May 15, 2015
Next Generation Campus Switching: Are You Ready T-EN-05-I
Lila Rousseaux – CCIE #6899
Consulting Systems Engineer, Enterprise Networks
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
House Keeping Notes – Wednesday April 16, 2014
Thank you for attending Cisco Connect Toronto 2014, here are a few housekeeping notes to ensure we all enjoy the session today.
Please ensure your cellphones are set on silent to ensure no one is disturbed during the session
Please hold all questions until the end of these session to ensure all material is covered
3
Networking Trends
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Major Trends and Business Challenges
Looking for ways to increase productivity and efficiency
Reduce complexity and make operations simpler
Let’s video everything: more bandwidth requirements, operational complexity increases costs and requires highly trained IT staff
Global workforce that requires us to be able to access information from any where, no matter where we are, using any device
5
Struggling to keep up with never ending security threats
Reduced Budget Workspace is changing Security
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Major Trends and Business Challenges
Goal is to have non-stop, 24x7 communications and maximum uptime for network services
Downtime risks exist: human error such as incorrect design, mis-configurations, planned software and hardware upgrades, and unplanned hardware or software faults.
When outages occur companies suffer lost business, lowered customer satisfaction, and lower productivity
6
Work model moves more to anytime, anywhere access: managing 24x7 collaboration and globalization becomes more challenging.
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Implementing the right intelligence in your network
can enable your organization to meet your
business goals.
Can I offer secure, mission critical wired/wireless access services?
2
Is your business limited or enhanced by your network? 3
1 How do I manage complexity to reduce costs?
Major Trends and Business Challenges
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Agenda
Cisco Campus Architecture
Catalyst Campus Solutions
Software services &
technologies
Cisco Catalyst Switching
Portfolio
Wrap Up
Cisco Campus Architecture
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Cisco Campus Architecture: Unified Access Adaptable, Flexible, Scalable – One Network
TrustSec Secure Group Access to Simplify the Network and Enable Virtualized Data Center Services
Smart Operations Reduce Operating Expenses and Improve Network Application and Service Delivery
Resiliency Maximized Network Availability with Virtual Switching and Stateful Switch Over
Application Visibility and Control Application-Aware Networking to Enable Collaboration, Video, and Other Apps
KEY SERVICES FOR
ONE NETWORK DEPLOYMENT
Wireless APs
Cisco Catalyst
6800/VSS
Cisco Catalyst 4500E, Cisco Catalyst 3850/3650
Identity Services Engine
Cisco Prime Infrastructure
OS Consistency: IOS 15.0 Cisco Validated Designs for Campus Deployment
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Unified Access
Campus Deployment Models
Centralized Wireless
SiSi SiSi
Traditional Access
Dis
trib
ute
d W
ire
d
Instant Access C
en
tra
lize
d W
ire
d
IA
VSS
Cisco Prime Infrastructure
One Management Cisco ISE One Policy
Distributed Wireless
Converged Access
SiSi SiSi
Dis
trib
ute
d W
ire
d
Ce
ntr
aliz
ed W
ire
d
VS
S
VSS
MAMAMA
MAMAMA
MAMAMA
MAMAMA
MAMAMA
MAMAMA
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Data Center /
Service block PI ISE
Intranet
Mobility Group
5508 / WiSM2 5508 / WiSM2
EtherIP Mobility
Tunnel
CAPWAP
Tunnels CAPWAP
Tunnels
Well-known
and well-proven …
Prior to Migration
to Converged
Access
Separate
policies and
services for wired
and wireless
users
Wired policies
implemented
on switch
Wireless
policies
implemented
on controller
All wireless
traffic
centralized
via controllers
as shown
Unified Wireless
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Data Center /
Service block PI ISE
Intranet
Mobility Group
5760
Switch Peer
Group
Switch Peer
Group
Catalyst 3850/3650/CAT4500E with SUP8E
5760
CAPWAP
Tunnels CAPWAP
Tunnels
MA MA MA MA MA MA MA MA
