Cisco Catalyst 9600 Switch License
Cisco Catalyst 9600 Series switches are purpose-built for resiliency at scale with the industry’s most comprehensive security and allows your business to grow at lowest total operational cost. Built upon the foundation of Catalyst 9000, the Catalyst 9600 Series offers scale and security when always on is a must.
As foundational building blocks for the Cisco Digital Network Architecture, Catalyst 9600 Series switches help customers simplify complexity, optimize IT, and reduce operational costs by leveraging intelligence, automation and human expertise that no other vendor can deliver regardless of where you are in the intent-based networking journey.
Catalyst 9600 Series Switches provide security features that protects the integrity of the hardware as well as the software and all data that flows through the switch. It provides resiliency that keeps your business up and running seamlessly. Combine that with open APIs of Cisco IOS XE and programmability of the UADP ASIC technology, Catalyst 9600 Series switches give you what you need now with investment protection on future innovations.
As the industry’s first purpose-built 40 and 100 Gigabit Ethernet line of modular switches targeted for the enterprise campus, Catalyst 9600 Series switches deliver unmatched table scale (MAC, route, and Access Control List [ACL]) and buffering for enterprise applications.
The Cisco Catalyst 9606R chassis is hardware ready to support a wired switching capacity of up to 25.6 Tbps, with up to 6.4 Tbps of bandwidth per slot. Cisco Catalyst 9600 Series switches support granular port densities that fit diverse campus needs, including nonblocking 40 and 100 Gigabit Ethernet (GE) Quad Small Form-Factor Pluggable (QSFP+, QSFP28) and 1, 10, and 25 GE Small Form-Factor Pluggable Plus (SFP, SFP+, SFP28) The switches also support advanced routing and infrastructure services (such as Multiprotocol Label Switching [MPLS] Layer 2 and Layer 3 VPNs, Multicast VPN [MVPN], and Network Address Translation [NAT]); Cisco Software-Defined Access capabilities (such as a host tracking database, cross-domain connectivity, and VPN Routing and Forwarding [VRF]-aware Locator/ID Separation Protocol [LISP]); and network system virtualization with Cisco StackWise virtual technology that are critical for their placement in the campus core.
The Cisco Catalyst 9600 Series also supports foundational high-availability capabilities such as patching, Graceful Insertion and Removal (GIR), Cisco Nonstop Forwarding with Stateful Switchover (NSF/SSO), redundant platinum-rated power supplies, and fans.
Cisco Catalyst 9600 Series Chassis
- Hardware ready to support up to 25.6 Tbps in wired switching capacity, with up to 6.4 Tbps bandwidth per slot.
- Up to 9.6 Tbps in wired switching capacity, with 3 Bpps of forwarding performance with the Cisco Catalyst 9600 Series Supervisor Engine 1.
- Up to 48 nonblocking 100 Gigabit Ethernet QSPF28 ports with the Cisco Catalyst 9600 Series Supervisor Engine 1.
- Up to 96 nonblocking 40 Gigabit Ethernet QSFP+ ports with the Cisco Catalyst 9600 Series Supervisor Engine 1.
- Up to 192 nonblocking 25 Gigabit/10 Gigabit Ethernet SFP28/SFP+ ports with the Cisco Catalyst 9600 Series Supervisor Engine 1.
- Platinum-rated AC and DC power supplies.
Cisco Catalyst 9600 Series Supervisor Engine 1 and Line Cards
- The UADP 3.0 Application-Specific Integrated Circuit (ASIC) is future-ready for next-generation technologies, with a programmable pipeline, microengine capabilities, and template-based configurable allocation of Layer 2, Layer 3, forwarding, ACL, and Quality-of-Service (QoS) entries.
- It is the first ASIC to support double-width HW tables. This provides equivalent table size and processing performance for IPv4 and IPv6.
- The Supervisor Engine 1, with a 2.0-GHz Intel® x86 CPU with 8 cores, provides up to 960 GB of SATA SSD local storage for container-based application hosting.
- Up to 108 MB of buffer (36 MB of unified buffer per ASIC).
- Line-rate, hardware-based Flexible NetFlow (FNF) delivers flow collection for up to 294,000 flows.
- IPv6 support in hardware provides wire-rate forwarding for IPv6 networks.
- Dual-stack support for IPv4 and IPv6 and dynamic hardware forwarding table allocations enable easy IPv4-to-IPv6 migration.
- Flexible routing (IPv4, IPv6, and multicast) tables, Layer 2 tables, ACL tables, and QoS tables.
Cisco IOS XE
Cisco IOS XE Software opens a completely new paradigm in network configuration, operation, and monitoring through network automation. Cisco’s automation solution is open, standards-based, and extensible across the entire lifecycle of a network device. The various automation mechanisms are outlined below.Automated device provisioning is the ability to automate the process of upgrading software images and installing configuration files on Cisco Catalyst switches when they are being deployed in the network for the first time. Cisco provides turnkey solutions such as Plug and Play and Preboot Execution Environment (PXE) that enable an effortless and automated deployment.
