Thursday, July 27, 2017

The New Cisco Catalyst 9000 Series Switches, the New Design

Cisco launched the star Catalyst Switches-Cisco Catalyst 9000 Series Switches.

The new Cisco Catalyst 9000 Family of switches consists of the best stackable access switch, Catalyst 9300; the only modular chassis that supports In-Service Software Upgrade (ISSU) in the campus space, Catalyst 9400; and the first 40G aggregation switch in the enterprise space, Catalyst 9500.

The Catalyst 9000 Family solves some persistent challenges of enterprise networks by utilizing platform innovations built around four key areas: security, Internet of Things (IoT) convergence, mobility and cloud readiness.

Catalyst 9000 series is a “beautiful” switch. And there are some of the design choices that make the 

Catalyst 9000 the industry’s most aesthetic switches.
  • Rounded frame without sharp corners – “yes” you can keep touching!
  • Ergonomic pullout handles on the Catalyst 9400 enable better weight distribution – you will not break your back lifting these switches!
  • Innovative slide-out ejectors with latch on the uplink modules of Catalyst 9500 – no more screwdrivers!
  • Molded plastic covers ejectors, screws and handles on field replaceable units – no gloves required!
  • Industry standard icons now advertise the capabilities of the switch – a truly universal switch!

The Catalyst 9000 series of switches redefines convenience and usability – it is time to make the switch.

Design Change we can make in the Cisco Catalyst 9000 switches

Catalyst 9400 Switch

The fan tray design on the Catalyst 9400 switch

Historically, front accessibility of all FRUable components has been an ante requirement for enterprise modular platforms.

This is to accommodate for space constrained closet environments where the switch had to be placed flush against the wall. Front accessibility of the fan-tray came with the caveat that all the cables need to be routed to the opposite side of fan-tray to enable serviceability in case of a failure. Cable management gets tricky when you have to route 48 twisted pair Ethernet cables to the same side of the chassis and in many cases customers need special cable guides to make this work.

The Catalyst 9400 chassis introduces user-configurable dual serviceable fan-tray design to overcome this specific challenge. This innovative design allows users to service the same fan-tray from the front and rear of the chassis. Cable management compromises are no more.

On the topic of fans, these generate all the acoustic noise emitted by the switches.

In environments where the closets do not have acoustic isolation, the noise can be disruptive and this is exactly what we attempted to minimize on the Catalyst 9000 switches. Historically, sensors measure ambient temperature and dynamically modulate the speed of fans as a mechanism to reduce noise. The Catalyst 9000 switches takes this a step further by deploying sensors to measure the barometric pressure that allows the fans to run at reduced RPMs to minimize acoustic noise at lower altitudes. Furthermore, an intricate network of sensors continuously monitors the Catalyst 9400 platform’s thermal health and increases the speed of selective fans within the fan-tray when alerted, minimizing the overall system generated noise. The same closed loop mechanism is also used to get N+1 redundancy for fans within the fan-tray where neighboring fans can compensate for a failed fan by increasing their RPM.

Design choices on the Catalyst 9000 switches also aid day-today operations. Asset management enabled by RFID comes with added overhead of programming the RFID and tagging it to the component that requires tracking. Not anymore! Catalyst 9000 switches come with pre-programmed RFID tags with optional customizable fields making inventory management more convenient than ever before. While RFID tags are included at the switch level on the Catalyst 9300/9500; the Catalyst 9400 sports the RFID tag on all field replaceable units (FRU)-supervisors, line-cards, fan-trays and power supplies.

As a network operator, imagine sending a highly trained employee out ever time you had to touch a switch - be it to connect debug cables or service a failed FRU. The Catalyst 9000 series now includes blue beacons on all switches and FRUs. Anyone with access to the switch can do trivial tasks like replacing a failed power supply. The savings for remote sites maintenance can be significant – just pick up the phone and you can literally ask anyone to service the switch.

Reference from

More Related

Tuesday, July 18, 2017

Get a Look at Cisco Nexus 9000

Cisco Nexus 9000 Series is so popular that can be selected by customers of any size.

Why Cisco Nexus 9000 Series Switches? Nexus 9000 Series are ideal for small-to-midsize data centers, offering five key benefits: price, performance, port-density, programmability, and power efficiency.

