Catalyst 9000 Family

Business Decision Maker Presentation

 For Internal use only

It’s a multicloud and distributed world

Devices
and things
Microsoft 365
Azure
Iaa
S
WAN SaaS

Microsoft
Office

Campus
Mobile Data center/private cloud and branch
users
users

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 2
 For External use only

It’s a multicloud and distributed world

Devices
and things
AWS Salesforce

Google Microsoft 365

Azure

WAN
Cloud Dropbox
Concur
Iaa
SaaS
S

Microsoft
Office
IBM
Oracle SAP Campus
Mobile Data center/private cloud and branch
users
users

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 3
These trends have implications for your
network
Wireless everywhere | Consistent
Future of work is hybrid experience | Intelligent buildings

Internet is the new core | SASE

Future of apps is distributed model for access | End-to-end
visibility

Zero trust | Cloud-based security |

Future of security is borderless Segmentation

ML/AI-driven observability and

Future of operations is AIOps automation | Integration with IT,
SecOps, DevOps

Easy to buy | Easy to deploy | Easy to use

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 4
 The hybrid workforce is shaping a new
dynamic
IT landscape
Embracing the new normal Office IoT devices

Mobility Cloud
Midsize and large
Employees will likely
work remotely at 48% 75% organizations will
have adopted a
least part of the time
multicloud and/or
after COVID-19 hybrid IT strategy
IT
Home devices

IoT Security
28.5 billion Increase in the
networked devices 28B 50% growing prioritization
and connections will Public cloud Hybrid cloud of cloud-based
exist by 2022 security
SaaS
A hybrid workforce creates an evolving security challenge in the multicloud
world
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 5
Intent-based networking
Principles we use to execute on our strategy

Software- Digital- New network

defined ready operating
and systems infrastruct and security
thinking ure models

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 6
Addressing business needs and outcomes

Reimagin Creating a pervasive environment for people and

e things to roam and connect, wired and wireless
connectio
ns
Reinforce Continuous identity-based trusted access for any
user and any device to any data and any application
or service
security

Redefine Built on intent-based networking principles

experienc driven by advanced artificial intelligence, machine
learning, and insights
e
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 7
 Cisco Access Networking innovations

Reimagin
e
Common Back to business The future
connectio foundation Multigigabit and of work
ns Cisco Catalyst™ Cisco DNA Spaces Smart buildings and
wired and wireless, ThousandEyes
Cisco IOS® XE, and
common ASIC
Reinforc
Access e
Network AI-driven security Threat detection
security
Networki segmentation
Cisco® SD-Access
Cisco AI Endpoint
Analytics and
AI trust analytics

ng Cisco User Defined

Network (UDN)
group-based policy
analytics Help customers
connect, secure, and
Redefine automate in a cloud-
the first world to
AI-powered AI-driven Lean branch accelerate their
IT automation operations automation
experience digital transformations.
Orchestration and Visbility, observabilty Automated workflows
automation and insights (AI/ML) for secure connection
to cloud/SASE

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 8
 Catalyst 9000 innovations
Three decades of industry leadership

First Catalyst:
Catalyst® Catalyst 9000 Catalyst 9200 and Catalyst 9600 Catalyst 90W Catalyst 9300X fiber Catalyst
5000 family 9800 Series Series launched PoE/UPOE+ and microswitches 9000X
launched launched launched line introduced launched models
launch

201 201 201 202 202

199 202
7 8 9 0 1
3 2
Industry first innovations
Software-Defined
100 Gigabit Ethernet 90W Cisco UPOE®+ Smart buildings Line-rate IPsec
Access

Programmability MACsec 256 BGP EVPN SD-AVC 100G uplinks in

access,
Encrypted Traffic Analytics 400G in core
StackWise® Virtual SDM templates
(ETA) Cisco ThousandEyes
service assurance
Hot patching Assurance PTP/AVB WAN MACsec

ISSU/ GIR App hosting xFSU lossless upgrades ASAv

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 9
Cisco IOS XE
Operating system for the ever-evolving intent-based network

Modular Programmable Secure Resilient

Modular Cisco IOS® XE The most programmable Industry first innovations High availability baked in
enables lossless ASICs and operating for unmatched secure
upgrades via hot system in the industry access and edge with at every layer
patching, xFSU, enterprise IPsec and
and ISSU WAN MACsec

Support for ever-evolving and flexible deployments

Traditional Fabric
two- and deployments SD- Mission -
WAN edge
three-tier Access, BGP-EVPN critical
architecture VXLAN, MPLS branch
s
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 10
Reimagine connections
Secure Access Team One

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 11
Catalyst 9000X – Expanding industry
leadership
Adding the “X factor” to the industry’s leading switching family
Cisco Silicon One™ Q200
480G/slot, IPsec, 400G, deep buffers
100G uplinks
IPsec, 1T stacking,
100G uplinks,
enhanced app
hosting

Catalyst
9600X
Catalyst models
9400X Catalyst

Catalyst
models Catalyst 9500X
model Catalyst
9300X
models
9000 Catalyst 9600 Series
Catalyst
9400
switching 9500 Series

Catalyst Series platform

Catalyst 9300
9200 Series Series

Cisco Open
ASIC Cisco
IOS® XE

Catalyst Catalyst Catalyst Catalyst Catalyst Catalyst

2960-X/XR 3650/3850 4500-E Series 4500-X 6840-X/6880-X 6500-E/6807-XL

Access switching Core switching

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 12
 For Internal use only

Introducing the Catalyst 9300X models

UADP Multi core Open IOS
2.5Sec X86 CPU XE

- Stacking up the industry firsts 1069

X86

Industry Industry Mixed 25/10G fiber Industry Industry Full mGig and Extending Catalyst
first Terabit stacking first stacking with copper first 100G uplinks first UPOE+
leadership …
Stacks with
Transitions Catalyst 3850-XS fiber Densest uplinks: 2x 100/40G, Densest mGig and PoE: Line-rate nonblocking
Catalyst® 9300 model
switches 8x 25/10G, 8x 10G/Multigigabit 48x10G mGig and 90W UPOE+
switches
Removable storage (240 GB)
Fiber Copper 256-bit MACsec
Shipping
Hot patching
Catalyst 9300X-
48HX Extended FSU
Catalyst 9300X-24Y Catalyst 9300X-
Shipping 48TX NBAR2
Catalyst 9300X- IEEE 1588 and AVB
48HXN
Catalyst 9300X-24HX …while seamlessly
Catalyst 9300X-12Y integrating
with Catalyst 9300
Industry 100G Layer 3 Industry Stackable Industry Industry App hosting with Same optics
StackPower+
first encryption first 24x 10/25G first first crypto acceleration
Common stacking
IPsec,
10/25G across Enabled through StackPower+ QAT and ~2x capacity
WAN MACsec, Common power stacking
all ports in 1RU and power supply enhancements (memory, CPU, 2x 10G KR)
CloudSec*
Common power supplies, fans,
cables
Modular uplinks StackWise® and StackPower cables Platinum-rated power supplies Modular fan

315W 715W 1100W

2x 40/100G 8x 10/25G 8x Multigigabit 50CM-1M-3M 30CM-150CM 1900WA
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco AC AC/DC AC
C
Confidential 13
*Roadmap.
 For External use only

Introducing the Catalyst 9300X models

UADP Multi core Open IOS
2.5Sec X86 CPU XE

Certified

- Stacking up the industry firsts UL

1069
X86

Industry Industry Mixed 25/10G fiber Industry Industry Full mGig and Extending Catalyst
first Terabit stacking first stacking with copper first 100G uplinks first UPOE+
leadership …
Stacks with
Transitions Catalyst 3850-XS fiber Densest uplinks: 2x 100/40G, Densest mGig and PoE: Line-rate nonblocking
Catalyst® 9300 model
switches 8x 25/10G, 8x 10G/Multigigabit 48x10G mGig and 90W UPOE+
switches
Removable storage (240 GB)
Fiber Copper 256-bit MACsec
Shipping
Hot patching
Catalyst 9300X-
48HX Extended FSU
Catalyst 9300X-24Y Catalyst 9300X-
Shipping 48TX NBAR2
Catalyst 9300X- IEEE 1588 and AVB
48HXN
Catalyst 9300X-24HX …while seamlessly
Catalyst 9300X-12Y integrating
with Catalyst 9300
Industry 100G Layer 3 Industry Stackable Industry Industry App hosting with Same optics
StackPower+
first encryption first 24x 10/25G first first crypto acceleration
Common stacking
IPsec,
10/25G across Enabled through StackPower+ QAT and ~2x capacity
WAN MACsec, Common power stacking
all ports in 1RU and power supply enhancements (memory, CPU, 2x 10G KR)
CloudSec*
Common power supplies, fans,
cables
Modular uplinks StackWise® and StackPower cables Platinum-rated power supplies Modular fan

