Cisc0 IOS XE Software opens a completely new paradigm in network configuration, operation, and monitoring through network automation. Cisc0’s automation solution is open, standards-based, and extensible across the entire lifecycle of a network device.The various automation mechanisms are outlined below.
● Automated device provisioning is the ability to automate the process of upgrading software images and installing configuration files on Cisco Catalyst switches when they are being deployed in the network for the first time. Cisc0 provides turnkey solutions such as Plug and Play and Preboot Execution Environment (PXE) that enable an effortless and automated deployment.
● API-driven configuration is available with modern network switches such as Cisc0 Catalyst 9200 Series switches. It supports a wide range of automation features and provides robust open APIs over NETCONF and RESTCONF using YANG data models for external tools, both off the shelf and custom built, to automatically provision network resources.
● Granular visibility enables model-driven telemetry to stream data from a switch to a destination. The data to be streamed is identified through subscription to a data set in a YANG model. The subscribed data set is streamed to the destination at specified intervals. Additionally, Cisc0 IOS XE enables the push model. It provides near-real-time monitoring of the network, leading to quick detection and rectification of failures.
● Seamless software upgrades and patching supports OS resilience. On Cisc0 Catalyst 9200 Series switches Cisc0 IOS XE supports cold patching with reboot, which provides fixes for critical bugs and security vulnerabilities between regular maintenance releases. This support lets you add patches without having to wait for the next maintenance release. Cold patching requires the switch to be rebooted after patching to allow the changes to take effect.
● Trustworthy solutions built with Cisc0 Trust Anchor Technologies provide a highly secure foundation for Cisc0 products. With Cisc0 Catalyst 9200 Series switches, these technologies enable hardware and software authenticity assurance for supply chain trust and strong mitigation against man-in-the-middle attacks that compromise software and firmware. Trust Anchor capabilities include image signing, Secure Boot, and Cisc0 Trust Anchor module.
● High availability: Cisc0 Catalyst 9200 Series switches support high-availability features, including the following:
◦ Cross-stack EtherChannel provides the ability to configure Cisc0 EtherChannel technology across different members of the stack for high resiliency.
◦ IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) provides rapid spanning tree convergence independent of spanning tree timers and also offers the benefit of Layer 2 load balancing and distributed processing.
◦ Per-VLAN Rapid Spanning Tree (PVRST+) allows rapid spanning tree (IEEE 802.1w) reconvergence on a per-VLAN spanning tree basis,providing simpler configuration than MSTP. In both MSTP and PVRST+ modes, stacked units behave as a single spanning tree node.
◦ Switch-port auto-recovery (“err-disable” recovery) automatically attempts to reactivate a link that is disabled because of a network error.
The Foundation of Software-Defined Access
Secure Segmentation with SD-Access
The enterprise network lies at the heart of digital transformation. A network that is open, programmable, integrated, and secure maximizes business agility, allowing new business opportunities to be pursued and captured.
Cisc0 DNA with SD-Access is the network fabric that powers business. It is an open and extensible software-driven architecture that accelerates and simplifies your enterprise network operations. The programmable architecture frees your IT staff from time-consuming, repetitive network configuration tasks so they can focus instead on innovation that positively transforms your business. SD-Access enables policy-based automation from edge to cloud with foundational capabilities. These include:
● Simplified device deployment
● Unified management of wired and wireless networks
● Network virtualization and segmentation
● Group-based policies
● Context-based analytics
● SD-Access: Cisc0 Catalyst 9200 Series switches are the entry-level devices for SD-Access, Cisco’s lead enterprise architecture,with policy-based automation from edge to cloud.
◦ Simplified segmentation and micro-segmentation, with predictable performance and scalability
◦ Automation through Cisc0 DNA Center
◦ Policy handled through the Cisc0 Identity Services Engine (ISE)
◦ Faster launch of new business services and significantly improved issue resolution time
● Assurance
◦ Full network visibility and monitoring
◦ End-to-end Quality of Experience (QoE)
◦ Fast issue resolution and network remediation
● Plug and Play (PnP) enabled: A simple, secure, unified, and integrated offering to ease new branch or campus device rollouts or updates to an existing network cloud Security
● Umbrella Integration :
Small to midsize networks reliant on managed service providers can now host Cisc0 Umbrella agent directly on their Catalyst 9200 series switches. This allows the business to easily customize their DNS filtering policies to prevent BYOD or IoT guest or corporate users from accessing malicious or inappropriate websites, without having to rely on the MSP to push the policies out. It also lets them optimize use of bandwidth by allowing direct cloud access for trusted apps. Requires DNA-Advantage License and Umberlla License per device
Full Flexible NetFlow
● Full Flexible NetFlow (FNF): Cisc0 IOS FNF is the next generation in flow visibility technology. It enables optimization of the network infrastructure, reduces operation costs, and improves capacity planning and security incident detection with increased flexibility and scalability. Catalyst 9200 Series switches are capable of up to 16,000 flow entries on 48-port and 24 port models.