The Cisco Nexus 9000 Series operate in Cisco NX-OS Software mode or Application Centric Infrastructure (ACI) mode.

The 9000 Series offers modular 9500 switches and fixed 9300 and 9200 switches with 1/10/25/50/40/100 Gigabit Ethernet switch configurations.
Cisco Nexus 9000 Product Line
  1. Nexus 9200 switches are optimized for high performance and density in NX-OS mode operations.
  2. The 9500 and 9300 are optimized to deliver increased operation flexibility in:
  • NX-OS mode for traditional architectures and consistency across Nexus switches, or
  • ACI mode to take advantage of ACI's policy-driven services and infrastructure automation features
    Architectural Flexibility
  • Can be deployed in an energy-efficient three-tier or leaf-spine architecture
  • Provides flexible and scalable virtual extensible LAN (VXLAN) multi-tenancy
  • Provides a foundation for ACI, automating application deployment and delivering simplicity, agility, and flexibility
  • Supports Nexus Fabric Manager to automate fabric configuration and management
  • Offers an open-object API-programmable model for provisioning Layer 2 and 3 features
  • Provides extensibility through a Route Processor Module application package, Linux containers, and Broadcom and Linux shell access
  • Uses the Cisco NX-OS API for easy-to-use, web-based programmatic access
  • Simplifies infrastructure management through integration with DevOps automation tools
     Real-Time Visibility and Telemetry
  • Cisco Tetration Analytics support with built-in hardware sensors for rich traffic flow telemetry and line-rate data collection
  • Cisco Nexus Data Broker support for network traffic monitoring and analysis
  • Real-time buffer utilization per port and per queue, for monitoring traffic micro-bursts and application traffic patterns
  • Provides up to 60 Tbps of nonblocking performance with less than 5-microsecond latency
  • Features line rate, high density 10/25/40/50/100 Gbps Layer 2 and Layer 3 Ethernet ports
  • Offers wire-speed gateway, bridging, routing, and Cisco Border Gateway Protocol Control Plane for VXLAN (BGP EVPN VXLAN)
  • Includes segment routing for increased network scalability and virtualization
     High Availability
  • In-Service Software Upgrade (ISSU) and patching without operation interruption (Nexus 9500 and 9300)
  • Fully redundant and hot-swappable components
  • Improves reliability and performance with a mix of third-party and Cisco ASICs performance
     Investment Protection
  • Allows for reuse of an existing 10-GE cabling plant for 40 GE with a 40-Gbps bidirectional transceiver
  • Supports Cisco Nexus 2000 Series Fabric Extenders in both NX-OS and ACI modes (9300 and 9500 Series)
  • Facilitates migration from NX-OS mode to ACI mode
  • FCoE support provides fabric convergence for LAN and SAN, lowering overall data center TCO

Wednesday, July 5, 2017

What is the Cisco Firepower Threat Defense (FTD)?

FTD, the Firepower Threat Defense software, is unified software that provides next-generation firewall services, including the following:
  • Stateful firewall capabilities
  • Static and dynamic routing
  • Next-generation intrusion prevention systems (NGIPS)
  • Application visibility and control (AVC)
  • URL filtering
  • Advanced Malware Protection (AMP)

In the Cisco ASA, you can use FTD in single context mode and in routed or transparent mode. Multiple context mode is not supported at this writing.
The following are the Cisco ASA 5500-X models that support a reimage to run the FTD software:
To reimage one of the aforementioned Cisco ASA models, you must meet the following prerequisites:
  • You must have a Cisco Smart Account. You can create one at Cisco Software Central (
  • You need to review the FTD software version release notes to become familiar of the supported features, as Cisco continues to add features very regularly.
  • Add at least a base FTD license to your Smart Account (for example, L-ASA5516T-BASE=).
  • You must have access to an FMC (virtual or physical).
  • You must have access to the console port of the Cisco 5500-X appliance on which FTD software will be installed, either directly from the computer being used for installing FTD software or through a terminal server.
  • It is a best practice to back up your existing configuration.
  • Understand that when you reimage and install FTD software on your Cisco ASA, all previous files and configurations saved on the ASA are lost.
  • You need to have the required minimum free space (3 GB plus the size of the boot software) available on the flash (disk0).
  • You must have an SSD in your Cisco ASA.
  • You must have access to a TFTP server to host the FTD images.

More Related