315W 715W 1100W

2x 40/100G 8x 10/25G 8x Multigigabit 50CM-1M-3M 30CM-150CM 1900WA
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco AC AC/DC AC
C
Confidential 14
*Roadmap.
 Cisco Catalyst access switch positioning
Secure, resilient campus Business-critical branch Simple branch

Border + Control plane

Catalyst® 9400 Catalyst 9300 Catalyst 9300X Catalyst 9300L Edge

models models
Branch-in-a-Box Fabric-in-a-Box Catalyst 9200
No router External router Series
SD-Access
SD-Access
extended SD-Access SD-Access
nodes
Choose Catalyst 9400 Series or Catalyst 9300 Choose: A) Catalyst 9300 Series fixed Consider Catalyst 9200 Series
Series uplink models (C9300L models) with (C9200 and C9200L models)
modular uplink models (C9300X and C9300) external router • Extend automation and policy
models • Full security with visibility • Limited VRFs
• Designed for security, mobility, IoT, and cloud • High availability, ETA, application hosting
• High availability, ETA, application hosting B) Catalyst 9300X models for complete
branch solution
+ IPsec, firewall, additional app hosting
Choose Catalyst 9400 or 9300/9300L for innovations in Intent-Based Entry point for IBN
Networking (IBN)

Full SD-Access, fabric-in-a-box, Wired ETA, On-box HA, hot patching,

SD-Access, fabric edge, Full
Embedded Wireless Controller Assurance, MACsec-256 app StackPower, Cisco
NetFlow
SD-Access,
C97-738949-05 © 2022 Cisco and/or its affi AVC reserved. Cisco
liates. All rights hosting UPOE+
Confidential 15
Catalyst 9300 Series – Market-leading
fixed switches

Mixed (Catalyst 9300X

Catalyst® 9300X models Catalyst 9300 models and
9300 models)
High-speed access and
Deployment type distribution
Access Access + Distribution

Stacking 1 Terabit 480G 480G

StackPower (+ higher power budget)

Hardware-based IPsec
Dense uplinks Up to 100G Up to 40G Up to 100G

Fiber models Up to 25/10G SFP+ Up to 1G SFP Up to 25/10G SFP+

Max 10G copper ports

48 24 48
(1RU)
App hosting (~2x app hosting capacity)

Full SD-Access, fabric-in-a-box, Wired assurance, ETA, On-box HA, hot patching, Cloud integrations: Secure Network Analytics,
IBN Embedded Wireless Controller SD-Access, AVC, FNF MACsec-256 app StackPower, Cisco Cisco Umbrella®, Cisco DNA Spaces,
hosting UPOE+ ThousandEyes
innovations
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 16
Catalyst 9300 Series – Market-leading
fixed switches

Catalyst® 9300 models Catalyst 9300X models

Market-leading stacking StackWise®-480 StackWise-1T

StackPower+, Larger power

Power resiliency and efficiency StackPower
budget
Dense and diverse modular
10G, 25G, 40G, Multigigabit uplinks 100G uplinks
uplinks
Market-leading Multigigabit
48x 5G and 24x 10G 48x 10G
densities
Fiber models for diverse use
1G fiber models 25/10G fiber
cases

Market-leading app hosting CPU, memory, storage resources ~2x resources

Industry-first hardware-based
Not available 100G IPsec performance
IPsec Full SD-Access, fabric-in-a-box, Wired assurance, ETA, On-box HA, hot patching, Cloud integrations: Secure Network Analytics,
IBN Embedded Wireless Controller SD-Access, AVC, FNF MACsec-256 app StackPower, Cisco Cisco Umbrella®, Cisco DNA Spaces,
hosting UPOE+ ThousandEyes
innovations
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 17
 Cisco Catalyst 9300 Series
Leading fixed access switch in Catalyst 9000 family
Catalyst® 9300 models SKUs with modular Catalyst 9300X models SKUs with
uplinks modular uplinks
1G copper ports with PoE/Cisco UPOE®/UPOE+ High-density Multigigabit models with UPOE+

2x to 4x 48x 10G/mGig UPOE+

scale/buffer
48/24 ports data 48/24 ports UPOE 48x 10G/mGig data
1G 1G
48x 5G + 36x 10G
UPOE+
48/24 ports UPOE 1G – 24x 10G/mGig UPOE+
48/24 ports PoE+ 48/24 ports UPOE+ 9300B
1G 1G
Multigigabit models with UPOE 1G fiber models 1/10/25G fiber models

48/24 48/24
ports ports SFP
24x 25/10G SFP+ 12x 25/10G SFP+
Multigigabi 1G
t 9300-only modular uplinks
Catalyst Catalyst 9300X-only modular uplinks

4x Multigigabit 4x 1G SFP 8x 1/10G SFP/SFP+ 2x 1/10/25G SFP/SFP+ 2x 40G QSFP 4x 40/100G 2x 40/100G 8x 10/25G 8x Multigigabit

StackWise® and StackPower cables Platinum-rated power supplies Modular fan

315W 715W 1100W

50CM-1M-3M 30CM-150CM 1900W AC
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco AC AC/DC AC
Confidential 18
 Catalyst 9000 access switching
Access switching for every network
Best-in-class modular
Value switching Best-in-class fi xed switching
switching

Catalyst 9300X Catalyst 9400-Sup2 powered Catalyst 9400-Sup1

Shippin Shippin by UADP 3.5 Sec powered by UADP 2.0
g g Shippin
g

Catalyst 9200

Catalyst 9300 Catalyst 9300L

Catalyst 9200L Catalyst 9400
Catalyst 9300 Series
High-end fixed switching for Software-Defined Access, Catalyst 9400 Series
Catalyst 9200 Series application hosting, high availability, assurance, High-end modular switching for unmatched port
Designed to extend automation and policy and smart buildings density, PoE density, and line-rate aggregation
switching
Entry point for IBN Cisco IBN innovations

Full SD-Access, Fabric-in-a-Box, Wired ETA, MACsec 256 On-box HA, hot patching,
SDA, Fabric Edge, Full NetFlow embedded wireless controller assurance, app StackPower,
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco SD-Access, AVC hosting UPOE+
Confidential 19
 Cisco Catalyst access switching positioning
Secure, resilient campus Business-critical branch Simple branch

Border + Control plane

Catalyst® 9400 Catalyst 9300 and

Catalyst 9300L Edge
and 9400X 9300X models
Series
models Catalyst 9200
Fabric-in-a-box
Series
SD-Access
SD-Access
extended SD-Access SD-Access
nodes
Choose Cisco Catalyst 9400 Series or Choose Catalyst 9300 Series fixed Consider Catalyst 9200 Series
Catalyst 9300 Series modular uplink models uplink models (C9300L) with external (C9200 and C9200L)
(C9300) router • Extend automation and policy
• Designed for security, mobility, IoT, and cloud • Full security with visibility • Limited VRFs
• High availability, ETA, application hosting • High availability, ETA, application hosting

Choose Catalyst 9400 or 9300 for innovations in IBN Entry point for IBN

Full SD-Access, Fabric-in-a-Box, Wired ETA, MACsec 256 On-box HA, hot patching,
embedded wireless controller assurance, app StackPower, SD-Access, fabric edge, Full NetFlow
SD-Access,
C97-738949-05 © 2022 Cisco and/or its affi AVC reserved. Cisco
liates. All rights hosting UPOE+
Confidential 20
Cisco Catalyst 9400X
introduction
Secure Access Team One