MC MA
Converged
policies and
services for
wired
and wireless
users
Increase in
performance and
scalability via local
termination of both
wired and wireless
traffic
Increase in visibility
and control
(NetFlow, Advanced
QoS, etc)
via local termination
of both wired and
wireless traffic CAPWAP Mobility Tunnel
Converged Wired / Wireless Access –
… to Integrated
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
INTRODUCING
Campus Instant Access
IT Spends Most of Their Time in Repetitive Operational Actions for Access Switches
Source: A commissioned study conducted by Forrester Consulting for Cisco Systems, 2012
28% MONITORING,
TROUBLESHOOTING
19% SECURITY
CONFIGURATIONS
18% INITIAL INSTALL,
CONFIGS, TESTING
14% UPGRADING
EQUIPMENT
Simple Install and Connect
No More Repetitive Operations
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
VSS Campus with Stacking
15
Building 1 Building 2 Building 3 Building 4
Core
29 Total Devices for Image and Configuration Management
48 Access Trunks/Port-Channels
4032 User Ports
Considerations:
STP Loop Prevention
FHRP Tuning
CAM/ARP Tunings
PIM Tuning/DR priority
Routing Protocol Tuning
29 Separate Configurations of SNMP, NTP, TACACS, Banner, vty, VLAN DB, Mgmt IP/GW, Hostname
VSS
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst Instant Access
16
Core
Building 1 Building 2 Building 3 Building 4
5 Total Devices for Image and Configuration Management
Automated Trunk Configuration
4032 User Ports
Considerations:
STP Loop Prevention
FHRP Tuning
CAM/ARP Tuning
PIM Tuning/DR priority
Routing Protocol Tuning
5 Separate Configurations of SNMP, NTP, TACACS, Banner, vty, VLAN DB, Mgmt IP/GW, Hostname
Instant Access
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst Instant Access
17
Core
Building 1 Building 2 Building 3 Building 4
5 Total Devices for Image and Configuration Management
Automated Trunk Configuration
4032 User Ports
Considerations:
STP Loop Prevention
FHRP Tuning
CAM/ARP Tuning
PIM Tuning/DR priority
Routing Protocol Tuning
5 Separate Configurations of SNMP, NTP, TACACS, Banner, vty, VLAN DB, Mgmt IP/GW, Hostname
Instant Access
NO Routing Protocols or Spanning-Tree configuration
between Access and Distribution
NO Trunks to Configure from Access to Distribution
NO Configuration or Image Management at Access
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public Consistent Features and Agile Infrastructure across Access layer
Benefits of Instant Access
Catalyst 6500/6800 features at Access
Simplifies Operations via Single Point of Management, Configuration, Troubleshooting across Distribution & Access Block
Cisco Catalyst Instant Access
Standalone
Access Switch
LACP
or PAGP
Access Switch
VSS
LACP or
PAGP LACP or
PAGP
VSL
Access Switch
Access Switch
Instant Access
VSL
Instant Access
Client
SDP
SRP
SCP
Instant Access
Client
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst 6500/6800 Instant Access Simplified Configuration
VLAN 10 VLAN 110 VLAN 20 VLAN 120
VLAN 140
VLAN 140 VLAN 40
F 114
VLAN 120 VLAN
20
VLAN 30 VLAN 130
VLAN 30 VLAN
130
F 113
Fabric links
F 115 F 116
VLAN 10 VLAN 110
VLAN 40
VLAN 10 VLAN
110
VLAN 20 VLAN
120
VLAN 140
VLAN
140
VLAN 40
VLAN 120 VLAN
20
VLAN 30 VLAN 130
VLAN 30 VLAN
130
VLAN 10 VLAN 110
VLAN 40
Configuration done once at Distribution only, No Configuration at Access Layer
L2 Trunk
Hostname B2F2S2
Vlan 10
Vlan 110
Vlan 1021
Desc Mgmt
Ip address 192.168.41.101
!
interface Port-channel5
switchport trunk allowed vlan 10,110
switchport mode trunk
Interface range TenGigabitEthernet1/2/5-6
channel-group 4 mode on
Interface gig 1/1>
Switchport mode access
Switchport access vlan
10
Span-tree portfast
Interface gig 1/2>
Switchport mode access
Switchport access vlan
110
Span-tree portfast
Interface gig 1/3>
Switchport mode access
Switchport access vlan
20
Span-tree portfast
Interface gig 1/2>
Switchport mode access
Switchport access vlan
120
Span-tree portfast
Hostname B2F2S2
Vlan 20
Vlan 120
Vlan 1021
Desc Mgmt
Ip address 192.168.41.102
!
interface Port-channel5
switchport trunk allowed vlan 20,120
switchport mode trunk
Interface range TenGigabitEthernet1/2/5-6
channel-group 4 mode on
Hostname B2F2S2
Vlan 30
Vlan 130
Vlan 1021
Desc Mgmt
Ip address 192.168.41.103
!
