Cisco FlexStack & Cisco FlexStack-Plus) Compatibility List ■ Cisco FlexStack Plus Module
2960-SF/S 2960-X 2960-XR SKU C2960X-STACK
LAN Base LAN Base IP Lite Compatible IOS LAN Base/IP Lite
Maximum Number of Devices 8
2960-SF/S LAN Base ● ● -
Stack Bandwidth 80 Gbps
2960-X LAN Base ● ● - Hardware drop table
Architecture
2960-XR IP Lite - - ● Dynamic Ring Load-balancing -
SMB
Stack Convergence 100 milliseconds
*1 Search for EOL10043 at cisco.com. *2 Stacking is not supported. *3 LAN Lite/LAN Base models are not supported.
Software
Cisco Catalyst® 2960-L Series Switches are entry-level, fixed-configuration, ● Higher mean time between failure (MTBF), because they have no
Gigabit Ethernet switches that provide enterprise-class Layer 2 access for moving mechanical parts.
branch offices, conventional workspaces, and out-of-wiring closet applications. ● Less than 11.5-inch depth fit in use cases with space limitation.
● Reduced power consumption and advanced energy management features.
■ Highlights ● RJ45 and USB console access for simplified operations.
● 6,24, or 48 Gigabit Ethernet ports with line-rate forwarding. ● Intuitive web user interface for easy deployment and management.
Financing
● 2- or 4 Gigabit Small Form-Factor Pluggable (SFP) uplinks. ● Cisco IOS® Software features.
● Power over Ethernet Plus (PoE+) support with up to 370W of power budget. ● Enhanced limited lifetime warranty offering next-business-day
● Fanless operation and operational temperature up to 55°C for deployment hardware replacement.
outside the wiring closet.
10/100/1000 Uplink Available Fanless
Product ID Dimensions (H x D x W) Weight
Ethernet Ports Interfaces PoE Power
WS-C2960L-8TS-LL 8 2 SFP - Y 1.73 x 8.45 x 10.56 in (4.4 x 21.5 x 26.8 cm) 3.33lb (1.51 kg)
Cisco
8 2 SFP 67W Y
Services
WS-C2960L-8PS-LL 1.73 x 9.45 x 10.56 in (4.4 x 24 x 26.8 cm) 4.50lb (2.04 kg)
Cisco
vices
WS-C2960L-16TS-LL 16 2 SFP - Y 1.73 x 8.45 x 10.56 in (4.4 x 21.5 x 26.8 cm) 3.41lb (1.55 kg)
WS-C2960L-16PS-LL 16 2 SFP 120W Y 1.73 x 9.45 x 10.56 in (4.4 x 24 x 26.8 cm) 4.65lb (2.11 kg)
Ser-
WS-C2960L-24TS-LL 24 4 SFP - Y 1.73 x 9.45 x 17.5 in (4.4 x 24 x 44.5 cm) 6.04lb (2.74 kg)
WS-C2960L-24PS-LL 24 4 SFP 195W Y 1.73 x 10.45 x 17.5 in (4.4 x 26.5 x 44.5 cm) 7.41lb (3.36 kg)
WS-C2960L-48TS-LL 48 4 SFP - Y 1.73 x 9.45 x 17.5 in (4.4 x 24 x 44.5 cm) 6.57lb (2.98 kg)
48 4 SFP 370W N
Programs &
Promotions
WS-C2960L-48PS-LL 1.73 x 11.5 x 17.5 in (4.4 x 26.5 x 44.5 cm) 10.08lb (4.57 kg)
WS-C2960L-24TQ-LL 24 4 SFP+ - Y 1.73 x 9.45 x 17.5 in (4.4 x 24 x 44.5 cm) 6.06lb (2.75kg)
WS-C2960L-24PQ-LL 24 4 SFP+ 195W Y 1.73 x 10.45 x 17.5 in (4.4 x 26.5 x 44.5 cm) 7.39lb (3.35kg)
WS-C2960L-48TQ-LL 48 4 SFP+ - Y 1.73 x 9.45 x 17.5 in (4.4 x 24 x 44.5 cm) 6.68lb (3.03kg)
WS-C2960L-48PQ-LL 48 4 SFP+ 370W N 1.73 x 11.5 x 17.5 in (4.4 x 29.2 x 44.5 cm) 9.81lb (4.54kg)
27
Cisco Catalyst 2960-X Series
Switches
■ Highlights
● Equipped with Cisco IOS Universal Image (Supports LAN Lite/LAN Base/IP Lite)*1
● Supports Layer 3 functions including HSRP and VRRP (IP Lite model)
● Equipped with PoE+ power supplying downlink ports (PSE model)
● Equipped with full PoE powering power supply (WS-C2960X-48FPS-L/
WS-C2960X-48FPD-L/WS-C2960XR-48FPS-I/WS-C2960XR-48FPD-I)
● Supports multiple Power Supply Modules (IP Lite model)
● Supports Cisco FlexStack Plus (LAN Base/IP Lite models)
28
■ Cisco Catalyst 3650 Series (1 of 2)
Switches
Uplinks PoE Output Ports
Wireless Downlinks MAC Max Power Power Rack
SKU SFP/ Cisco IOS PoE PoE+ UPOE RPS
Throughput SFP QSFP+ sec VLANs Supply Redundancy Mount
GE mGig SFP+ 15.4 W 30 W 60 W
WS-C3650-24TS-L 20 Gpbs 24 - 4 - - LAN Base -*1 255 - - - 250 W AC ● - 1 RU
WS-C3650-24TS-S 20 Gpbs 24 - 4 - - IP Base ● 4094 - - - 250 W AC ● - 1 RU
WS-C3650-24TS-E 20 Gpbs 24 - 4 - - IP Services ● 4094 - - - 250 W AC ● - 1 RU
WS-C3650-24TD-L 20 Gpbs 24 - 2 2 - LAN Base -*1 255 - - - 250 W AC ● - 1 RU
Wireless
WS-C3650-24TD-S 20 Gpbs 24 - 2 2 - IP Base ● 4094 - - - 250 W AC ● - 1 RU
WS-C3650-24TD-E 20 Gpbs 24 - 2 2 - IP Services ● 4094 - - - 250 W AC ● - 1 RU
WS-C3650-24PS-L 20 Gpbs 24 - 4 - - LAN Base -*1 255 24 13 - 640 W AC ● - 1 RU
WS-C3650-24PS-S 20 Gpbs 24 - 4 - - IP Base ● 4094 24 13 - 640 W AC ● - 1 RU
WS-C3650-24PS-E 20 Gpbs 24 - 4 - - IP Services ● 4094 24 13 - 640 W AC ● - 1 RU
WS-C3650-24PDM-L 20 Gpbs 24 - 2 2 - LAN Base -*1 255 24 13 - 640 W AC - ● 1 RU
WS-C3650-24PDM-S 20 Gpbs 24 - 2 2 - IP Base ● 4094 24 13 - 640 W AC - ● 1 RU
WS-C3650-24PDM-E 20 Gpbs 24 - 2 2 - IP Services ● 4094 24 13 - 640 W AC - ● 1 RU
Routing
WS-C3650-24PD-L 20 Gpbs 24 - 2 2 - LAN Base -*1 255 24 13 - 640 W AC ● - 1 RU
WS-C3650-24PD-S 20 Gpbs 24 - 2 2 - IP Base ● 4094 24 13 - 640 W AC ● - 1 RU
WS-C3650-24PD-E 20 Gpbs 24 - 2 2 - IP Services ● 4094 24 13 - 640 W AC ● - 1 RU
WS-C3650-8X24PD-L 20 Gpbs 24 8 - 2 - LAN Base -*1 255 24 14 - 750 W AC ● - 1 RU
WS-C3650-8X24PD-S 20 Gpbs 24 8 - 2 - IP Base ● 4094 24 14 - 750 W AC ● - 1 RU
WS-C3650-8X24PD-E 20 Gpbs 24 8 - 2 - IP Services ● 4094 24 14 - 750 W AC ● - 1 RU
WS-C3650-8X24UQ-L 20 Gpbs 24 8 - 4 - LAN Base -*1 255 24 24 13 1100 W AC ● - 1 RU
Security
WS-C3650-8X24UQ-S 20 Gpbs 24 8 - 4 - IP Base ● 4094 24 24 13 1100 W AC ● - 1 RU
WS-C3650-8X24UQ-E 20 Gpbs 24 8 - 4 - IP Services ● 4094 24 24 13 1100 W AC ● - 1 RU
Cisco Meraki
Cisco Catalyst 3000 Series Transition Guide
■ Cisco Catalyst 3560-X/3650 Series*1 ■ Cisco Catalyst 3750-X/3850 Series
Legacy Models Current Models Legacy Models Current Models
WS-C3650-24TS-L WS-C3750X-24T-L/S/E WS-C9300-24T-E/A
WS-C3560X-24T-L
WS-C3650-24TD-L
DNA-Center
WS-C3750X-24P-L/S/E WS-C9300-24P-E/A
WS-C3650-24PS-L
WS-C3750X-24U-L/S/E WS-C9300-24U-E/A
WS-C3560X-24P-L WS-C3650-24PD-L
WS-C3650-8X24PD-L WS-C3750X-48T-L/S/E WS-C9300-48T-E/A
SMB
WS-C3650-48PS-L
WS-C3650-48PD-L ■ Cisco Catalyst 3650 Series Licenses –
WS-C3560X-48P-L
WS-C3650-48PQ-L A La Carte Part Numbers for Cisco DNA Advantage
WS-C3650-12X48FD-L Legacy Models Suggested Models
WS-C3650-48FS-L C3650 DNA Advantage,
C3650-DNA-A-24
WS-C3650-48FD-L 24-port term licenses
Software
WS-C3650-48FQ-L C3650 DNA Advantage,
WS-C3560X-48PF-L WS-C3650-12X48FD-L 24-port C3650-DNA-A-24-3Y
24-port, 3-year term license
WS-C3650-12X48UQL
C3650 DNA Advantage,
WS-C3650-12X48UR-L C3650-DNA-A-24-5Y
24-port, 5-year term license
WS-C3650-12X48UZ-L
C3650 DNA Advantage,
WS-C3650-48FS-L C3650-DNA-A-48
48-port term licenses
WS-C3650-48FD-L
Financing
WS-C3560X-24T-S/E WS-C9300-24T-E/A
WS-C3560X-24P-S/E WS-C9300-24P-E/A
Ser-
WS-C3560X-24U-S/E WS-C9300-24U-E/A
WS-C3560X-48T-S/E WS-C9300-48T-E/A
WS-C3560X-48P-S/E WS-C9300-48P-E/A
Programs &
Promotions
WS-C3560X-48PF-S/E WS-C9300-48U-E/A
WS-C3560X-48U-S/E WS-C9300-48U-E/A
29
■ Cisco Catalyst 3650 Series (2 of 2)
Uplinks PoE Output Ports Power
Switches
■ Power Supply Module for the Cisco Catalyst 3650 Series ■ Cisco IOS Upgrade License for the Cisco Catalyst 3650 Series
SKU Description SKU Description
PWR-C2-250WAC 250 W AC Power Supply Module L-C3650-24-L-S Cisco IOS IP Base License for 24-port IP Base model
PWR-C2-640WAC 640 W AC Power Supply Module L-C3650-24-S-E Cisco IOS IP Services License for 24-port IP Base model
PWR-C1-715WAC 715 W AC Power Supply Module L-C3650-24-L-E Cisco IOS IP Services License for 24-port IP Base model
PWR-C2-1025WAC 1025 W AC Power Supply Module L-C3650-48-L-S Cisco IOS IP Base License for 48-port IP Base model
PWR-C1-1100WAC 1100 W AC Power Supply Module L-C3650-48-S-E Cisco IOS IP Services License for 48-port IP Base model
PWR-C2-640WAC 640 W DC Power Supply Module L-C3650-48-L-E Cisco IOS IP Services License for 48-port IP Base model
■ Cisco StackWise-160 Module for the Cisco Catalyst 3650 Series ■ Additional Access Point License for the Cisco 3650 Series
SKU Description SKU Additional Primary Upgrade SKU
C3650-STACK-KIT Cisco StackWise-160 Module L-LIC-CTIOS-1A 1 L-LIC-CT3650-UPG
30
Cisco Catalyst 3850 Series
Switches
Next-generation stackable L2/L3 fixed-configuration switches featuring a ■ Highlights
wireless controller function. These switches feature the industry's fastest 480 ● Equipped with Cisco IOS XE Universal Image
Gbps stack function, support for multiple Power Supply Modules and innovative (Supports LAN Base/IP Base/IP Services)
power-sharing function to achieve a flexible and advanced redundant configu- ● Equipped with the Unified Access Data Plane (UADP) ASIC
ration. They also provide common intelligent services for both wired/wireless ● Built-in controller function capable of managing up to 100 wireless
Wireless
LAN networks, such as QoS and security. access points (Supports IP Base/IP Services)
● Equipped with Cisco Catalyst Multigigabit Technology (mGig)-enabled
downlink ports (some models)
● Equipped with PoE+/UPOE power supplying downlink ports (UPOE ports
are only incorporated on some PSE models)
● Equipped with MACsec-enabled downlink ports (IP Base/IP Services models)
● MACsec-enabled uplink ports (Optional, IP Base/IP Services models)
● Supports Cisco StackPower*1
Supports Cisco StackWise-480*1
Routing
●
■ A La Carte Part Numbers for Cisco DNA Advantage for the Cisco Catalyst 3850 Series
Product ID Description
Security
C3650-DNA-A-24 C3850 DNA Advantage, 24-port term licenses
C3850-DNA-A-24-3Y C3850 DNA Advantage, 24-port, 3-year term license
24-port
C3850 DNA Advantage, 24-port, 5-year term license
C3850-DNA-A-24-5Y
24-port, 5-year term license
C3850-DNA-A-48 C3850 DNA Advantage, 48-port term licenses
48-port C3850-DNA-A-48-3Y C3850 DNA Advantage, 48-port, 3-year term license
C3850-DNA-A-48-5Y C3850 DNA Advantage, 48-port, 5-year term license
Cisco Meraki
C3850-DNA-A-24= C3850 DNA Advantage, 24-port term licenses spare
Spare (for brownfield deployments only)
C3850-DNA-A-48= C3850 DNA Advantage, 48-port term licenses spare
■ Cisco ONE Software Part Numbers for DNA Advantage for the Cisco Catalyst 3850 Series
Product ID Description
24-port C1A1ATCAT38501 Cisco ONE Advantage term, C3850 24-port*
DNA-Center
48-port C1A1ATCAT38502 Cisco ONE Advantage term, C3850 48-port*
*All midcycle refresh option PIDs are available under C1-CAT-ADD-T.
■ A La Carte Part Numbers for Cisco DNA Advantage for Cisco Catalyst 3850 Series (fiber)
SMB
C3850XS-DNA-A C3850 DNA Advantage, High Port Term licenses
32-48 port license (Advantage) C3850XS-DNA-A-3Y C3850 DNA Advantage, High Port, 3 Year Term license
C3850XS-DNA-A-5Y C3850 DNA Advantage, High Port, 5 Year Term license
C3850XS-DNA-L-A= C3850 DNA Advantage, Low Port Term licenses, Spare
Spares (for brownfield deployments only)
C3850XS-DNA-A= C3850 DNA Advantage, High Port Term licenses, Spare
Software
■ Cisco ONE Software Part Numbers for DNA Advantage for Cisco Catalyst 3850 Series (Fiber)
The Base license for Cisco DNA Advantage is IP Base or IP Services. As such, only hardware PIDs with the “-S” or “-E” suffix must be chosen. Note that when
the Base license is IP Base, you are limited to only 3 virtual networks. The Spare SKUs should be leveraged when buying Cisco DNA Advantage separately.
C3850-NM-4-10G Network Module equipped with SFP+ module slots for 48-port models, mGig models, 10 G fiber models 4/0/0-3/1/0-2/2/0-1/3/0-0/4/0
Cisco
vices
C3850-NM-8-10G Network Module equipped with SFP+ module slots for mGig models & 24-port 10 G fiber models 8/8/0
C3850-NM-2-40G Network Module equipped with QSFP module slots for mGig models & 24-port 10 G fiber models 0/0/2
Ser-
PWR-C1-715WAC 715 W AC Power Supply Module PWR-C3-750WAC-F 750 W AC Back-to-Front Airflow Power Supply Module for WS-C3850-48XS
PWR-C1-1100WAC 1100 W AC Power Supply Module PWR-C3-750WDC-R 750 W DC Front-to-Back Airflow Power Supply Module for WS-C3850-48XS
PWR-C1-440WDC 440 W DC Power Supply Module PWR-C3-750WDC-F 750 W DC Back-to-Front Airflow Power Supply Module for WS-C3850-48XS
31
■ Cisco Catalyst 3850 Series
Switches
32
Switches
Cisco Catalyst Multigigabit Technology (mGig)
■ Challenges for Wired LAN Posed by 11ac “Gigabit Wireless LAN” ● Multi-speed: Category 5e cables support 100 Mbps, 1 Gbps, 2.5 Gbps
IEEE 802.11ac is a super high-speed wireless standard that delivers a theoretical and 5 Gbps; and category 6a cables support 10 Gbps, respectively.
maximum throughput of up to 6.9 Gbps. Wireless LAN is literally entering the ● Cable type: A wide variety of cable types are supported including
“Gigabit era”, but the migration to 11ac is presenting wired LAN with “old and Category 5e, Category 6, and Category 6a.
● PoE: PoE (15.4 W), PoE+ (30 W), and UPOE (60 W) are supported
Wireless
new” challenges. In other words, these are the same old challenges that were
experienced during the migration from 11a/g to 11n. unlike the current 10 GE.
During the migration from 11a/g to 11n, it was obvious that Fast Ethernet mGig is based on the technology of the NBASE-T Alliance established by Cisco
switches (max 100 Mbps) had insufficient capacity to server as access switches in October 2014. A large number of vendors are participating in the NBASE-T
for accommodating the access points. Similarly today, it is obvious that Alliance; and IEEE standardization is currently being promoted for 2.5GBASE-T
1-Gigabit Ethernet switches (1 GE, max 1000 Mbps) have insufficient capacity for 5GBASE-T.
when migrating from 11n to 11ac. Specifically:
Routing
● A bottleneck will occur if the uplink port of the access switches accommodating ■ Advantages of mGig
multiple 11ac compatible access points is 1 GE.
Category 5e cables
● A bottleneck will occur if the downlink port of the access switches
11ac Wave 1 AP supports 2.5 Gbps and 5 Gbps.
accommodating 11ac Wave compatible access points is 1 GE. Max 1.3 Gbps Category 6a cables support 10 Gbps.
Therefore, as was during the migration from 11a/g to 11n, replacement of access
Security
switches is therefore indispensable in order to unleash the full potential of 11ac.
The only current IEEE standard that is faster than 1 GE is 10 Gigabit Ethernet
(10 GE) with copper or optical fiber cables. However, there are some difficulties
associated with the deployment of 10 GE-compatible switches. mGig
Access Switch mGig
Core Switch
● Cable re-installation is required in many cases: Category 5e accounts for 46
Cisco Meraki
11ac Wave 2 AP
% and Category 6 accounts for 28 % of the copper cables currently installed in Max 3.5 Gbps PoE (15.4 W), PoE+ (30 W)
corporations around the world, respectively. 10 GE via copper is not supported and UPOE (60 W) are supported.
for Category 5e cables and is limited to a length of 55 meters for Category 6
cables. Installations of optical fiber cables and copper wire cables both require
huge costs. ■ Cisco Catalyst Multigigabit Technology (mGig): Speeds and Cables
● Current 10 GE does not support PoE: Power supply units and power cables Cable Type 1 Gbps 2.5 Gbps 5 Gbps 10 Gbps
would be required for the access points.
DNA-Center
Cat 5e ● ● ● -
SMB
L2/L3 modular switches equipped with a 3/6/7/10-slot chassis. These switches ■ Highlights
can be configured with components that offer intergenerational upward and ● Broad range of interface options for 10/100/1000 and mGig on copper
backward compatibility, including Chassis, Supervisor Engine and Line Card. and 1 G/10 G on Fiber
Their outstanding cost performance will ensure the protection of investment ● Equipped with Cisco IOS XE Universal Image (Supports LAN Base/IP Base/
Software
over long periods. Enterprise Services)
● Equipped with the Unified Access Data Plane (UADP) ASIC
(WS-X45-SUP8-E)
● Built-in controller function capable of managing up to 100 wireless access
points (Supports IP Base/Enterprise Services on WS-X45-SUP8-E)
● Supports Cisco VSS (Switching capacity of up to 1.6 Tbps)
● Supports Cisco TrustSec (MACsec/SGT/SGACL)
● Switching capacity of up to 928 Gbps (WS-X45-SUP8-E)
Financing
■ A La Carte Part Numbers for Cisco DNA Advantage for the Cisco Catalyst 4500-E Series
Cisco
Services
33
■ Cisco ONE Software Part Numbers for DNA Advantage for Cisco Catalyst 4500-E Series
Switches
The Base license for Cisco DNA Advantage is IP Base or Enterprise Services. As such, only hardware PIDs with the “-IPB” or “-ES” suffix must be chosen.
Note that when the Base license is IP Base, you are limited to only 3 virtual networks.
■ Cisco IOS XE Upgrade License for the Cisco Catalyst 4500E Series
SKU Description
L-C4500E-LB-IP Bundled IP Base License
L-C4500E-IP-ES Cisco IOS Enterprise Services License for Supervisor Engine
L-C4500E-LB-ES Bundled Cisco IOS Enterprise Services License
*1 Slots 3, 4, 7-10 are 750 W. *2 Depends on modes of operation (Redundant 1 + 1 Mode, Redundant N + 1 Mode, Combined Mode).
34
Cisco Catalyst 4500-X Series
Switches
L3 fixed-configuration switches equipped with SFP+ module slots. These switches
deliver best-in-class scalability, simplified network virtualization, and integrated network
services for space-constrained environments in campus networks. These switches can
be expanded to accommodate SFP+ module slots using optional Network Modules.
Wireless
■ Highlights
● Equipped with Cisco IOS XE Universal Image (Supports IP Base/Enterprise Services)
● Support for SDN/OpenFlow 1.3
● Supports Cisco VSS (Switching capacity of up to 1.6 Tbps)
● Cisco TrustSec-enabled hardware (MACsec/SGT/SGACL)
● Switching capacity of up to 800 Gbps
● IPv4 throughput of up to 250 Mpps
● IPv6 throughput of up to 125 Mpps
Routing
● Network module equipped with 8 SFP+ ports (Optional)
WS-C4500X-16SFP+ 16 24*1 IP Base 64K 32K 24K 12K Front air intake/Rear exhaust 2 1 RU
WS-C4500X-F-16SFP+ 16 24*1 IP Base 64K 32K 24K 12K Rear air intake/Front exhaust 2 1 RU
Security
WS-C4500X-32SFP+ 32 40*1 IP Base 256K 128K 32K 32K Front air intake/Rear exhaust 2 1 RU
WS-C4500X-F-32SFP+ 32 40*1 IP Base 256K 128K 32K 32K Rear air intake/Front exhaust 2 1 RU
WS-C4500X-24X-IPB 24 24 IP Base 64K 32K 24K 12K Front air intake/Rear exhaust 2 1 RU
WS-C4500X-24X-ES 24 24 Enterprise Services 64K 32K 24K 12K Front air intake/Rear exhaust 2 1 RU
WS-C4500X-40X-ES 40 40 Enterprise Services 256K 128K 32K 32K Front air intake/Rear exhaust 2 1 RU
Cisco Meraki
■ Network Module for the Cisco Catalyst 4500-X Series
DNA-Center
SKU Description Compatible SKU
WS-C4500X-16SFP+/WS-C4500X-32SFP+/
C4KX-PWR-750AC-R 750 W AC Front-to-Back Cooling Power Supply Module
WS-C4500X-24X-IPB/WS-C4500X-24X-ES/WS-C4500X-40X-ES
C4KX-PWR-750AC-F 750 W AC Back-to-Front Cooling Power Supply Module WS-C4500X-F-16SFP+/WS-C4500X-F-32SFP+
WS-C4500X-16SFP+/WS-C4500X-32SFP+/
C4KX-PWR-750DC-R 750 W DC Front-to-Back Cooling Power Supply Module
WS-C4500X-24X-IPB/WS-C4500X-24X-ES/WS-C4500X-40X-ES
C4KX-PWR-750DC-F 750 W DC Back-to-Front Cooling Power Supply Module WS-C4500X-F-16SFP+/WS-C4500X-F-32SFP+
■ Cisco IOS XE Upgrade License for the Cisco Catalyst 4500-X Series
SMB
SKU Description Compatible SKU
L-C4500X-16P-IP-ES Cisco IOS Enterprise Services License for 16/24-port IP Base model WS-C4500X-16SFP+/WS-C4500X-F-16SFP+/WS-C4500X-24X-IPB
L-C4500X-IP-ES Cisco IOS Enterprise Services License for 24-port IP Base model WS-C4500X-32SFP+/WS-C4500X-F-32SFP+
Switch Fabric functionalities of the switches comprising a cluster will operate at 4500-X/4500E/6500/6800 Series.