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 21
Cisco Catalyst 9400 Series
New generation of modular access for access, aggregation
9 Tbps
system
bandwidt Extending Cisco Catalyst
Industry-leading h 9400 leadership
Densest line rate
(10G/Multigigabit) 6x bandwidth per slot

Industry’s
4x route scale
highest UPOE+ 100G uplinks
and Multigigabit
scale 2x Multigigabit/10G ports at line rate
Industr
y first App hosting with crypto acceleration
100G Layer 3 encryption

Cisco Catalyst
9400 Series leadership
SD-Access
4 slots 7 slots 10 slots Encrypted Traffic Analytics
Supervisors Copper line cards Fiber line cards Power MACsec-256 link encryption
• SUP-2XL: 480G per slot, 100G •
48x 10G mGig • 48x 10G SFP+ supplies High availability (SSO/ISSU)
uplinks UPOE+ • 24x 10G SFP+ • 3200W AC
• SUP-2: 240G per slot • 48x 5G mGig UPOE+ • 48x 1G SFP NBAR2
• 3200W DC
• SUP-1XL-Y: Adds 25G uplinks • 24x mGig + 24x • 24x 1G SFP • 2100W AC Model-driven programmability
• SUP-1XL: Up to 240G per slot UPOE
• SUP-1: 80G per slot • 48x UPOE Patching and GIR
Maintaining investment
• 48xprotection
PoE+, 48x databy upgrading SUP-2/2XL Streaming telemetry
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 22
 Multicore Open Cisco

Introducing the Catalyst 9400 Gen 2 family

UADP 3sec
X86 CPU IOS® XE

Performance meets flexibility and investment protection X86

Cloud-native agility

• 6x increase in throughput
No oversubscription 100G Compatible with Cisco UPOE® • 5x increase in uplink density with 100G Industr
y first
480 Gbps per slot support Gen 1 line cards across all ports • Line rate across all chassis and line cards
• Up to 384 ports of Multigigabit and UPOE
• 108-MB unified buffer

Secure, connected
experience
Catalyst® 9400 SUP-2/SUP-2XL
• 100G Layer 3 encryption
2x 2x
B/W B/W
• Cloud-scale multilayer security Industr
y first
• 256-bit WAN MACsec
C9400-LC-48HX C9400-LC-48XS • 2x increase in app hosting with QAT
(48x 10G Multigigabit (48x 10G SFP+)
UPOE+)
Business-fi rst resiliency
100G 108 MB Dense and Densest
Layer 3 encryption unified buffer flexible Multigigabit/fiber • High availability with sub-second failover
TCAM • Built-in edge compute resources Industr
y first
• End-to-end analytics and assurance

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 23
 For Internal use only

Catalyst 9400 Gen 2 line cards

Line cards purpose-built to unleash the power of the
Catalyst 9400X supervisor Available early
CY22

Multigigabit line card

Double the capacity of existing
line cards
Increase in throughput and density
Line rate across all chassis

C9400-LC-48HX
48x 10G Multigigabit
90W UPOE+ Security for the cloud world
100G Layer 3 encryption (IPsec, WAN
MACsec)
256-bit MACsec
Fiber line card
Full NetFlow

Purpose-built for Internet of

Things
Industry-leading Cisco UPOE® and
C9400-LC-48XS Multigigabit density
48x10G SFP+ Support for Perpetual and Fast PoE
Applications
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 24
 For External use only

Catalyst 9400 Gen 2 line cards

Line cards purpose-built to unleash the power of the
Catalyst 9400X supervisor Available early
CY22

WiFi 6 Multigigabit line card

Double the capacity of existing
line cards
Cbrs Increase in throughput and density
Line rate across all chassis

Ultra HD 8K C9400-LC-48HX
48x 10G Multigigabit
90W UPOE+ Security for the cloud world
100G Layer 3 encryption (IPsec, WAN
ARVR
MACsec)
256-bit MACsec
Fiber line card
Full NetFlow
3D Design

Telemedicin
Purpose-built for Internet of
e
Things
Industry-leading Cisco UPOE® and
C9400-LC-48XS Multigigabit density
48x10G SFP+ Support for Perpetual and Fast PoE
Applications
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 25
 Catalyst 9400 Series product line
Versatile options for any deployment needs

Supervisor-1/XL Supervisor-2/XL Cisco Catalyst

Powered by UADP 2.0 Powered by UADP 3.0sec 9000 Core Series leadership

Industry-leading high availability

High Mean Time Between Failures
(MTBF)

Industry-leading performance with up to SD-Access, BGP-EVPN, MPLS

Optimized for access/aggregation with up to 480 Gbps
240 Gbps per slot
Encrypted Traffic Analytics
per slot
Flexible 10/25/40G uplink connectivity MACsec-256 link encryption
Market-leading uplink density with support
High-performance app hosting for 100G High availability (SSO/ISSU)
1/10G port options with oversubscription Market-leading app hosting (2x resources, NBAR2
QAT)
Optimized scale and buffer Model-driven programmability
Line-rate 10G/Multigigabit density up to
384 ports Patching and GIR
Hardware-based IPsec up to 100G – industry Streaming telemetry
first
Densest 90W 1G (260 ports)
Deep buffers and superior TCAM scale
Chassis benefits Shallow depth Platinum-rated N+1/N+N Mix AC and DC Dual serviceable Side-to-side
power supply modular power power supplies fan tray airflow
ThousandEyes service assurance
supply
Cisco DNA Spaces gateway for IoT
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 26
Cisco Catalyst 9500X
and 9600X models
introduction
Secure Access Team One

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 27
 Addressing the campus core + edge market
More than just “speeds and feeds”

System capacity System scale Port density QoS and buffers Flexibility

• Higher port speeds • High-scale routing • More uplinks • Low-latency buffers • Programmable ASIC
Enable newer Ethernet Support for full IPv4 and Support for multiple QSFP Support for local Enable new features
speeds and types, such IPv6 internet + LAN + uplinks, with LR/ZR optics optimized low-latency and encapsulations
as 50G SFP and 400G/ VRF routing shared memory
200G QSFP
• Model-driven
for redundant edge
• Flexible transport connections • High-bandwidth microcode
• More access options memory Hardware functions use
bandwidth Support for MPLS-VPN, • More downlinks Support for large buffers model-driven APIs
Higher density of SD-Access, and BGP-EVPN Support for hundreds of for microburst and
SFP ports and breakouts
• App hosting
802.11ac moving to with 4000 VRFs congestion
11ax, HD video (1080p) infrastructure
moving to UHD (4K) • Centralized wireless • Port options • Virtual output Support Docker
Mix of SFP and QSFP queuing applications
• Nonblocking Support for high MAC and ports, Eliminate head-of-line
at various interface
• Architecture-level
Core needs nonblocking ARP/NDP scale blocking, with dedicated
(1:1) performance speeds output queues for every
HA
Layer 2 and 3
egress port
redundancy with
StackWise® Virtual
Edge Catalyst Catalyst Core
and GIR+
9600X with Catalyst 9500X 9600
+ SUP-2 models SUP-1 Catalyst 9500 Distribut
models
Core ion
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 28
 The Catalyst 9000 core
Powering the cloud-scale world
Catalyst® 9500 Extending core leadership
Po w e red b y U A D P 3 .0
Catalyst 9600 with the Catalyst 9000X
Series
Supervisor 1 Supervisor 2 3x performance
Pow ered b y U A D P 3 .0 Pow ered b y S i l i c on O ne Q 2 0 0
Industry first 400G in campus
10x route scale and ultra-deep
25/100G SKUs buffers
High-performance fixed switches Internet route scale with 2 million
routing entries
Catalyst 9500X Coherent optic support
Pow ered b y S i l i c o n O ne™ Q 2 0 0
Enhanced security with WAN
MACsec
Cisco Catalyst 9000 Core
Series leadership
2.4 Tbps per slot 6.4 Tbps per slot SD-Access
MACsec-256 link encryption
100/400G SKUs
High availability (SSO/ISSU)
High-scale fixed switches High-performance and scale modular switches
Model-driven programmability
Simplicity with Industry-leading Pinnacle of Patching and GIR
Open Cisco IOS® security resiliency
Streaming telemetry
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 29
 The Catalyst 9000 core
Powering the cloud-scale world
Catalyst® 9500 Extending core leadership
Po w e red b y U A D P 3 .0
Catalyst 9600 with the Catalyst 9000X
Series
Supervisor 1 Supervisor 2 3x performance
Pow ered b y U A D P 3 .0 Pow ered b y S i l i c on O ne Q 2 0 0
Industry first 400G in campus
10x route scale and ultra-deep
25/100G SKUs buffers
High-performance fixed switches Internet route scale with 2 million
routing entries
Catalyst 9500X Coherent optic support
Pow ered b y S i l i c o n O ne™ Q 2 0 0
2.4 Tbps per slot 6.4 Tbps per slot Enhanced security with WAN
MACsec
Cisco Catalyst 9000 Core
Combo SFP/QSFP line card
compatible with SUP-1/SUP-2
Series leadership
SD-Access
MACsec-256 link encryption
100/400G SKUs
High availability (SSO/ISSU)
High-scale fixed switches High-performance and scale modular switches
Model-driven programmability
Simplicity with Industry-leading Pinnacle of Patching and GIR
Open Cisco IOS® security resiliency
Streaming telemetry
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 30
The Catalyst 9000 core
Powering the cloud-scale world
Catalyst® 9500 Catalyst 9600 Extending core leadership
Po w e red b y U A D P 3 .0 S up er v i s or 2 C om b o l i ne c ard 4 0 0 G with the Catalyst 9000X
models
Pow ered b y C o mp ati b l e w i th S U P-1 , 3x performance
S i l i c o n O ne Q 2 0 0 S U P-2
Industry first 400G in campus
10x route scale and ultra-deep
10/25/40/100G SKUs buffers
High-performance fixed switches Internet route scale with 2 million
routing entries
Catalyst 9500X Coherent optic support
Po w e red b y S i l i c on O ne™ Q 2 0 0
Enhanced security with WAN
MACsec
Cisco Catalyst 9000 Core
Performance Series leadership
Performance