QoS
● Superior QoS: Cisco Catalyst 9200 Series switches offer Gigabit Ethernet speeds with intelligent services that keep traffic flowing smoothly, even at 10 times the normal network speed. Industry-leading mechanisms for cross-stack marking,classification,and scheduling deliver superior performance for data, voice, and video traffic at wire speed. Superior QoS includes granular wireless bandwidth management and fair sharing, 802.1p Class of Service (CoS) and Differentiated Services Code Point (DSCP) field classification, Shaped Round Robin (SRR) scheduling, Committed Information Rate (CIR), and eight egress queues per port.
Smart operation
● WebUI:
WebUI is an embedded GUI-based device-management tool that provides the ability to provision the device, to simplify device deployment and manageability, and to enhance the user experience. It comes with the default image, so there is no need to enable anything or install any license on the device. You can use WebUI to build configurations, and to monitor and troubleshoot the device without having CLI expertise.
● RFID tags:
Cisc0 Catalyst 9200 Series switches have an embedded RFID tag that facilitates easy asset and inventory management using commercial RFID readers.
● Blue beacon:
Cisc0 Catalyst 9200 Series switches support both front and back blue beacon LEDs for easy identification of the switch being accessed.
● Efficient switch operation*:
Cisc0 Catalyst 9200 Series switches provide optimum power saving with Energy Efficient Ethernet (EEE) on the RJ-45 ports and low-power operations for industry best-in-class power management and power consumption capabilities. The ports support reduced power modes so that ports not in use can move into a lower power utilization state. Other efficient switch operation features are as follows:
◦ Per-port power consumption command allows customers to specify a maximum power setting on an individual port.
◦ Per-port PoE power sensing measures actual power being drawn, enabling more intelligent control of powered devices. The PoE MIB provides proactive visibility into power usage and allows you to set different power-level thresholds.
● Bluet0oth ready:
Cisc0 Catalyst 9200 Series switches have hardware support to connect a dongle to your switch, enabling you to use this wireless interface as an IP management port interface. The port can be used for configuration and troubleshooting using WebUI or the Command-Line Interface (CLI), and to transfer images and configurations.
High-performance ip routing The Cisc0 Express Forwarding hardware routing architecture delivers extremely high-performance IP routing in Cisco Catalyst 9200 Series switches, based on:
● IP unicast routing protocols (including static, Routing Information Protocol Version 1 [RIPv1], RIPv2, RIPng, and Open Shortest Path First [OSPF], Routed Access) are supported for small network routing applications with the Network Essentials stack.
Equal-cost routing facilitates Layer 3 load balancing and redundancy across the stack.
● Advanced IP unicast routing protocols (including Full [OSPF], Enhanced Interior Gateway Routing Protocol [EIGRP], and
Intermediate System-to-Intermediate System Version 4 [IS-ISv4]) are supported for load balancing and for constructing scalable LANs. IPv6 routing (using OSPFv3 and EIGRPv6) is supported in hardware for maximum performance.
● Protocol-Independent Multicast (PIM) for IP multicast routing is supported, including PIM sparse mode (PIM SM), and
Source-Specific Multicast (SSM).
● IPv6 addressing is supported on interfaces with appropriate show commands for monitoring and troubleshooting.
Licensing
Packaging: Network and Cisc0 DNA licensing
The Cisc0 Catalyst 9000 family of switches introduces a new and simplified licensing package in the form of base and add-on licenses.
● The perpetual licensing package includes the Network Essentials and Network Advantage licensing options that are tied to the hardware. Between them, the base licensing packages cover switching fundamentals, management automation, troubleshooting, and advanced switching features. These Network licenses are perpetual.
● The subscription licensing package includes the Cisc0 DNA Essentials and Cisc0 DNA Advantage options. In addition to on-box capabilities, the features available with this package provide Cisco innovations on the switch, as well as on Cisc0 DNA Center.
The Cisc0 DNA subscription licenses are mandatory at the time of configuration.
License consumption is easily determined by the package itself. While perpetual licenses are always permanent and without an expiration date, subscription licenses have to be purchased for a 3-, 5-, or 7-year term (and hence are also known as term-based licenses). Table 12 shows the combinations of perpetual and subscription licenses that must be purchased.