100% performance. It is therefore possible to configure a single logical switch
capable of delivering 200% better performance than native Cisco Catalyst
Switches. This technology also offers the following benefits in addition to
Logical image
performance improvement: Physical configuration
Since two physical switches are operated as one logical switch, there is no need
Cisco
vices
The second physical switch will continue to operate in the event when one of the
physical switches fails. There will be no service interruption due to switching of
Programs &
Promotions
35
Cisco Catalyst 6800 Series
Switches
L3 switches optimized for 10/40/100 Gigabit Ethernet. The product lineup ■ Highlights
includes the fixed-configuration Cisco Catalyst 6840-X/6880-X Series, the ● Equipped with Cisco IOS (Supports IP Base/IP Services/Advanced IP
modular Cisco Catalyst 6807-XL. Services/Advanced Enterprise Services) *1
● Supports Cisco VSS (C6807-XL has a switching capacity of up to 22.8 Tbps)
● Supports Cisco TrustSec (MACsec/SGT/SGACL)
● Switching capacity of up to 11.4 Tbps (C6807-XL)
● Bandwidth of up to 880 Gbps per slot (C6807-XL)
● IPv4 throughput of up to 300 Mpps (C6880-X)
● IPv6 throughput of up to 150 Mpps (C6880-X)
● Equipped with 2 Native uplink ports of 40 G QSFP (C6824-X-LE-40G/
C6840-X-LE-40G)
■ A La Carte Part Numbers for DNA Advantage for the Cisco Catalyst 6000 Series
The Base license for Cisco DNA Advantage is IP Base or Enterprise Services. As such, only hardware PIDs with the “-IPB” or “-ES” suffix must be chosen.
Note that when the Base license is IP Base, you are limited to only 3 virtual networks.
■ Power Supply Module for the Cisco Catalyst 6880-X Series ■ Fan Tray for the Cisco Catalyst 6880-X Series
SKU Description SKU Description
C6880-X-3KW-AC 3000 W AC Power Supply Module C6880-X-FAN Fan Tray for the Cisco Catalyst 6880-X Series
C6880-X-3KW-DC 3000 W DC Power Supply Module
36
Switches
■ Supervisor Engine for the Cisco Catalyst 6807-XL
Switching Equipped Equipped Ports Registered L3 Routes Registered
SKU Cisco IOS
Capacity PFC MSFC SFP SFP/SFP+ X2 QSFP IPv4 IPv6 NetFlow
VS-S2T-10G 2.08 Tbps PFC4 MSFC5 3 - 2 - IP Base 256K 128K 256K
VS-S2T-10G-XL 2.08 Tbps PFC4XL MSFC5 3 - 2 - IP Base 1024K 512K 1024K
C6800-SUP6T 6 Tbps PFC4 MSFC5 - 8 - 2 IP Services 256K 128K 512K
C6800-SUP6T-XL 6 Tbps PFC4XL MSFC5 - 8 - 2 IP Services 1024K 512K 1024K
Wireless
■ Line Card for the Cisco Catalyst 6807-XL
SKU Per-slot Ports Mac
sec VSL
DFC4-equipped model DFC4XL-equipped model Bandwidth GE SFP SFP/SFP+ X2/SFP+ CFP/QSFP
WS-X6824-SFP-2T WS-X6824-SFP-2TXL 20 Gbps - 24 - - - - -
WS-X6848-TX-2T WS-X6848-TX-2TXL 40 Gbps 48 - - - - - -
C6800-48P-TX C6800-48P-TX-XL 40 Gbps 48 - - - - - -
WS-X6848-SFP-2T WS-X6848-SFP-2TXL 40 Gbps - 48 - - - - -
C6800-48P-SFP C6800-48P-SFP-XL 40 Gbps - 48 - - - - -
Routing
WS-X6816-10G-2T WS-X6816-10G-2TXL 40 Gbps - - - 16*4 - - ●
C6800-8P10G C6800-8P10G-XL 80 Gbps - - 8 - 2*5 ● ●
C6800-16P10G C6800-16P10G-XL 80 Gbps - - 16 - 4* 5 ● ●
C6800-32P10G C6800-32P10G-XL 160 Gbps - - 32 - 8* 5 ● ●
■ Power Supply Module for the Cisco Catalyst 6807-XL ■ Fan Tray for the Cisco Catalyst for 6807-XL
SKU Description SKU Description
C6800-XL-3KW-AC 3000 W AC Power Supply Module C6807-XL-FAN Fan Tray for Cisco Catalyst 6807-XL
Security
■ Cisco Catalyst 6807-XL Bundle
Bundle
SKU
Chassis Supervisor Engine Power Supply Module Fan Tray Cisco IOS
C6807-XL-S2T-BUN C6807-XL VS-S2T-10G C6800-XL-3KW-AC x 2 C6807-XL-FAN IP Services
Cisco Meraki
*1 Cisco Catalyst 6840-X/6880-X Series supports the Cisco IOS IP Services/Advanced Enterprise Services.
*2 SFP+ direct-attach breakout cable (QSFP-4SFP10G-CUxM, QSFP-4x10G-ACxM) or SFP+ Active Optical breakout Cable (QSFP-4X10G-AOCxM) is required to mount SFP/SFP+ module.
*3 QSFP Converter (CVR-4SFP10G-QSFP on roadmap) is required to mount QSFP module.*4 SFP+ Converter (CVR-X2-SFP10G) is required to mount SFP+ module.
*5 QSFP Active Optical breakout Cable (QSFP-4X10G-AOCxM) or QSFP Converter (CVR-4SFP10G-QSFP on roadmap) is required to mount QSFP module.
DNA-Center
The Cisco Nexus 7700 Switches are the latest extension to the Cisco Nexus
7000 Series modular switches. With more than 83 terabits per second (Tbps)
of overall switching capacity, the Cisco Nexus 7700 Switches deliver the
highest-capacity 10, 40, and 100 Gigabit Ethernet ports in the industry, with
up to 768 native 10-Gbps ports, 384 40-Gbps ports, or 192 100-Gbps ports.
This high system capacity is designed to meet the scalability requirements of
the largest cloud environments.
SMB
The Cisco Nexus 7700 switches (Figure 1) have operational and feature
consistency with the existing Cisco Nexus 7000 Series Switches, using
common system architecture, the same application-specific integrated circuit
(ASIC) technology, and the same proven Cisco NX-OS Software releases.
■ A La Carte Part Numbers for Cisco DNA Advantage for Cisco Nexus 7000 Series
Software
License type Term Product ID
3 years N7000-DNA-A-3YR
Cisco DNA Advantage 5 years N7000-DNA-A-5YR
7 years N7000-DNA-A-7YR
Please contact your account team for additional ordering information such as Cisco ONE packaging.
Financing
The minimum Base license for activating Cisco DNA Advantage is the LAN Enterprise license (N77-LAN1K9).
7000 18-slot Yes 16 550 Gbps 17.6 768 768 192 96 25 Side-side
7700 2-slot SDA Ready No 1 1.3 Tbps 5 48 48 24 12 3 Front-back
7700 6-slot SDA Ready Yes 4 1.3 Tbps 21 192 192 96 48 9 Front-back
7700 10-slot SDA Ready Yes 8 1.3 Tbps 42 384 384 192 96 14 Front-back
Programs &
Promotions
7700 18-slot SDA Ready Yes 16 1.3 Tbps 83 768 768 384 192 26 Front-back
37
■ Cisco Nexus 7000 Supervisors
Switches
Connectivity
Fibre Channel Virtual Device Cisco Fabric
Management
CPU Speed (GHz) Memory (GB) Flash Memory over Ethernet CPU share Contexts Extender (FEX)
Processor
on F2 module (VDCs) support
(CMP)
Nexus 7700 Dual Quad- 8+1 admin 64 FEX/3072 Not
2.13 32 USB Yes Yes
Supervisor 2E SDA Ready Core Xeon VDC ports supported
Nexus 7000 Dual Quad- 8+1 admin 64 FEX/3072 Not
2.13 32 USB Yes Yes
Supervisor 2E SDA Ready Core Xeon VDC ports supported
Nexus 7000 Quad-Core 4+1 admin ort 32 FEX/1536 Not
2.13 12 USB Yes Yes
Supervisor 2 Xeon VDC ports supported
Nexus 7000 Dual-Core Compact 32 FEX/1536 Not
1.66 8 No No 4
Supervisor 1 Xeon Flash ports supported
48 ports,
N7K-F248XP-25E F2e Cisco Nexus 7000 SFP, SFP+ 480 720 Sampled
1 and 10 GE
48 ports,
N7K-F248XT-25E F2e Cisco Nexus 7000 RJ45 480 720 Sampled
1 and 10 GE
48 port
N7K-F348XP-25 F3 Cisco Nexus 7000 SFP, SFP+ 480 720 Sampled
1 and 10 GE
Quad Small Form
12 port
N7K-F312FQ-25 F3 Cisco Nexus 7000 Factor Pluggable 480 720 Sampled
40 GE
Plus (QSFP+),
Bidirectional (Bidi)
6 port
N7K-F306CK-25 F3 Cisco Nexus 7000 Cisco CPAK 480 900 Sampled
100 GE
N77-F348XP-23 F3 Cisco Nexus 7700 48 port 1 and 10 GE SFP, SFP+ 480 720 Sampled
24 port
N77-F324FQ-25 F3 Cisco Nexus 7700 QSFP+, Bidi 960 1440 Sampled
40 GE
12 port
N77-F312CK-26 F3 Cisco Nexus 7700 Cisco CPAK 1200 1800 Sampled
100 GE
38
Switches
Wireless
Overlay Locator/ID F-Series
Routing
Cisco FEX Transport Separation FCoE and IEEE 1588 Interoper-
BGP-EVPN Encryption QinQ MPLS FCoE PONG
TrustSec support Virtualization Protocol FabricPath PTP ability in the
(OTV) (LISP) same VDC
Security
No 128-bit Yes Yes Yes Yes Yes No No No Yes Yes Yes
Cisco Meraki
Yes Yes Yes Yes Yes Yes Yes
and 256-bit ready ready ready ready ready
128- Hardware- Hardware- Hardware- Hardware- Hardware-
Yes Yes Yes Yes Yes Yes Yes
and 256-bit ready ready ready ready ready
128- Hardware- Hardware- Hardware- Hardware- Hardware-
Yes Yes Yes Yes Yes Yes Yes
and 256-bit ready ready ready ready ready
DNA-Center
Overlay Transport Virtualization (OTV),
Cisco Fabric Virtual Port Fibre Channel over
FabricPath Layer 3 Cisco Locator/ID Separation Protocol M-Series Interoperability
Extender (FEX) Channel (vPC) Ethernet (CoE), FabricPath VXLAN/EVPN
support interface (LISP), Multiprotocol Label Switching in same VDC
support support support
(MPLS)
Hardware
Yes Yes Yes Yes Yes Yes Yes
Ready
SMB
Hardware
Yes Yes Yes Yes Yes Yes Yes
Ready
Hardware
Yes Yes Yes Yes Yes Yes Yes
Ready
Software
Hardware
Yes Yes Yes Yes Yes Yes Yes
Ready
Hardware
Yes Yes Yes Yes Yes Yes Yes
Ready
Hardware
Yes Yes Yes Yes Yes Yes Yes
Ready
Financing
Cisco
Services
Cisco
vices
Ser-
Programs &
Promotions
39
Cisco Catalyst 9300 Series Switches
Switches
The Cisco® Catalyst® 9300 Series Switches are Cisco’s lead stackable
enterprise switching platform built for security, IoT, mobility, and cloud. They
are the next generation of the industry’s most widely deployed switching
platform. The Catalyst 9300 Series switches form the foundational building
block for Software-Defined Access (SD-Access), Cisco’s lead enterprise
architecture. At 480 Gbps, they are the industry’s highest-density stacking
bandwidth solution with the most flexible uplink architecture. The Catalyst 9300
Series is the first optimized platform for high-density 802.11ac Wave2.
It sets new maximums for network scale. These switches are also ready for the
future, with an x86 CPU architecture and more memory, enabling them to host
containers and run third-party applications and scripts natively within the switch.
Over Ethernet (Cisco UPOE®) and Power over Ethernet Plus (PoE+) ports.
The Catalyst 9300 Series is designed for Cisco StackWise® technology, The switches are based on the Cisco Unified Access™ Data Plane 2.0 (UADP)
providing flexible deployment with support for nonstop forwarding with 2.0 architecture which not only protects your investment but also allows a larger
stateful switchover (NSF/SSO), for the most resilient architecture in a stackable scale and higher throughput. A modern operating system, open Cisco IOS XE
(sub-50-ms) solution. The highly resilient and efficient power architecture with programmability offers advanced security capabilities and Internet of
features Cisco StackPower®, which delivers high-density Cisco Universal Power Things (IoT) convergence.
Please note: Existing 3850 network modules are also supported in the Cisco Catalyst 9300 Series platforms.
■ A La Carte Part Numbers for DNA Advantage for the Cisco Catalyst 9300 Series
■ Cisco ONE Software Part Numbers for DNA Advantage for Cisco Catalyst 9300 Series
40
Cisco Catalyst 9400 Series Switches
Switches
The Cisco Catalyst® 9400 Series switches are Cisco’s leading modular
enterprise switching access platform built for security, IoT and cloud. These
switches form the foundational building block for SD-Access ― Cisco’s lead
enterprise architecture. The platform provides unparalleled investment
protection with a chassis architecture that is capable of supporting up to 9Tbps
Wireless
of system bandwidth and unmatched power delivery for high density IEEE
802.3BT (60W PoE). Redundancy is now table stakes across the portfolio. The
Catalyst 9400 delivers state-of-the-art High Availability (HA) with capabilities
like uplink resiliency, N+1/N+N redundancy for power supplies. The platform is
enterprise optimized with an innovative dual-serviceable fan tray design, side to
side airflow and is closet-friendly with ~16” depth. A single system can scale up
to 384 access ports with your choice of 1G copper UPoE and PoE+ options. The
platform also supports advanced routing and infrastructure services, SD-Access
capabilities and network system virtualization. These features enable optional
Routing
placement of the platform in the core and aggregation layers of small
to medium-sized campus environments.
Security
Total number of slots 7 10
Line-card slots 5 8
Supervisor engine slots 21 22
Dedicated supervisor engine slot numbers 3 and 43 5 and 63
Supervisor engine redundancy Yes Yes
Supervisor engines supported C9400-SUP-1 C9400-SUP-1
Cisco Meraki
Maximum PoE per slot 2880W4 2880W4
Maximum Bandwidth scalability per line-card slot Up to 480 Gbps on all slots5 Up to 480 Gbps on all slots5
Number of power supply bays 8 8
AC input power Yes Yes
Integrated PoE Yes Yes
Power supplies supported 3200W AC 3200W AC
DNA-Center
Number of fan-tray bays 1 1
Location of 19-inch rack-mount Front Front
1
Slots 3 and 4 are reserved for supervisor engines only in Cisco Catalyst C9407R; slots 1-2 and 5-7 are reserved for line cards.
2
Slots 5 and 6 are reserved for supervisor engines only in Cisco Catalyst C9410R; slots 1-4 and 7-10 are reserved for line cards.
3
Linecards are not supported in the Supervisor slots.
4
Max PoE mentioned is as per the current shipping linecard, however chassis is capable ~4800W PoE per slot.
5
80Gbps per line-card slot when used with C9400-SUP-1
SMB
■ Cisco Catalyst 9400 Series supervisor engine maximum bandwidth per slot
Feature Cisco Catalyst 9400 Series Supervisor Engine C9400-SUP-1
Cisco Catalyst C9407R chassis 80 Gbps/slot
Cisco Catalyst C9410R chassis 80 Gbps/slot
The table lists the minimum software requirements for the Cisco Catalyst 9400 supervisor engine.
Software
■ Cisco catalyst supervisor engine software minimum requirements
Chassis Supervisor Engine Minimum Software Requirement
Cisco C9407R Supervisor Engine C9400-SUP-1 Cisco Open IOS-XE Software Release 16.6.1
Cisco C9410R Supervisor Engine C9400-SUP-1 Cisco Open IOS-XE Software Release 16.6.1
The table lists the minimum software requirements for the Cisco Catalyst 9400 supervisor engine.
Financing
C9400-LC-48T Cisco Catalyst 9400 Series 48-Port 10/100/1000 (RJ-45) Cisco Open IOS-XE Software Release 16.6
Cisco
vices
C9400-LC-24XC Cisco Catalyst 9400 Series 24-Port Gigabit Ethernet (SFP+) Cisco Open IOS-XE Software Release 16.6
Ser-
The Cisco Catalyst 9400 Series has flexible interface types and port densities that allow you to mix and match network configurations to meet
the specific needs of campus networks.
Cisco Catalyst 9400 Series Switching Modules Cisco Catalyst C9407R Cisco Catalyst C9410R
10/100/1000BASE-T Gigabit (RJ-45) ports 240 384
10/100/1000BASE-T Gigabit Ethernet with POE+ ports 240 384
Switched 10/100/1000BASE-T Gigabit Ethernet with UPOE ports 240 384
41
Physical specifications
Switches
Note:
● Output power is per power supply unless otherwise stated.
● Heat-dissipation numbers represent the power conversion losses of the power supply in operation.
● The number of power devices supported depends upon the customer configuration.
■ A La Carte Part Numbers for Cisco DNA Advantage for the Cisco Catalyst 9400 Series
License type Product ID Description
C9400-DNA-A-3Y C9400 DNA Advantage, 3-year term license
Advantage C9400-DNA-A-5Y C9400 DNA Advantage, 5-year term license
C9400-DNA-A-7Y C9400 DNA Advantage, 7-year term license
■ Cisco ONE Software Numbers for DNA Advantage for the Cisco Catalyst 9400 Series
License type Product ID Description
Cisco ONE Advantage C1A1TCAT94001 Cisco ONE Advantage term, C9400
The Base license for Cisco DNA Advantage is Network Advantage. As such, only hardware PIDs with the “-A” suffix must be chosen.
The Cisco® Catalyst® 9500 Series Switches are the next generation of
Enterprise-Class Core and Aggregation layer switches based on x86 CPU which
support full programmability and serviceability. The Cisco® Catalyst® 9500 is
Cisco’s lead purpose-built fixed core/aggregation enterprise switching platform
built for security, IoT and Cloud. These switches form the foundational building
block for SD-Access - Cisco’s lead enterprise architecture. The Cisco® Catalyst® Figure 1. Cisco Catalyst 9500 Series Switches – 24 x 40 Gigabit Ethernet
9500 Series Switches come with 4-Core 2.4GHz CPU, 16GB DDR4 memory and
16GB internal storage. The Cisco® Catalyst® 9500 is industry’s first purpose built
40G switch targeted for enterprise campus, delivering unmatched table scales
(MAC/route/ACL) and buffering for enterprise applications. The platform offers
non-blocking 40G (QSFP) and 10G (SFP+) switches with granular port densities
that fit diverse campus needs. Catalyst 9500 supports advanced routing/
Figure 2. Cisco Catalyst 9500 Series Switches – 12 x 40 Gigabit Ethernet
infrastructure services (MPLS L2/L3 VPNs, MVPN, NAT), SD-Access border
capabilities (host tracking database, cross domain connectivity and VRF aware
LISP) and network system virtualization with Stackwise virtual technology that
are critical for its placement in the campus core. The platform also supports all
the foundational HA capabilities like patching, GIR, NSF/SSO, redundant platinum
rated power supplies and fans.
Figure 3. Cisco Catalyst 9500 Series Switches – 40 x 1/10 Gigabit Ethernet
42
Switches
■ Cisco Catalyst 9500 Series configurations
Model Description Total QSFP or SFP+ Ports
C9500-24Q Cisco Catalyst 9500 Series 24-port 40 Gigabit Ethernet with QSFP+ 24 QSFP+ (or up to 24 SFP+ with QSA adapter)
C9500-12Q Cisco Catalyst 9500 Series 12-port 40 Gigabit Ethernet with QSFP+ 12 QSFP+ (or up to 12 SFP+ with QSA adapter)
C9500-40X Cisco Catalyst 9500 Series 40-port 1/10 Gigabit Ethernet with SFP/SFP+ 40 SFP/SFP+
Wireless
■ Network module numbers and descriptions
Model Description
C9500-NM-8X Cisco Catalyst 9500 Series Network Module 8-port 1/10 Gigabit Ethernet with SFP/SFP+
C9500-NM-2Q Cisco Catalyst 9500 Series Network Module 2-port 40 Gigabit Ethernet with QSFP+
Routing
■ Power supply models
Model Description
Cisco Catalyst 9500 Series 12-port 40 Gigabit Ethernet with QSFP PWR-C4-950WAC-R
Cisco Catalyst 9500 Series 24-port 40 Gigabit Ethernet with QSFP+ PWR-C4-950WAC-R
Cisco Catalyst 9500 Series 40-port 1/10 Gigabit Ethernet with SFP/SFP+ PWR-C4-950WAC-R
Security
■ Cisco Catalyst 9500 performance specifications
Performance Numbers for All Switch Models C9500-12Q C9500-24Q C9500-40X
Switching capacity Up to 480 Gbps full duplex Up to 960 Gbps full duplex Up to 480 Gbps full duplex
Forwarding rate Up to 720 Mpps Up to 1440 Mpps Up to 720 Mpps
Total number of MAC addresses Up to 64K*
Cisco Meraki
Total number of IPv4 routes (Address Resolution
Up to 64K indirect* Up to 32K host*
Protocol [ARP] plus learned routes)
Total number of IPv6 routes Up to 32K indirect* Up to 16K host*
Multicast scale Up to 48K*
QoS ACL Scale Up to 48K*
DNA-Center
Performance Numbers for All Switch Models C9500-12Q C9500-24Q C9500-40X
Security ACL scale Up to 18K*
FNF entries Up to 512K*
DRAM 16 GB
Flash 16 GB
VLAN IDs 4K
Total Switched Virtual Interfaces (SVIs) 4K
Jumbo frame 9198 bytes
SMB
*Varies based on selected flexible ASIC template.