● API-driven configuration is available with modern network switches such as Cisco Catalyst 9600 Series switches. It supports a wide range of automation features and provides robust open APIs over NETCONF and RESTCONF using YANG data models for external tools, both off the shelf and custom built, to automatically provision network resources.
● Granular visibility enables model-driven telemetry to stream data from a switch to a destination. The data to be streamed is identified through subscription to a data set in a YANG model. The subscribed data set is streamed to the destination at specified intervals. Additionally, Cisco IOS XE enables the push model. It provides near-real-time monitoring of the network, leading to quick detection and rectification of failures.
● Seamless software upgrades and patching supports OS resilience. On Cisco Catalyst 9600 Series switches Cisco IOS XE supports hot patching without reboot, which provides fixes for critical bugs and security vulnerabilities between regular maintenance releases. This support lets you add patches without having to wait for the next maintenance release.
● Trustworthy solutions built with Cisco Trust Anchor Technologies provide a highly secure foundation for Cisco products. With Cisco Catalyst 9600 Series switches, these technologies enable hardware and software authenticity assurance for supply chain trust and strong mitigation against man-in-the-middle attacks that compromise software and firmware. Trust Anchor capabilities include image signing, Secure Boot, and Cisco Trust Anchor module.
High availability: Cisco Catalyst 9600 Series switches support high-availability features, including the following:
- Cross-stack EtherChannel provides the ability to configure Cisco EtherChannel technology across different members of the stack for high resiliency.
- IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) provides rapid spanning tree convergence independent of spanning tree timers and also offers the benefit of Layer 2 load balancing and distributed processing.
- Per-VLAN Rapid Spanning Tree (PVRST+) allows rapid spanning tree (IEEE 802.1w) reconvergence on a per-VLAN spanning tree basis, providing simpler configuration than MSTP. In both MSTP and PVRST+ modes, stacked units behave as a single spanning tree node.
- Switch-port auto-recovery (“err-disable” recovery) automatically attempts to reactivate a link that is disabled because of a network error.
The Foundation of Software-Defined Access
Secure Segmentation with SD-Access
The enterprise network lies at the heart of digital transformation. A network that is open, programmable, integrated, and secure maximizes business agility, allowing new business opportunities to be pursued and captured. But advanced and persistent security threats, the exponential growth of IoT devices and a mobility everywhere user experience requires a new type of network fabric that integrates advanced hardware and software innovations to automate, secure, and simplify customer networks.
The Cisco Digital Network Architecture (Cisco DNA) with Software-Defined Access (SD-Access) is the network fabric that powers business. It is an open and extensible software-driven architecture that accelerates and simplifies your enterprise network operations. The programmable architecture frees your IT staff from time-consuming, repetitive network configuration tasks so they can focus instead on innovation that positively transforms your business. SD-Access enables policy-based automation from edge to cloud with foundational capabilities. These include:
● Simplified device deployment
● Unified management of wired and wireless networks
● Network virtualization and segmentation
● Group-based policies
● Context-based analytics
● SD-Access: Cisco Catalyst 9600 Series switches are the entry-level devices for SD-Access, Cisco’s lead enterprise architecture, with policy-based automation from edge to cloud.
- Simplified segmentation and micro-segmentation, with predictable performance and scalability
- Automation through Cisco DNA Center
- Policy handled through the Cisco Identity Services Engine (ISE)
Faster launch of new business services and significantly improved issue resolution time
- Full network visibility and monitoring
- End-to-end Quality of Experience (QoE)
- Fast issue resolution and network remediation
- ● Plug and Play (PnP) enabled: A simple, secure, unified, and integrated offering to ease new branch or campus device rollouts or updates to an existing network.
Full Flexible NetFlow
● Full Flexible NetFlow (FNF): Cisco IOS FNF is the next generation in flow visibility technology. It enables optimization of the network infrastructure, reduces operation costs, and improves capacity planning and security incident detection with increased flexibility and scalability. Catalyst 9600 Series switches are capable of up to 294,000 flow entries.
● Superior QoS: Cisco Catalyst 9600 Series switches offers Gigabit Ethernet speeds up to 100 Gbps with intelligent services that keep traffic flowing smoothly, even at 10 times the normal network speed. Industry-leading mechanisms for cross- stack marking, classification, and scheduling deliver superior performance for data, voice, and video traffic at wire speed. Superior QoS includes granular wireless bandwidth management and fair sharing, 802.1p Class of Service (CoS) and Differentiated Services Code Point (DSCP) field classification, Shaped Round Robin (SRR) scheduling, Committed Information Rate (CIR), and eight egress queues per port.