interface Port-channel5
switchport trunk allowed vlan 30,130
switchport mode trunk
Interface range TenGigabitEthernet1/2/5-6
channel-group 4 mode on
Interface gig 1/4>
Switchport mode access
Switchport access vlan30
Span-tree portfast
Interface gig 1/2>
Switchport mode access
Switchport access vlan
130
Span-tree portfast
Interface gig 1/5>
Switchport mode access
Switchport access vlan40
Span-tree portfast
Interface gig 1/2>
Switchport mode access
Switchport access vlan
140
Span-tree portfast
Hostname B2F2S2
Vlan 40
Vlan 140
Vlan 1021
Desc Mgmt
Ip address 192.168.41.104
!
interface Port-channel5
switchport trunk allowed vlan 40-140
switchport mode trunk
Interface range TenGigabitEthernet1/2/5-6
channel-group 4 mode on
Vlan 10
Vlan 40
Vlan 110
Vlan 140
Vlan 1021
Desc Mgmt
Ip address 192.168.41.110
!
Interface Port-channel4
Fex associate 104
Switchport mode fex-fabric
…
interface Port-channel 9
Fex associate 109
Switchport mode fex-fabric
!
Interface range Gig 116/1/0/1-24,
115/1/0/1-24
Switchport mode access
Span-tree port fast
Swichport access vlan 10
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst 6500/6800 Instant Access Simplified Image Management: One Image for whole Distribution Block
Catalyst 6500/6800
Catalyst 6800IA Series Switches ( POE+/DATA )
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Cisco Validated Designs
High Performance Network
• Pre-tested modular network architecture with integrated network-level Smart Services
Prescriptive Solutions
• Cisco tested and validated solutions tailored to your business size and requirements now and in the future
Modular Design
• Component-based design delivers future flexibility and ensures new projects build on your existing investment.
• Scalable solutions for growth
• Investment protection and migration strategies for growing businesses
Tested & Validated
Solutions Work
Together
Comprehensive
Architectural
Solution
Modular, Systematic
Approach
Expert Partner
Installation and
Configuration
www.cisco.com/go/cvd
Cisco Validated Designs A Blueprint for Business Success
Catalyst Campus Solutions Software services & technologies
22
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Differentiating Characteristics of One Network solutions
• Secure onboarding
• Simplified Policy enforcement
• Data Confidentiality
• Speedy threat detection
• Hitless Device Resiliency
• Hitless Software Resiliency
• Hitless Services Resiliency
• Network readiness assessment
• Application-Aware Networking
• Speedy failure detection and resolution
• Automated Switch Provisioning
• Automated Endpoint Provisioning
• Automated failure detection and reporting
Cisco Catalyst
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
CDP
LLDP
DHCP
MAC
CDP
LLDP
DHCP
MAC
DEVICE CLASSIFICATION
PRINTER Video Phone
Printer Policy
[place on VLAN X]
Video Phone Policy
[restricted access]
ISE
POLICY
Collection—Switch
collects device related data
and sends report to ISE
Classification—ISE
classifies device, collects
flow information and provides device
usage report
Authorization—ISE executes
policy based on user and
device
The Solution Deployment Scenario with Cisco Device Sensor
Device Profiling
+ Device Sensor
Authorized Access Device Profiling Automated with Device Sensor
Access
Point
Profiling for both wired and wireless devices
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Policy and Segmentation
Voice Data Suppliers Guest Non-
Compliant
Access Layer
Aggregation Layer
VLAN Addressing DHCP Scope
Redundancy Routing Static Filtering via
Access Control List (ACL)
Simple Segmentation with 2 VLANs More Policies using more VLANs
Design needs to be replicated for
floors, buildings, offices, and other
facilities. Cost could be extremely high
25
ACL
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Policy and Segmentation with Security Group
Voice Employee Suppliers Guest Non-Compliant
Employee Tag
Supplier Tag
Guest Tag
Non-Compliant Tag
Data Center
Firewall
Voice
Building 3
WLAN Data VLAN
Campus Core
Data Center
Main Building
Data VLAN
Employee Non-Compliant
Regardless of topology or
location, policy (Security
Group Tag) stays with users,
devices, and servers
TrustSec simplifies ACL
management for intra/inter-
VLAN traffic Access Layer
Retaining
initial
VLAN/Subnet
Design
Intranet
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Introducing Cisco TrustSec
TrustSec lets you define policy in meaningful business terms
Distributed Policy Enforcement: Flexible and Scalable
Switch Router DC FW DC Switch
Who can talk to whom
Who can access protected assets
How systems can talk to other systems
Desired Policy Context Classification
Security Group Tag TAG
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
TrustSec in Action
Wireless LAN Controller
AP
Personal asset
Company
asset
Employee
ID &
P
rofilin
g D
ata
ISE (Identity Services Engine)
DCHP HTTP