■ A La Carte Part Numbers for Cisco DNA Advantage for the Cisco Catalyst 9500 Series
License type Product ID Description
C9500-DNA-L-A C9500 DNA Advantage, low density term licenses
Software
Advantage C9500-DNA-L-A-3Y C9500 DNA Advantage, low density, 3-year term license
(low density) C9500-DNA-L-A-5Y C9500 DNA Advantage, low density, 5-year term license
C9500-DNA-L-A-7Y C9500 DNA Advantage, low density, 7-year term license
C9500-DNA-A C9500 DNA Advantage, high density term licenses
Advantage C9500-DNA-A-3Y C9500 DNA Advantage, high density, 3-year term license
(high density) C9500-DNA-A-5Y C9500 DNA Advantage, high density, 5-year term license
Financing
■ Cisco ONE Part Numbers for Cisco DNA Advantage for the Cisco Catalyst 9500 Series
License type Product ID Description
C1A1TCAT95001 Cisco ONE Advantage term, C9500
Cisco ONE Advantage
Cisco
Services
43
Cisco Catalyst 4500/6500/6800 Series Transition Guide
Switches
■ Chassis for the Cisco Catalyst 4500 Series ■ Chassis for the Cisco Catalyst 6500/6800 Series
WS-C4503 *1
WS-C4503-E / C9407R WS-C6503 *13
C6807-XL
WS-C6509-NEB-A *15
WS-C6509-V-E
■ Supervisor Engine for the Cisco Catalyst 4500 Series
WS-C6513 *16
WS-C6513-E
Legacy Models Current Models
WS-X45-SUP8L-E
WS-X4516-10GE*3 ■ Supervisor Engine for the Cisco Catalyst 6500/6800 Series
WS-X45-SUP8-E / WS-X45-SUP9-E
Legacy Models Current Models (PFC4) Current Models (PFC4XL)
WS-X45-SUP6L-E*4 WS-X45-SUP8L-E
VS-S2T-10G / VS-S2T-10G-XL /
WS-X45-SUP6-E*5 WS-X45-SUP8-E / WS-X45-SUP9-E WS-SUP32-GE-3B*17
C6800-SUP6T C6800-SUP6T
VS-S2T-10G / VS-S2T-10G-XL /
WS-SUP32-10GE-3B*17
C6800-SUP6T C6800-SUP6T
VS-S2T-10G / VS-S2T-10G-XL /
WS-SUP720-3B*18
C6800-SUP6T C6800-SUP6T
VS-S2T-10G-XL /
■ Line Card for the Cisco Catalyst 4500 Series WS-SUP720-3BXL*18 -
C6800-SUP6T
Legacy Models Current Models VS-S2T-10G / VS-S2T-10G-XL /
VS-S720-10G-3C*19
C6800-SUP6T C6800-SUP6T
WS-X4148-RJ *6
WS-X4748-RJ45-E
VS-S2T-10G-XL /
VS-S720-10G-3CXL*19 -
WS-X4748-RJ45V+E C6800-SUP6T
WS-X4248-RJ45V*7 WS-X4748-UPOE+E
WS-X4748-12X48U+E ■ Line Card for the Cisco Catalyst 6500/6800 Series
WS-X4712-SFP-E Legacy Models Current Models (PFC4) Current Models (PFC4XL)
WS-X4306-GB*8 WS-X4724-SFP-E
WS-X4748-SFP-E WS-X6848-SFP-2T WS-X6848-SFP-2TXL
WS-X6148-FE-SFP*20
C6800-48P-SFP C6800-48P-SFP
WS-X4712-SFP-E
WS-X4418-GB*9 WS-X4724-SFP-E WS-X6148A-GE-TX*21 WS-X6848-TX-2T WS-X6848-TX-2TXL
WS-X4748-SFP-E
WS-X6548-GE-TX *20
WS-X6848-TX-2T WS-X6848-TX-2TXL
WS-X4748-RJ45V+E
WS-X4748-UPOE+E WS-X6516A-GBIC *20
WS-X6824-SFP-2T WS-X6824-SFP-2TXL
WS-X4506-GB-T*9 WS-X4712-SFP-E
WS-X4724-SFP-E WS-X6724-SFP *19
WS-X6824-SFP-2T WS-X6824-SFP-2TXL
WS-X4748-SFP-E
WS-X6748-GE-TX *22
C6800-48P-TX C6800-48P-TX-XL
WS-X4548-GB-RJ45*3 WS-X4748-RJ45-E
WS-X6848-SFP-2T WS-X6848-SFP-2TXL
WS-X6748-SFP*22
WS-X4748-RJ45V+E C6800-48P-SFP C6800-48P-SFP
WS-X4524-GB-RJ45V*10 WS-X4748-UPOE+E
WS-X6716-10T-3C*19 - -
WS-X4748-12X48U+E
WS-X6716-10T-3CXL*19 - -
WS-X4748-RJ45V+E
WS-X4548-GB-RJ45V*3 WS-X4748-UPOE+E WS-X6816-10G-2T
WS-X4748-12X48U+E WS-X6716-10G-3C*19 -
C6800-16P10G
WS-X4748-RJ45V+E WS-X6816-10G-2TXL
WS-X4548-RJ45V+*11 WS-X4748-UPOE+E WS-X6716-10G-3CXL*19 -
C6800-16P10G-XL
WS-X4748-12X48U+E
WS-X6708-10G-3C*22 C6800-8P10G -
WS-X4648-RJ45-E*12 WS-X4748-RJ45-E
WS-X6708-10G-3CXL *22
- C6800-16P10G-XL
WS-X4748-RJ45V+E
WS-X4548-RJ45V+*11 WS-X4748-UPOE+E WS-X6908-10G-2T *22
C6800-8P10G -
WS-X4748-12X48U+E
WS-X6908-10G-2TXL *22
- C6800-16P10G-XL
WS-X4748-RJ45V+E
WS-X4648-RJ45V+E *12
WS-X4748-UPOE+E C6800-16P10G
WS-X6904-40G-2T*22 -
WS-X4748-12X48U+E C6800-32P10G
WS-X4712-SFP-E C6800-16P10G-XL
WS-X6904-40G-2TXL*22 -
WS-X4612-SFP-E*12 WS-X4724-SFP-E C6800-32P10G-XL
WS-X4748-SFP-E
WS-X6816-10T-2T*22 - -
WS-X4712-SFP-E
WS-X4624-SFP-E*12 WS-X4724-SFP-E WS-X6816-10T-2TXL*22 - -
WS-X4748-SFP-E
*1 Search for EOL6869 at cisco.com.*2 Search for EOL8168 at cisco.com.*3 Search for EOL8162 at cisco.com.*4 Search for EOL9604 at cisco.com.
*5 Search for EOL8975 at cisco.com.*6 Search for EOL9420 at cisco.com.*7 Search for EOL9424 at cisco.com.*8 Search for EOL8969 at cisco.com.
*9 Search for EOL7380 at cisco.com.*10 Search for EOL6879 at cisco.com.*11 Search for EOL9426 at cisco.com.*12 Search for EOL10936 at cisco.com.
*13 Search for EOL3037 at cisco.com.*14 Search for EOL6564 at cisco.com.*15 Search for EOL6720 at cisco.com.*16 Search for EOL8193 at cisco.com.
*17 Search for EOL7769 at cisco.com.*18 Search for EOL8147 at cisco.com.*19 Search for EOL9892 at cisco.com.*20 Search for EOL7770 at cisco.com.
*21 Search for EOL9058 at cisco.com.*22 Search for EOL10550 at cisco.com.
44
Modules & Accessories
Switches
■ Cisco Redundant Power System (RPS) 2300
Compatible Series
SKU Description
2960-CX 3560-CX 2960-Plus 2960-X 3650 3850 4500E 4500-X 6500 6800
PWR-RPS2300 Cisco RPS 2300 Chassis - - - ● ●*3 - - - - ●*4
*1
C3K-PWR-750WAC 750 W AC Power Supply Module for Cisco RPS 2300 - - - ● *2 ● *3
- - - - ●*4
Wireless
*1
CAB-RPS2300= Spare 14-pin RPS Cable for Cisco RPS 2300 - - ● - *2 - - - - - -
CAB-RPS2300-E= Spare 22-pin RPS Cable for Cisco RPS 2300 - - - ● ●*3 - - - - ●*4
Routing
GLC-T 1000BASE-T SFP Module - - ● ● ● ● ● ● ● ●
GLC-SX-MMD 1000BASE-SX SFP Module (DOM) ● ● ● ● ● ● ● ● ● ●
GLC-LH-SMD 1000BASE-LX SFP Module (DOM) ● ● ● ● ● ● ● ● ● ●
GLC-BX-D 1000BASE-BX SFP Module (1490 nm) ● ● ● ● ● ● ● ● ● ●
GLC-BX-U 1000BASE-BX SFP Module (1310 nm) ● ● ● ● ● ● ● ● ● ●
GLC-EX-SMD 1000BASE-EX SFP Module ● ● - ● ● ● ● ● ● ●
Security
GLC-ZX-SMD 1000BASE-ZX SFP Module ● ● ● ● ● ● ● ● ● ●
SFP-10G-SR 10GBASE-SR SFP+ Module - ● - ● ● ● ● ● ● ●
SFP-10G-LR 10GBASE-LR SFP+ Module - ● - ● ● ● ● ● ● ●
SFP-10G-LRM 10GBASE-LRM SFP Module - ● - ● ● ● ● ● ● ●
SFP-10G-ER 10GBASE-ER SFP+ Module - ● - ● ● ● ● ● ● ●
Cisco Meraki
SFP-10G-SR-S Cisco 10GBASE-SR SFP+ Module for MMF - ● - ● ● ● ● ● ● ●
SFP-10G-LR-S Cisco 10GBASE-LR SFP+ Module for SMF - ● - ● ● ● ● ● ● ●
SFP-10G-ER-S Cisco 10GBASE-ER SFP+ Module for SMF - ● - ● ● ● ● ● ● ●
SFP-10G-ZR-S Cisco 10GBASE-ZR SFP+ Module for SMF - ● - ● ● ● ● ● ● ●
SFP-10G-ZR Cisco 10GBASE-ZR SFP+ Module for SMF - ● - ● ● ● ● ● ● ●
X2-10GB-CX4 10GBASE-CX4 X2 Module - - - - - - ● - ● ●*5
DNA-Center
X2-10GB-LRM 10GBASE-LRM X2 Module - - - - - - ● - ● ●*5
X2-10GB-SR 10GBASE-SR X2 Module - - - - - - ● - ● ●*5
X2-10GB-LR 10GBASE-LR X2 Module - - - - - - ● - ● ●*5
X2-10GB-ER 10GBASE-ER X2 Module - - - - - - ● - ● ●*5
X2-10GB-ZR 10GBASE-ZR X2 Module - - - - - - ● - ● ●*5
CVR-X2-SFP TwinGig Converter for X2 Module - - - - - - ● - - -
CVR-X2-SFP10G SFP+ Converter for X2 Module - - - - - - ● - ● ●*5
CFP-40G-SR4 40GBASE-SR4 CFP Module - - - - - - - - ● ●*5
SMB
CFP-40G-LR4 40GBASE-LR4 CFP Module - - - - - - - - ● ●*5
CVR-CFP-4SFP10G FourX SFP+ Converter for CFP Module - - - - - - - - ● ●*5
CVR-QSFP-SFP10G SFP/SFP+ Converter for QSFP Module - - - - - - - - ● ●*5
CVR-4SFP10G-QSFP QSFP Converter for SFP+ Module - - - - - ● ● ● ● ●
*1 LAN Lite model does not support stacking.*2 IP Lite model is not supported.*3 Mini models only.*4 Cisco Catalyst 6880-Series and Cisco Catalyst 6807-XL are not supported.
Software
*5 Cisco Catalyst 6880-X is not supported.
Ports
Cisco Catalyst Switches support the following interface ports for uplink and
■ Ports Supported by Fixed-Configuration Cisco Catalyst Switches (e.g.)
Financing
downlink connections:
●
- QSFP module slot (QSFP)
Cisco
vices
45
Subscription-based software designed to make networking simple
Switches
The Advantage tier is arguably the finest software tier ■ DNA Advantage Offer Details
available in the Enterprise Switching market today.
It contains the best Network OS license – ‘Network
Advantage’ providing Full L3, Segmentation and
Resiliency capabilities on the Catalyst platforms. It
also provides a ‘DNA Advantage’ license containing
Cisco’s lead Enterprise architectural solution – SD-
Access, providing policy-based automation from
edge to cloud, network security through micro-
segmentation, encrypted traffic analytics (ETA) and
proactive issue resolution through predictive analytics.
Advantage and Essentials, introduced in conjunction ■ Cisco ONE Advantage Offer Details
with our Catalyst 9000 series of switches, also support
Cisco’s Catalyst 3K, 4K, 6K series and will give
customers the flexibility to access advanced Digital
Network Architecture (DNA) software capabilities by
subscription, either via Cisco ONE software suites or
a-la-carte components.
■ Benefits
The value of subscription buying becomes clear as
customers take advantage of this new era in In addition to transactional purchasing, customers can
networking: also choose to access the latest DNA innovation
across their infrastructure through the Cisco Enterprise
● Software evolves at lightning speed. Subscription buying assures customers that Agreement (Cisco EA), which I blogged about last
their software is always up-to-date in today’s changing environments month. Cisco EA is a single, simple agreement that
● Subscriptions simplify the purchase of software suites across Cisco’s portfolio, and help the customer gives customers a flexible, attractive way to consume
scale throughout their business as they grow and take advantage of additional capabilities from Cisco and deploy Cisco Software. Cisco EA is more than a
● As Cisco continues to add value and features, subscription offers give licensing agreement. It’s our platform for building deep,
customers quick, easy access to ongoing innovation meaningful customer relationships wherein Cisco
● Subscriptions enable customers to accelerate deployment of new capabilities and implementation continually adds value to what we offer our customers,
of new business models by reducing entry costs through the use of OPEX instead of CAPEX and is a key part of our strategy to connect more
directly to our customers’ business needs.
46
Switches Wireless Routing Security Cisco Meraki DNA-Center SMB Software Financing Cisco
Cisco
Ser- Programs &
Services
vices Promotions
47
Wireless
Wireless Access Points / Controllers
Wireless
Turbo Performance
Full Technical Comparison between Cisco and Aruba
Cisco’s AP can
Only Cisco’s dual-band Cisco Aironet AP can dynamically reconfigure
dynamically change its
its 2.4-GHz radio to be a 5-GHz radio and run both simultaneously,
2.4-GHz radio to be a
significantly increasing channels and 5-GHz device throughput.
5-GHz radio
In a typical dual-band environment, with both 2.4- and 5-GHz radios
Better throughput
operating, Cisco achieved over 1 Gbps of AP throughput. Aruba posted a
performance with Cisco
max AP throughput of just 714 Mbps under the the same conditions.
More clients can stream The Cisco Aironet 2800 can successfully stream cleanly watchable 5-Mbps
quality video with Cisco AP video to more clients than the Aruba AP-335 can.
Cisco 2800 Aruba AP-335
Cisco’s RRM out-performs Cisco’s Radio Resource Management (RRM) is better able to adapt to
Aruba’s ARM in dynamic interference – both in detecting interference and reconfiguring radios to
Models support internal Contains internal antennas
radio configuration minimize it – than Aruba’s Adaptive Radio Management (ARM)
or external antennas
Cisco AP’s are managed as Cisco’s Wireless LAN Controller manages all connected APs as a unit and
a unit, improving coverage can adjust power levels to maximize available frequencies.
for more information, check the full Miercom report
http://cs.co/9002DE8du Aruba MU-MIMO spatial- Testing found the Aruba AP-335s claimed support for four spatial streams
stream support offers no can actually reduce aggregate throughput, offering no advantages over the
advantage over Cisco Cisco 2800 APs support of three spatial streams.
● Optimized Distributed Data Plane: the data plane is distributed at the edge
switches for optimal performance and scalability without the hassles usually
associated with distributing traffic (spanning VLANs, subnetting, etc.)
● Seamless L2 Roaming everywhere: SD-Access Fabric allows clients to roam
seamlessly across the campus while retaining the same IP address.
● Simplified Guest and mobility tunneling: an anchor WLC controller is not
needed anymore and the guest traffic can directly go to the DMZ without
hopping through a Foreign controller
● IOT Ready Infrastructure: IoT traffic can be easily segmented from your
corporate traffic, end to end, across your network
● Policy simplification: SD Access breaks the dependencies between Policy
and network constructs (IP address and VLANS) simplifying the way we can
define and implement Policies. For both wired and wireless clients.
● Segmentation made easy: Segmentation is carried end to end in the Fabric
and is hierarchical, based on Virtual Networks (VNIs) and Scalable Group Tags
(SGTs). Same segmentation policy is applied to both wired and wireless users
● Simplified operations: one subnet for AP onboarding, no need for client
VLANs, ACLs, VLAN Pooling, Dynamic Interfaces. Client IP Subnetting is
simplified and the SDA Fabric allows to have one subnet to be provisioned for
clients across entire Campus
● AIR-CT3504
● AIR-CT5520
● AIR-CT8510
● AIR-CT8540 AIR-CT3504 AIR-CT5520 AIR-CT8510 AIR-CT8540
This architecture is optimized for Wave2 11ac access points in Local mode:
● AP1815
● AP1830
● AP1850
● AP2800
● AP3800
Wave 1 11ac access points are supported with SD-Access wireless with limited
feature support
48
Flexible Radio Assignment
Switches
With Cisco’s Aironet 2800 and 3800 Series Access Points, we support the
latest Wi-Fi Standard 802.11ac Wave 2 providing more bandwidth for more • Default operating mode
devices. We go beyond the standard to provide advanced innovation that self- 5GHz 2.4GHz • Serve clients on both 2.4GHz and 5GHz
optimizes your network in those unpredicted times of high density. This feature is Serving Serving
called Flexible Radio Assignment. It automatically detects when a high number • Dual 5GHz support, both radios serving
of devices are connected to a network by using the dual radios in the access
Wireless
clients on 5GHz
5GHz 5GHz
point to serve more clients, while still monitoring the network for security threats Serving Serving • Maximum over air data rate up to 5.2Gbps
and RF Interference that may affect performance. Flexible Radio Assignment is
a Cisco Innovation designed to provide a better mobile user experience for high • Wireless security monitoring
5GHz Wireless • Scan both 2.4GHz and 5GHz for security threats
density networks. Security
Serving
Monitor
• Serve clients on 5GHz
Routing
The Cisco Mobility Express Solution is specifically designed to help small and In the Cisco Mobility Express Solution, one access point (AP), running the Cisco
medium-sized networks easily and cost-effectively deliver enterprise-class Mobility Express wireless controller, is designated as the master AP. Other
wireless access to employees and customers. access points, referred to as subordinate APs, associate to this master AP.
Cisco Mobility Express Solution is an on-premise, managed Wi-Fi solution that: The master AP operates as a wireless controller, to manage and control the
subordinate APs, and also operates as an access point to serve clients. The
● Provides an easy, over-the-air interface for deployment in under 10 minutes
subordinate APs behave as normal lightweight access points to serve clients.
Security
● Is ideal for small and medium-sized deployments of up to 25/50/100 Access
Points depending on the master access point
● Is supported on Cisco Aironet 1815/1830/1850/2800/3800/1560 Series*1
Master AP Subordinate APs
● Can control other access points, such as Cisco Aironet 1700/2700/3700 Series
operates as behave as
a wireless controller normal lightweight APs
Cisco Meraki
Aironet 1815i/1830/1850/2800
/3800/1560 Series*1
Aironet 1700/2700/3700
3-step over-the-air wireless network configuration and so on
DNA-Center
Cisco Mobility Express Software for Cisco Wireless Release 8.4 & 8.5
In the Cisco Wireless Release 8.4, the following new features and functionalities ■ RF Optimization in the Web User Interface
SMB
have been introduced to the Cisco Mobility Express Software:
Software
(for iOS application traffic prioritization)
• Support for ISE RADIUS
• Support for RF management through Flexible Radio Assignment (FRA)
● Increased scale up to 100 APs and 2000 clients depending on the master
AP: available starting release 8.4
● Automatic day 0 provisioning of the master AP through the Cisco Network
Plug and Play (PnP) solution: available starting release 8.4
● Enable suggestions for enhancements via Make a wish in the GUI
Financing
49
IEEE 802.11ac
IEEE 802.11ac (11ac) is the successor of IEEE 802.11n (11n), which is the current ■ IEEE 802.11n/ac Specification Comparison
mainstream wireless standard. It outperforms typical 1 GE wired LAN with a Theoretical Maximum Throughput
Standard/Number of
maximum throughput of 6.9 Gbps, compared against the theoretical maximum Data Streams 20 MHz 40 MHz 80 MHz 160 MHz
throughput of 600 Mbps of 11n. 11ac achieves higher communication speeds by
1 stream 72 Mbps 150 Mbps - -
strengthening the following three elements:
2 streams 144 Mbps 300 Mbps - -
Wireless
IEEE
● Higher density modulation method: Increased from 64QAM to 256QAM (11n) 802.11n 3 streams 216 Mbps 450 Mbps - -
● Expansion of channel bonding: Increased from 40 MHz max. (11n) to 80 MHz
4 streams 288 Mbps 600 Mbps - -
max. (11ac Wave 1) or up to 160 MHz (11ac Wave 2)
● Further evolved MIMO (Multiple Input Multiple Output): Increased the 1 stream - 200 Mbps 433 Mbps 866 Mbps
maximum number of data streams in 11n from 4 to 8 and upgraded the 2 streams - 400 Mbps 866 Mbps 1733 Mbps
simultaneous communication capability from 1:1 to 1:n (Multi-User MIMO)
3 streams - 600 Mbps 1299 Mbps 2600 Mbps
Among Cisco’s Access Points, the Cisco Aironet 1700/1810/1810W/1830 IEEE 4 streams - 800 Mbps 1733 Mbps 3466 Mbps
Series, the Cisco Aironet 1560/1570/2700/3700 Series, the Cisco Aironet 802.11ac 5 streams - 1000 Mbps 2166 Mbps 4333 Mbps
1850 Series, and the Cisco Aironet 2800/3800 Series are compatible with 6 streams - 1200 Mbps 2599 Mbps 5200 Mbps
11ac, delivering theoretical maximum throughputs of 867 Mbps, 1.3 Gbps,
7 streams - 1400 Mbps 3033 Mbps 6066 Mbps
1.7 Gbps and 2.6 Gbps, respectively.
8 streams - 1600 Mbps 3466 Mbps 6933 Mbps
50
Switches
Cisco Connected Mobile Experiences (CMX) Solutions
Cisco Connected Mobile Experiences (CMX) is a revolutionary solution
that collects and analyzes the location of wireless LAN (Wi-Fi) devices such
as smartphones and tablets for business utilization. This solution supports
the monetization of wireless LAN in a wide range of sectors including retail,
services, transportation, healthcare, education, and government offices.
Wireless
There is some confusion around terminology between CMX and the Mobility Detect Connect Engage
Services Engine (MSE). The MSE refers to the location appliance (physical or
virtual) and the name of the product prior to CMX 10. From version 10, however,
we refer to CMX as the overall name of the product and platform. The term
platform is important as CMX actually consists of a number of different products
and capabilities. Cisco CMX provides the services described below.
Routing
■ Cisco CMX Detect & Locate ■ Offering a Variety of
service enables you to view and track devices in your deployment. Analysis Methods including
Traffic Line Information and
The Detect & Locate service uses the data provided by Cisco WLCs to calculate Residence Time
the X,Y location (based the floor map uploaded) of wireless devices that are
detected by the access points that support the wireless LAN (WLAN) to a high
degree of precision.
Security
Cisco CMX Analytics ■ Venue Efficiency
By helping you better understand how your visitors actually behave while at
provides a set of data analytic tools for analyzing Wi-Fi device locations. The your site, Cisco CMX helps you make the best use of your floor plan. With this
Analytics service helps organizations use the network as a data source to view improved insight, you can:
Cisco Meraki
visitors’ behavior patterns and trends, which will in turn help businesses improve
● Determine the most trafficked locations to position advertisements,
visitor experience and boost customer service. products or services
● Adjust venue layout to optimize traffic flow in periods of high use
● Device count ● Staff service locations to accommodate visitor flows and time of day
● Dwell time ● Evaluate impact of floor plan adjustments
● Dwell time breakdown ● Office/building/store space utilization (e.g., great for helping an enterprise
● Associated User Report figure out how its workforce is using office space, and optimizing that usage)
● Path analysis
DNA-Center
● Correlation
For your customers and your business, the Cisco CMX solution can deliver the
right information at the right time.
SMB
and threats at Layers 1 through 3.
The role of the MSE with WIPS is to provide the location of the alarm and de-
duplication of Alarms sent to Prime. Standard WIPS functionality (characterizing
attacks) is done on the Access Point and sent to the WLC. With aWIPS,
however, attacks that are simultaneously heard on several Access Points are
correlated on the MSE 8.0 WIPS feature. MSE and Adaptive wIPS software
licenses are required to detect over-the-air threats such as reconnaissance,
Software
encryption cracking, authentication cracking, denial-of-service (DoS) attacks,
and potential threats indicated by anomalous traffic patterns. MSE and
Adaptive wIPS also provide full-forensics traffic captures, long-term security
event archiving, and reporting, wIPS default tuning profiles, and a threat
knowledgebase with plain-English attack descriptions and response guidance
for ease of operations.
Financing
SKU SKU
Supported Access Points Supported Access Points
MSE 8.0*1 CMX 10.x*2 MSE 8.0*1 CMX 10.x*2
Ser-
L-UPG-LS-1AP L-UPG-LS-1AP-N 1
*1 AIR-CMX-CLOUD is required.