WebUI is an embedded GUI-based device-management tool that provides the ability to provision the device, to simplify device deployment and manageability, and to enhance the user experience. It comes with the default image, so there is no need to enable anything or install any license on the device. You can use WebUI to build configurations, and to monitor and troubleshoot the device without having CLI expertise.
● RFID tags:
Cisco Catalyst 9600 Series switches have an embedded RFID tag that facilitates easy asset and inventory management using commercial RFID readers.
● Blue beacon:
Cisco Catalyst 9600 Series switches support both front and back blue beacon LEDs for easy identification of the switch being accessed.
● Efficient switch operation:
Cisco Catalyst 9600 Series switches provide optimum power saving with industry best-in-class power management and power consumption capabilities. The ports support reduced power modes so that ports not in use can move into a lower power utilization state. Other efficient switch operation features are as follows:
- Per-port power consumption command allows customers to specify a maximum power setting on an individual port.
- Per-port PoE power sensing measures actual power being drawn, enabling more intelligent control of powered devices. The PoE MIB provides proactive visibility into power usage and allows you to set different power-level thresholds.
● Bluetooth ready:
Cisco Catalyst 9600 Series switches have hardware support to connect a Bluetooth dongle to your switch, enabling you to use this wireless interface as an IP management port interface. The port can be used for configuration and troubleshooting using WebUI or the Command-Line Interface (CLI), and to transfer images and configurations.
High-Performance IP Routing
The Cisco Express Forwarding hardware routing architecture delivers extremely high-performance IP routing in Cisco Catalyst 9600 Series switches, based on:
- IP unicast routing protocols (including static, Routing Information Protocol Version 1 [RIPv1], RIPv2, RIPng, and Open Shortest Path First [OSPF], Routed Access) are supported for small network routing applications. Equal-cost routing facilitates Layer 3 load balancing and redundancy across the stack.
- Advanced IP unicast routing protocols (including Full [OSPF], Enhanced Interior Gateway Routing Protocol [EIGRP], and Intermediate System-to-Intermediate System Version 4 [IS-ISv4]) are supported for load balancing and for constructing scalable LANs. IPv6 routing (using OSPFv3 and EIGRPv6) is supported in hardware for maximum performance.
- Protocol-Independent Multicast (PIM) for IP multicast routing is supported, including PIM sparse mode (PIM SM), and Source-Specific Multicast (SSM).
- IPv6 addressing is supported on interfaces with appropriate show commands for monitoring and troubleshooting.
Cisco IOS XE
● This modern operating system for the enterprise provides Cisco Catalyst License support for model-driven programmability, on-box Python scripting, streaming telemetry, container-based application hosting, and patching for critical bug fixes. Cisco IOS® XE also has built-in defenses to protect against runtime attacks.
● Plug and Play enabled: A simple, secure, unified, and integrated offering eases new branch or campus device rollouts and can also be used to provide updates to an existing network.
● Advanced security
- Encrypted Traffic Analytics (ETA): This technology uses the power of machine learning to identify and take action toward threats or anomalies in your network. It includes malware detection in encrypted traffic and distributed anomaly detection.
- Advanced Encryption Standard 256 (AES-256) support with the powerful MACsec-256 encryption algorithm is available in hardware.
- Trustworthy solutions: Secure Unique Device Identification (SUDI) support for Plug and Play (PnP) tamper-proof device identity capability secures zero-touch provisioning by allowing your device to show a certificate to the server to be able to get on your network.
● SD-Access is Cisco’s leading enterprise architecture. It includes:
- Policy-based automation from edge to cloud
- Macro-segmentation and micro-segmentation made easy, with predictable performance and scalability
- Automation through the Cisco DNA Center Appliance
- Policy through the Cisco Identity Services Engine (ISE)
- Network assurance through the Network Data Platform
Cisco Catalyst 9600 Series Chassis
Cisco Catalyst 9600 Series switches offers one chassis option and multiple line-card options (Table 1). It provides a common architecture that can scale up to 192 10 Gigabit or 25 Gigabit Ethernet ports. The Cisco Catalyst 9600 Series redundant chassis offer High Availability (HA) by supporting 1 + 1 redundant supervisor engines with full-image In-Service Software Upgrades (ISSU). NSF/SSO and ISSU help ensure continuous packet forwarding during supervisor engine switchover to enable HA for business-critical applications.
The Cisco Catalyst 9600 Series chassis is enterprise optimized, with efficient side-to-side airflow and full front accessibility for all removable components, including supervisors, line cards, power supplies, and fan tray. The chassis also supports optional rear accessibility for the fan tray to enable efficient cable management. The Cisco Catalyst 9600 Series chassis, supervisor, line cards, power supply, and fan tray have embedded RFID tags that facilitate easy asset and inventory management using commercial RFID readers.