RADIUS SNMP
NetFlow DNS OUI
NMAP
Device Type: Apple iPAD
User: Mary
Group: Employee
Corporate Asset: No
Classification Result: Personal Asset SGT
ISE Profiling Along with authentication,
various data is sent to ISE
for device profiling
DC Resource
Access
Restricted
Internet Only
Distributed Enforcement
based on Security Group
Security Group Policy
Classify Propagate Enforce
SGT
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Threat Detection using NetFlow
NetFlow Ecosyst
em
Cisco Catalyst®
6500 NAM-3 Blade
4500 SUP7/SUP8 3850, 3KX SM, 2960-X/XR (*)
• Improved network performance through visibility and control over network applications
• Enhanced network security through speedy detection of threats and breaches
• Capacity planning
• Historic data collection and trend analysis
• Network-wide visibility and performance analysis
• Anomaly detection for security
• EEM integration for control
F u n c t i o n
(*) 2960-X/XR Netflow Lite
B e n e f i t s
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Media Services Interface and Proxy (MSI & MSP) allow differential traffic treatment
Device Type Axis Camera CTS3000 Jabber for
Windows
Laptop Desktop
Application Type Surveillance TelePresence S/W –voice –
video
You Tube WebEx
Priority
Rate Limiting - - - -
Identity aware
Uniform
Application based QoS
Device/Application ID
exported to FnF
Better user experience because critical applications receive higher priority
B e n e f i t s
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Reduced IT time for troubleshooting
Better user experience
Mediatrace and Performance Monitor simplify identification and resolution of network issues
SiSi
TelePresence Experience Degrades
Run Mediatrace
Analyze Hop-by-Hop Statistics using Performance
Monitor Problem Isolated
TelePresence Call Established
Traditional Network provide no real time problem identification
Cisco Prime
B e n e f i t s
1861-AA0213#show flow record type performance-monitor
default-rtp
flow record type performance-monitor default-rtp:
Description: VM default RTP record
No. of users: 4
Total field space: 98 bytes
Fields:
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match transport rtp ssrc
collect routing forwarding-status
collect ipv4 dscp
collect ipv4 ttl
collect transport packets expected counter
collect transport packets lost counter
collect transport packets lost rate
collect transport event packet-loss counter
collect transport rtp jitter mean
collect transport rtp jitter minimum
collect transport rtp jitter maximum
collect interface input
collect interface output
collect counter bytes
collect counter packets
collect counter bytes rate
collect counter packets dropped
collect timestamp interval
collect application media bytes counter
collect application media bytes rate
collect application media packets counter
collect application media packets rate
collect application media event
collect monitor event
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Director – Catalyst 6K, 4K, or 3K
Access Switches
Smart Operations – Increase Productivity, Lower TCO
Sleep Sleep Sleep
Zero Touch Deployments and Maintenance
New Switch Connected
• Software image downloaded;
• Wired + Wireless Configuration automatically applied
• On-going Image Update and Configuration Back-up
Smart Install
New Device Attached
• Port Configuration: Applied
• QoS Policy: Enforced
• Security Policy: Enforced
Plug and Play for End Devices
Auto Smart Ports
Anomaly Detected
• Packet Capture for Wired and Wireless
• Proactive end-to-end network health monitor and performance
• Real time Alerts
• Web-based reports
• Routed to TAC team
Monitor & Troubleshoot
Smart Call Home IPSLA, WireShark
• Ability to take custom actions based on syslogs/triggers
• Enhanced Flexibility and control
Control Your Network
EEM, XML Programmability
• EEE ready
• Energywise – Time of the day policy based on/off of access devices
• 0 $ SKUs for energy management
Reduced Energy Consumption
Energywise and EEE
Please refer to the Software Roadmap for the list of features supported at FCS and upcoming releases
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Same L2 Domain Different L2 Domain (other subnet)
The Need for Service Discovery Gateway
Where’s my
Printer?
I’m here!
Talk to
me...
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Same L2 Domain Different L2 Domain (other subnet)
The Need for Service Discovery Gateway (cont.)
Where’s my
Printer? Nobody's
talking to
me!?
Service Browsing
stops here!
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
VLAN 100
CAPWAP
How does it work?
Advertisement
Link Local Multicast seen in SAME VLAN only
Cached at Gateway
Instance Name, Type, Interface Name, TTL, Resource Record data etc.
enabled
Training ATV RAOP Service VLAN 100
RAOP!
VLAN 200
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
VLAN 100
CAPWAP
How does it work?