51
Cisco CMX Connect & Engage
CMX Connect has been expanded to include a new value-add component ● Increase loyalty of existing customers and attract new customers by
called Engage. We have Connect which provides intuitive, simple, highly providing them with a personalized experience
● Heighten the guest experience by providing wireless access and key
customizable, and location-aware guest services in the form of a captive portal
information during their journey
that offers multiple types of guest on-boarding experiences: ● Increase visitor satisfaction by helping them make decisions more
Acquire Visitors, Identify Location Deliver Contextul Multi-channel Integrate with Enterprise
Personas & Understand Visitor Behavior at location. Engagements Workflows
Marketing POS
Cloud/CMS
Associate Order
Notification Management
Engage is available as a Cloud Service and has a separate licensing model based on the number of Access Points.
CMX Cloud
CMX Cloud continues to benefit from new features, automatically available by ● CMX Connect Custom Policy
virtue of the Cloud model. Examples of these include: • Limit guest access
• Customize policy plans with Bandwidth and Timed access limit (to splash
● Sponsor portal page, access duration)
• Visitor Temporary accounts • Globally or Site level
• Guest Account details ● Social Media
• Email Verification: Host sponsor or Email Sponsor • Twitter and LinkedIn
● CMX Cloud Connect Vouchers - authentication path ● Meraki integration
• Up to 100 unique voucher keys ● Per site customization
• One time used ● RADIUS server (External Web Authentication)
52
Switches
Note that the above features are not available with the on-premise version of The Cisco Umbrella WLAN provides a cloud-delivered network security service
CMX Connect. at the Domain Name System (DNS) level, with automatic detection of both
known and emergent threats.
Another important update is that CMX Cloud is now available within the Cisco
ONE license model as Cisco ONE Mobility Cloud Services. This bundles Cisco ONE Mobility Cloud Services is found using the C1-AIR-MOBILITY Single
together CMX Cloud Connect with Presence Analytics and Umbrella (openDNS) SKU with two license tiers options.
WLAN. ● C1-AIR-MOB: Billing SKU for Cisco Mobility Cloud Services
● C1-UMB-WLAN: $0 SKU for Umbrella WLAN
Wireless
● C1-AIR-CMX-CPAX: $0 SKU for CMX Cloud
CMX Cloud
CMX
CMX 10 as a cloud-delivered SaaS offer
Routing
deployment and management
Wireless CMX Connect Presence Analytics
Network
Security
Sign up for 60 day free trial at cmxcloud.cisco.com
CMX Solutions
Cisco Meraki
Often, a third party is required to support the customer use case.
Cisco has partnered with several companies to provide specialized solutions in
the following areas:
DNA-Center
save customers money through cost avoidance or refactoring space for different
purposes.
This solution is aimed at the corporate office “carpeted” areas and uses Cisco
CMX as one of the primary data sources.
SMB
■ Mobile Applications with phunware
phunware delivers exceptional mobile experiences across a range of verticals.
The complete solution can be purchased from Cisco and developed by
phunware, or an SDK can be acquired to allow the end customer to create their
own Application.
Software
A main feature is the “blue dot” navigation which delivers GPS like functionality
indoors using Cisco CMX technology.
Note that certain opportunities may qualify for a free Proof Of Concept (PoV).
Financing
items using the wireless network. This is typically done by attaching a wifi
Services
Cisco
“tag” to the object which is then located using CMX. The main markets for this
vices
price lists.
This capability can also be extended to use Bluetooth Low Energy (BLE) to
reduce costs and meet specific use cases such as in-room detection.
53
Cisco Virtual Beacon
The next generation of location accuracy is here
Cisco has developed a unique and highly innovative solution to the problem Cisco’s Virtual BLE Beacon solution delivers high-accuracy location using Cisco
by combining sophisticated cloud-based software (Cisco® Connected Mobile Beacon Point hardware and CMX Cloud Beacon Center management. Generate
Wireless
Experiences (CMX) Cloud Beacon Center), on-premises 16-element steerable eight virtual beacons from a single Beacon Point. It’s as easy as dropping a pin
BLE antenna array (Cisco Beacon Point) and mobile software development kit on a map. Get true blue-dot experience for navigation plus proximity marketing,
(SDK) software for iOS and Android devices. all at your fingertips.
CMX Cloud Beacon Center is subscription software delivered via the cloud. The Beacon Center application, shown in Figure 2, offers a way to create virtual
beacons anywhere in the coverage area by a simple click, drag, and drop operation from the user interface. Administrators can create proximity messages or
use the built-in zone and path editor for analytics and wayfinding. Marketers can deliver real-time, location-aware, personalized content to increase customer
engagement and measure the effectiveness of marketing campaigns. Businesses can now focus on outcomes while reducing the footprint of on-premises
servers and battery-operated devices. Provisioning and deployment are quick and easy via the cloud. The Cisco Virtual Beacon SDK supports iOS and Android
mobile devices.
54
Cisco Virtual Beacon – How it works
Switches
Cisco How It Works
Beacon Point
1. Mobile device listens to the BLE
beacons from the Beacon Point.
Wireless
2. Cisco SDK (integrated into the
Customer mobile app) sends information
Cloud to the Cisco cloud.
Routing
Cisco Cloud
Machine learning 4 cloud for user, location and content
if required.
and location engine
Bakery 5. When users are in proximity of a virtual
Pharmacy
3 can be sent or actions can be taken.
2
6
6. Virtual Beacons can be created
Security
anywhere in the coverage area.
5
Electronics
Clothing
Cisco Meraki
Mobile app with Cisco SDK
System Requirements
DNA-Center
CMX Cloud Beacon Center CMX Cloud Beacon Center manages Cisco Beacon Points and allows the creation of virtual beacons
Cisco Beacon Point Cisco Beacon Point transmits directional BLE beams to enable virtual beacons
Cisco Virtual Beacon SDK detects BLE beams and interacts with the cloud. The SDK is a required component and should
SMB
Cisco Virtual Beacon SDK
be integrated into any branded app developed for proximity engagement or way f inding. SDK is available for the last two
enabled mobile app
major versions of iOS and Android.
Summary
Software
Cisco virtual beacon technology introduces Cisco CMX Cloud Beacon Center and Cisco Beacon Points to:
● Deliver wayfinding and proximity engagement use cases
● Experience highly accurate location finding
● Replace battery-operated beacons with virtual beacons
● Eliminate expensive RF calibrations
● Deliver operational simplicity for a scalable BLE beacon solution for your enterprise
Financing
●
on the access point enables
Cisco
vices
the deployment of virtual The combination of the Beacon Point and the Beacon Point Module give users
Ser-
BLE technology while reducing: more tools in their virtual beacon deployment toolbox. Organizations can deploy
the Beacon Point Module at the locations where the Aironet 3800 Series is used
and mix and match with the standalone Beacon Point to address their Wi-Fi,
wayfinding, and proximity engagement use cases most economically and as
Programs &
Promotions
55
Wireless Product Line
the IEEE 802.11 standards including IEEE 802.11a/b/g/n and the latest standard
IEEE 802.11ac which provides throughput up to 2.6 Gbps (some models are
IEEE 802.11ac-compatible). A wide lineup of models are available including:
(1) Lightweight compact models featuring a streamlined body with built-in
antenna and integrated LAN/power cable using PoE (Power over Ethernet) for
stylish installation without spoiling the aesthetics of the office; (2) Heavy-duty
models with a wide selection of external antennas and featuring a rigid metal
chassis to support a wide range of operating temperatures for use in factories,
warehouses and stores where environmental requirements are strict; and (3)
High-performance models for telecommuters and satellite offices offering the
same level of security and network services as the headquarters office.
56
Cisco Aironet Access Points
Switches
Indoor Access Points
HDX HDX
2.6 Gbps
Wireless
mGig
1.7 Gbps
Routing
Cisco Aironet
1850 Series
HDX HDX
1.3 Gbps
Security
Cisco Aironet Cisco Aironet
2700 Series 3700 Series
867 Mbps
Cisco Meraki
Cisco Aironet Cisco Aironet Cisco Aironet Cisco Aironet Cisco Aironet
1700 Series 1815i 1815t 1815w Series 1830 Series
DNA-Center
IEEE 802.11n standard; and some models are also compatible with IEEE ● IEEE 802.11ac Wave 1-compatible (Cisco Aironet 1700/2700/3700 Series)
802.11ac delivering high-speed and stable wireless LAN environments ● IEEE 802.11ac Wave 2-compatible (Cisco Aironet 1815i/1815t/1815w/1830/
with a theoretical maximum throughput of between 300 Mbps and 2.6 Gbps. A 1850/2800/3800 Series)
broad selection of models is available for various installation environments ● Supports 2.4 GHz/5 GHz dual-band (All models)
and network requirements. ● Supports Cisco CleanAir Express (Controller-based models of the Cisco
Aironet 1700 Series)
● Built-in antenna model: These models feature a streamlined body and an
● Supports Cisco CleanAir (Controller-based models of Cisco Aironet
integrated LAN/power cable using PoE (Power over Ethernet) for a stylish
2700/2800/3700/3800 Series, refer to page 31 for details on the technology)
installation that blends into the office environment.
● Supports Cisco OfficeExtend (Controller-based models, excluding
● External antenna model: These models feature a rigid metal chassis and
some models)
support a wide range of operating temperatures for use in factories, warehouses
SMB
● Supports Cisco ClientLink (excluding some models, refer to page 31 for
and stores where environmental requirements are very strict. A wide selection of
details on the technology)
antennas are available for these models to suit different installation environments
● Supports Cisco BandSelect (Controller-based models, excluding some models)
(Refer to page 37-38 for details on the Cisco
● All 802.11ac wave 2 access points support Mobility express
Aironet Antennas).
There are two types of models for Cisco Aironet Indoor Access Points:
Standalone (or Mobility Express)and Controller-based models. The
Software
Controller-based models are designed to operate in linkage with the For details on Cisco Aironet Indoor Access Points, visit the following Web site:
Cisco Wireless Controller.
www.cisco.com/go/ap
Financing
Cisco Aironet 600 Series OfficeExtend - Cisco Aironet 1815t Series OfficeExtend
Cisco
*1 Cisco Aironet 3600/3700 Series are planned to support 11ac Wave 2 via addition of a module.
57
■ Cisco Aironet 1815i Series Dimensions (Height x Width x Depth): 3.30 x 15.24 x 15.24 cm Weight: 0.40 kg
ME Controller Clean Office Client Band IEEE 802 Ports PoE (PD)*1
SKU Antenna
Master based Air Extend Link Select 11n 11ac GE mGig 802.3af 802.3at
AIR-AP1815I-x-K9C ● -*9 - - - ● ● ● 1 - ● ● Built-in
AIR-AP1815I-x-K9 - *8
● - - - ● ● ● 1 - ● ● Built-in
■ Cisco Aironet 1815t Series (Coming Soon) Dimensions (Height x Width x Depth): 3.81 x 15.24 x 10.16 cm Weight: 0.37 kg
Wireless
ME Controller Clean Office Client Band IEEE 802 Ports PoE (PD)*1
SKU Antenna
Master based Air Extend Link Select 11n 11ac GE mGig 802.3af 802.3at
*5
AIR-AP1815T-x-K9 - ● - - - ● ● ● 4 *6 - ● ● Built-in
■ Cisco Aironet 1815w Series Dimensions (Height x Width x Depth): 3.18 x 8.89 x 13.97 cm Weight: 0.28 kg
ME Controller Clean Office Client Band IEEE 802 Ports PoE (PD)*1
SKU Antenna
Master based Air Extend Link Select 11n 11ac GE mGig 802.3af 802.3at
*5
AIR-AP1815W-x-K9C ● -*9 - - - ● ● ● 4 *6 - ● *7
● Built-in
*5
AIR-AP1815W-x-K9 - *8
● - - - ● ● ● 4 *6 - ●*7 ● Built-in
■ Cisco Aironet 1830 Series Dimensions (Height x Width x Depth): 5.08 x 21.08 x 21.08 cm Weight: 1.42 kg
ME Controller Clean Office Client Band IEEE 802 Ports PoE (PD)*1
SKU Antenna
Master based Air Extend Link Select 11n 11ac GE mGig 802.3af 802.3at
AIR-AP1832I-x-K9C ●*8 - - - - ● ● ● 1 - ●*7 ● Built-in
AIR-AP1832I-x-K9 -*3 ● - - - ● ● ● 1 - ●*7 ● Built-in
■ Cisco Aironet 1850 Series Dimensions (Height x Width x Depth): 5.08 x 21.08 x 21.08 cm Weight: 1.42 kg
ME Controller Clean Office Client Band IEEE 802 Ports PoE (PD)*1
SKU Antenna
Master based Air Extend Link Select 11n 11ac GE mGig 802.3af 802.3at
AIR-AP1852I-x-K9C ●*8 - - - - ● ● ● 2*6 - ●*7 ● Built-in
*8
AIR-AP1852E-x-K9C ● - - - - ● ● ● 2 *6
- ●*7 ● External
AIR-AP1852I-x-K9 -*3 ● - - - ● ● ● 2*6 - ●*7 ● Built-in
AIR-AP1852E-x-K9 -*3 ● - - - ● ● ● 2*6 - ●*7 ● External
■ Cisco Aironet 2700 Series Dimensions (Height x Width x Depth): 5.05 x 22.07 x 22.07 cm Weight: 1.00 kg
Stand Controller Clean Office Client Band IEEE 802 Ports PoE (PD)*1
SKU Antenna
alone based Air Extend Link Select 11n 11ac GE mGig 802.3af 802.3at
AIR-CAP2702I-x-K9 -*3 ● ● ● ● ● ● ● 2*6
- ● *7
● Built-in
AIR-CAP2702E-x-K9 -*3 ● ● ● ● ● ● ● 2*6 - ●*7 ● External
■ Cisco Aironet 2800 Series Dimensions (Height x Width x Depth): 5.51 x 22.00 x 22.05 cm Weight: 1.60 kg*9
ME Controller Clean Office Client Band IEEE 802 Ports PoE (PD)*1
SKU Antenna
Master based Air Extend Link Select 11n 11ac GE mGig 802.3af 802.3at
AIR-AP2802I-x-K9C ●*8 - ● ● ● ● ● ● 2*6 - - ● Built-in
AIR-AP2802E-x-K9C ●*8 - ● ● ● ● ● ● 2*6 - - ● External
AIR-AP2802I-x-K9 -*3 ● ● ● ● ● ● ● 2*6 - - ● Built-in
AIR-AP2802E-x-K9 - *3
● ● ● ● ● ● ● 2*6 - - ● External
■ Cisco Aironet 3700 Series Dimensions (Height x Width x Depth): 5.36 x 22.10 x 22.10 cm Weight: 1.13 kg
Stand Controller Clean Office Client Band IEEE 802 Ports PoE (PD)*1
SKU Antenna
alone based Air Extend Link Select 11n 11ac GE mGig 802.3af 802.3at
AIR-CAP3702I-x-K9 -*3 ● ● ● ● ● ● ● 1 - ●*7 ● Built-in
AIR-CAP3702E-x-K9 -*3 ● ● ● ● ● ● ● 1 - ●*7 ● External
AIR-CAP3702P-x-K9 - *3
● ● - ● ● ● ● 1 - ●*7 ● External
■ Cisco Aironet 3800 Series Dimensions (Height x Width x Depth): 6.25 x 22.00 x 22.05 cm Weight: 2.00 kg*10
ME Controller Clean Office Client Band IEEE 802 Ports PoE (PD)*1
SKU Antenna
Master based Air Extend Link Select 11n 11ac GE mGig 802.3af 802.3at
AIR-AP3802I-x-K9C ●*8 - ● ● ● ● ● ● 1 1 - ● Built-in
AIR-AP3802E-x-K9C ●*8 - ● ● ● ● ● ● 1 1 - ● External
AIR-AP3802P-x-K9C ●*8 - ● ● ● ● ● ● 1 1 - ● External
AIR-AP3802I-x-K9 -*3 ● ● ● ● ● ● ● 1 1 - ● Built-in
AIR-AP3802E-x-K9 -*3 ● ● ● ● ● ● ● 1 1 - ● External
AIR-AP3802P-x-K9 -*3 ● ● - ● ● ● ● 1 1 - ● External
*1 The Cisco Aironet Power Supply Option is required when not using PoE receiving (Refer to page 38 for details). *2 A dedicated WAN port is included.
*3 Migration to the standalone model is supported via software. *4 PoE power supplying GE x 1 is included. *5 Cisco CleanAir Express is supported in Cisco AireOS 8.0 or higher.
*6 AUX x 1 is included. *7 Some features are disabled when powered via PoE (see datasheet). *8 Supported in Cisco Mobility Express software.
*9 Aironet 2802E - Dimensions (Height x Width x Depth): 6.35 x 22.00 x 22.28 cm, Weight: 2.10 kg。
*10 Aironet 3802E and 3802P - Dimensions (Height x Width x Depth): 6.65 x 22.00 x 22.05 cm, Weight: 2.10 kg。
58
Outdoor Access Points
Switches
■ Cisco Aironet Outdoor Access Points ■ Highlights
The Cisco Aironet Outdoor Access Points deliver high-speed and stable ● IEC IP67 waterproof (All models)
wireless LAN environments in various locations such as in a massive city-size ● NEMA Type 4X certified outdoor dust/rust resistance (All models)
area, inside a company building, a factory ground, or a mining field. ● Designed for harsh outdoor environments (All models)
Featuring a chassis with IEC IP67 waterproof and NEMA Type 4X certified ● Supports built-in SFP module slot (Cisco Aironet 1560/1570 Series)
outdoor dust/rust resistance, a wide lineup of outdoor models is available to ● Supports GPS (Cisco Aironet 1570 Series) *1
Wireless
meet the diversifying customer needs in the harshest of environments. ● IEEE 802.11n compatible (All models)
● IEEE 802.11ac Wave 1-compatible (Cisco Aironet 1570 Series)
● Built-in antenna models: Cisco Aironet 1542I/D, Cisco Aironet 1562I/D, and ● IEEE 802.11ac Wave 2-compatible (Cisco Aironet 1560/1540 Series)
Cisco Aironet 1572IC have a polished exterior design that blends into the ● Supports 2.4 GHz/5 GHz dual-band (All models)
surrounding environment. ● Supports 4.9-GHz public safety band (Cisco Aironet 1562PS)
● External antenna models: A wide selection of antennas are available for Cisco ● Supports Cisco CleanAir (Cisco Aironet 1560/1570 Series,
Aironet 1562E/PS, and Cisco Aironet 1572EAC/EC to suit different installation Refer to page X for details on the technology)
environments (Refer to page 37-38 for details on the Cisco Aironet Antennas). ● Supports ClientLink (Cisco Aironet 1560/1570 Series, Refer to
Routing
● Built-in cable modem models: Cisco Aironet 1572IC/EC incorporate a cable page 31 for details on the technology)
modem that is compatible with DOCSIS 3.0 (24x8), an international standard for ● Supports Cisco BandSelect (All models)
communication services via coaxial cables used for cable television, etc. ● Supports Cisco High Density Experience (HDX) (Cisco Aironet
1560/1570 Series)
Security
Dimensions Maximum
Model Name
(Height x Width x Depth) Weight
Cisco Aironet 1542I 20.00 x 15.00 x 6.10 cm 1.25 kg
Cisco Aironet 1542D 20.00 x 15.00 x 6.10 cm 1.25 kg
Cisco Aironet 1562I 22.86 x 17.27 x 9.90 cm 2.54 kg
Cisco Aironet 1562E 22.86 x 17.27 x 9.90 cm 2.54 kg
Cisco Aironet 1562D 22.86 x 17.27 x 10.92 cm 2.59 kg
Cisco Meraki
Cisco Aironet 1562PS 22.86 x 17.27 x 9.90 cm 2.54 kg
Cisco Aironet 1562E/PS
Cisco Aironet 1572IC 29.97 x 20.07 x 20.07 cm 5.22 kg
Cisco Aironet 1572IC
Cisco Aironet 1572EAC 29.97 x 20.07 x 16.00 cm 6.12 kg
Cisco Aironet 1542I/D
Cisco Aironet 1572EC 29.97 x 20.07 x 16.00 cm 6.12 kg
Cisco Aironet 1562I/D Cisco Aironet 1572EAC/EC
DNA-Center
SKU PoE PoE+ UPOE PoC Built-in Built-in External External
Air Link Select GE SFP Cable AC DC
(PSE) (PD) (PD) (PD) Omnidirectional Directional Dual-band Single-band
AIR-CAP1532I-x-K9 - - ● 2 - - - ● - - ● - 3 - - -
AIR-CAP1532E-x-K9 - - ● 2 - - - ● - ● - - - - 2 2+2
SMB
AIR-AP1562E-x-K9 ● ● ● 1 1 - - ● - ● - - - - 2 2+2
AIR-AP1562D-x-K9 ● ● ● 1 1 - - ● - ● - - - 2 - -
AIR-AP1562PS-x-K9 ● ● ● 1 1 - - ● - ● - - - - 2 2+2
Software
Air Link Select GE SFP Cable AC DC
(PSE) (PD) (PD) (PD) Omnidirectional Directional Dual-band Single-band
AIR-AP1572IC-x-K9 ● ● ● 2 1 1 - ● - - - ● 4 - - -
AIR-AP1572EAC-x-K9 ● ● ● 2 1 - ● ● ●*4 - ● - - - 4 2+2
AIR-AP1572EC-x-K9 ● ● ● 2 1 1 - ● - - - ● - - 4 2+2
*1 GPS Antenna (AIR-ANT-GPS-1) is required. *2 2.4 GHz: 3 Tx / 3 Rx Antennas with 3 streams. 5 GHz: 2 Tx / 3 Rx Antennas with 2 streams.
Financing
*3 If “n” is “1”, Diplex Filter split of: 5-42/88-1000 MHz. If “n” is “2”, Diplex Filter split of: 5-85/108-1002 MHz. If “n” is “3”, Diplex Filter split of: 5-65/108-1002 MHz. *4 PoE+ power supply is supported.
Cisco® Aironet® 1540 Series outdoor access points offer the latest 802.11ac
Wave 2 functions in a rugged, ultra-low-profile housing that service providers
and enterprises can deploy easily.
The Cisco Aironet 1540 Series is ideal for applications requiring rugged outdoor
Wi-Fi coverage and supports the latest 802.11ac Wave 2 radio standard.
Cisco
1540 Series offers flexible deployment options for service providers and
enterprise networks that need the fastest links possible for mobile outdoor
Ser-
clients (smartphones, tablets, and laptops) and wireless backhaul. The 1540
Series access points give network operators the flexibility to balance their
desired wireless coverage with their need for easy deployment.
point, the 1540 Series provides the throughput capacity needed for today’s
bandwidth-hungry devices.
*1 Customers are responsible for verifying approval for use in their individual countries.
To verify approval that corresponds to a particular country, or the regulatory domain used in a specific country, see www.cisco.com/go/aironet/compliance.
Not all models available for all regulatory domains. Not all regulatory domains have been approved. As they are approved, the SKU will be available on the Global Price List.
