Cisco Catalyst 9500 Switch License
Built for Security, IoT, and Cloud
The Cisco Catalyst 9500 Switch License are the next generation of enterprise-class core and aggregation layer switches, supporting full programmability and serviceability. Based on an x86 CPU, the Cisco Catalyst 9500 Series is Cisco’s lead purpose-built fixed core and aggregation enterprise switching platform, built for security, IoT, and cloud. The switches come with a 4-core x86, 2.4-GHz CPU, 16-GB DDR4 memory, and 16-GB internal storage.
The Cisco Catalyst 9500 Series is the industry’s first purpose-built 25, 40 and 100 Gigabit Ethernet line of switches targeted for the enterprise campus. These switches deliver unmatched table scale (MAC/route/ACL) and buffering for enterprise applications.
The Cisco Catalyst 9500 Switch License includes nonblocking 40 and 100 Gigabit Ethernet Quad Small Form-Factor Pluggable (QSFP+, QSFP28) and 1, 10 and 25 Gigabit Ethernet Small Form-Factor Pluggable Plus (SFP/SFP+/SFP28) switches with granular port densities that fit diverse campus needs.The switches support advanced routing and infrastructure services (such as Multiprotocol Label Switching [MPLS] Layer 2 and Layer 3 VPNs, Multicast VPN [MVPN], and Network Address Translation [NAT]); Cisco Software-Defined Access capabilities (such as a host tracking database, cross-domain connectivity, and VPN Routing and Forwarding [VRF]-aware Locator/ID Separation Protocol [LISP]); and network system virtualization with Cisco StackWise virtual technology that are critical for their placement in the campus core.
The Cisco Catalyst 9500 Series also supports foundational high-availability capabilities such as patching, Graceful Insertion and Removal (GIR), Cisco Nonstop Forwarding with Stateful Switchover (NSF/SSO), redundant platinum-rated power supplies, and fans.
The foundation of Software-Defined Access
Advanced persistent security threats. The exponential growth of Internet of Things (IoT) devices. Mobility everywhere. Cloud adoption. All of these require a network fabric that integrates advanced hardware and software innovations to automate, secure, and simplify customer networks. The goal of this network fabric is to enable customer revenue growth by accelerating the rollout of business services.
The Cisco Digital Network Architecture (Cisco DNA) with Software-Defined Access (SD-Access) is the network fabric that powers business. It is an open and extensible, software-driven architecture that accelerates and simplifies your enterprise network operations. The programmable architecture frees your IT staff from time-consuming, repetitive network configuration tasks so they can focus instead on innovation that positively transforms your business. SD-Access enables policy-based automation from edge to cloud with foundational capabilities. These include:
- Simplified device deployment
- Unified management of wired and wireless networks
- Network virtualization and segmentation
- Group-based policies
- Context-based analytics
The Cisco Catalyst 9500 Series switches form the foundational building block for Software-Defined Access―Cisco’s leading enterprise architecture.
Cisco ONE Software
Cisco ONE Software offers a valuable and flexible way to buy software for the access, aggregation, core, WAN, and data center domains. At each stage in the product lifecycle, Cisco Catalyst License ONE Software helps make buying, managing, and upgrading your network and infrastructure software easier. Cisco ONE Software provides:
- Flexible licensing models to smoothly distribute customers’ software spending over time
- Investment protection for software purchases through software services-enabled license portability
- Access to updates, upgrades, and new technology from Cisco through Cisco Software Support Services (SWSS)
- Lower cost of entry with the new Cisco ONE Subscription for Switching model
Cisco ONE for Access lets you manage your entire switching structure as a single, converged component. With one management system and one policy for wired and wireless networks, it offers an efficient way to provide more secure access.