Advertisement
Link Local Multicast seen in SAME VLAN only
Cached at Gateway
Instance Name, Type, Interface Name, TTL, Resource Record data etc.
enabled
Training ATV RAOP Service VLAN 100
CTO Office IPP Service VLAN 200
Instance name Other Services VLAN XYZ
IPP!
VLAN 200
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
VLAN 200 VLAN 100
CAPWAP
How does it work?
Query
Service query seen and answered by Gateway
Original Device not bothered
Cache maintenance done on TTL / when device goes offline
enabled
Training ATV RAOP Service VLAN 100
CTO Office IPP Service VLAN 200
Instance name Other Services VLAN XYZ
IPP?
IPP!
RAOP?
RAOP!
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Service Discovery Gateway Policy Capabilities: Example for Education
Teachers are allowed to print, access the Apple TV and file shares.
Students are allowed to print and share iTunes, but not access the Apple TV, or file shares.
Teacher Network
Services Discovery
Student
Network
AirPrint AirPlay File
Share
Teacher
Service Policy
AirPrint AirPlay File
Share
Student
Service Policy
iTunes
Sharing
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Hitless Operational Resiliency for Fixed and Modular Platforms
Peace of mind with high network availability
Minimize CAPEX with pay-as-you-grow model
Fixed (Catalyst 3K) Modular (Catalyst 4K/6K)
Redundant Power Supply
Redundant Fans
Redundant Supervisor
ISSU and eFSU
Redundant Uplinks
4K 6K
Redundant Power Supply
Simplify and Scale with StackWise-480/160 Fan Redundancy Maximize Power
Redundancy with StackPower
In-Chassis FRU Redundant PSU
B e n e f i t s
VSS &
VS4O
VSS
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
2000
2003
2007 2009
Industry Standard:
IEEE 802.3af (15W PoE)
Industry Standard:
IEEE 802.3at (30W PoE+)
7W Inline Power
15W (PoE)
30W (PoE+)
Catalyst 4500E & 3850 UPOE
Benefits of Cisco UPOE
• Wider Choice of End Points
• Efficient Power Delivery
• High Availability
• Universal RJ45
• Lower CapEx/OpEx
2011
Universal
60W UPOE
Cisco UPOE on Catalyst Switches
Cisco Catalyst Switching Portfolio
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Cisco Catalyst Switches – from backbone to access New products across the complete range
Flexible, scalable,
feature-rich
modular access
Enterprise
backbone
optimized for
10/40/100G
LOWER
TCO
END-TO-END
SECURITY
APPLICATION
VISIBILITY
INVESTMENT
PROTECTION
PERFORMANCE
& SCALE
Smart, simple,
green & secure
wired access
Catalyst 2960-X
Advanced fixed
switching with
Unified Access
Catalyst 3850/3650 Catalyst 4500E with SUP8-E
Catalyst 6800 NEW Jul 2013
NEW Jan/Oct 2013 NEW Aug 2013
NEW Oct/Dec 2013
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst Access Portfolio From essential connectivity to Unified Access for next-generation workspaces
UNIFIED WORKSPACE
• Secure, reliable access
• Low TCO & energy-efficient
Competitive Feature Set at Compelling Prices
BYOD Video Mobility
Converged Wired/Wireless Access
• Scale and performance
• Resiliency & high availability
• Application Visibility
• Cisco TrustSec
Featu
res
Scale
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Dense 1 RU 1/10GE Aggregation
• Fixed Space
• Constrained 10G Aggregation
• Baseline Backbone Features
• Collapsed Access
Competitive Feature Set at Compelling Prices
• Comprehensive
• Borderless Feature Set
• Highest Performance and Scalability
• Lower TCO
Industry-Leading Campus Backbone Platform
Lead Platform to Enable Video, Cloud, and BYOD
Catalyst Core and Aggregation Portfolio Unmatched scale and features for the enterprise backbone
Industry's Most Scalable and Feature
Rich Extensible Fixed Campus
Backbone Platform
Radically
Improved
10G Economics Featu
res
Scale
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst 6500: Continued Investments in Leadership 6807-XL Chassis – Taking Catalyst 6500 to 880G/slot!
Up to 4 (N+1)
power supply
redundancy
7 Slots
10 RU (smaller than 6506-E)
Up to 880G/Slot capable
(SUP2T is capable of 220G/slot)
Investment Protection!