100/400G SKU
200% 300%
SD-Access
MACsec-256 link encryption
High-performance and scale modular High availability (SSO/ISSU)
High-scale fixed switches
switches Model-driven programmability
Simplicity with Industry-leading Pinnacle of Patching and GIR
Open Cisco IOS® security resiliency
Streaming telemetry
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 31
Catalyst 9500X and 9600X: Industry first
400G campus core switches
Powered by Cisco Silicon One
FCS Industry fi rst 400G campus
Q3 2022
switch

Carrier-class QoS Ultra-deep buffers Unmatched

VOQ architecture 108 MB on chip resiliency
2 levels of HQoS 8-GB HBM ISSU, NSF, SSO,* SVL* Industry fi rst WAN MACsec*

Powered by
Silicon One™ Industry fi rst VOQ
Q200 and architecture for enhanced
Cisco IOS®
XE
queueing

Industry fi rst to support

Up to 25.6 Tbps switching capacity
Flexible speeds: 10/25/40/100/400G
coherent DWDM optics*
Catalyst 9500X models Catalyst 9600 with SUP-2
Comprehensive Enhanced security Global route scale
services MACsec, WAN MACsec Up to 2 million route scale Large route scale and deep
256,000 MAC, 512 MPLS
Layer 2 and 3, MPLS, MPLS-TE,
labels
buff ers
fabric (SD-Access, EVPN*)

Comprehensive services
Ready to transition the Catalyst 6000 XL installed base
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 32
* FCS+ features.
 The Catalyst 9000 core switch product line
Powering the cloud-scale license
Catalyst® 9500 Extending core leadership
Po w e red b y U A D P 3 .0
Catalyst 9600 with the Catalyst 9000X
Series
Supervisor 1 Supervisor 2 2.6x bandwidth
Pow ered b y U A D P 3 .0 Pow ered b y S i l i c on O ne Q 2 0 0
WAN MACsec support

400G uplinks
25/100G SKUs 2 million route scale

Deep buffers
Catalyst 9500X
Pow ered b y S i l i c o n O ne™ Q 2 0 0 2.4 Tbps per slot 6.4 Tbps per slot
Cisco Catalyst
Fiber line cards 9000 Core Series leadership
25/10/1G
• 24x 40G/12x 100G SD-Access
• 48x 1G
MACsec-256 link encryption
40x 1/10/25/50G + 2x 200G + 2x
400G High availability (SSO/ISSU)
100/400G SKUs
Copper line card NBAR2
• 48x Multigigabit (non-PoE)
Model-driven programmability
Backward compatible
Simplicity with open Patching and GIR
for investment Secure
Cisco IOS® XE
protection Streaming telemetry
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 33
 Cisco Silicon One Q200
Industry-leading switching and routing silicon

First 7-nm ASIC providing

lowest watts/G power
12.8T bandwidth 8 Bpps
Cisco Silicon consumption
One™ Q200
Industry-leading
12.8T switch/router on Fully P4 programmable,
HBM for 10 million IPv4/
enabling feature velocity
deep buffers 5 million IPv6
route scale
a chip

Fully P4 50G PAM4

Multislice architecture for
programmable SerDes flexibility and scale
pipeline

Routing capabilities with switching power and performance

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 34
Catalyst 9600X models: Extending leadership
in the core
Powered by Cisco Silicon One
400G leadership in campus
• 10G to 400G speed support
3x throughput 10x route scale Deep buffers • 3x 100G density
25.6T nonblocking Up to 2 million route scale 108-MB chip • 2x density on existing line cards
6.4T per slot 8-GB HBM

Powered Unmatched scale, performance,

by Silicon One™ buffer
Q200
• 6.4 Tbps per slot
• Up to 2 million route scale, 256,000
MAC scale
• 8 GB of buffer
C9600X-SUP-2
Maximum investment protection
Carrier-class QoS Line-rate 3x density • Common chassis, fan tray, and power
VOQ architecture
Two-level HQoS
encryption (100G) supply
MACsec, WAN MACsec,
NetFlow • All Gen 1 line cards supported*
• 3x performance with less than 25%
investment
Lowest TCO Unmatched flexibility Rich services
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 35
*C9600-LC-48S not supported.
 Silicon Multicore Open Cisco

C9600X SUP-2
One™ Q200 X86 CPU IOS® XE

Gen 2 modular with Silicon One Q200 X86

FCS Boost system throughput threefold

Q3 2022
Powered
by
S1 Q200
9.6 Tbps 25.6 Tbps

Lowest TCO

Additional
25% investment
with only 2x capacity
• 3x switching performance supervisor
upgrade
• 10x route scale Threefold increase in 100G density
• 8 GB of buffer
• Supports all Gen 1 line cards*
• 400G support on day 1 48 128
• Enhanced hierarchical QoS (HQoS)
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco *C9600-LC-48S not supported
Confidential 36
 Catalyst 9600X: Introducing the first campus
400G line card
Save a slot with uplink and downlink on
the same slot Flexible deployment options
• Uplink and downlink
• 1G through 400G on the same slot
• Breakout and QSA support

Supported with SUP-1 and SUP-2

for investment protection
• 3.2 Tbps with SUP-2
• 1.2 Tbps with SUP-1

C9600-LC-40YL4CD
High-speed secure transport
• SUP-1: 40x 1/10/25G + 2x 40/100G • MACsec, WAN-MACsec
• SUP-2: 40x 10/25/50G + 2x 200G + 2x 400G • IEEE 1588 and PTP v2
• Hitless MUX (HMUX)

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 37
Catalyst 9000 modular core positioning
Lead for WAN edge
Lead for campus core
Catalyst 9600 SUP-2 (Silicon One™
Catalyst 9600 SUP-1 (UADP 3.0)
Q200)

C9600-SUP-1 C9600X-SUP-
• •
2
Unmatched core feature set, including industry- Unmatched scale and performance with deep buffers
leading high availability and resiliency • 6.4 Tbps per slot bandwidth for high-speed density
• 2.4 Tbps bandwidth per slot, optimized for up to 400G
1G to 100G speeds • Crypto WAN MACsec ready
• Scalable border and control plane for SD-Access • Ideal for edge, collapsed campus core/WAN edge, or
deployments centralized wireless LAN controller use case
• Ideal for campus core, collapsed core + aggregation

