Cisco Catalyst 9K – My point of view

Cisco come back with their old name where they made name from Catalyst ( i believe Air going to retire soon from Wireless models)

here is the models available – while i was more intrested looking to replace Cat 6500 and Cat 6800 models in the Campus Core.

all model of 9K from wirelss – Access – Distribution-Core -Controller

Cat 9600 is good to move next generation switching capabilites from Onsite to Cloud infrastructure.

Security: Segmentation and Policy, MACsec256, Trustworthy Solutions

Automation and Programmability: SD-Access, Embedded Wireless Lan Controller, NETCONF and YANG APIs, Application Hosting

Analytics: Application visibility with NBAR AVC, Flexible NetFlow, Streaming Telemetry

High Availability: In-Service Software Upgrade, SSO, Stack wise Virtual, GIR and Hot patching

 L3 Core, Distribution or Collapsed Core-Distribution

Three-tier campus design is most common in medium and large enterprises where scalability, flexibility and reliability of the network is of utmost importance. Conversely, two-tier designs are more suitable for smaller networks providing simplicity by combining the core and distribution layers.

Cisco’s Catalyst 9600 delivers the full suite of Layer2, Layer3, ACL, QOS and Multicast functionality along with pre-defined ASIC templates for core and distribution scenarios. It can be easily deployed as an L3 Core and a Distribution switch in a three-tier design or as a Collapsed Core-Distribution Switch in the two-tier design.


  2. L3 Core + MPLS-PE

In enterprise networks, MPLS provides network segmentation locally within a site or for geographically distributed sites over WAN in a scalable way.

Catalyst 9600 delivers rich set of MPLS features such as MPLS L3 VPN, L2 VPN and MPLS over GRE with up to 1024 VRFs.


Customers can deploy the Catalyst 9600 Switch combining L3 Core and MPLS PE functionality on the same switch to achieve better performance and scale and to simplify their network design across LAN and WAN.

  3. Fabric Border

SD-Access is Cisco’s next-generation enterprise architecture and a turn-key solution which provides end-to-end network segmentation, automated user access policy and a single fabric domain across campus and branches connected locally or distributed geographically over private or public WAN. By allowing seamless integration across Cisco SD-Access, SD-WAN and ACI solution, Cisco’s IBN architecture further extends end-to-end network segmentation and consistent security policies from campus, branch and WAN to private data center and cloud.     

With higher performance and scale using Cisco’s latest ASIC UADP 3.0 and 8 Core x86 CPU, better resiliency and integrated security, Catalyst 9600 is designed to deploy SD-Access Border functionality at scale.


Why Upgrade from Old to Cat 9600