59
Cisco Aironet Antennas and Accessories
3dB 3dB ■ Cisco Aironet 5 GHz Omni-directional Antenna
SKU Installation/Dimensions Gain (dBi)
6dB 6dB
9dB 9dB
12.70 x 2.54 cm 4.0
Wireless
AIR-ANT5140V-N
Patch
19.81 x 19.81 x 3.05 cm 13.0 ■ Cisco Aironet Dual-band Directional Antenna
AIR-ANT2413P2M-N 0.61 kg SKU Installation/Dimensions/Weight Gain (dBi)
www.cisco.com/go/antenna
60
Switches
■ Cisco Aironet 2.4 GHz Omni-directional Antenna Model Compatibility Comparison
Gain (dBi) Compatible Models
SKU
2.4 GHz 5 GHz 1852E 2702E 2802E 3702E 3702P 3802E 3802P 1562E 1572E
AIR-ANT2420V-N 2.0 - - - - - - - - - ●
AIR-ANT2450V-N 5.0 - - - - - - - - ● ●
AIR-ANT2480V-N 8.0 - - - - - - - - ● ●
Wireless
■ Cisco Aironet 5 GHz Omni-directional Antenna Model Compatibility Comparison
Gain (dBi) Compatible Models
SKU
2.4 GHz 5 GHz 1852E 2702E 2802E 3702E 3702P 3802E 3802P 1562E 1572E
AIR-ANT5140V-N - 4.0 - - - - - - - - ●
AIR-ANT5180V-N - 8.0 - - - - - - - ● ●
Routing
■ Cisco Aironet 2.4 GHz Directional Antenna Model Compatibility Comparison
Gain (dBi) Compatible Models
SKU
2.4 GHz 5 GHz 1852E 2702E 2802E 3702E 3702P 3802E 3802P 1562E 1572E
AIR-ANT2413P2M-N 13.0 - - - - - - - - ● ●
Security
■ Cisco Aironet 5 GHz Directional Antenna Model Compatibility Comparison
Gain (dBi) Compatible Models
SKU
2.4 GHz 5 GHz 1852E 2702E 2802E 3702E 3702P 3802E 3802P 1562E 1572E
AIR-ANT5114P2M-N - 14.0 - - - - - - - ● ●
Cisco Meraki
■ Cisco Aironet Dual-band Di-pole Antenna Model Compatibility Comparison
Gain (dBi) Compatible Models
SKU
2.4 GHz 5 GHz 1852E 2702E 2802E 3702E 3702P 3802E 3802P 1562E 1572E
AIR-ANT2524DB-R 2.0 4.0 ● ● ● ● ● ● ● - -
AIR-ANT2524DG-R 2.0 4.0 ● ● ● ● ● ● ● - -
AIR-ANT2524DW-R 2.0 4.0 ● ● ● ● ● ● ● - -
AIR-ANT2535SDW-R 3.0 5.0 ● ● ● ● ● ● ● - -
DNA-Center
■ Cisco Aironet Dual-band Omni-directional Antenna Model Compatibility Comparison
Gain (dBi) Compatible Models
SKU
2.4 GHz 5 GHz 1852E 2702E 2802E 3702E 3702P 3802E 3802P 1562E 1572E
AIR-ANT2524V4C-R 2.0 4.0 ● ● ● ● ● ● ● - -
AIR-ANT2544V4M-R 4.0 4.0 ● ● ● ● ● ● ● - -
AIR-ANT2547V-N 4.0 7.0 - - - - - - - ● ●
SMB
AIR-ANT2547VG-N 4.0 7.0 - - - - - - - ● ●
AIR-ANT2568VG-N 6.0 8.0 - - - - - - - ● ●
Software
2.4 GHz 5 GHz 1852E 2702E 2802E 3702E 3702P 3802E 3802P 1562E 1572E
AIR-ANT2566P4W-R 6.0 6.0 ● ● ● ● ● ● ● - -
AIR-ANT2566D4M-R 6.0 6.0 ● ● ● ● ● ● ● - -
AIR-ANT2588P3M-N 8.0 8.0 - - - - - - - ● ●
AIR-ANT2513P4M-N 13.0 13.0 - - - - ● - ● ● ●
Financing
*1 Full features are supported when powered via PoE+, AIR-PWRINJ6= or AIR-PWR-C= (The AIR-PWRINJ5 supports PoE receiving only).
*2 Full features are supported when powered via PoE+, AIR-PWRINJ6= or AIR-PWR-B= (The AIR-PWRINJ5 supports PoE receiving only).
*3 Cisco Aironet 1562I: Full features are supported when powered via UPOE, AIR-PWRINJ-60RGD1/2= or AIR-PWRADPT-RGD1= (The AIR-PWRINJ6 supports PoE+ receiving only).
*4 Cisco Aironet 1572ICn is not supported.
61
Cisco Wireless Controllers
Appliance/
Virtual Machine
Wireless
Cisco 3500 Series Cisco Virtual Cisco 5500 Series Cisco 8500 Series
Wireless Controller Wireless Controller Wireless Controller Wireless Controller
Access Point
(Mobility Express)
Cisco Aironet
1800/2800/3800/
1560 Series
■ Cisco 3504 Wireless Controller Powerful enough to handle 802.11ac Wave 2 traffic loads
Access Points
Up to 150 AP, 3000 clients, 4Gbps
Access Points 150 in Centralized mode Seamless migration (USB + configuration migration tool
from 2504 and 5508)
Clients 3000 in Centralized mode Seamless Saclability
Seamless WLC portfolio – feature parity across 3504 and
Throughput 4Gbps 5520
Compact, mGig ready, edicated RP/SP ports, side by side rack mount and much more… between Cisco Aironet® Access Points, Cisco Prime® Infrastructure, and the
The Cisco 3504 Wireless Controller provides centralized control, management, Cisco Mobility Services Engine, and is interoperable with the Cisco 5520 and
and troubleshooting for small to medium-sized enterprises and branch offices. It 8540 Wireless Controllers.
offers flexibility to support multiple deployment modes in the same controller—a
For details on the Cisco 3504 Wireless Controller, visit the following Web site:
centralized mode for campus environments, Cisco FlexConnect® mode for lean
branches managed over the WAN, and a mesh (bridge) mode for deployments
http://cs.co/9008DE23w
in which full Ethernet cabling is unavailable. As a component of the Cisco Unified
Wireless Network, the 3504 controller provides real-time communications
Cisco 8540
6000 APs
64000 Clients
40 Gbps
Cisco vWLC
3000 APs
32000 Clients
Cisco 3504 Flexconnect mode
150 APs
Small Network 3000 Clients
4Gbps Cisco 5520
Mobility Express 1500 APs
50 APs/1000 Clients 20000 Clients
100 AP/2000 Clients: 20 Gbps
Flexconnect mode
62
■ Cisco 3500 Series Wireless Controller Dimensions (Height x Width x Depth): 4.39 x 21.4 x 21.6 cm Maximum Weight: 1.99 kg
Switches
Managed Access Points Office Wireless Ports Rack
SKU OS Clients RF tags Throughput
Maximum Extend Mesh 10GE GE mGIg mount
AIR-CT3504-K9 AireOS 150 3,000 - 4 Gbps ● ● 1 4 1 -
Wireless
Default Maximum Extend Mesh GE SFP SFP + mount
L-AIR-CTVM-5-K9 AireOS 5 3,000 32,000 3,000 500 Mbps ● - - - - -
Routing
AIR-CT5520-50-K9 AireOS 50 1,500 20,000 25,000 20 Gbps ● ● - - 2 1 RU
Security
AIR-CT8540-1K-K9 AireOS 1,000 6,000 64,000 50,000 40 Gbps ● ● - - 4 2 RU
*1 *4
■ Additional Access Point License for Cisco 2500 Series Wireless Controller ■ Additional Access Point License for Cisco 5500 Series Wireless Controller
SKU Additional Compatible Models SKU Additional Compatible Models
L-LIC-CT2504-1A 1 2504 LIC-CT5520-1A 1 5520
L-LIC-CT2504-5A 5 2504
Cisco Meraki
L-LIC-CT2504-25A 25 2504
*5
■ Additional Access Point License for Cisco 8500 Series Wireless Controller
SKU Additional Compatible Models
*2
■ Additional Access Point License for Cisco Virtual Wireless Controller LIC-CT8540-1A 1 8540
SKU Additional Compatible Models
L-LIC-CTVM-1A 1 -
L-LIC-CTVM-5A 5 -
L-LIC-CTVM-25A 25 -
DNA-Center
Deployment Modes
Cisco's wireless solutions can be broadly classified into Standalone systems that operate Cisco Aironet Access Points individually and Controller-based systems that
centrally manage multiple Cisco Aironet Access Points using a Cisco Wireless Controller. Multiple expansion modes are also supported in Controller-based systems.
SMB
Mobility Express FlexConnect Centralized
Integrates WLAN controller
functions into the Aironet
Software
Aironet WAN Intranet
WAN
1815/1832/1852
2800/3800
1560 *1
Financing
The Mesh Mode, FlexConnect + Mesh Mode, OfficeExtend Mode, Monitor Mode, Rogue Detector Mode, and Sniffer Mode are also supported.
- - - -
Cisco
●
Cisco Aironet 2800/3800 Series Access Points ● - - - -
Ser-
*1
Cisco Aironet 1560 Series Outdoor Access Points ● - - - -
Cisco Aironet 3500 Series Wireless Controller - ● ● ● ●
Cisco Virtual Wireless Controller - ● - - -
Programs &
Promotions
*1 Cisco Aironet 1560 Series are to be supported in future software release. *2 Cisco Wireless Controller Software release 7.3.112.0 is required. *3 Cisco AireOS 8.1 and higher are not supported.
63
Subscription-based software designed to make networking simple
DNA for Access Wireless. Cisco Introduces a New Era in Networking,
Powered by Software Innovation and Subscription Buying
As we transition our network infrastructure closer to the
Wireless
■ Benefits
The value of subscription buying becomes clear as customers In addition to transactional purchasing, customers can also choose
take advantage of this new era in networking: to access the latest DNA innovation across their infrastructure
through the Cisco Enterprise Agreement (Cisco EA), which I
blogged about last month. Cisco EA is a single, simple agreement
● Software evolves at lightning speed. Subscription buying assures customers that
that gives customers a flexible, attractive way to consume and
their software is always up-to-date in today’s changing environments
deploy Cisco Software. Cisco EA is more than a licensing
● Subscriptions simplify the purchase of software suites across Cisco’s portfolio, and
agreement. It’s our platform for building deep, meaningful customer
help the customer scale throughout their business as they grow and take advantage
relationships wherein Cisco continually adds value to what we offer
of additional capabilities from Cisco
our customers, and is a key part of our strategy to connect more
● As Cisco continues to add value and features, subscription offers give customers
directly to our customers’ business needs.
quick, easy access to ongoing innovation
● Subscriptions enable customers to accelerate deployment of new capabilities and
implementation of new business models by reducing entry costs through the use
of OPEX instead of CAPEX
64
Switches Wireless Routing Security Cisco Meraki DNA-Center SMB Software Financing Cisco
Cisco
Ser- Programs &
Services
vices Promotions
65
Routing
Integrated Services Routers
Routing
66
Line-up of Cisco ISR
Switches
Previously, even the small-scale bases were required to install a wide range multiple services but also have the flexibility to add new services as required
of devices including switches, wireless access points and WAN optimization via license activation and/or addition of expansion modules. Adoption of these
appliances. Cisco Integrated Services Routers (ISR) are "super routers" that routers results in simpler network configuration, helping to reduce the device
are capable of integrating the network services provided by these multiple costs as well as operation and maintenance costs.
devices into a single platform. These routers are not only capable of integrating
Wireless
Routing Switching Wireless
(Access Points/Controller)
Routing
Cisco ISR can integrate
Security Unified Communication WAN Optimization the Routing and SD-WAN service
(Firewall/IPS/VPN) (Call Control/Messaging) & other services into a single unit!
Security
High
4451
←
Cisco Meraki
4431
4351
DNA-Center
Performance & Functionality
4331
SMB
890 Series
Software
860 Series
67
NEW: Cisco 1000 Series Integrated Services Router
The Cisco 1000 Series ISR platform with a small form factor is best suited for
small and midsize businesses, enterprise branches, and as customer premises
equipment in managed services environments. The routers come in two models:
an 8-LAN-port option and a 4-LAN-port option. They have high performance with
Gigabit Ethernet packet forwarding capabilities. The multicore architecture has
separate cores for data plane and control plane. The 1000 Series ISRs support
Routing
Power over Ethernet (PoE) and PoE+ to power branch devices such as IP phones
and cameras. They are easy to deploy with zero-touch provisioning using Plug-
and-Play capability. There are multiple LAN, WLAN, WAN, and LTE combinations
to choose from, depending on your branch needs. The 1000 Series can be used
in ATMs, retail stores, and kiosks, as well as for various other purposes.
● Quickly open new remote offices or easily add additional services Cisco ISR 4000 Series is the Leading platform for Cisco SD-WAN solution
● Operate an entire branch office with a single box deployment. Cisco ISR 4000 Series allow customers to easily deploy their
● Give IT departments more time for innovation by automating repetitive tasks and
branches in classical or SD-WAN context.
orchestrating security and application services
The virtualization technology available both embedded (Integrated Services
The Cisco ISR 4000 Series address the problems that modern branch offices
Containers) within the Cisco ISR 4000 Series and through additional data
face, without giving up any of the existing services of previous-generation Cisco
center-class server modules (Cisco UCS E Series Servers) offers new levels of
ISRs. It also brings Services Containers Virtualisation to networking so that
converged capability.
IT can adopt services faster and repurpose resources as needs change. And
it delivers additional computing power for local application survivability, data
backup, and local analytics processing.
■ Series Comparisson
68
Cisco ISR 800 Series
Switches
Fixed-configuration Integrated Services Routers suitable for deployment
in small-sized branches, home offices and Machine-to-Machine (M2M)
environments. In addition to the routing service, a wide variety of services
including switching, wireless security, unified communication, and entry-level
WAN optimization can be integrated using a single router unit.
Wireless
■ Highlights
● Equipped with C isco IOS Universal Image (Compatible with IP Base/
Advanced Security/Advanced IP Services)
● Built-in managed switch
● Built-in IEEE 802.11n/ac-compatible wireless access point with full Airport
support (C881W-x-K9)
Routing
● Supports 4G LTE wireless WAN
Security
C819GW-LTE-GA-EK9 4 AGN 1 Y Y Y Y
C866VAE-K9 3 1 1 ADSL/VDSL Annex B/J1 Y N Y No
C866VAE-W-E-K9 3 1 802.11n 1 ADSL/VDSL Annex B/J1 Y N Y No
860
C867VAE-K9 3 1 1 ADSL/VDSL Annex A Y N Y No
C867VAE-W-E-K9 3 1 802.11n 1 ADSL/VDSL Annex A Y N Y No
C881-K9 4 1 Y Y Y Option
C881WD-E-K9 4 11ac 1 Y Y Y Option
Cisco Meraki
C881G-4G-GA-K9 4 1 yes Y Y Y Option
C886VA-K9 4 ADSL/VDSL Annex B/J1 Y Y Y Option
C886VA-W-E-K9 4 11n ADSL/VDSL Annex B/J1 Y Y Y Option
C886VAG-LTE-GA-K9 4 ADSL/VDSL Annex B/J1 yes Y Y Y Option
880
C887VA-K9 4 ADSL/VDSL Annex A Y Y Y Option
C887VA-WD-E-K9 4 11ac ADSL/VDSL Annex A Y Y Y Option
C887VAG-4G-GA-K9 4 ADSL/VDSL Annex A yes Y Y Y Option
C887VAM-K9 4 ADSL/VDSL Annex M Y Y Y Option
DNA-Center
C887VAM-W-E-K9 4 11n ADSL/VDSL Annex M Y Y Y Option
C888-K9 4 G.SHDSL EFM/ATM Y Y Y Option
C891F-K9 8 1 1 1 y/y Y Y Y Option
C891-24X-K9 24 0 2 2 Y Y Y yes
C891FW-E-K9 8 AGN 1 1 1 y/y Y Y Y Option
C892FSP-K9 8 0 2 1 Y Y Y Option
C896VA-K9 8 0 1 1 ISDN ADSL/VDSL Annex B/J1 Y Y Y Option
C896VAG-LTE-GA-K9 8 0 1 1 ADSL/VDSL Annex B/J1 Y Y Y Y Option
C897VA-K9 8 0 1 1 ISDN ADSL/VDSL Annex A Y Y Y Option
SMB
C897VAW-E-K9 8 AGN 0 1 1 ADSL/VDSL Annex A Y Y Y Option
890 C897VAM-W-E-K9 8 AGN 0 1 1 ADSL/VDSL Annex M Y Y Y Option
C897VA-M-K9 8 0 1 1 ADSL/VDSL Annex M Y Y Y Option
C897VAG-LTE-GA-K9 8 0 1 1 ADSL/VDSL Annex A Y Y Y Y Option
C897VAMG-LTE-GA-K9 8 0 1 1 ADSL/VDSL Annex M Y Y Y Y Option
C897VAB-K9 8 0 1 1 ADSL/VDSL Annex A Y Y Y Option
C897VAGW-LTE-GAEK9 8 AGN 0 1 1 ADSL/VDSL Annex A + Bonding Y Y Y Y Option
Software
C898EA-K9 8 0 1 1 G.SHDSL EFM/ATM Y Y Y Option
C898EAG-LTE-GA-K9 8 0 1 1 G.SHDSL EFM/ATM Y Y Y Y Option
C899G-LTE-GA-K9 8 0 2 1 Y Y Y Y Option
Financing
Machine-to-Machine (M2M)
Machine-to-Machine (M2M) is a technology that aggregates the Cisco 819H/G/HG has been developed to address these issues. Both models
intercommunications between machines without human intervention. feature a palm-sized compact chassis and are compatible with 4G LTE 2.0
This technology is already used in a wide range of devices such as wireless LAN. Furthermore, Cisco 819H/HG can operate in temperatures
Cisco
Services
vending machines, surveillance systems and sensor-equipped measuring between -23 and +60 deg C and in up to 95% humidity and have superior
Cisco
vices
instruments; and its adoption is expected to continue at an accelerated vibration and impact resistance to withstand industrial use. A wide variety of
pace. The most important elements for network devices offering mounting options are supported including DIN rail, floor and wall mounting.
Ser-
69
Cisco ISR 1000 Series
■ Reliability, security, and performance
Get Internet access, advanced security, and wireless services in one device. Cisco 1000 Series
Integrated Services Routers (ISRs) are fixed, high-performance routers that are easy to deploy and
manage. Small yet powerful, they provide highly secure broadband, Metro Ethernet, and wireless
LAN connectivity.
■ Next-generation connectivity
Get increased mobility and next-generation WAN and LAN options. Access SFP/SFP+, DSL, LTE
Advanced, and 802.11ac Wi-Fi. The 1000 Series is ideal for use as customer premises equipment.
■ Increased performance
Meet the demand for more bandwidth without more budget. The router's multicore architecture
leverages higher data-plane performance, enabling high availability for network services.
Routing
Legend
VA-A ADSL/VDSL over POTS
VA-B ADSL/VDSL over ISDN
VA-M ADSL/VDSL over POTS Annex M
70
Cisco ISR 4000 Series
Switches
Modular Integrated Services Routers suitable for deployment in bases that require a provision of
application-aware services. In addition to the routing service, these routers can integrate a wide
variety of services including switching, wireless security, unified communication, WAN optimization
and service virtualization. Since the control, data, and service resources are isolated at the
hardware level, it is possible to deliver application-aware services with high availability even when at
Wireless
high loads.
■ Highlights
● Equipped with Cisco IOS XE
● Equipped with multi-core CPU and 4 GB memory
● Equipped with multi-core CPU, 4 GB memory for the control plane and 2 GB Memory for
the data plane
● Various network services are integrated via Expansion Modules (NIM/SM-X slots)
Routing
● Supports the Cisco UCS E Series Server
Security
Voice Security Bundles VSEC ● ● - - ●*1
Application Experience Bundles AX ● - ● - -
Application Experience Voice Bundles AXV ● ● ● - ●*1
Cisco Meraki
Rack
SKU Cisco IOS SM/ ISDN
GW Call
NIM PVDM FE GE xDSL Voice WAAS AP WLC 4G FW IPS VPN Control mount
SM-X Backup MSG
ISR4321/K9 IP Base 2 - 1 - 2*2 -*3 -*3 -*3 -*4 - -*3 -*3 -*5 -*5 -*5 -*6 ●
ISR4321-SEC/K9 IP Base + SEC 2 - 1 - 2*2 -*3 -*3 -*3 -*4 - -*3 -*3 ● ● ● -*6 ●
ISR4321-V/K9 IP Base + UC 2 - 1 - 2*2 -*3 -*3 -*3 -*4 - -*3 -*3 -*5 -*5 -*5 ● ●
ISR4321-AX/K9 IP Base + SEC + APP 2 - 1 - 2*2 -*3 -*3 -*3 ● - -*3 -*3 ● ● ● -*6 ●
DNA-Center
ISR4321-AXV/K9 IP Base + SEC + UC + APP 2 - 1 - 2*2 -*3 -*3 -*3 ● - -*3 -*3 ● ● ● ● ●
ISR4331/K9 IP Base 2 1 1 - 3*2 -*3 -*3 -*3 -*4 - -*3 -*3 -*5 -*5 -*5 -*6 ●
ISR4331-SEC/K9 IP Base + SEC 2 1 1 - 3*2 -*3 -*3 -*3 -*4 - -*3 -*3 ● ● ● -*6 ●
ISR4331-V/K9 IP Base + UC 2 1 1 - 3*2 -*3 -*3 -*3 -*4 - -*3 -*3 -*5 -*5 -*5 ● ●
ISR4331-AX/K9 IP Base + SEC + APP 2 1 1 - 3*2 -*3 -*3 -*3 ● - -*3 -*3 ● ● ● -*6 ●
ISR4331-AXV/K9 IP Base + SEC + UC + APP 2 1 1 - 3*2 -*3 -*3 -*3 ● - -*3 -*3 ● ● ● ● ●
ISR4351/K9 IP Base 3 2 1 - 3*2 -*3 -*3 -*3 -*4 - -*3 -*3 -*5 -*5 -*5 -*6 ●
ISR4351-SEC/K9 IP Base + SEC 3 2 1 - 3*2 -*3 -*3 -*3 -*4 - -*3 -*3 ● ● ● -*6 ●
ISR4351-V/K9 IP Base + UC 3 2 1 - 3*2 -*3 -*3 -*3 -*4 - -*3 -*3 -*5 -*5 -*5 ● ●
SMB
ISR4351-AX/K9 IP Base + SEC + APP 3 2 1 - 3*2 -*3 -*3 -*3 ● - -*3 -*3 ● ● ● -*6 ●
ISR4351-AXV/K9 IP Base + SEC + UC + APP 3 2 1 - 3*2 -*3 -*3 -*3 ● - -*3 -*3 ● ● ● ● ●
ISR4431/K9 IP Base 3 - 1 - 4*2 -*3 -*3 -*3 -*4 - -*3 -*3 -*5 -*5 -*5 -*6 ●
ISR4431-SEC/K9 IP Base + SEC 3 - 1 - 4*2 -*3 -*3 -*3 -*4 - -*3 -*3 ● ● ● -*6 ●
ISR4431-V/K9 IP Base + UC 3 - 1 - 4*2 -*3 -*3 -*3 -*4 - -*3 -*3 -*5 -*5 -*5 ● ●
ISR4431-AX/K9 IP Base + SEC + APP 3 - 1 - 4*2 -*3 -*3 -*3 ● - -*3 -*3 ● ● ● -*6 ●
Software
ISR4431-AXV/K9 IP Base + SEC + UC + APP 3 - 1 - 4*2 -*3 -*3 -*3 ● - -*3 -*3 ● ● ● ● ●
ISR4451-X/K9 IP Base 3 2 1 - 4*2 -*3 -*3 -*3 -*4 - -*3 -*3 -*5 -*5 -*5 -*6 ●
ISR4451-X-SEC/K9 IP Base + SEC 3 2 1 - 4*2 -*3 -*3 -*3 -*4 - -*3 -*3 ● ● ● -*6 ●
ISR4451-X-V/K9 IP Base + UC 3 2 1 - 4*2 -*3 -*3 -*3 -*4 - -*3 -*3 -*5 -*5 -*5 ● ●
ISR4451-X-AX/K9 IP Base + SEC + APP 3 2 1 - 4*2 -*3 -*3 -*3 ● - -*3 -*3 ● ● ● -*6 ●
ISR4451-X-AXV/K9 IP Base + SEC + UC + APP 3 2 1 - 4*2 -*3 -*3 -*3 ● - -*3 -*3 ● ● ● ● ●
ISR4451XWAAS-200G IP Base + SEC + APP 2 2 1 - 4*2 -*3 -*3 -*3 ● - -*3 -*3 ● ● ● -*6 ●
Financing
*1 Cisco 4321 is not supported. *2 SFP module slot or dual-purpose port is included. *3 Expansion Module is required. *4 Feature Licenses or Expansion Modules are required.
*5 Cisco IOS SEC License is required. *6 Feature Licenses, etc. are required according to the Cisco IOS UC License and configuration.
Cisco ONE Software for WAN on the Cisco ISR 4000 Series
Cisco
Cisco ONE Software is a valuable and flexible way to buy software for your WAN.