Transition platform for Catalyst® 6000

Transition platform for Catalyst 6000-XL
Series
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 38
WAN MACsec overview and use cases
Enabled in hardware on Catalyst

• Hop-by-hop encryption

• Directly connected Layer 2 links

only
MACsec
• Secure any direct link in campus/
WAN, including DWDM
Supported on all Catalyst® 9000 models
• 256/128-bit AES encryption All ports and speeds simultaneously

• End-to-end encryption across Industry’

s
Layer 2 Ethernet WAN service first
Catalyst 9500X
Catalyst 9600X
• EoMPLS/VPLS, Q-in-Q Supported on Silicon One™ platforms*
WAN • Point-to-point or point-to- All ports/speeds (up to 400G) simultaneously
multipoint
MACsec Catalyst
• Applications include secure site
9400X
interconnect, DCI, storage Catalyst 9300X
replication
Roadmap support access Catalyst 9300X and 9400X
Aggregate speed up to 100G
• 256/128-bit AES encryption
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco * Requires Release 17.8.1 and HSEC key ($1 PID).
Confidential 39
 IPsec, WAN MACsec, and LAN MACsec
comparison
IPsec WAN MACsec LAN MACsec
Over Layer 2 MPLS, VPLS,
Connection type Over Layer 3 EoMPLS, Only directly connected devices
Q-in-Q, multiple point to point
AES 128- and 256-bit ✓ ✓ ✓
IPv4 and IPv6 independent - ✓ ✓
• Line rate on all ports (Catalyst
100 Gbps (128 tunnels) on Catalyst® 9600X, 9500X)
Performance Line rate on all Ports
9300X • Crypto engine on Catalyst
9300X
Peer scale As per SA scale As per SA scale 1:1 peers
Operation and configuration Complex Simple Simple
Direct cloud connection ✓ - -
NAT Via NAT-T* Not applicable as Layer 2 Not applicable as Layer 2
Overhead Around 70 bytes 32 bytes 32 bytes
Catalyst 9600X, 9500X Series – ✓ ✓
Catalyst 9300X Series ✓ Hardware capable ✓
Catalyst 9400X Series Hardware capable Hardware capable ✓
Catalyst 9200 to 9600 Series
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved.
–
Cisco
– ✓
* Roadmap.
Confidential 40
 Cisco Catalyst 9500X models
First fixed campus switch to support 400G with QSFP-DD

Increased performance
Layer 3 core

200% WAN/internet edge

with crypto
Switching capacity *

High scale

10x
Layer 3 routes and Layer 2 entries *

Campus 400G
Next-generation core
114% High-performance campus
More than double the 100G capacity on QSFP28

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco * Performance compared to C9500-32C
Confidential 41
 Catalyst 9500X – Extending leadership Silicon
One™ Q200
Multicore
X86 CPU
Cisco IOS®
XE

in the core X86

Redefining the campus WAN edge

Industry Industry
first first
2x switching 10x route scale
Carrier-class QoS
performance and ultra-deep buff er
Unmatched
10x route scale and Up to 2 million route scale 2 levels of HQoS fl exibility
ultra-deep buffer 8 GB of ultra-deep buffers VOQ architecture

C9500X-28C8D
400G leadership
QSFP-DD optics

Powered
by
S1 Q200

Secure
Industry
first
Reversible airfl ow Highest resiliency Enhanced encryption

Redundant fans (5+1) Application

Front to back LAN MACsec hosting
Redundant power supplies
Back to front WAN MACsec
StackWise® Virtual
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 42
 Cisco Catalyst C9500X-28C8D
High-level overview
Intel® 2.43-GHz x86 CPU
Console Cisco Silicon One™ On-box application hosting
Cisco LAN and WAN MACsec 32-GB DDR4 DRAM Built-in RFID
management Q200 (2x resources, QAT)
Line-rate network encryption 16-GB flash (passive)
USB-C 12.8T ASIC 2x 10G KR
8-GB HBM deep buffering

8 nonblocking
14 nonblocking 40/100G 14 nonblocking 40/100G
40/100/200/400G QSFP-DD
QSFP28 ports QSFP28 ports
ports

5 standalone fans – N+1

Cisco® Trust Anchor Technologies Power supply unit (PSU)
redundancy
USB 3.0 port, 240-, 480-, or 960-GB Strong mitigation against man-in- Single PSU for both airflow
Reverse airflow – port side intake
RJ-45 management M2 SATA SSD storage the-middle attacks on software and directions
Forward airflow – port side
firmware Redundant 1+1 1500W AC/DC
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
exhaust
Confidential 43
Market Trends
Secure Access Team One

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 44
Switches held a major share of the Time-
Sensitive Networking (TSN) market, and a
similar trend is likely to be observed until
2026

Telecommunications Financial Multimedia Industrial automation

By 2025, 70% of mobile traffic Billions of transactions happen broadcast To grow at 8.6% CAGR until
will be video streaming across the globe To grow from $6B USD in 2021 2025
to $15B USD in 2025

Military systems Smart grid Airline industry

$610B USD is spent by US in To be $61.3B USD by 2023 at a Reduced by 50% since TSN to be $1.18B
military and defense compared CAGR of 20.9% pandemic USD at CAGR of
to $601B USD by 9 countries
54.7% by 20261
together

High-precision timing accuracy is required to deliver the core business value

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco 1 – MarketsandMarkets TSN Forecast 2021-2026
Confidential 45
Legacy AV systems are plagued with latency
and synchronization issues
Hard to scale and lack interoperability

• Lack of standard QoS

• Huge mess of point-to-point cables – additional
cost
• Bandwidth limited by technology of component
• Expensive license fees
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 46
 For Internal use only

High-quality AV experience at low cost

with Catalyst 9000
IEEE 802.1BA Audio Video Bridging (AVB)
Ceiling
Speakers AVB
I/O Lower TCO
Microphones
CapEx by 60% and OpEx by 35%
AVB
I/O

AVB Improved experience

Switch
Accuracy at <2 ms

Flexible capacity
1/Multigigabit/10/25/40G speeds

Ecosystem partners

Open standard | High-quality precision | Reliability | Assured bandwidth

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 47
 For External use only

High-quality AV experience at low cost

with Catalyst 9000 Avnu

IEEE 802.1BA Audio Video Bridging (AVB)

Ceiling
Speakers AVB
I/O Lower TCO
Microphones
CapEx by 60% and OpEx by 35%
AVB
I/O

AVB Improved experience

Switch
Accuracy at <2 ms

Flexible capacity
1/Multigigabit/10/25/40G speeds

Ecosystem partners

Open standard | High-quality precision | Reliability | Assured bandwidth

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 48
Reinforce secure

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 49
 Cisco SD-Access simplifies deployment
of zero trust at workplace

Network and
Deep group Continuous Network fabric Open
visibility segmentation trusted access automation ecosystem

Identify and group Enforce group-based Continuously evaluate Deploy zero trust at Open ecosystem that
endpoints. Map their access policies and trust and automate scale with a facilitates multivendor
interactions and define secure network threat response by declarative model for product integrations to
access policies. through segmentation. enlisting your network network operations improve security
for security. across multisite LAN effectiveness.
and WLAN with
integrated identity
context.