• Cisco Unified Access Data Plane (UADP) Application-Specific Integrated Circuit (ASIC) ready for next-generation technologies with its programmable pipeline, microengine capabilities, and template-based, configurable allocation of Layer 2 and Layer 3 forwarding, Access Control Lists (ACLs), and Quality-of-Service (QoS) entries
• Intel 2.4-GHz x86 CPU with up to 120 GB of USB 3.0 or up to 960 GB of SATA SSD storage for container-based application hosting
• Up to 6.4-Tbps switching capacity with up to 2 Bpps of forwarding performance
• Up to 32 nonblocking 100 Gigabit Ethernet QSFP28 ports
• Up to 32 nonblocking 40 Gigabit Ethernet QSFP+ ports
• Up to 48 nonblocking 25 Gigabit Ethernet SFP28 ports
• Up to 48 nonblocking 10 Gigabit Ethernet SFP+ ports
• Platinum-rated AC/DC power supplies
• Up to 512,000 Flexible NetFlow (FNF) entries in hardware
• Up to 36 MB of unified buffer per ASIC
• Up to 212,000 routing entries (IPv4/IPv6) for high-end campus core and aggregation deployments
• IPv6 support in hardware, providing wire-rate forwarding for IPv6 networks
• IEEE 802.1ba AV Bridging (AVB) built in to provide a better AV experience through improved time synchronization and QoS
• Precision Time Protocol (PTP; IEEE 1588v2) provides accurate clock synchronization with sub-microsecond accuracy, making it suitable for distribution and synchronization of time and frequency over the network
• Dual-stack support for IPv4/IPv6 and dynamic hardware forwarding table allocations, for ease of IPv4-to-IPv6 migration
• Support for both static and dynamic NAT and Port Address Translation (PAT)
• Scalable routing (IPv4, IPv6, and multicast) tables and Layer 2 tables
• Cisco IOS XE Software, a modern operating system for the enterprise with support for model-driven programmability, on-box Python scripting, streaming telemetry, container-based application hosting, and patching for critical bug fixes. The OS also has built-in defenses to protect against runtime attacks
• Cisco StackWise Virtual technology, a network system virtualization technology that increases operational efficiency and boosts nonstop communications and scaled system bandwidth
• Highest wireless scale for Wi-Fi 6 and 802.11ac Wave 2 access points supported on a single switch
• SD-Access: With the Cisco Catalyst 9500 Series, you can be part of the future of networking with features that include:
- Policy-based automation from edge to cloud
- Segmentation and micro-segmentation made easy, with predictable performance and scalability
- Automation and network assurance through the Cisco DNA Center Appliance
- Faster launch of new business services and significantly improved issue resolution time
- SD-Access Embedded Wireless: The Cisco Catalyst 9800 embedded wireless controller software package can be installed on Cisco Catalyst 9500 Series Switches to enable wireless controller functionality for distributed branches and small campuses. Once installed, the embedded wireless controller running on a Cisco Catalyst 9500 Series Switch can support up to 200 APs and 4000 clients. A maximum of two wireless controllers can be enabled per site on two different Cisco Catalyst 9500 Series Switches, which will increase the scale up to 400 APs and 8000 wireless clients per site.
- The Cisco Catalyst 9800 embedded wireless controller software package will enable wireless functionality only for SD-Access deployments, with two supported topologies:
- It can be enabled on Cisco Catalyst 9500 Series Switches functioning as a co-located border and control plane.
- It can be enabled on Cisco Catalyst 9500 Series Switches functioning as fabric in a box.
• Cisco Plug and Play (PnP) enabled: A simple, secure, unified, and integrated offering to ease new branch or campus device rollouts or updates to an existing network
• Advanced security:
- Encrypted Traffic Analytics (ETA): You benefit from the power of machine learning to identify and take actions toward threats or anomalies in your network, including malware detection in encrypted traffic and distributed anomaly detection. Additionally, ETA is able to detect vulnerable implementations in encrypted traffic
- Support for AES-256 with the powerful MACsec 256-bit encryption algorithm available on all models
- Trustworthy solutions: Secure Unique Device Identification (SUDI) support for Plug and Play, enabling tamper-proof device identity capability, which secures zero-touch provisioning by allowing your device to show a certificate to the server to be able to get onto your network.