Services
Cisco
vices
At each stage in the product lifecycle, Cisco ONE Software helps make buying,
managing, and upgrading your network and infrastructure software easier.Cisco
Ser-
71
Modules & Accessories
■ Cisco IOS Technology Package Licenses
Compatible Models
SKU Description
800 1921 1941 1941W 2901 2911 2921 2951 3925 3945 3925E 3945E 4321 4331 4351 4431 4451
SL-4320-SEC-K9 Cisco IOS SEC License for Cisco ISR 4321 - - - - - - - - - - - - ● - - - -
SL-4330-SEC-K9 Cisco IOS SEC License for Cisco ISR 4331 - - - - - - - - - - - - - ● - - -
SL-4350-SEC-K9 Cisco IOS SEC License for Cisco ISR 4351 - - - - - - - - - - - - - - ● - -
SL-44-SEC-K9 Cisco IOS SEC License for Cisco ISR 4400 Series - - - - - - - - - - - - - - - ● ●
SL-4320-UC-K9 Cisco IOS UC License for Cisco ISR 4321 - - - - - - - - - - - - ● - - - -
SL-4330-UC-K9 Cisco IOS UC License for Cisco ISR 4331 - - - - - - - - - - - - - ● - - -
SL-4350-UC-K9 Cisco IOS UC License for Cisco ISR 4351 - - - - - - - - - - - - - - ● - -
SL-44-UC-K9 Cisco IOS UC License for Cisco ISR 4400 Series - - - - - - - - - - - - - - - ● ●
SL-4320-APP-K9 Cisco IOS APP License for Cisco ISR 4321 - - - - - - - - - - - - ● - - - -
SL-4330-APP-K9 Cisco IOS APP License for Cisco ISR 4331 - - - - - - - - - - - - - ● - - -
SL-4350-APP-K9 Cisco IOS APP License for Cisco ISR 4351 - - - - - - - - - - - - - - ● - -
Routing
*1 Cisco IOS SEC License is required. *2 Cisco IOS UC License is required. *3 Cisco ISR 800 Series only supports Cisco 881-V. *4 Cisco IOS APP License is required.
*5 Cisco ISR 800 Series only supports Cisco 891F/892FSP/897VA/899G.
72
■ Extension Module for Cisco ISR 1900/2900/3900/4000 Series (2 of 2)
Switches
Compatible Models
SKU Description Slot
1921 1941 1941W 2901 2911 2921 2951 3925 3945 3925E 3945E 4321 4331 4351 4431 4451
NIM-4G-LTE-GA 4G LTE Wireless WAN Module for Global NIM - - - - - - - - - - - ● ● ● ● ●
NIM-4G-LTE-VZ 4G LTE Wireless WAN Module for Verizon NIM - - - - - - - - - - - ● ● ● ● ●
NIM-4G-LTE-ST 4G LTE Wireless WAN Module for Sprint NIM - - - - - - - - - - - ● ● ● ● ●
Wireless
NIM-4G-LTE-NA 4G LTE Wireless WAN Modulefor North America NIM - - - - - - - - - - - ● ● ● ● ●
NIM-2FXS Voice Module (2-port FXS) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-4FXS Voice Module (4-port FXS) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-2FXO Voice Module (2-port FXO) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-4FXO Voice Module (4-port FXO) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-2FXS/4FXO Voice Module (2-port FXS and 4-port FXO) NIM - - - - - - - - - - - ● ● ● ● ●
Routing
NIM-4E/M Voice Module (4-port E/M) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-2BRI-NT/TE Voice Module (2-port BRI) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-4BRI-NT/TE Voice Module (4-port BRI) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-1MFT-T1/E1 Voice/WAN Module (1-port T1/E1) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-2MFT-T1/E1 Voice/WAN Module (2-port T1/E1) NIM - - - - - - - - - - - ● ● ● ● ●
Security
NIM-4MFT-T1/E1 Voice/WAN Module (4-port T1/E1) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-8MFT-T1/E1 Voice/WAN Module (8-port T1/E1) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-1CE1T1-PRI Voice/WAN Module (1-port T1/E1/G.703) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-2CE1T1-PRI Voice/WAN Module (2-port T1/E1/G.703) NIM - - - - - - - - - - - ● ● ● ● ●
NIM-8CE1T1-PRI Voice/WAN Module (8-port T1/E1/G.703) NIM - - - - - - - - - - - ● ● ● ● ●
Cisco Meraki
PVDM4-32 High-density Voice DSP Module (16-channel) PVDM4*3 - - - - - - - - - - - ● ● ● ● ●
PVDM4-64 High-density Voice DSP Module (32-channel) PVDM4*3 - - - - - - - - - - - ● ● ● ● ●
PVDM4-128 High-density Voice DSP Module (64-channel) PVDM4*3 - - - - - - - - - - - ● ● ● ● ●
PVDM4-256 High-density Voice DSP Module (128-channel) PVDM4*3 - - - - - - - - - - - ● ● ● ● ●
PVDM4-64U128 Factory Upgrade from PVDM4-64 to PVDM4-128 PVDM4*3 - - - - - - - - - - - ● ● ● ● ●
Factory Upgrade from PVDM4-64 to PVDM4-256
DNA-Center
PVDM4-64U256 PVDM4*3 - - - - - - - - - - - ● ● ● ● ●
SM-X-PVDM-500 High-density Voice DSP Module (768-channel) SM-X - - - - - - - - - - - - ● ● - ●
SM-X-PVDM-1000 High-density Voice DSP Module (1,024-channel) SM-X - - - - - - - - - - - - ● ● - ●
SM-X-PVDM-2000 High-density Voice DSP Module (2,048-channel) SM-X - - - - - - - - - - - - - ●*4 - ●
SM-X-PVDM-3000 High-density Voice DSP Module (3,080-channel) SM-X - - - - - - - - - - - - - ●*4 - ●
SMB
*1 SM-X slot is used for the Cisco ISR 4000 Series.
Software
Mobile 4G LTE networks can be deployed rapidly as primary or
backup WAN by incorporating the 4G LTE Wireless WAN Module ■ Deployed as Backup WAN
Mobile 4G
on Cisco ISR 1900/2900/3900/4000 Series. Bandwidth can be
LTE Network
utilized even more efficiently by using the module in combination
with Cisco Wide Area Application Services (WAAS). Head Office
Backup
WAN
Bases
Financing
Primary
Primary
WAN
WAN
Cisco
Mobile Bases
Services
Cisco
vices
Ser-
*1SM-X slot is used for the Cisco ISR 4000 Series.*2Cisco ISR 1900 Series only supports data communications.*3Also supported by a PVDM4 slot on Voice NIMs.
*4Supports up to 1,024 channels.
Programs &
Promotions
73
Cisco Enterprise Network Functions Virtualization (ENVF)
● Protect your network infrastructure investment with Cisco ONE license Now you have the stability you need to support your current business needs,
portability while getting twice the value of a la carte licensing. and you’ll be better prepared to take on whatever the future might bring.
74
Cisco 5000 Series Enterprise Network Compute System
Switches
■ Branch compute optimized for Enterprise NFV
Deploy network services in minutes. With the Cisco Enterprise Network Compute
System, you can completely virtualize all your services in the branch, including
routers. It provides service agility and density needed for the branch that has
limited IT resources.
Wireless
■ Hardware built for Enterprise NFV
The 5000 Series is a purpose-built compute platform optimized for Enterprise
Network Functions Virtualization. Use Enterprise NFV to save time. Simplify
operations and management. Make branch deployments faster and easier.
Routing
traffic. It also supports legacy WAN transports and optional 4G LTE connectivity.
Security
Cisco 5400 Enterprise Network Compute System – Front and Back Cisco 5100 Enterprise Network Compute System – Front and Back
Cisco Meraki
Technical Specifications Cisco 5400 ENCS Cisco 5100 ENCS
DNA-Center
9 MB L2 cache)
● 2 DIMM slots, each with 8, 16, or 32 GB ECC DDR4 RAM ● 2 DIMM slots, each with 16 GB ECC DDR4 RAM
DRAM ● 16 GB default single DIMM ● 16 GB default single DIMM
● 64 GB maximum system capacity ● 32 GB maximum system capacity
Motherboard storage M.2 SATA – 64 GB (default), 200 GB, and 400 GB options M.2 SATA – 64 GB (default), 200 GB, and 400 GB options
Up to 2 Small Form Factor (SFF):
● 7200-rpm SATA: 1 TB, 2 TB
Disk drives (SFF) ● 10000-rpm SAS SED: 1.2 TB Not applicable
● 10000-rpm SAS: 1.8 TB
SMB
● SATA SSD eMLC: 480 GB, 960 GB
RAID options Optional hardware LSI MegaRAID SAS 3108 Controller Not applicable
● 2 GE WAN or LAN port (dual-mode RJ-45 and SFP) ● 2 GE WAN or LAN port (dual-mode RJ-45 and SFP)
Total onboard WAN or
● Built-in 8-port GE LAN switch with PoE capability ● 2 GE WAN or LAN port (RJ-45)
LAN ports
● GE management port for Intel x86 Host ● GE management port for Intel x86 Host
NIM slots 1 Not applicable
Software
OIR (all I/O modules) Yes Not applicable
External USB 2.0 slots
1 2
(type A)
Serial console port RJ-45 (up to 115.2 Kbps) RJ-45 (up to 115.2 Kbps)
Single, internal: AC and PoE
Power-supply options PoE support is available on 5408 and 5412 Enterprise Network Compute Single, internal: AC
System models only.
Financing
AC input voltage 100 to 240 VAC auto-ranging 100 to 240 VAC auto-ranging
Typical power
125W 90W
(no modules) (Watts)
A200W
Total PoE budget Not applicable
Platform supports Universal PoE (60W maximum per LAN port)
Dimensions 1.73 x 17.25 x 13.3 in (includes power supply unit and NIM mounts) 1.73 x 12.7 x 10 in
(H x W x D) (4.4 x 43.8 x 33.8 cm) (4.4 x 32.3 x 25.4 cm)
Cisco
Services
75
Cisco SD WAN
■ Benefits of Cisco SD-WAN
● Better user experience
● Deploy applications in minutes, on any platform, with a consistent user
experience and predictable app performance.
● Greater agility
● Set up and operate your WAN quickly and easily. Gain faster performance
while consuming less bandwidth.
● Advanced threat protection
● Get protection from WAN edge to cloud with segmentation for critical assets
and multilayer security that encrypts all data.
■ Cisco Meraki
For lean IT teams, Cisco Meraki simplifies branch management and integrates
threat management.
■ Cisco IWAN
For IT teams that want customization and open APIs, Cisco IWAN offers
More users, more apps, different devices, but old network. application hosting and virtualization.
The Cloud Era has transformed Enterprise infrastructures in many ways.
Explore how SD-WAN, powered by Cisco, can enable more secure,
consistent and cost effective enterprise connections. Cisco SD-WAN (Viptela): How it Works
Cisco SD-WAN can help. Cisco SD-WAN built on the Cisco SD-WAN Fabric is a purpose-built solution
from ground-up to provide secure, scalable, resilient WAN and with optimal user
experience for applications for a Cloud-ready enterprise.
Dynamic
SaaS performs 4x improvement
optimization for
poorly in SaaS response
O365 and other
times
SaaS
Complex Seamless
workflows for connectivity to
public cloud public cloud
AWS/Azure
Components of the
Cost Prohibitive
bandwidth costs
at $100/mbps
Mix MPLS with
low cost
broadband/LTE
>50% drop in
WAN costs
Cisco SD-WAN solution
■ vManage
Centralized Change control
Traffic grows management & from six months The vManage is a centralized dashboard that enables
30% YoY app visibility to two days
automatic configuration, management and monitoring of the
Cisco SD-WAN overlay network. Users login to vManage to
Rigid architecture centrally manage all aspects of the network life cycle from
requires 6 – 9
months for simple initial deployment, on-going monitoring and troubleshooting to
policy change
change control and software upgrades.
■ vSmart Controller
Application Application
Active-active Predictable
experience (SLA) vSmart controllers are the brains of the overlay network. They
Experience is unpredictable
hybrid links application SLA
establish secure SSL connections to all other components
in the network, and run an Overlay Management Protocol
70% of app
outages are tied App aware
No app outages (OMP) to exchange routing, security and policy information.
to networking policies with real
due to networking
problems time enforcement The centralized policy engine in vSmart provides policy
constructs to manipulate routing information, access control,
segmentation, extranets and service chaining.
■ vEdge Router
The vEdge routers are full-featured IP routers that perform
Isolation for standard functions such as BGP, OSPF, ACLs, Qos and various
Security Difficult to
WAN
segmentation critical enterprise routing policies in addition to the overlay communication.
with granular assets, guest
secure
policies wireless, business Each vEdge router establishes secure connectivity to all of the
partners
control components and also establishes IPSec sessions with
Critical enterprise
Auth + encryption Robust security other vEdge routers in the WAN network.
assets, guest
+ cloud security for for hybrid
wireless, business
hybrid networks networks
partners ■ vBond Orchestrator
The vBond orchestrator facilitates the initial bring-up by
Vulnerabilities performing initial authentication and authorization of all
in hybrid
architectures elements into the network. vBond provides the information on
how each of the components connects to other components.
To learn more, visit: It plays an important role in enabling Viptela devices that sit
behind the NAT to communicate with the network.
cisco.com/go/sdwan
76
Switches
Key Principles
■ Transport independent secure fabric ■ Security and Segmentation
Cisco SD-WAN solution builds an overlay fabric which is carrier agnostic as well As more and more devices are internet connected and as new applications get
as transport agnostic. Customers get a consistent WAN built on any transport rolled out in an enterprise branch, it becomes extremely critical for enterprises
like MPLS, Broadband, 4G/LTE, VSAT and more. Cisco SD-WAN solution to isolate different types of traffic to avoid any threats coming out of different
secures connectivity over all of these transports to build a secure overlay networks. Cisco SD-WAN provides fine-grained granular segmentation
Wireless
network. capabilities to segment various applications & users. For example, IT can create
separate segments for Guest WiFi, PCI traffic, Business applications, Inventory
■ Separate of control-plane and data-plane applications, Video surveillance as well as voice calls.
Cisco SD-WAN provides a clear separation between management-plane,
control-plane and data-plane. This allows each component to work ■ Optimal user experience for IaaS and SaaS applications
independently and efficiently. It also enables scaling of the different components Cisco SD-WAN solution provides various architecture models to enable optimal
based on the needs of the network. connectivity to IaaS and SaaS applications.
■ Zero-Trust Security For public clouds, Cisco SD-WAN vEdge-Cloud is available in the Amazon
Routing
Cisco SD-WAN is built based on the zero-trust model. All of the components AWS as well as Microsoft Azure market place. Customers can deploy vEdge-
mutually authenticate each other and all of the edge devices are authorized Cloud in these clouds to extend the WAN all the way to where the applications
before they are allowed into the network. Every packet across data-plane, are deployed. Consistent policy control, visibility to application usage and
control-plane and management-plane that flows through the network is securing the traffic all the way to the applications are some of the advantages of
encrypted using SSL and IPSec technologies. Cisco SD-WAN solution has deploying vEdge-cloud closer to the application.
unique differentiated capabilities to build a large-scale IPSec network across For SaaS applications, Cisco SD-WAN solution can monitor connectivity to
tens of thousand of branches. various SaaS applications and ensure that all traffic to the SaaS applications is
Security
■ ZTP (Zero Touch Provisioning) following the most optimal path.
All of the vEdge routers are configured and managed using Zero Touch ■ Open Architecture with flexibility of management interfaces
Provisioning. This allows customers to significantly reduce their operational Cisco SD-WAN truly believes in open architecture and provides flexibility
expense in device activations and maintenance. and choice to end customers to effectively manage the WAN network. For
■ Cloud delivered management interfaces, the solution supports REST APIs, SNMP, Netconf,
Syslog as well as IPFIX interfaces.
Cisco Meraki
Cisco SD-WAN is Cloud delivered. All of the controllers are hosted in Cisco
SD-WAN cloud and customers can login to the Viptela dashboard to centrally
manage the WAN. Cisco SD-WAN vManage provides the ability to manage ■ Advanced Analytics
all aspects of the WAN from provisioning, monitoring and upgrading routers to Cisco SD-WAN vAnalytics provides deep insight into the operations of the
application visibility and troubleshooting the WAN. wide area network including visibility into network operations and application
visibility and availability. In addition, customers can run through various What-If
■ Routing & QoS scenarios and fine tune their network based on the recommendations.
Cisco SD-WAN solution can be deployed in any brownfield or greenfield
DNA-Center
environments and is capable of running all OSPF and BGP routing protocols.
These protocols can be enabled on the WAN side or the LAN side. In addition to
the routing protocols, QoS can be enabled on any of the WAN and LAN ports.
Migrating from MPLS to Hybrid.
SMB
Software
Financing
Cisco
Services
Cisco
vices
Ser-
Programs &
Promotions
77
Cisco Wide Area Application Services (WAAS)
data patterns using DRE (Data Redundancy Elimination) and compression ● Increases the number of simultaneous Citrix client connections by up to twice
technology. without the costly upgrade of the WAN bandwidth.
● Application speedup: Achieves efficient utilization of bandwidth by eliminating ● Up to 60 % reduction of the WAN bandwidth requirements
delays using technologies such as read-ahead, protocol proxy and caching. ● Up to 98 % optimization of the printing via WAN
● Supports Citrix MSI (Multi Stream ICA)
www.cisco.com/go/waas
Cisco vWAAS
on
Cisco UCS C Series
Rack Servers
Cisco vWAAS
on
Cisco UCS E Series
Servers
Sof t ware products suitable for bases, integrated into Cisco IOS on the Cisco ISR 800/1900/2900/3900 Series,
Cisco WAAS Express
and activated by Cisco IOS Feature License or Cisco IOS APP license.
Sof t ware products suitable for bases or data centers/headquar ters, integrated into Cisco IOS XE on the Cisco
Cisco ISR WAAS
ISR 4000 Series, and activated by Cisco IOS APP License.
Sof t ware products suitable for bases or data centers/headquar ters, implemented on VMware ESX /ESXi which
Cisco vWAAS
is suppor ted by Cisco UCS E Series Ser vers and Cisco UCS C Series Rack Ser vers.
Cisco WAAS Appliances Hardware appliances suitable for bases or data centers/headquar ters.
78
Switches
Application Optimization with Akamai Connect
Cisco WAAS with Akamai Connect provides a suite of integrated ■ Mobile Assisted Selling Application Benchmark Results in Seconds (s)
WAN optimization, application acceleration, and intelligent caching Without With Akamai Connect With Akamai Connect
features in Cisco ISR 4000 running Application Experience services. Akamai Connect 1st Hit 2nd Hit
ERP App 57 s 18 s 2s
The solution extends the well-known Akamai Intelligent Platform with Repair App 70 s 28 s <1s
Wireless
HTTP/ HTTPS caching across the last mile into the branch office, turbo Catalog App 28 s 13 s <1s
charging the application optimization features of the Cisco WAAS. Akamai
Connect caching integrates with Cisco IWAN features such as ■ Training/Digital Signage Application Benchmark Results in Pixels (p) and Seconds (s)
Application Visibility and Control (AVC), Cisco Performance Routing Without Akamai Connect With Akamai Connect
(PfR), and Cisco Wide Area Application Services (WAAS). It is Default Quality 144 p 720 p (HD Automatic)
available across the Cisco ISR portfolio and Cisco WAAS Appliances, Time to Load (720 p HD) 14 s Instant
allowing you to deploy full-service branch- office operations.
Routing
■ Cisco IWAN with Akamai Connect License
Users can access bandwidth-intensive applications instantly, over
any network, regardless of where the application is hosted - SKU Description
SL-200-AKC License for up to 200 WAAS connections
data center, private cloud, public cloud, or the Internet.
SL-750-AKC License for up to 750 WAAS connections
Cisco WAAS and Akamai connect can be purchased a-la-carte (see table on the SL-1300-AKC License for up to 1300 WAAS connections
right) or if you choose Cisco ONE Software suites it is already an integral part. SL-2500-AKC License for up to 2500 WAAS connections
SL-6K-AKC License for up to 6000 WAAS connections
Security
■ Cisco WAAS Specification Comparison
TCP Optimized
WAN Bandwidth WAN App Central Manager Mode
Cisco Meraki
Series Name SKU/Platform Connections AppNav
(Max) Optimization Speedup Managed Devices
(Max)
L-FL-C880-WAASX*1 1.5 Mbps 75 ● - - -
L-FL-C890-WAASX*1 2 Mbps 75 ● - - -
L-FL-C1941-WAASX*1 4 Mbps 150 ● - - -
L-FL-C2901-WAASX*1 6 Mbps 150 ● - - -
Cisco WAAS Express
L-FL-C2911-WAASX*1 6 Mbps 200 ● - - -
L-FL-C2921-WAASX*1 6 Mbps 200 - - -
DNA-Center
●
L-FL-C2951-WAASX*1 6 Mbps 200 ● - - -
L-FL-C3900-WAASX*1 10 Mbps 500 ● - - -
Cisco 4321 15 Mbps 200 ● ● ● -
Cisco 4331 25 Mbps 750 ● ● ● -
Cisco ISR WAAS Cisco 4351 25 Mbps 750 ● ● ● -
Cisco 4431 50 Mbps 1,300 ● ● ● -
Cisco 4451 150 Mbps 2,500 ● ● ● -
LIC-200-VWAAS 20 Mbps 200 ● ● - -
SMB
LIC-750-VWAAS 50 Mbps 750 ● ● - -
Cisco vWAAS LIC-1300-VWAAS 80 Mbps 1,300 ● ● - -
LIC-2500-VWAAS 150 Mbps 2,500 ● ● - -
LIC-6K-VWAAS 200 Mbps 6,000 ● ● - -
LIC-12K-VWAAS 310 Mbps 12,000 ● ● - -
LIC-50K-VWAAS 700 Mbps 50,000 ● ● - -
Software
4 GB Memory 10 Mbps 200 ● ● - 250 (200) *7
*8
WAVE-294-K9
8 GB Memory*2 20 Mbps 400 ● ● - 250 (200) *7
*8
*5
8 GB Memory 50 Mbps 750 ● ● ● 1,000 (800) *7
*8
Cisco WAAS Appliances WAVE-594-K9
12 GB Memory*3 100 Mbps 1,300 ● ● ●
*5
1,000 (800) *7
*8
*6
16 GB Memory 200 Mbps 2,500 ● ● ● 2,000 (2,000) *7
*8
WAVE-694-K9
24 GB Memory*4 200 Mbps 6,000 ● ● ●
*6
2,000 (2,000) *7
*8
Financing
WAVE-APNV-GE-12SFP AppNav SFP Module for the Cisco WAVE 694 WAAS Appliances - 12
Programs &
Promotions
*1 Maximum DRAM supported by the platform is required. *2 MEM-294-8GB is required. *3 MEM-594-12GB is required. *4 MEM-694-24GB is required.
*5 Cisco AppNav 10 GE Bundle (WAVE-APNV-10GE) is required. *6 Cisco AppNav GE or SFP Module is required. *7 Performance indicators based on Cisco WAAS software release 5.1.
*8 The maximum number of managed devices is reduced by 20 % in an environment containing routers equipped with Cisco WAAS Express. *9 Incorporated on WAVE-294-K9 by default.
79
Security
Cisco Network Security as Architected Solutions
Introduction
Cisco network-security solutions continue to evolve and expand to mitigate the 4. StealthWatch integration with ISE. To provide rich context and group based
growing security threats all organisations face. The latest Architected solution policy control e.g smart quarantine using TrustSec groups (SGT)
illustrated below moves on from NaaS and NaaE to provide enhanced Network
This solution can detect malware and malicious activity in encrypted traffic
(Security) Visibility and Enforcement leveraging:
without decrypting. It can inform security operations of such an event, allowing
1. Established leadership in network security telemetry (line rate full flow Flexible Ops to perform a “one click” or automatic smart quarantine of an affected
Netflow on Catalyst switches) device. For example it could change a security group (SGT) to restrict access
2. Telemetry now extended to provide collection of new data elements that to critical resource until the operator is confident the incident is successfully
provide more insight into encrypted traffic (available first on Catalyst 9300) resolved and allow reversion to normal” access rights.
3. StealthWatch integration with Cognitive to utilise global threat feeds and cloud
Security
based analytics.
Stealthwatch Directions
Flow Collector(s) F) returned
(N
S
Smart Quarantine TP
HT
• ISE – StealthWatch integration
Stealthwatch
SMC
NetFlow
Export
80
Cisco Encrypted Traffic Analytics (ETA)
Switches
A key component of Cisco Network Visibility and Enforcement and Stealthwatch
application. We have enhanced capability to use the network as a sensor
capabilities to detect malicious patterns in not only non-encrypted traffic
but also in encrypted traffic. And without performing decryption of the
encrypted traffic.