Compatible with Sup2T,
6700, 6800, 6900 and
Latest Service Modules
Catalyst 6000 DNA
Low-Power & Noise
High-Efficiency Fans Backwards compatible
backplane connectors
Next-
Generation
Ready
3000W AC – AC Only
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
6500E with Sup720 6500E with Sup2T 6807-XL with Sup2T
69xx Series Line Cards
68xx Series Line Cards
WS-X6716-10G/T With WS-F6K-DFC4-E With WS-F6K-DFC4-E
WS-X6708-10G
WS-X6704-10GE with DFC3 With WS-F6K-DFC4-E With WS-F6K-DFC4-E
67xx Series 1GbE with DFC3 With WS-F6K-DFC4-A With WS-F6K-DFC4-A
67xx Series with CFC
61xx Line Cards
Service Modules
WAN Cards
Future 32x10G/4x100G
Linecard support Matrix for CAT6K
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Positioning CAT6K
6807 is the Extension to the Cat6k Portfolio
The E-Series Chassis Will Still Have a Long Life to Live
Up to 880G/slot max capacity Up to 220G/slot with Sup2T/Sup10
7-slot is available today
Support Sup2T
Small form-factor PSUs with platinum efficiency; only support AC
Optimized for 10G/40G/100G
80G/slot
Available in 3, 4, 6, 9 and 13 slots
Support both Sup2T and Sup720-10G
Support both AC and DC
Optimized for 1G/10G
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst 6500: Continued Investments in Leadership Two Chassis, But Same Modules
Optimized for 1G/10G
Sup2T, 6900, 6800, 6700
Next Generation Cards
Service Modules
6500-E 6807-XL
Optimized for 10G/40G/100G
92G/slot
6900
SPEED CARD
80G/slot
New 10/40G
6700/6800 40G/slot
160G/slot
6900
SPEED CARD
80G/slot
New 10/40G
6700/6800 40G/slot
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst 6500: Continued Investments in Leadership Catalyst 6500 Goes Mini – 6880-X Optimized for 10G Economics with 6500 Feature Set
Up to eighty 1G/10G
ports or twenty 40G
ports
Sixteen 10/100M, 1/10G or up
to four 40G ports
MACsec, VSS, Instant
Access, MPLS, VPLS,
LISP, SGT, 1588(*) on
every port
Low-power and
Low-noise fans
Platinum-efficiency
Redundant AC and
DC Power Supplies
Fixed module sixteen
10/100/1000/10G
or up to four 40G
X86 2 GHz CPU 4 GB DRAM
Four Port-card Slots
Front Serviceable Power Supplies, and Fan Tray
NEBS Level 3-Compliant Platform
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst 6880-X: Hardware Components
HW Scale Standard (LE) Large Tables
IPv4/v6 Routing Capability 256K/128K 2M/1M
Multicast Routes (IPv6) 64K 256K
Number of Adjacencies 256K 1M
MAC 128K 128K
L3 Interfaces 128K 128K
Security and QoS ACL 64K 256K
Flexible NetFlow (per 16 ports) 512K 1M
Microflow Policers 512 512
Aggregate Policers 8K 8K
Port Type Ports
10/100/1000 Mb/s Copper 16 (via GLC-T SFP)
1 Gb/s Fiber 16 (SFP)
10 Gb/s Fiber 16 (SFP+)
40 Gb/s Fiber (w/ Adapter) 4 (SFP+-QSFP)
Base
System
Two Versions Standard (LE) Large Tables
FIB Table IPv4/v6 256K/128K 2M/1M
Flexible NetFlow 512K 1M
Security ACL Table 64K 256K
Multi-rate SFP+ Port Card
MACSec, Instant Access, LISP, VSS, SGT, 1588 Capable on Every Port
Enhanced Control-Plane Scale with new X86 2 GHz Dual Core CPU
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
FEX-Fabric
IA Parent
Supervisor 2T
X6904 -16x10G Virtual Switching System (VSS)
Supervisor 2T
X6904 -16x10G
IA Client – Catalyst 6848ia
15.1(2)SY or Later IOS
IP Services Feature Set
No special license
Optics supported Twinax, SR, LR, LRM and ER
Cisco Catalyst Instant Access
Components
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
FEX-Fabric
IA Parent
Supervisor 2T
X6904 -16x10G Virtual Switching System (VSS)
Supervisor 2T
X6904 -16x10G
IA Client – Catalyst 6848ia
Cisco Catalyst Instant Access
Components
Catalyst 6880-X
Catalyst 6807-XL
Catalyst 6500E
15.1(2)SY or Later IOS
IP Services Feature Set
No special license
Optics supported Twinax, SR, LR, LRM and ER
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
10G uplink ports
Stacking Included by Default
80G Stack Bandwidth
3 clients per stack Phase 1
Up to 60G MEC between Client
stack and Parent
Catalyst 6800 SKUs :
48x 1G + 2x 10G, 740W POE+
48x 1G + 2x 10G, Data only
Catalyst 6848ia
Catalyst Instant Access: Client Characteristics
53
Can Support Switches off of the Client Ports