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 50
 For Internal use only

Cisco SD-Access customer momentum

Fastest-ramping SD-X solution

2000+
SD-Access
deployments

Network
Services

Cisco IT

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco https://www.cisco.com/go/dnastori
Confidential 51
es
 For External use only

Cisco SD-Access customer momentum

Fastest-ramping SD-X solution

Universidad
Wipro Amore Pacific Hyundai KB
De Granada

Waterford
Montana State Alabama Great
AstraZeneca Institute of
University Seal
Technology

Department of Alabama Great 2000+ Kolmar Felixplatterspital

State Hospitals Seal SD-Access
deployments
Generalitat de
University of IBM Network Catalunya
Departament de Jade Hochschule
Northampton Services
Cultura

Montana State Ville de Texas A and M Sanjose State Cisco IT

University Luxembourg University University
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco https://www.cisco.com/go/dnastori
Confidential 52
es
SD-Access unleashes segmentation for all
SD-Access introduces additional network New use cases for enterprise networks
segmentation capabilities and
Layer 3 network segments with
deployment models Differentiate overlapping IP space, Layer 2-
d only network segments with
Incremental segmentatio optional external gateway
migration n support
Start on existing networks capabilities
and migrate at your own Retain Layer 2 switched
pace Brownfield
access networks and
network unmanaged switches
support
Faster time to value
Move to Layer 3 routed access
Right-size your effort-to Segmentatio on your schedule; ISE required
-value ratio n without for micro-segmentation use
fabric cases only

Included with existing Cisco DNA licenses

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 53
SD-Access segmentation simplified through
policy analytics
2. Policy
analytics
Log servers
Group-based policy

Endpoint context Log Media

Media servers
Alerts servers serversEmployees

Cameras
Context-based L M E
Identity ? Trust Streaming
scalable group Cameras
and score Cameras
assignments
group
WEB C
MAC/IP Address SSH

1. Endpoint
4. Policy assurance
classification
Employees

Catalyst® 9000 switches

3. Policy enforcement

High-fidelity endpoint Policy analytics to Group-based policy Policy assurance to

fingerprinting and analyze behavior, definition and validate policy
device classification discover groups, and deployment compliance
model policies at scale
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 54
Trust analytics

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 55
Pervasive security across Catalyst 9000
switches

Cloud security Trustworthy

Native integration of security Secure hardware and software
SaaS Image
Cisco Secure Cloud Hardware Secure
Analytics authenticity signing Boot
Umbrella® Authentic
SIG and DNS security AI/ML threat prediction Genuine hardware Tamper proof
software/OS

Secure transport Zero trust Analytics

Line-rate traffic encryption Strict identity verification Advanced anomaly detection

100G hardware Policy-based Secure Network Cisco

256-bit MACsec control Host trust score ThousandEyes
IPsec Analytics
SGT NW segmentation End-to-end visibility

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 56
 Cisco Access Networking customer journey
Connect. Secure. Automate.

Reimagin
e
Unified Wireless and Smart
connectio infrastructure mobility buildings
ns Cisco Catalyst™ Cisco Catalyst Cisco DNA Spaces,
switches Wi-Fi 6 Cisco UPOE®+,
Multigigabit,
ThousandEyes®
Reinforc
Access e
Segmentation Zero-trust AI-driven
security
Networki and access
control
access
SD-Access
security
AI Endpoint
ng Cisco® Identity
Services Engine (ISE)
Analytics
Help customers
connect, secure, and
Redefine automate
the in a cloud-first world to
Automated Analytics Application accelerate their digital
IT orchestration and insights experience
experience transformations
Cisco DNA Center Wired health/ Cisco
AI-ML ThousandEyes

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 57
Redefine the IT
experience
Secure Access Team One

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 58
Catalyst 9000 – purpose-built access for the
new edge

Secure access service edge (SASE)

SaaS
Cisco Catalyst 9000 (SIG, Zscaler, PANW, Aryaka, Cato
Networks)

Cloud Services Platform Enterprise edge IaaS

(CSP) edge (Private, leased or rented from
(AWS Transit Gateway) colo)
Private
cloud
Cisco Catalyst 9000
Remote offices Regional point of presence (or colo) Workloads and applications

Secure connectivity to the new Internet as the new WAN Application experience
edge Cloud Plug and Play with Cisco Application-based path selection
Line-rate IPsec to AWS, Zscaler, Cisco DNA Center for zero-touch branch (manual assignment of
Umbrella® SIG or to enterprise private bring-up application to interface based on
edge automated by Cisco DNA Center ThousandEyes intelligence.
Automated in future.)
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 59
 For Internal use only
Catalyst 9300X models – All-encompassing
branch solution optimized for new edge
connectivity
Cisco DNA Center orchestration Catalyst® 9300X models
Cisco VGW TGW

SI Offer all connectivity options required in

G Cloud branch
workloads Colo
Copper and fiber
Cloud security
PoE and non-PoE
Cisco, third party 1G  100G
Flexible deployments
Wired and wireless
Standalone and stackable

Unmatched scale
Scale from 24 to > 700 ports
1Tb stacking
Single platform for switching and routing in Custom hardware
the branch Local compute – app hosting
100G IPsec with custom ASIC

Zero-touch onboarding Simplified workflowsOptimal visibility App intelligence Cloud intelligence

Cloud connectors for Secure Network
Analytics, Cisco Umbrella®, ThousandEyes,
SD-AVC
Application Visibility, AI/ML in cloud
Secure (IPsec) connectivity to SIG/SASE, CSP
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 60
 For External use only
Catalyst 9300X models – All-encompassing
branch solution optimized for new edge
connectivity
Cisco DNA Center orchestration Catalyst® 9300X models
Cisco VGW TGW

SI Zscaler
Offer all connectivity options required in
G Cloud branch
workloads Colo
Copper and fiber
Cloud security
PoE and non-PoE
Cisco, third party 1G  100G
Flexible deployments
Wired and wireless
Standalone and stackable

Unmatched scale
Scale from 24 to > 700 ports
1Tb stacking
Single platform for switching and routing in Custom hardware
the branch Local compute – app hosting
100G IPsec with custom ASIC

Zero-touch onboarding Simplified workflowsOptimal visibility App intelligence Cloud intelligence

Cloud connectors for Secure Network
Analytics, Cisco Umbrella®, ThousandEyes,
SD-AVC
Application Visibility, AI/ML in cloud
Secure (IPsec) connectivity to SIG/SASE, CSP
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 61
Hosting the IPsec app on the Catalyst
9300X models
NETCONF/RESTCONF Performance optimized – hardware-
based
line-rate IPsec
Up to 100G IPsec connections
Standards-based interoperability with any
conformant device

Encryption Authentication
AES-128-CBC HMAC/SHA1
AES-128/256-GCM GMAC
Encapsulation - ESP
Tunnel mode
IKEv2

Catalyst® 9300X
Flexibility optimized – software-based
App features:
• Expansive IPsec algorithms (Suite-B, Legacy, etc.)
IPsec
• Authentication: PSK and X.509 certificate support Rich feature set and IPsec algorithms
• VRF, NAT-T QAT acceleration -> higher performance than
• Routing protocols: BGP, OSPF, IS-IS traditional Docker hosts
• DSCP maintained in IPsec header Increased tunnel/SA scale
Option 2 will also work on all Catalyst 9000
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco models supporting app hosting
Confidential 62
 For Internal use only

Secure tunnel connectivity with the new edge

Site to Secure Internet Site to cloud service
Site to site
Gateway (SIG) providers

l
ne
l tunn
el tun Catalyst 9300X
nne e c Pse
c
c tu I Ps I
IPse Cisco Umbrella® SIG IPsec tunnel
IPse IPs
c Catalyst 9300X IPsec Catalyst 9300X ec
Catalyst® 9300X GRE tunne tunn tu
tun l el nn
n el el
IPsec-capable device

IPsec up to 100G AES-256 encryption Stack or standalone

Connect | Secure | Automate

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 63
 For External use only

Secure tunnel connectivity with the new edge

Site to Secure Internet Site to cloud service
Site to site
Gateway (SIG) providers

l
ne
l tunn
el AWS tun Catalyst 9300X
nne e c Pse
c
c tu I Ps I
IPse Cisco Umbrella® SIG IPsec tunnel Microsoft
IPse IPs
c Catalyst 9300X IPsec Azure Catalyst 9300X ec
Catalyst® 9300X GRE tunne tunn tu
tun l el Google nn
n el Zscaler Cloud el
IPsec-capable device