Wireless
Cisco ETA using a combination of network contextual data and our Talos threat
intelligence database, we are able to identify malware in encrypted traffic. We
do this by inference using multiple sources of data, there is no decryption of
inspection of traffic content – privacy is maintained at all times. With a high
accuracy rate of 99.99%. Also important to cyber security professionals is the
false positive rate, or the times something is identified as malware and it actually
is not. Incredibly, this is less than .01%.
Routing
■ ETA Traffic flow and solution components
Security
Cisco Meraki
ETA Components
DNA-Center
■ Flexible Netflow Cognitive Analytics maintains a global risk map – a very broad behavioral profile
In the NetFlow architecture, data is transmitted from exporter to collector in sets about servers on the Internet, identifying servers that are related to attacks, may
of records. Each record in a data set has the same format, which is specified be exploited, or may be used as a part of an attack in the future (figure 3). This
by its template. The data record consists of a series of NetFlow information is not a blacklist, but a holistic picture from a security perspective. Cognitive
elements or “fields,” and a specific ID value is assigned to each field. The ID Analytics analyzes the new encrypted traffic data elements in enhanced NetFlow
values for information elements may be globally defined and archived by the by applying machine learning and statistical modeling. The global risk map and
Internet Assigned Numbers Authority (IANA), or they may be enterprise specific Encrypted Traffic Analytics data elements reinforce each other in the Cognitive
SMB
and defined by individual organizations. Analytics engine. Rather than decrypting the traffic, Stealthwatch with Cognitive
Analytics uses machine learning algorithms to pinpoint malicious patterns in
■ Stealthwatch with Cognitive Analytics encrypted traffic to help identify threats and improve incident response.
Cisco Stealthwatch uses NetFlow, proxy servers, endpoint telemetry, policy and
The Security Insight dashboard on the Stealthwatch Management Console
access engines, traffic segmentation and more to establish baseline “normal”
(SMC) provides a view of affected users identified by Cognitive Analytics
behavior for hosts and users across the enterprise. With the integration of
Software
by risk type. An expanded Cognitive Analytics dashboard provides detailed
Cognitive Analytics, a cloud-based analysis engine, Stealthwatch can correlate
information regarding the top risk escalations and relative threat exposure.
traffic with global threat behaviors to automatically identify infected hosts,
Table 3 lists some high-risk threats that use encrypted command and control
command and control communication and suspicious traffic.
communications.
Financing
Cisco
Services
Cisco
vices
Ser-
Programs &
Promotions
81
■ ETA Traffic flow and solution components Cisco Stealthwatch uses NetFlow, proxy servers, endpoint telemetry, policy and
In the NetFlow architecture, data is transmitted from exporter to collector in sets access engines, traffic segmentation and more to establish baseline “normal”
of records. Each record in a data set has the same format, which is specified behavior for hosts and users across the enterprise. With the integration of
by its template. The data record consists of a series of NetFlow information Cognitive Analytics, a cloud-based analysis engine, Stealthwatch can correlate
elements or “fields,” and a specific ID value is assigned to each field. The ID traffic with global threat behaviors to automatically identify infected hosts,
values for information elements may be globally defined and archived by the command and control communication and suspicious traffic.
Compatible Cisco equipment supporting enhanced NetFlow with Encrypted Advanced threat detection - Detect threats that have bypassed existing
Traffic Analytics: Switches: Cisco Catalyst® 9300 Series (starting with the Cisco security controls. Identify insiders exfiltrating data to legitimate cloud services.
IOS XE 16.6 release) and the 9400 Series and 9500 Series (starting with the
Extended visibility and behavioural analytics - Obtain additional visibility and
Cisco IOS XE 16.8.1 release)
context into global and local traffic. Use machine learning for continuous analysis
Routers: ASR 1001-X, ASR 1002-X, ASR 1001-HX, ASR 1002-HX, ASR 1004, and detection of command and control communications.
ASR 1006-X, ASR 1009-X, 4221 ISR, 4321 ISR, 4331 ISR, 4351 ISR, 4431
ISR, 4451-X ISR, Integrated Services Virtual Router (ISRv) including the 5400 ■ Conclusion
Enterprise Network Compute System, Cloud Services Router (CSR) 1000V In summary, the network is now an even more advanced security sensor,
(starting with the Cisco IOS XE 16.7 release) capable of detecting threats in encrypted traffic. A Cisco Digital Network
Stealthwatch gains additional machine learning and statistical modeling Architecture-ready infrastructure turns the network into an end-to-end sensor
capabilities (in release 6.9.2) to analyze enhanced NetFlow with Encrypted and enforcer that detects, contains and prevents emerging, sophisticated
Now you can manage and automate your network - including policy and access guest network login using Facebook credentials, read-only access, ACS parity
- from a single dashboard with Cisco DNA Center. DNA Center is a holistic, end- features, an Upgrade Readiness Tool and more! For additional details, see the on
to-end network management platform for the Network. Intuitive. Integrating www.cisco.com/go/ISE to find latest resources and release notes.
ISE allows the DNA Center to define and enact policy to control access across
the network, all from a unified interface. Cisco ISE 2.3 is a required integration ■ Conclusion
component for the DNA Center and SD-Access. The network infrastructure is everywhere and sees everything. Cisco Network
based security features can be integrated with our specialist security products
■ Features and threat intelligence using a Cisco Digital Network Architecture to turn the
The need for robust access control that scales has never been greater. Rich visibility network into a security sensor and enforcer that provides advanced network
into who and what are on your network along with the ability to segment end-to-end security visibility and enforcement NVE.
using a software-defined approach are critical requirements of customers who are
seeing an explosion of connected devices as well as a perpetual deluge of network This infrastructure can then detect, contain and prevent emerging and
breaches. Which is why the latest version of Cisco ISE doubles-down on outcomes sophisticated security threats. And is uniquely, capable of detecting those
that realize a secure digital network. It does this through enabling automation, threats in encrypted traffic without the risk and processing overhead of in
administrative simplification, and net new capabilities. network decryption.
82
Switches
ISE and DNA-C Integration for Policy Automation
Wireless
Campus Fabric
Routing
Security
Cisco Meraki
Cisco Cisco
DNA Center Identity Service Engine
Fabric Authentication
DNA-Center
Management Authorization
Policies
SMB
Policy Authoring Groups and Policies
Workflows
Software
Financing
Cisco
Services
Cisco
vices
Ser-
83
Cisco Meraki
Simply Better IT
The Cisco Meraki portfolio is centrally managed from an intuitive web-interface. This
feature-rich, easy-to-use dashboard enables customers to reduce operating costs
and rapidly implement IT initiatives to achieve their organization’s mission.
■ Cloud Managed Wireless (MR) ■ Cloud Managed Switches (MS) ■ C l o u d M a n a g e d S e c u r i t y ■ Mobility Management (SM) ■ Cloud-Managed Security
● Indoor and outdoor access ● GE access switches and 40 Appliances (MX) ● Network-wide visibility Cameras (MV)
point models GE aggregation switches ● Complete networking, and control ● Arrange video tiles on the fly
● IEEE 802.11ac and 802.11n ● Centrally managed with security, and application ● No on-site controller for monitoring of key areas
with ultra-high performance, monitoring and alerts control hardware ● The Cisco Meraki dashboard
up to 2.5 Gbps ● Ultra reliable and includes ● Centrally managed from ● Automatic monitoring provides secure monitoring
● Integrated wireless security lifetime warranty the cloud and alerts and management of all your
and guest access ● Optimized for voice and video ● Includes firewall, auto VPN, ● Seamless over-the-web cameras from anywhere in
● Third radio dedicated to traffic with PoE+ available on WAN optimization, and upgrades the world.
security and RF optimization all ports branch routing ● Laptop gone missing? Easily
(indoor models) ● Six models scale from small identify where it went and
● Ideal for high-density branches to campuses export a video clip to share
campuses, branches, ● AMP with law enforcement.
teleworkers, and rugged/ ● IR illumination allows for
outdoor environments video recording in dark
● Built-in traffic shaping, environments up to 30m
location analytics, group ● Easily define who can see
policies—all configurable with which video streams, view
just a few mouse clicks historical footage, and export
video, all from the dashboard.
● The MV21 provides
drastically simplified industrial
design, eliminating the need
for tools when re-adjusting
the lens
For details on Cisco Meraki, visit the following Web site:
www.cisco.com/go/meraki
84
Switches
REDUCING WITH CISCO MERAKI
Wireless
TCO = CAPEX + OPEX
TOTAL COST CAPITAL OPERATIONAL
OF OWNERSHIP EXPENDITURE EXPENDITURE
Routing
Potential Savings
20%*
Security
UP TO
Cisco Meraki
OPEX
UP TO
90% WITH MERAKI
Gartner estimates that 80% of
total IT costs occur after the initial
DNA-Center
OPEX purchase meaning the greatest
potential to reduce TCO lies
within OPEX.
A Wireless Retail
Bar S Foods Education Corporate Office
Center for Neurosciences,
Orthopaedics & Spine
IPS with Sourcefire
MX Security Site-to-Site VPN Content Filtering Advanced Malware Protection
(AMP)
2 4 6 8 10
Management Internet
HA 1 2 3 4 5 6 7 8 9 10 11 USB
Verizon authorized retailer Largest food packing company in North America Healthcare organization specializing in
Internet
Restore
LAN
1 3 5 7 9 11
Cisco
14 5
MR Wireless SECURITY
Cloud CMX Analytics
SECURITY
High-Density WiFi
SECURITY
BYOD Policies
17
670
Programs &
Promotions
SM Deployed
Mobility Meraki security appliance + wireless and 14 distribution centers, 5 production sites,
Tablet Management Utilize full stack of Meraki devices across
Application Management Security Policy Enforcement
switches at 670 stores with 500 more planned 1 warehouse, 1 HQ 17 hospitals and satellite clinics
15% MORE
$5.25 MILLION CAPEX COST WITH MERAKI VERSUS 85
PRODUCTION REVENUE SAVED TRADITIONAL TECHNOLOGY
WITH MERAKI OVER 5 YEARS
CASE STUDIES
Verizon authorized retailer Largest food packing company in North America Healthcare organization specializing in
by volume Neurosciences, Orthopaedics & Spine
14 5
SECURITY SECURITY SECURITY
17
670
SWITCHING SWITCHING SWITCHING
1 1
Deployed Meraki security appliance + wireless and 14 distribution centers, 5 production sites, Utilize full stack of Meraki devices across
switches at 670 stores with 500 more planned 1 warehouse, 1 HQ 17 hospitals and satellite clinics
15% MORE
$5.25 MILLION CAPEX COST WITH MERAKI VERSUS
PRODUCTION REVENUE SAVED TRADITIONAL TECHNOLOGY
WITH MERAKI OVER 5 YEARS
YR 1
Cisco Meraki
YR 2
YR 3
YR 4
MERAKI TRADITIONAL
525 HOURS YR 5
SAVINGS WITH MERAKI OVER 3 YEARS SAVINGS WITH MERAKI OVER 5 YEARS SAVINGS WITH MERAKI OVER 5 YEARS
86
Cisco Meraki MX and SD-WAN with AMP
Switches
Cisco Meraki MX Cloud Managed Security Appliance Series are ideal for
organizations with large numbers of distributed sites. Since the MX is 100%
cloud managed, installation and remote management is simple. The MX has
a comprehensive suite of network services, eliminating the need for multiple
appliances. These services include Layer 7 application firewall, content filtering,
web search filtering, intrusion prevention, web caching, Intelligent WAN with
Wireless
multiple uplinks and 4G failover.
Routing
manual intervention by the network administrator. By providing granular control over
With AMP, a world class malware database is paired with context-aware monitoring
how certain traffic types respond to changes in WAN availability and performance,
and reporting, retrospective malware analysis, and Threat Grid sandboxing to
SD-WAN can ensure optimal performance for critical applications and help to avoid
provide an anti-malware solution that does more than just prevent users from
disruptions of highly performance-sensitive traffic, such as VoIP.
downloading malware – it provides comprehensive security before, during, and
after a malware attack.
Security
AMP WAN 1
Secure VPN tunnel
WAN 2
Secure VPN tunnel
Meraki MX
Internet
Cisco Meraki
Data
&
■ License Editions
Enterprise Advanced Security
Stateful Firewall, NAT, DMZ ● ●
■ Key Hardware Specifications Threat Grid Active/Passive HA ● ●
Layer 7 Traffic Shaping ● ●
MX64 MX65 MX84 MX100 MX400 MX600 Cloud-based Management ● ●
Recommended Users 50 50 200 500 2,000 10,000 Monitoring and Alerts ● ●
Firewall (Mbps) 250 250 500 750 1,000 1,000 Link Aggregation and Failover ● ●
DNA-Center
Advanced Security (Mbps) 200 200 300 650 1,000 1,000 Web Caching ● ●
Max VPN Peers 25 25 100 250 1,000 5,000 Site-to-Site and Client VPN ● ●
Dual WAN Links ● ● ● ● ● ● Client VPN ● ●
Web Caching - - ● ● ● ● SD-WAN ● ●
Web Cache Size (TB) - - 1 1 1 4 3G/4G Failover ● ●
Fiber Connectivity - - - SFP SFP+ SFP+ IDS/IPS - ●
Dual Power Supply - - - - ● ● Content Filtering with SafeSearch - ●
Anti-Virus and Anti-Phishing - ●
Geo-IP Firewall Rules - ●
AMP - ●
SMB
Z3: Fast, Reliable Connectivity for the Modern Teleworker
■ Traffic shaping and application management ■ Cloud-based centralized management
Software
■ Hardware
802.11ac Wave 2 WiFi for fast and reliable Layer 7 application visibility and traffic shaping Managed centrally over the Web
connectivity Application prioritization Classifies applications, users and devices
4 wired ports with one PoE-powered port, ideal for ■ Teleworker gateway services Zero-touch, self-provisioning deployments
phones
Stateful firewall separates corporate and personal
1 GbE WAN port, 4 GbE LAN ports
traffic
3G / 4G failover via USB modem
Extend VoIP phones over WAN
Sleek, low profile design with optional desk stand
802.1x support for wired port authentication
Financing
Virtual MX is a virtual instance of a Meraki security virtual MX can support up to 500 Mbps of VPN ■ Licensing Details
Ser-
appliance, dedicated specifically to providing the throughput, providing ample bandwidth for mission Meraki
simple configuration benefits of site-to-site Auto critical IT services hosted in AWS, like Active The virtual MX appliance is free
VPN for customers running or migrating IT services to Directory, logging, or file and print services. and available in the AWS Marketplace.
an Amazon Web Services or Microsoft Azure Virtual Secure connections built to a virtual MX benefit A Meraki cloud-management license is required
Private Cloud (VPC). A virtual MX is added as an from the same SD-WAN capabilities as a physical and available in 1, 3, or 5 year options.
Programs &
Promotions
instance on EC2 or Azure and then configured in the MX appliance. An optimal path can be maintained Amazon Web Services
Meraki dashboard, just like any other MX. It functions using Dynamic Path Selection, for traffic destined for Amazon charges either hourly or monthly for use of
like a VPN concentrator. regular servers in a datacenter behind a physical MX, EC2 instances.
An Auto VPN to a virtual MX is like having a direct or virtual servers behind a virtual MX.
Microsoft Azure (available starting in October)
Ethernet connection to a private datacenter. The
Microsoft Azure charges via a pay-as-you-go model.
87
Cloud Managed Wireless
■ Cisco Meraki MR Cloud Managed Wireless Access Points
Indoor Access Points
MR30H MR33 MR42 MR52
Model
Switching Capacity 20 Gbps 20 Gbps 56 Gbps 104 Gbps 56 Gbps 104 Gbps 128 Gbps 176 Gbps
Model
Recommended
50 50 50 50 200
Max Users
Stateful Firewall
250 Mbps 250 Mbps 250 Mbps 250 Mbps 500 Mbps
Throughput
VPN Throughput
85 Mbps 85 Mbps 85 Mbps 200 Mbps 200 Mbps
per tunnel
VPN Tunnels - - - - 100
88
Switches
Outdoor Access Points
MR53 MR74 MR84
Model
Wireless
1 × 802.11b/g/n 1 × 802.11b/g/n 1 × 802.11b/g/n/ac
1 × 802.11a/n/ac 1 × 802.11a/n/ac 1 × 802.11a/n/ac Radios
1 × WIDS/WIPS 1 × WIDS/WIPS 1 × WIDS/WIPS Specification
1 × Bluetooth 1 × Bluetooth 1 × Bluetooth
Routing
4×4:4 MU-MIMO 2×2:2 MU-MIMO 4×4:4 MU-MIMO 11n and 11ac
with beamforming with beamforming with beamforming Capabilities
2.5 Gbps 1.3 Gbps 2.5 Gbps Max Data Rate*1
Security
(antennas sold separately)
Cisco Meraki
Access Switches Distribution Switches
MS250-24 MS250-48 MS350-24 MS350-24X MS350-48 MS410-16 MS410-32 MS425-16 MS425-32
Model
DNA-Center
24 x GbE 48 x GbE 24 x GbE 24 x GbE 48 x GbE 16 x SFP GbE 32 x SFP GbE 16 x SFP GbE 32 x SFP GbE Downlinks
4 × 10G (SFP+) 4 × 10G (SFP+) 4 × 10G (SFP+) 4 × 10G (SFP+) 4 × 10G (SFP+) 2 / 4 × 10G (SFP+) 2 / 4 × 10G (SFP+) 2 / 4 × 40G QSFP+ 2 / 4 × 40G QSFP+ Uplinks
80G (2 × 40G) 80G (2 × 40G) 160G (2 × 80G) 160G (2 × 80G) 160G (2 × 80G) 160G(2 × active 160G (2 × active
160G (2 × 80G) 160G (2 × 80G) Stacking
Virtual Virtual Virtual Virtual Virtual QSFP+) QSFP+)
SMB
370 W 370 W 740 W — — — —
740 W (-48FP) 740 W (-48FP) Power Budget
128 Gbps 176 Gbps 176 Gbps 72 Gbps 144 Gbps 72 Gbps 144 Gbps 480 Gbps 800 Gbps Switching Capacity
Software
Medium Branch Large Branch, Campus / Concentrator
MX100 MX250 MX400 MX450 MX600
Financing
Model
Recommended
500 2000 2000 10000 10000
Max Users
Stateful Firewall
Cisco
Throughput
Cisco
vices
VPN Throughput
375 Mbps 1 Gbps 900 Mbps 2 Gbps 900 Mbps
per tunnel
Ser-
- - - - - Wireless
89
Cloud Managed Security Cameras
Indoor Camera Outdoor Camera
MV21 MV72
Model
Storage 128 GB High endurance solid state storage 128 GB High endurance solid state storage
28° - 82° (Horizontal) 28° - 82° (Horizontal)
Variable Field of View: 21° - 61° (Vertical) 21° - 61° (Vertical)
37° - 107° (Diagonal) 37° - 107° (Diagonal)
Video: 720p HD video recording (1280x720) with H.264 encoding 720p HD video recording (1280x720) with H.264 encoding
Weather-proof IP66-rated housing
Ratings:
Vandal-proof IK10-rated hosuing
90
Switches Wireless Routing Security Cisco Meraki DNA-Center SMB Software Financing Cisco
Cisco
Ser- Programs &
Services
vices Promotions
91
DNA-Center
Automation
● Design
● Policy
● Provision
● Assurance
The insights you gather from your network devices can influence your automation
configuration and deployment decisions. Cisco DNA Center provides an integrated
automation and assurance/analytics workflow, enabling you to quickly take action to
remediate the issue. Think of it as a closed feedback loop.
92
How does it all work?
Switches
■ Collect Data
Cisco collects from a comprehensive set of network data sources and provides ■ Machine Learning
software development kits to integrate third-party telemetry sources. Built-in When machine learning is applied, the solution can evaluate trends and proactively
sources include NetFlow, Syslog, Simple Network Management Protocol (SNMP), determine which conditions tend to lead to performance issues. These predictive
wireless controller, and streaming telemetry. analytics can also be fed into Cisco DNA Center so users can take action on
discoveries.
Wireless
■ Condition Data
After data is collected, it’s sorted and organized by various features including time, ■ See in Cisco DNA Center
network element, user, device, application, location, and other network attributes. All insights from Analytics and Assurance are displayed in Cisco DNA Center,
where they can be easily and quickly viewed and potential remediation can be
■ Add Correlations suggested. The user can then use the automation tasks in Cisco DNA Center to put
Cisco uses algorithms and our domain expertise to evaluate collected data and these insights into action. Cisco DNA automation enables IT to modify the network
determine correlations between observed events and potential causes. The user to remediate real and potential issues. As the self-driving network is fully realized,
doesn’t have to wade through volumes of data to manually determine the root analytic insights can build the roadmap for automation actions.
Routing
cause. The solution determines relations and provides the information in an easy-
to-use dashboard: Cisco DNA Center.
Security
Cisco Meraki
DNA-Center
SMB
Benefits Where is the opportunity?
● Cisco DNA Center provides an easy-to-use single dashboard for monitoring ● Customers that are interested in centralizing management and simplifying
network health, identifying issue root causes, evaluating network their networks with automation and assurance.
configuration changes, and remediating issues. ● Customers that have growing IoT needs and are concerned about security.
Software
● Cisco Assurance with its analytic engine collects data from multiple ● Existing Cisco TrustSec customers that are looking to implement Software-
network sources to deliver comprehensive visibility into devices, users, and Defined Access.
applications for proper context and correlation. ● Customers that are looking for better visibility and analytics-driven
● Advanced correlation and machine learning algorithms proactively identify troubleshooting and capacity planning tools.
outliers that are reported as issues for remediation. ● Customers that need to replicate multiple sites such as branches.
Sensors proactively generate synthetic application and network traffic to
What to sell?
●
probe wireless network performance.
● Recommended remediation options are driven by 30 years of Cisco domain
Financing
■ Software
What are customers’ buying triggers? ● Lead with Cisco ONE™ Advantage when possible. Cisco ONE Advantage
Cisco
includes DNA Advantage, DNA Essentials, Stealthwatch®, ISE Base and Plus
Services
Cisco
Network management is manual, complex and costly, resulting in human and SWSS. Cisco ONE Essentials includes DNA Essentials, ISE Base and
vices
●
errors, causing downtime. Software support.
Ser-
● Lack of visibility into the network makes it difficult to resolve issues quickly ● DNA Essentials license for each network device (Cisco Catalyst® Switch,
and reduce security threats. wireless access point or router) to enable base automation and monitoring
● Onboarding and servicing users can be time consuming. They require capabilities on the network.
multiple steps, which affect productivity and compromise security. ● DNA Advantage license for each network device (Cisco Catalyst Switch,
● Lack of actionable IT and business insights from the network can slow the wireless access point or router) to enable SD-Access, advance assurance
Programs &
Promotions
www.cisco.com/go/DNAcenter
93
SMB
Cisco Small Business Switches and Access Points
● Cisco 95/110 Series Unmanaged Switches ● Cisco 350 Series Managed Switches
Get highly affordable Gigabit, Fast Ethernet, and PoE. No setup is required for The ideal combination of affordability and advanced network features for small
QoS, network diagnostics, power-saving mode, and loop detection. business, these easy to use fully managed switches are the cornerstone of your
● Cisco 220 Series Smart Switches network.
Build a simple, secure, and smart business network in minutes at a lower cost ● Cisco 350X Series Stackable Managed Switches
than you can with fully managed switches. Our managed switches deliver an ideal combination of affordability and advanced
● Cisco 250 Series Smart Switches features with 10-Gigabit Ethernet and stacking.
Entry-level managed switch features and easy management at a great price. Build ● Cisco 550X Series Stackable Managed Switches
a business-class network with the features you need. These next-generation stackable managed switches offer 10-Gigabit Ethernet and
advanced capabilities to accelerate your business growth.