These would be treated as standalone switches,
not managed by 6500
No support for cascaded IA Client
No Hardware or Software License Required
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst 4500E Campus Portfolio
4503-E
4510R+E 4507R+E
4506-E
Four Chassis Options
7 and 10 Slot with Sup Redundancy
POE: WS-X4748-UPOE+E
Data: WS-X4748-RJ45-E
Port Scale:
Access and Collapse Agg
384 10/100/1000 POE/PoE+/UPOE
96 SFP+ , 192 SFP
Power Supply
Maximize UPOE/POE+/POE delivery
Fully Loaded 10-Slot with POE PWR-C45-9000ACV PWR-C45-6000ACV PWR-C45-4200ACV
Supervisors
Traditional and Wireless Convergence
928G Wired, 20G Wireless WS-X45-SUP7L-E WS-X45-SUP8-E WS-X45-SUP7-E
1GE: WS-X4712-SFP-E;
WS-X4724-SFP-E; WS-
X4748-SFP-E
10GE: WS-X4712-SFP+E
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Works in all existing 4500-E chassis Up to 50APs
2000 Clients
8 SFP+ 10G/1G Uplinks Non-blocking
928Gbps total capacity
Daughtercard for wireless integration (*)
Faster CPU
Modular Value
Proposition • Investment Protection to UA Arch
• 3,6,7 and 10 slot chassis
• In Service Software Upgrade for wired/wireless
Services •Complete wired/wireless integration
•Application Visibility for Collaboration Protocols (Flexible NetFlow, NBAR2 Lite*, Wireshak)
Scale • 48G/slot - 928Gbps Switching Capacity • 20G Wireless Termination
• 100% more Uplink Bandwidth
Supervisor 8-E on Catalyst 4500
* Roadmap
Performance & Scale
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst 4500E New Fiber Line Card (Hardware)
Works in all 4500-E chassis/ 2 Generations of Sups (**)
SGT/SGACL*
1G/100M SFP Non-Blocking 48G per slot capacity
Build-in IEEE 802.1AE Fiber encryption *
Up to 384 Ports Wire-Speed
*Roadmap
** Sup 8E Support: roadmap
12-port 1GE Fiber Card
24-port 1GE Fiber Card
48-port 1GE Fiber Card
Performance, Security & Scale
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Cisco Catalyst 4500E Designed from the ground up for High Availability
Unique Redundant Uplinks
All uplinks (active & standby Sup.) active, even when a Sup. fails
Redundant Fans
No disruption
with single fan failure
Redundant Power Supplies
Active Standby Design
Dual Supervisors
Stateful Switchover and ISSU
Cisco UPOE
Endpoint data and power convergence
Virtual Switching
System 10G/1G
VSL
High Availability for Dual Homing
Power Circuit Redundancy
Pwr Rail 1 Pwr Rail 2
Reduces Line Card failures
“Transparent” Linecards
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Catalyst 3850 – Platform Overview
Wireless CAPWAP Termination
Up to 50 APs/2000 clients per stack, and 40G per switch
Modular Uplinks 4 x 1G
2 x10G 4 x 10G*
Stackpower
Line Rate on All Ports
Multi-Core CPU
480 Gbps Stacking Bandwidth
Full POE+ SKUs with UPOE
FRU Fans, Power Supplies - HA
Granular QoS (preserved
in Stack)/ Flexible Netflow/
SGT/SGACL
24 or 48 ports 10/100/100 Data only or PoE+/UPOE
*4 X 10G uplinks are
available only on 48-port
switches
Built on Cisco’s Innovative “UADP” ASIC
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Optional StackWise-160 9 member Stack
Dual FRU Power Supplies
FRU Fans
Full Netflow/QoS for wired/wireless/QoS in Stack
SGT/SGACL
Full POE+
40G Wireless Capacity Per Switch
Fixed Uplinks 4 x 1G 2 x10G
4 x 10G (*2)
EEE
MACsec HW Ready (*1)
Multi-Core CPU
Line Rate on All Ports
802.11n 802.11ac
25 AP’s and 1000 Clients Per Stack
(*1) Roadmap
(*2) 4 X 10G uplinks are available only on 48-port switches
Catalyst 3650 – Platform Overview
Built on Cisco’s Innovative “UADP” ASIC
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
UADP ASIC in Catalyst 3850/3650 Enables Convergence
Built on UADP
• Unified Access Data Plane
• Unique and powerful Cisco innovation
• Hardware performance with
software flexibility
• Optimized Performance
• CAPWAP encapsulation/de-capsulation, Flexible Netflow, QoS happens in ASIC for line rate performance
• Future Proofed and Programmable
• Flexparser enables new software features
(like SDN) over the product lifetime
• UADP is used across multiple platforms – Catalyst
3850/3650, Sup 8E, WLC5760
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
• Active and Standby Members run IOSd, WCM, etc.