IPsec up to 100G AES-256 encryption Stack or standalone

Connect | Secure | Automate

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 64
 For Internal use only

IPsec app demo

Demo

• API + GUI
ec • Configure IPsec
IPs
Rest API VPN • Tunnel configuration
IPsec
• VRF, BGP, certificates, NAT-
T
Performance optimized – hardware-based line-rate • Tunnel to AWS and Catalyst
IPsec
9000
Up to 100G IPsec connections
Standards-based interoperability with any conformant device • Logging and telemetry
options
Flexibility optimized – software-based IPsec
• Demonstrate throughput
Rich feature set and IPsec algorithms
QAT acceleration -> higher performance than traditional • With QAT
Docker hosts
Increased tunnel/SA scale • Without QAT

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 65
 For External use only

IPsec app demo

Demo

• API + GUI
AWS
ec • Configure IPsec
IPs
Rest API VPN • Tunnel configuration
Ansibl IPsec
e
• VRF, BGP, certificates, NAT-
T
Performance optimized – hardware-based line-rate • Tunnel to AWS and Catalyst
IPsec
9000
Up to 100G IPsec connections
Standards-based interoperability with any conformant device • Logging and telemetry
options
Flexibility optimized – software-based IPsec
• Demonstrate throughput
Rich feature set and IPsec algorithms
QAT acceleration -> higher performance than traditional • With QAT
Docker hosts
Increased tunnel/SA scale • Without QAT

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 66
ASAc firewall on Catalyst 9000 switches
Convergence of security and networking enables new deployment
scenarios
Cisco Cisco Key use case
DNA Center Defense • Stateful inspection of OT traffic at
Orchestrato
• Deploy and access edge
• App deployment
• App lifecycle management
r manage security
policies • Enforce policies closest to
• Networking to app
• Configure and endpoints
audit logging
• No waste of network bandwidth
• Meets needs of
compliance and • No need to change network
App lifecycle security
Security policy audits architecture
management management

OT endpoint • Powerful stateful inspection

ASAc firewall firewall
• Separation of SecOps and
Docker container in IT endpoint NetOps functions
Catalyst® 9000 app
hosting framework. • Routed and bridged mode
Isolated resources. firewall support
Catalyst 9300X • Support for SGT
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 67
ThousandEyes

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 68
 For Internal use only

Application hosting opens up new strategic

capabilities with Catalyst switches
Security Cloud gateways with Customer-
IT operations and
agents serverless edge specific
monitoring tools
and functions compute applications

Reduce app latency

Consolidate physical Enhance visibility and Third-party app
and optimize app
infrastructure security enforcement hosting
traffic

cybervision Rich ecosystem

partnership with
25+ certified apps
and 200+ active
customers

Network Storage Compute

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 69
 For External use only

Application hosting opens up new strategic

capabilities with Catalyst switches
Security Cloud gateways with Customer-
IT operations and
agents serverless edge specific
monitoring tools
and functions compute applications

Reduce app latency

Consolidate physical Enhance visibility and Third-party app
and optimize app
infrastructure security enforcement hosting
traffic

cybervision Rich ecosystem

Azure IoT Hub
partnership with
Trapx 25+ certified apps
Kibana Wireshark and 200+ active
CA customers
Perfsonar
Dutch Defense League

Network Storage Compute

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 70
 For Internal use only

Now your world has changed

Custome
r
DN
S

Users IoT
Branch
SaaS Microso
office ft Office
Branch
office Data Data CDN
Camp cente
us r center
API
SNMP
Camp Flow
us Branch Branch
office
office
PCAP
Azure
Branch
office IaaS Branch
DNS office Security
provide
provider
r
Digital experience relies on service providers and networks outside of IT’s control
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 71
 For External use only

Now your world has changed

Custome
r
AWS
DN Google
S Cloud

Users IoT
Success
Factors
Branch
SaaS Microso
office ft Office
Branch
office Data Workda
Data CDN
Camp cente
us r
y
center
API
Salesforce
SNMP
Camp Flow
us Branch Branch
office
office
PCAP
Akamai Azure

Branch
office IaaS Branch
DNS office Security
provide
provider
r
Digital experience relies on service providers and networks outside of IT’s control
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 72
 For Internal use only

Delivering visibility for the new enterprise

reality
Custom
er
DNS

Saa Micros
S oft
Office

CDN
Campu
s
API

Azure

IaaS
DNS
provider Security
provider

Enterprise Cloud End-user

vantage vantage vantage
points points points
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 73
 For External use only

Delivering visibility for the new enterprise

reality
Custom
AWS er
DNS Google
Cloud

Successfact
Saa ors
Micros
S oft
Office

Workda CDN
Campu y
s
Salesforce API

Akamai Azure

IaaS
DNS
provider Security
provider

Enterprise Cloud End-user

vantage vantage vantage
points points points
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 74
 ThousandEyes is now embedded in the Cisco
Catalyst 9300 and 9400 Series Switches
Visibility from switch to SaaS and everything in
between, included with your Cisco DNA
Advantage or Premier license

Extended end-to-end visibility

See service delivery from the campus user
environment to external networks and apps

Faster time to value

Cisco® ThousandEyes vantage points are now
embedded, delivering immediate visibility with zero
deployment.

Ability to leverage existing switches

ThousandEyes is included with all Cisco DNA
Advantage and Premier licenses

Included with all Cisco DNA Advantage and Premier licenses for Catalyst® 9300 and 9400 Series Switches
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 75
Cisco DNA software subscription for
embedded ThousandEyes
Cisco DNA Cisco DNA ThousandEyes subscription is now
Premier included in Cisco DNA Advantage
Advantage
and Premier licenses for Cisco
Catalyst™ 9300 and 9400 Series
ThousandEyes Switches
Network and
Application
Synthetics
Included in subscription

Enable ThousandEyes Access ThousandEyes Set one test targeting one Pool entitled test capacity
agent natively on the SaaS-based monitoring destination, running once to deploy anywhere
switch and management every 5 minutes* within your network
platform
*Each Catalyst 9300 or 9400 Series Cisco DNA Advantage subscription entitles the customer to run the equivalent of one ThousandEyes network or web test
every 5 minutes from a ThousandEyes Enterprise Agent (22 units per month), up to a maximum of 110,000 units per month of ThousandEyes test capacity
per customer. ThousandEyes Cloud Agent access is not included in the Cisco DNA license entitlement. Test capacity can be increased and Cloud Agents
accessed with purchase of additional ThousandEyes Network and Application Synthetics.
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 76
 Deep visibility into every layer

App experience

HTTP, DNS, RTP server

Time correlated
5 6 6
8
Scope and domain 3
9
3
4 8

Network metrics

Network path

BGP monitoring

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 77
Roadmap for Catalyst 9000 switches hosted
agent
Catalyst® 9300 Catalyst 9400 Catalyst 9500
Catalyst 9300X
Catalyst 9300L Catalyst 9400X Catalyst 9500X

Introduce Scale ThousandEyes Continue expanding Make ThousandEyes

ThousandEyes in the offerings to other ThousandEyes to the ubiquitous in the
Cisco Catalyst™ switches newest access Catalyst ecosystem
ecosystem platforms

Cisco IOS® XE Cisco IOS® XE

Cisco IOS XE 17.6.1 Cisco IOS XE 17.6.1
17.3.3 17.5.1
(July 2021) or later
(March 2021) (April 2021)
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 78
Call to action
Let’s imagine an application scenario together: Firstly, we remove the traditional equipped protocol
converter and gateway of 20 or 30 different devices. Right after that, we connect the devices directly to a
Catalyst® 9000 switch with the ASATech DAP component installed. Just like that, we are able to achieve
smooth communication with other applications and peripherals. With the use of the Catalyst 9000,
the customer can easily reduce the cost by at least $100,000. Not to mention that 20 or 30
potential failure points would be omitted. What other type of device would be able to compete with that?
It's exciting to think about it. Why not train the sales team and complete the integration with the Cisco
platform as soon as possible? It's the time for us to be a legend! Thank you again.
- Shanghai ASATech CEO: Yuan Li

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 79
Smart buildings

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 80
Top priorities for return to buildings
Lower TCO Better experience Sustainability

Reduction in per capita cost Improvements in health, Creation of a sustainable

of operating a facility safety, and occupant brand through green
experience initiatives

20%

Hybrid workplaces will Occupants and customers Government legislation is

operate at 80% of their will need motivation to enforcing reductions in
prepandemic strength* return to the facility* carbon emissions by 2025#