95/110 Series Cisco 220 Series Smart Switches 350 Series 350X Series 550X Series
Unmanaged Switches 250 Series Smart Switches Managed Switches Stackable Managed Stackable Managed
Switches Switches
94
■ Cisco 250 Series Smart Switches
Switches
Ports PoE
New Existing AC Fan Stack Rack
Orderable SKU GE/ 10 10GB-T 60 W Power IEEE Input Pass
Model Name Model Name FE GE SFP SFP+ Ports Power less able Mount
SFP GB-T /SFP+ Ports Budget 802.3 Ports through
SF250-48 SF200-48 SF250-48-K9-xx 48 - 2 2 - - - - - - - - - Internal ● - 1 RU
SF250-48HP SF200-48P SF250-48HP-K9-xx 48 - 2 2 - - - 48 - 195 W af/at - - Internal - - 1 RU
SG250-10P SG200-10FP SG250-10P-K9-xx - 8 - 2 - - - 8 - 62 W af/at 2 ● External ● - 1 RU
SG250-26 SG200-26 SG250-26-K9-xx - 24 - 2 - - - - - - - - - Internal ● - 1 RU
SG250-26HP SG200-26P SG250-26HP-K9-xx - 24 - 2 - - - 24 - 100 W af/at - - Internal - - 1 RU
Wireless
SG250-26P SG200-26FP SG250-26P-K9-xx - 24 - 2 - - - 24 - 195 W af/at - - Internal - - 1 RU
■ Cisco 350 Series Managed Switches
Existing Ports PoE
New AC Fan Stack Rack
Model Orderable SKU GE/ 10 10GB-T 60 W Power IEEE Input Pass
Model Name FE GE SFP SFP+ Ports Power less able Mount
Name SFP GB-T /SFP+ Ports Budget 802.3 Ports through
SF350-48 SF300-48 SF350-48-K9-xx 48 - 2 2 - - - - - - - - - Internal - - 1 RU
SF350-48P SF300-48PP SF350-48P-K9-xx 48 - 2 2 - - - 48 8 382 W af/at - - Internal - - 1 RU
Routing
SF350-48MP n/a SF350-48MP-K9-xx 48 - 2 2 - - - 48 8 740 W af/at - - Internal - - 1 RU
SG350-10 SG300-10 SG350-10-K9-xx - 8 - 2 - - - - - - - 2 ● External ● - 1 RU
SG350-10P SG300-10PP SG350-10P-K9-xx - 8 - 2 - - - 8 - 62 W af/at 2 ● External ● - 1 RU
SG350-10MP SG300-10MPP SG350-10MP-K9-xx - 8 - 2 - - - 8 - 124 W af/at 2 ● External ● - 1 RU
SG355-10P n/a SG355-10P-K9-xx - 8 - 2 - - - 8 - 62 W af/at 2 ● Internal ● - 1 RU
SG350-28 SG300-28 SG350-28-K9-xx - 24 2 2 - - - - - - - - - Internal ● - 1 RU
SG350-28P SG300-28PP SG350-28P-K9-xx - 24 2 2 - - - 24 4 195 W af/at - - Internal - - 1 RU
Security
SG350-28MP SG300-28MP SG350-28MP-K9-xx - 24 2 2 - - - 24 4 382 W af/at - - Internal - - 1 RU
Cisco Meraki
SG350X-24P n/a SG350X-24P-K9-xx - 24 - - - 2 2 24 4 195 W af/at - - Internal - ● 1 RU
SG350X-24MP n/a SG350X-24MP-K9-xx - 24 - - - 2 2 24 4 382 W af/at - - Internal - ● 1 RU
SG350X-48 n/a SG350X-48-K9-xx - 48 - - - 2 2 - - - - - - Internal - ● 1 RU
SG350X-48P n/a SG350X-48P-K9-xx - 48 - - - 2 2 48 8 382 W af/at - - Internal - ● 1 RU
SG350X-48MP n/a SG350X-48MP-K9-xx - 48 - - - 2 2 48 8 740 W af/at - - Internal - ● 1 RU
SG350XG-2F10 n/a SG350XG-2F10-K9-xx - - - - 10 2 - - - - - - - Internal - ● 1 RU
SG350XG-24T n/a SG350XG-24T-K9-xx - - - - 22 - 2 - - - - - - Internal - ● 1 RU
DNA-Center
SG350XG-24F n/a SG350XG-24F-K9-xx - - - - - 22 2 - - - - - - Internal - ● 1 RU
SG350XG-48T n/a SG350XG-48T-K9-xx - - - - 46 - 2 - - - - - - Internal - ● 1 RU
SMB
SF550X-48 SF500-48 SF550X-48-K9-xx 48 - - - - 2 2 - - - - - - Internal - ● 1 RU
SF550X-48P SF500-48P SF550X-48P-K9-xx 48 - - - - 2 2 48 16 382 W af/at - - Internal - ● 1 RU
SF550X-48MP SF500-48MP SF550X-48MP-K9-xx 48 - - - - 2 2 48 16 740 W af/at - - Internal - ● 1 RU
SG550X-24 SG500X-24 SG550X-24-K9-xx - 24 - - - 2 2 - - - - - - Internal - ● 1 RU
SG550X-24P n/a SG550X-24P-K9-xx - 24 - - - 2 2 24 8 195 W af/at - - Internal - ● 1 RU
SG550X-24MP SG500X-24P SG550X-24MP-K9-xx - 24 - - - 2 2 24 8 382 W af/at - - Internal - ● 1 RU
Software
SG550X-24MPP SG500X-24MPP SG550X-24MPP-K9-xx - 24 - - - 2 2 24 8 740 W af/at - - Internal - ● 1 RU
SG550X-48 SG500X-48 SG550X-48-K9-xx - 48 - - - 2 2 - - - - - - Internal - ● 1 RU
SG550X-48P SG500X-48P SG550X-48P-K9-xx - 48 - - - 2 2 48 16 382 W af/at - - Internal - ● 1 RU
SG550X-48MP SG500X-48MP SG550X-48MP-K9-xx - 48 - - - 2 2 48 16 740 W af/at - - Internal - ● 1 RU
SG550XG-8F8T n/a SG550XG-8F8T-K9-xx - - - - 8 8 - - - - - - - Internal - ● 1 RU
SG550XG-24T n/a SG550XG-24T-K9-xx - - - - 22 - 2 - - - - - - Internal - ● 1 RU
Financing
the new network management tool, Cisco FindIT Network Manager. It provides:
Cisco
vices
an inventory report.
● A customizable monitoring dashboard. It allows you to easily see the state of the
network and how it is performing. Be alerted automatically to important events
such as network devices going offline.
● A single interface to configure system information, wireless networks, virtual
Programs &
Promotions
95
Cisco WAP Access Points
Cisco WAP Access Points combine business-class features with the reliability and ● Cisco 100 Series Wireless Access Points
performance needed for small business networks. The Single Point Setup(SPS) Sleek and simple to configure, our 100 Series delivers the performance you
feature makes deployment of multiple access point easy and cost effective. need at an affordable price.
● Cisco 300 Series Wireless Access Points
Get Gigabit speed for your mobile devices. Use our simple controller-less
management to manage multiple access points.
● Cisco 500 Series Wireless Access Points
Get exceptional performance and coverage for mobile devices and next-
generation applications. Use our simple, controller-less management to
expand your wireless network.
High ←
Aironet
11ac
Price, Performance
WAP581
Out
11ac 11ac 11ac
door
*1 Power Adapter (included) or Power Injector is required when not using PoE receiving. *2 Power Adapter or Power Injector is required when not using PoE receiving.
96
Cisco Aironet Access Points
Switches
Indoor Access Points
HDX HDX
Wireless
2.6 Gbps
mGig
1.7 Gbps
Routing
Cisco Aironet
1850 Series
HDX HDX
1.3 Gbps
Security
Cisco Aironet Cisco Aironet
2700 Series 3700 Series
867 Mbps
Cisco Meraki
Cisco Aironet Cisco Aironet Cisco Aironet Cisco Aironet
1700 Series 1810/1810w Series 1815i/m/t/w Series 1830 Series
11ac Wave 1 11ac Wave 2
DNA-Center
delivering high-speed and stable wireless LAN environments with a theoretical ● IEEE 802.11ac Wave 2-compatible (Cisco Aironet 1810/1810w/1815i/1815m/
maximum throughput of between 300 Mbps and 2.6 Gbps. A broad selection of 1815t/1815w/1830/1850/2800/3800 Series)
models is available for various installation environments and network requirements. ● 2.4 GHz/5 GHz dual-band (All models)
● Cisco CleanAir Express (Controller-based models of the Cisco Aironet 1700
● Built-in antenna model: These models feature a streamlined body and an Series)
integrated LAN/power cable using PoE (Power over Ethernet) for a stylish ● Cisco CleanAir (Controller-based models of the Cisco Aironet 2700/2800/
installation that blends into the office environment. 3700/3800 Series)
● External antenna model: These models feature a rigid metal chassis and ● Cisco OfficeExtend (Controller-based models, excluding some models)
support a wide range of operating temperatures for use in factories, warehouses ● Cisco ClientLink (excluding some models)
and stores where environmental requirements are very strict. A wide selection of ● Cisco BandSelect (Controller-based models, excluding some models)
SMB
antennas are available for these models to suit different installation
environments.
There are two types of models for Cisco Aironet Indoor Access Points: Standalone
or Mobility Express models, and Controller-based models. The Controller-based
models are designed to operate in linkage with the Cisco Wireless Controllers.
For details on Cisco Aironet Indoor Access Points,
Software
visit the following Web site:
www.cisco.com/go/ap
Financing
*1 Cisco Aironet 3600/3700 Series are planned to support 11ac Wave 2 via addition of a module.
97
Cisco RV Series
Cisco RV Series are affordable, highly secure network access devices, designed and built for small businesses. Cisco offers a broad range of small business routers to meet
any requirement from basic Internet connectivity to high-capacity, business-critical networking.
11ac
RV340W RV345P
RV340 RV345
GE WAN
11ac
FE WAN
■ Cisco RV Series
WAN Ports LAN Ports PoE IPsec VPN Tunnels Wireless
IPsec Web AC
SKU 3G/ Power IEEE Remote 2.4 5
FE GE xDSL FE GE Ports Throughput Site-to-Site Filtering 11n 11ac Power
4G Budget 802.3 Access GHz GHz
RV042 2 - - - 4 - - - - 59 Mbps 50 50 - - - - - External
RV042G-K9-xx - 2 - - - 4 - - - 75 Mbps 50 50 - - - - - External
SMB
98
Cisco ISR 800 Series
Switches
Fixed-configuration Integrated Services Routers suitable for deployment in
small-sized bases, home offices and Machine-to-Machine (M2M) environments.
In addition to the routing service, a wide variety of services including switching,
wireless security, unified communication, and WAN optimization can be integrated
using a single router unit.
Wireless
■ Highlights
● Cisco IOS Universal Image (IP Base/Advanced Security/Advanced IP Services)
● Built-in managed switch (All models)
● Built-in IEEE 802.11n-compatible wireless access point (C819GW-LTE-LA-xK9/
C881W-x-K9)
● 4G LTE wireless WAN (Some models)
Routing
■ Cisco ISR 800 Series (1 of 2)
Maximum
SKU Description Dimensions (Height x Width x Depth)
Weight
C819H-K9 Cisco ISR 819H M2M Hardened Model 4.39 x 19.56 x 20.57 cm 1.45 kg
C819G-LTE-LA-K9 Cisco ISR 819G 4G LTE 2.5 M2M Model 4.24 x 19.56 x 18.29 cm 1.04 kg
C819GW-LTE-LA-xK9*1 Cisco ISR 819G 4G LTE 2.5 Wireless M2M Model 4.24 x 19.56 x 22.86 cm 1.04 kg
Security
C819HG-4G-G-K9 Cisco ISR 819HG 4G LTE M2M Hardened Model 4.39 x 19.56 x 20.57 cm 1.45 kg
C867VAE Cisco ISR 867VAE IP Base Model 3.85 x 20.90 x 19.80 cm 2.49 kg
C867VAE-K9 Cisco ISR 867VAE Advanced Security Model 3.85 x 20.90 x 19.80 cm 2.49 kg
C881W-x-K9 *1 Cisco ISR 881W Wireless Model 4.82 x 32.51 x 26.42 cm 2.49 kg
C881-V-K9 Cisco ISR 881-V Router 4.82 x 32.51 x 24.89 cm 2.49 kg
C891F-K9 Cisco ISR 891F Router 4.62 x 32.28 x 24.84 cm 2.49 kg
Cisco Meraki
C891-24X/K9 Cisco ISR 891-24X 4.62 x 43.82 x 30.48 cm 2.49 kg
C892FSP-K9 Cisco ISR 892FSP 4.62 x 32.28 x 24.84 cm 2.49 kg
C897VA-K9 Cisco ISR 897VA 4.62 x 32.28 x 24.84 cm 2.49 kg
C897VAG-LTE-LA-K9 Cisco ISR 897VAG 4G LTE 2.5 Model 4.82 x 32.51 x 26.42 cm 2.58 kg
C898EAG-LTE-LA-K9 Cisco ISR 898EAG 4G LTE 2.5 Model 4.82 x 32.51 x 26.42 cm 2.58 kg
C899G-LTE-LA-K9 Cisco ISR 899G 4G LTE 2.5 Model 4.82 x 32.51 x 26.42 cm 2.58 kg
DNA-Center
■ Cisco ISR 800 Series (2 of 2)
WAN Ports LAN Ports Wireless Security
Rack
SKU Cisco IOS 4G Voice WAASX
FE GE GE/SFP ISDN xDSL Voice FE GE AP FW VPN mount
LTE
C819H-K9 Advanced IP Services - 1 - - - - 4 - - - ● ● - ● -*5
C819G-LTE-LA-K9 Advanced IP Services - 1 - - - - 4 - - ● ● ● - ● -*5
C819GW-LTE-LA-xK9 Advanced IP Services - 1 - - - - 4 - ● ● ● ● - ● -*5
C819HG-4G-G-K9 Advanced IP Services - 1 - - - - 4 - - ● ● ● - ● -*5
C867VAE IP Base - 1 - - 1 - 3 2 - - - - - - -
SMB
C867VAE-K9 Advanced Security - 1 - - 1 - 3 2 - - ● ● - - -
C881W-x-K9 Advanced Security 1 - - - - - 4 - ● - ● ● - - -
C881-V-K9 Advanced IP Services 1 - - - - 7*2 4 - - - ● ● ●*3 - -
C891F-K9 Advanced IP Services 1 - 1 1 - - - 8 - - ● ● - ●*4 -*6
C891-24X/K9 Advanced IP Services - - 2 - - - - 24 - - ● ● - - -*7
C892FSP-K9 Advanced IP Services - 1 1 - - - - 8 - - ● ● - ●*4 -*6
Software
C897VA-K9 Advanced IP Services - - 1 1 1 - - 8 - - ● ● - ●*4 -*6
C897VAG-LTE-LA-K9 Advanced IP Services - - 1 - 1 - - 8 - ● ● ● - ●*4 -*6
C898EAG-LTE-LA-K9 Advanced IP Services - - 1 - 1 - - 8 - ● ● ● - ●*4 -*6
C899G-LTE-LA-K9 Advanced IP Services - 1 1 - - - - 8 - ● ● ● - ●*4 -*6
*1 The “x” corresponds to the supported domain. *2 BRI x 2, FXS x 4, FXO x 1. *3 Call control and messaging are not supported. *4 Feature License is required.
*5 DIN Rail Mount and Floor/Wall Mount are supported (Optional). *6 ACS-890-RM-19 is required. *7 ACS-2901-RM-19 is required.
Financing
Machine-to-Machine (M2M)
Machine-to-Machine (M2M) is a technology that aggregates the vibration and impact resistance to withstand industrial use. A wide variety of
intercommunications between machines without human intervention. mounting options are supported including DIN rail, floor and wall mounting.
This technology is already used in a wide range of devices such as
Cisco
pace. The most important elements for network devices offering the
M2M technology are compactness, mobility and durability.
Ser-
In the case of vending machines, for example, the network device needs to be
compact to allow installation inside the machines. Mobility is also important as it is
cheaper to use the mobile 4G network than installing a wired broadband line for
each vending machine. Depending on the installation location, the network device
Programs &
Promotions
must also have the durability to withstand the high temperatures in summer.
Cisco 819H/G/HG has been developed to address these issues. Both models
feature a palm-sized compact chassis and are compatible with 4G LTE 2.0
wireless LAN. Furthermore, Cisco 819H/HG can operate in temperatures
between -23 and +60 deg C and in up to 95% humidity and have superior
99
Software
Cisco DNA for Access: Switching and Wireless Subscription Offers
Introduction
Traditional networks cannot meet the demands of a digital network. Traditional Cisco DNA for access switching subscription
networks were hardware centric, manual with fragmented security, and focused Scale your network for business expansion; segment your network for security,
on network data. The new network that drives digital business demands a compliance, and complex processes; and centralize network access policy
software-driven approach, automation, built-in security, business insights with management for secure access.
proactive monitoring, and troubleshooting. With this vision, Cisco launched the
new era of networking powered by the Cisco® Digital Network Architecture Cisco DNA for access wireless subscription
(Cisco DNA™). Get exceptional wireless performance for high-density environments;
personalize services through location-based solutions; and secure your network
The latest innovations in Cisco DNA include new software capabilities that by protecting devices, data, and your business with strong, network-based
deliver greater intelligence and security through Cisco ONE™ and Cisco DNA security.
subscription licensing for access switching and wireless software and an
architectural approach that delivers end-to-end visibility, automation, and ■ Benefits of software subscription
insights for switching. Introducing new subscription offers for access switching
● Ongoing access to newest features
and wireless built on an entirely new era of intent-based networking. ● Up-to-date security protection
● Software refresh independent of hardware
● Ability to renew and scale what you want
● License portability for flexibility
● Better together pricing
● Linear, predictable budget spend
DNA Prime
Essentials DNA Essentials DNA Essentials
Software
Cisco ONE advantage delivers policy-based Cisco DNA advantage delivers policy-based Cisco DNA essentials delivers base automation,
automation with SD Access, Cisco DNA assurance, automation with SD Access, monitoring, and Cisco monitoring, and management.
and enhanced security. DNA Assurance.
With this solution, customers can enable basic
Customers can enable all Cisco DNA use cases with Customers need to buy ISE Base, ISE Plus, and automation and monitoring.
Cisco ONE Advantage. Offered as a single SKU. Stealthwatch to enable all Cisco DNA use cases.
100
■ DNA for Wireless: Subscription Offer Structure
Switches
DNA for Wireles re
Cisco ONE Advantage DNA Advantage DNA Essentials
Single
3/5/7 Year Subscriptions
SKU
Wireless
Single
CMX Base 3/5/7 Year Subscriptions
SKU
Single 3/5/7 Year Subscriptions
Prime SKU
Prime
AP License
Prime AP License Prime
ISE Base + ISE Plus
Routing
DNA Advantage AP License
DNA Advantage
DNA Essentials DNA Essentials
DNA Essentials
Security
Wave
Wave 22 Aironet
AironetAP’s
AP’sand
and Controllers
Controllers – 3504,
– 3504, 5520
5520, 8510and
and8540
8540
Cisco Meraki
■ Cisco DNA for wireless subscription
● The new Cisco DNA subscription for wireless is available on Wave 2 Aironet® access points and controllers – 3504, 5520, 8510 and 8540
● Software subscription is offered as a 3-, 5-, or 7-year term
Cisco ONE advantage delivers policy-based Cisco DNA advantage delivers policy-based Cisco DNA essentials delivers base automation,
DNA-Center
automation with SD Access, Cisco DNA assurance, automation with SD Access, monitoring, and Cisco monitoring, and management.
security, and location-based capabilities. DNA Assurance.
Additionally, you can purchase Stealthwatch license
as an add-on option for wireless.
SMB
Software
Financing
Cisco
Services
Cisco
vices
Ser-
Programs &
Promotions
101
Financing
Cisco Capital
Close more deals Trigger repeat purchase Get your money faster
● Overcome objections about limited ● You are first in line for the next sale when the ● You will receive your payment as soon as the
or unavailable budgets initial financing term expires customer accepts the order
** To apply for rebate, go to www.cisco.com/go/ppe and select Eligible Programs tab, then search for the EMEA Partner Incentive Program
Commercial
Offers easylease 0% Easy Pay 0%
Payment Options
If your customer invests from $1,000 to $250,000 2
$250,000 to $2M 2
$150,000 to $10M2
Lease duration 36 months 36, 48, or 60 months 36 months
Technology eligibility All Cisco technology, including hardware, software, and services.3
90% of hardware purchase price and 100%
Minimum Cisco spend 70% of total price
of software & services (max 70% of BOM)
70% Cisco & Strategic Alliance,
10% Cisco, up to 30% hardware and up to 10% third-party
Other requirements up to
30% third-party costs4 costs4
30% third-party costs4
Financing
■ Tailor-made solutions
We can design a suitable financing solution to help your customers streamline 1 Financing products provided by third-party financiers. Participating countries’ terms and
conditions apply. Credit approval required by finance partner.
the way they manage their technology investments. Whether it is a lease, loan, or
2 Or the equivalent in local currency.
on-demand consumption model, Cisco Capital has a highly experienced team of 3 All Cisco products qualify for Easy Pay with the exception of Cisco End of Life (EOL)
financing consulting experts who are dedicated to supporting your business. products.
4 Third-party costs include installation, support, and third-party noncompetitive hardware.
5 End-of-term buy-out options where available in accordance, with local policies.
102
Switches Wireless Routing Security Cisco Meraki DNA-Center SMB Software Financing Cisco
Cisco
Ser- Programs &
Services
vices Promotions
103
Cisco Services
Grow your network deals with Cisco Services
If you want your customers to get the best experience from their investment in
Cisco solutions, you can’t just sell them technology products. You need services to
bring those products to life and deliver business outcomes, faster.
■ With you every step of the way
Did you know? Already 50% of Cisco partner revenue, Cisco Services is there to work shoulder-to-shoulder with you at every stage of
and 56% of partner profit, comes from selling your customers’ projects. To support the Network. Intuitive, we offer services in six
Cisco services. broad capabilities. Check out Cisco.com or SalesConnect for the full list.
■ Good for you, good for your customers Cisco technologies while your in-house consultants and engineers get
Selling services helps you: comfortable. You can even draw on our Partner Design and Implement
Technical Advisors (http://cs.co/9004D8Gow) for free expert assistance to
● Win bigger deals. Services are high margin and vital for project success —
answer questions when you’re working on implementing new Cisco products
don’t give your customers a reason to buy them from somewhere else.
for your customers.
● Complete projects faster. Services can help you move from first call to go-
● Fill gaps: Perhaps you’re well resourced in network design and
live more quickly, avoiding re-scoping, integration problems and troublesome
implementation but don’t have the right people to offer security testing or
post-sale escalation calls.
solution validation? Avoid the cost and risk of building out broader services
● Make customers happy. With services, customers get full value from capabilities: focus on your core value and leave the rest to us.
the products they’ve bought from you, more quickly. Our data shows that
services customers have higher Net Promoter Scores. And happy customers If you see services playing a bigger role in your value proposition going forward,
come back. for qualified partners we can help you build your own partner-branded services
capabilities too, including Partner Support Service (http://cs.co/9002D8Go2)
Create new business. Services engagements uncover opportunities for
Services
●
and Distributor Support Service(http://cs.co/9000D8GU6).
Cisco
104
Switches Wireless Routing Security Cisco Meraki DNA-Center SMB Software Financing Cisco
Cisco
Ser- Programs &
Services
vices Promotions
105
Cisco Programs and Promotions
Helps you win deals and increase your profitability
www.cisco.com/go/dynamicoffers For all the information on product eligibility and Terms and Conditions go to:
www.cisco.com/go/ab
Migration Incentive Program Replace competitive products Earn more with our technologies
● Offer customers discounts and enjoy a VIP ● Help your customers get rid of the competition’s ● Move your customers to our solutions and make
Migration Bonus when you move them to new old equipment. Replace it with our new solutions. their networks digital ready. Earn extra discounts
technologies and return old equipment. Enjoy the rewards. along the way.
Hunting Incentive
■ Opportunity Incentive Program
For information about Program rules, eligibility and list of applicable SKUs, go to: For all the information on product eligibility and Terms and Conditions go to:
www.cisco.com/go/vip www.cisco.com/go/ab
Programs &
Promotions
For a complete view of all Programs and Promotions, go to: ■ Opportunity Incentive Program
http://cs.co/9007DEDjW http://cs.co/9007DEDYX
106
Americas Headquarters Asia Pacific Headquarters Europe Headquarters
Cisco Systems, Inc. Cisco Systems (USA) Pte. Ltd. Cisco Systems International BV Amsterdam,
San Jose, CA Singapore The Netherlands
Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco
trademarks, go to this URL: www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the
word partner does not imply a partnership relationship between Cisco and any other company. (1110R)