• Synchronize information
• Active controls Data plane programing for all
members
• Member switches act as Line cards –
connected via the Stack Cable
A
S
• Active and Standby Supervisors
• Run IOS on Supervisors
• Synchronize information
• Active programs all DFCs
• DFCs run a subset of IOS for LCs
A S
Catalyst 3850/3650 Stacking vs. Catalyst 6500
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
StackPower on the Catalyst 3850 Series Delivering Unprecedented Power Availability and Flexibility
Power Resiliency - Adaptable “pool of power” available to all stack members
Provides “Zero-footprint” RPS i.e. power supply redundancy without an RPS
Intelligent power shedding—turn off low priority PoE end devices in the event of a power supply failure
StackPower
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
FlexStack+ 80Gbps stacking
NetFlow Lite on all ports
4 or 8 queues per port
(2960-XR)
EEE downlinks
Redundant FRU PSU option
(2960-XR)
Dual-Core CPU
MACsec Ready
4 MB of Buffers
Power Saving Deep Sleep Modes
2 x10G or 4 x 1G Uplinks (fixed uplinks)
Signed IOS images
L3 Features (2960-XR)
24 or 48 GE ports (line-rate)
Intelligent Wired Access
Catalyst 2960-X/XR – Platform Overview
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
FlexStack+ Doubles FlexStack Scale/Performance
Mix & match models 1G/10G, 24/48-port, PoE/data
Stack up to 8 Up to 384 GigE ports with 2960-X and 2960-XR
80 Gbps throughput 2x 2960-S FlexStack performance
Mix & match series 2960-X, 2960-S, 2960-SF (up to 4 at 40Gbps)
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
8 AM – Day Starts Everything Active 3-10% Power Saving: High Efficiency Power Supply
12 Noon – Lunch Hours Low Ethernet Traffic Power Savings EEE or Energy Efficient Ethernet
5 PM – Office Closes EnergyWise Energy Saver 30%+ Power Savings
6 PM – Back Office Tasks Downlink Hibernation Mode, ½ W Savings/Port 24W Saving/48 Port
9 PM & Weekends – Everything closes Switch Hibernation Mode 6 Watt vs 50 Watt
The Greenest Catalyst Access Switch Ever
Wrap-Up
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Cisco Switching Investment Protection Unmatched new feature longevity and support with Catalyst Switches
Catalyst 2K Family
10+ Years of Support for 2960 Family
Switches
2950 – 12 years of Support
2970 – 9 years of Support
Catalyst 3K Family
10+ Years of Support for 3750 Family
Switches
3750G – 13 years of Support
3750E – 11 years of Support
Catalyst 4K Family
10+ Years of Support for 4500 Family
Switches
Sup6 – 12 years of Support
Sup V-10GE – 13 years of Support
Catalyst 6K Family
An average of 12 years of support for
Supervisors
6500 (non-E) – 13 years of Support
6500 E-Series – 20+ years Expected
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Experience through Deployments with Catalyst Switching
Refined through deployment and listening to customers
Catalyst 2K Sold
Catalyst 2K Ports
6500 Chassis Sold
Catalyst 3K Ports
Catalyst 4K Sold
Catalyst 3K Sold
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Deliver an Uncompromised User Experience
on Any Workspace
R i c h e s t F e a t u r e s
Catalyst Provides the Evolving User Workspace Network Transitions from 1G -> 10G -> 40G and Beyond
Infrastructure • UPoE (60 Watts)
• Smart Operations
• Energywise
• Instant Access
Video • Medianet
• Multicast Flexibility
BYOD • Converged Access
• Device Sensor
• TrustSec Security
• MacSec
Implementing the right intelligence in your network can enable your
organization to meet your business goals.
Cisco and/or its affiliates. All rights reserved. T-EN-05-I Cisco Public
Complete Your Paper Session Evaluation – Wednesday April 16
Give us your feedback and you could win 1 of 2
fabulous prizes in a random draw.
Complete and return your paper evaluation
form to the Room Attendant at the end of the
session.
Winners will be announced today at the end of
the session. You must be present to win!
Please visit the Concierge desk to pick up your
prize redemption slip.
Visit them at BOOTH# 407