The Catalyst 9000 family is enabling these outcomes today with a growing IoT ecosystem
Watch now
!
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 81
 For Internal use only

Catalyst 9000 expands value for smart

buildings
Today: 90W ecosystem is enabling cost Next: Cisco DNA Spaces gateway for Catalyst 9000 will expand
savings* outcomes
New use cases
• Sustainable buildings
Application partners
• Employee health and safety
• Improved productivity
• Building analytics

Unified marketplace

Catalyst® 9000
• Largest choice of IoT
Cisco DNA Spaces
devices
Gateway for Catalyst 9000 • Unmatched solution scale
• Cisco validated
Lower TCO
PoE sensors BLE sensors
• Automated workflows
• No vendor lock-ins
• Cloud-based as-a-service
-38.5%
No new license needed: Bundled into Cisco DNA Advantage
Cost of Installation
• Includes the cloud software, the connector, and support
Cost of operations • Full stack offering, including Cisco DNA Center zero trust, segmentation, and PoE
Cost of energy assurance
PoE AC • Brownfield Catalyst 9000 switches supported

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco *
Source: Cisco Smart Building TCO calculator.
Confidential 82
 For External use only

Catalyst 9000 expands value for smart

buildings
Today: 90W ecosystem is enabling cost Next: Cisco DNA Spaces gateway for Catalyst 9000 will expand
savings* outcomes
SAP IBM SaS Salesforce Pointr New use cases
Igor Molex
Servicenow IBM Tririga MazeMap
Signify
Somfy
• Sustainable buildings
Delta Application partners • Employee health and safety
Mecho
Ivani EllisDon MHT • Improved productivity
4D Systems
United • Building analytics
Dometi Innovativ Technologie pointGrab
c e Lighting s Unified marketplace
Jacarta Johnson Schneider
Thinlabs
Controls • Largest choice of IoT
LG Catalyst®
Nuleds Superior Legrand devices
9000 Cisco DNA Spaces
rifiniti Essex Platformatic • Unmatched solution scale
Williams Gateway for Catalyst 9000
Siemon Hubbell s • Cisco validated
Eaton
Panduit Lower TCO
Bizlink
PoE sensors BLE sensors • Automated workflows
Vertiv Siemens Ellipz Kontakt.i
Igor mecho Minew • No vendor lock-ins
mhtlightin o
molex Enocean IPera • Cloud-based as-a-service
-38.5% g
No new license needed: Bundled into Cisco DNA Advantage
Cost of Installation
• Includes the cloud software, the connector, and support
Cost of operations • Full stack offering, including Cisco DNA Center zero trust, segmentation, and PoE
Cost of energy assurance
PoE AC • Brownfield Catalyst 9000 switches supported

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco *
Source: Cisco Smart Building TCO calculator.
Confidential 83
Costly, siloed, proprietary solutions
Limited scale | High TCO | Limited outcomes

Wireless Wired

Location Space Asset Occupancy Energy Personalized

analytics utilization tracking monitoring savings comfort

Vendor gateway Vendor gateway Vendor gateway

Wireless
IoT gateway BLE gateway
infrastructure
Vendor Vendor Vendor
PoE node PoE node PoE node

Shades and Environment

Wi-Fi devices IoT devices BLE assets Lighting sensors
dimmers sensors

C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 84
Democratized enterprise IoT
Cisco DNA Spaces
Application
partners Health Space Energy User Consume
and safety utilization savings experience (occupants)

AnalyticsCisco DNA CenterSegmentation

Cisco DNA
Control
Spaces (SecOps)
Partner
Ecosystem
Configure (OT
(wired + ops)

wireless)
Cisco UPOE®+ Wi-Fi 6

IoT devices
Cisco Catalyst™ 9000
infrastructure Connect (IT
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco ops)
Confidential 85
 For Internal use only

Partner IoT Device

App Real- Behavio People
Marketplac
Space time r experienc
Center optimization monitori analytic e Lighting e
ng s Operational sensors
efficiency
Safety, Outcomes PoE
Contact tracing compliance, for Smart sensors
and COVID Buildings
apps Environmental
Meeting
sensors
room finder
(wired +
wireless)
Firehose Dashboard + Dynamic
Wayfindin
API apps Gateway
g
DNA Spaces
And other
Occupanc Cloud
y Asse
enterpris t
e Spaces
tags
systems Occupanc Catalyst Connecto Passive
y infrared
9K r Meraki sensors
Access points Access Wristband
And and switches tags
And
points
more more
MV Card tags
WebE Camera
x s
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco Devices
Confidential 86
 For External use only

Partner IoT Device

App IBM Tririga Real- Behavio People
Molex Marketplac
Space time r experienc
Center optimization monitori analytic e Lighting e
ng s Operational sensors
efficiency
Servicenow Safety, Outcomes PoE Mhtlighting
Salesforce Contact tracing compliance, for Smart sensors
and COVID Buildings
IBM
Mazemap apps Environmental
Meeting
sensors
room finder
(wired +
wireless)
SAS Pointr Firehose Dynamic
Wayfindin
Dashboard +
API apps Gateway
g
DNA Spaces
Molex
SAP
And other
Occupanc Cloud
y Asse
enterpris t
e Spaces
Igor tags
systems Occupanc Catalyst Connecto Passive
y infrared
9K r Meraki sensors
Access points Access Wristband
And and switches tags
And
points
more more
MV Card tags
WebE Camera
x s
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco Devices
Confidential 87
 For Internal use only

Catalyst 9000 at the foundation of smart

building designs
Customer success from across the globe

• Energy savings for green • Reduce management • The school needed to

building initiatives overhead for IoT infrastructure reconfigure classrooms on the
• Optimize facility operation cost • Single policy for IT/OT security fly
• Secure a converged IT/OT • Sustainable building • Safe power for students for
Challenges infrastructure operations uninterrupted learning
• Catalyst® 9000 PoE switches, • Catalyst 9000 PoE switches, • Dense 90W UPOE+ to USB-C
access points, Cisco DNA access points, Cisco DNA conversion for student
Center, ISE for 1 million center, ISE devices
square feet of space • A third-party USB-C dongle for
• Cloud analytics using Azure IoT • Phunware mobile application 65W of USB-C power and 1G
Solution platform using Catalyst 9000 telemetry of data
• Capital savings and reduced • PoE low voltage lowered • The school was able to get
cost of operations energy cost 70% of its students back to
• Returned 4000 employees school
during the pandemic • Superior occupant • New outcomes such as desk
Business • Awarded Gold band of LEED experience, smart parking, occupancy and density
outcomes certification significant man hours saved threshold monitoring
Digital blueprint for all Cisco DNA architecture Safe powering for
smart buildings for smart buildings return to school
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 88
 For External use only

Catalyst 9000 at the foundation of smart

building designs
Customer success from across the globe
Larsen and Toubro Norfolk Southern Aviators

• Energy savings for green • Reduce management • The school needed to

building initiatives overhead for IoT infrastructure reconfigure classrooms on the
• Optimize facility operation cost • Single policy for IT/OT security fly
• Secure a converged IT/OT • Sustainable building • Safe power for students for
Challenges infrastructure operations uninterrupted learning
• Catalyst® 9000 PoE switches, • Catalyst 9000 PoE switches, • Dense 90W UPOE+ to USB-C
access points, Cisco DNA access points, Cisco DNA conversion for student
Center, ISE for 1 million center, ISE devices
square feet of space • A third-party USB-C dongle for
• Cloud analytics using Azure IoT • Phunware mobile application 65W of USB-C power and 1G
Solution platform using Catalyst 9000 telemetry of data
• Capital savings and reduced • PoE low voltage lowered • The school was able to get
cost of operations energy cost 70% of its students back to
• Returned 4000 employees school
during the pandemic • Superior occupant • New outcomes such as desk
Business • Awarded Gold band of LEED experience, smart parking, occupancy and density
outcomes certification significant man hours saved threshold monitoring
Digital blueprint for all Cisco DNA architecture Safe powering for
smart buildings for smart buildings return to school
C97-738949-05 © 2022 Cisco and/or its affi liates. All rights reserved. Cisco
Confidential 89