cisco digital network architecture – deeper dive, “from the gates to the gui
TRANSCRIPT
© 2017 Cisco and/or its affiliates. All rights reserved. 1
Cisco Digital Network Architecture –
Deeper Dive,“From the Gates to the GUI”
Wade CrickCustomer Solutions Architect
January 2018 CiscoConnect Your Time
Is Now
© 2016 Cisco and/or its affiliates. All rights reserved. 2Cisco Public
Session Abstract
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Come to this session to learn how the latest advances in Cisco Enterprise silicon development – programmable, flexile ASIC (Application Specific Integrated Circuit) hardware which provides a key foundational element of Cisco's Digital Network Architecture portfolio – are driving industry innovations such as Cisco’s new Catalyst 9000 family of switches, as well as exciting new solutions such as ETA (Encrypted Traffic Analytics) and Software-Defined Access.
Attendees at this session will gain greater insight into how ASICs are designed and built –showcasing the advanced capabilities and functionality delivered by Cisco's latest switching silicon innovations provided by UADP (Unified Access Data Plane), as well as the latest advancements in Cisco’s wireless silicon. Most importantly, this session will show the continuum of Cisco’s evolution – from the gates (silicon gates, that is) to the latest advanced GUIs that solutions such as SD-Access are enabled with – allow customers to move faster, innovate rapidly, and drive significant cost savings for their organizations.
Come to this session to “double-click” on how Cisco is revolutionizing the Enterprise network with DNA! This is the second of two sessions – an optional introduction to the principles of DNA, as well as an exploration of the new DNA Center GUI and the Automation and Assurance aspects of the Cisco Digital Network Architecture it supports – are explored in the preceding companion session.
Agenda• Industry Trends
• The Network Intuitive
• Cisco DNA and the Importance of Flexible Hardware
• The Evolution of the Application Specific Integrated Circuit
• DNA/Software Defined Access
• DNA Center
• Encrypted Traffic Analytics
• Catalyst 9000
• Summary, Q&A
© 2016 Cisco and/or its affiliates. All rights reserved. 4Cisco Public
We are going to try to cover
from
“The Gates to the GUI”
© 2016 Cisco and/or its affiliates. All rights reserved. 5Cisco Public
Innovation - The world’s 50 most innovative companies
# 37. Cisco Systems
2017 patent grants: 9672016 patent grants: 978
Source - 24/7 Wall St. Jan 12, 2018
© 2016 Cisco and/or its affiliates. All rights reserved. 6Cisco Public
FromInnovationsinSiliconandSoftware
…
… to Innovationsin Platformsand Solutions
8© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco DNA and theImportance ofNetwork Innovation
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Advanced Persistent Threats
Devices per Person3.64
Mobile world requires access to everything everywhere
Mobility
Devices per Admin100K
Agility and NewConsumption Models
Cloud
IoTThings Connected
7.5BUnmanned devicesgrowing at rapid pace
Enterprise Trends Driving Digital Transformation
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Source: Forrester Source: Open Compute Project
Time IT spends on operations80% CEOs are worried about IT strategynot supporting business growth57%
Network Expenses Deployment Speed
0 10 100 1000
Computing Networking
Seconds0
100%
CAPEX OPEX
33% 67%
The Need for AgilityChanging Enterprise Requirements
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
VLAN 1 VLAN 2 VLAN 3
WAN
Branch A
VLAN 1 Branch A VLAN 3
RemoteVLAN 2
HQ
ACL 1 ACL 2
ACL 2 ACL 3
Traditional Networks Cannot Meet the Demand
Users, Device and IoTSegmentation
Enabling Seamless Mobility
Secure Connectivityto the Cloud
Setting Up End-End Security
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Digital Network Architecture
Principles
Insights and experiences
Automationand assurance
Security and compliance
Automation
Abstraction and policy control from core to edge
Open and programmable | Standards-based
Open APIs | Developers environment
Cloud service managementPolicy | Orchestration
Physical and virtual infrastructure | App hosting
Network data, contextual insights
Network-enabled applications
Cloud-enabled | Software-delivered
Analytics
Virtualization
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The Network. Intuitive.
Intent-Based Network Infrastructure
DNA Center
AnalyticsPolicy Automation
Switching Routers Wireless
Powered By Intent.Informed by Context.
DNA Center 1.1General Availability
Software-Defined AccessMeraki VisibilityExtended Enterprise
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Journey to Intent-based Networking
Intent-based Networking
Constantly Learning
Constantly Adapting
Constantly ProtectingPolicy-Based Automation
Business Policy
Translation
Segmentation
Analytics & Assurance
Everything as a sensor
Telemetry
Historical & Real-time
Digital—Ready Infrastructure
Secure foundation
Programmability
Virtualization
Machine Learning & AIPolicy Validation
Predictive
Self-healing
The Network. Intuitive.Powered by intent. Informed by context.Based on Cisco’s DNA
We are here
Scaling (via Cloud)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Self-Driving Automation
Future
Closed Loop through Network Analytics and Machine Learning
DNA Center
BB
CampusFabric
SDA
Automated Deployment
Plug and Play, Day 0 Deployment
Exists Today
HTTPProxy
Internet
Admin
Installer
Step 1Network admin previsions devices in Cisco Network Plug and Play applications
Step 2Onsite installer with mobile app installs and powers on devices, triggers deployment, checks status
Step 3New devices contact Cisco Network Plug and Play application to get provisioned
Network admin can remotely monitor install status
Basic Advanced
One Point of Management – All from Cisco DNA Center
Configure once and deploy everywhere - SD-Access
DNA Center
CampusFabric
SDA
New
Consistent Across Network Fabric
The Network Intuitive.Moving From Manual to Automated
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Quality of Service – Intuitive?
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Wireless APTrust Boundary
PEP4Q (WMM)
Catalyst 3650Trust Boundary
PEP2P6Q3T
Catalyst 45001P7Q1T
Catalyst 65001P3Q4T1P7Q4T2P6Q4T
…
Nexus 7700F3: 1P7Q1T
WLCPEP
ASR/ISRsMQC
Catalyst 2960-XTrust Boundary
PEP1P3Q3T
Wireless APTrust Boundary
PEP4Q (WMM)
Southbound APIs translate business intent to platform-
specific configurations
Network Operators expresshigh-level business intent to the EasyQoS app
EasyQoSOperation
NetworkController
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Network Controller
EasyQoS will seamlessly interconnectall types of hardware and software queuing models
to achieve consistent and compatible end-to-end treatments –aligned with the expressed business intent
EasyQoSResults
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
ip access-list extended APIC_EM-MM_STREAM-ACLremark citrix - Citrixpermit tcp any any eq 1494permit udp any any eq 1494permit tcp any any eq 2598permit udp any any eq 2598remark citrix-static - Citrix-Staticpermit tcp any any eq 1604permit udp any any eq 1604permit tcp any any range 2512 2513permit udp any any range 2512 2513remark pcoip - PCoIPpermit tcp any any eq 4172permit udp any any eq 4172permit tcp any any eq 5172permit udp any any eq 5172remark timbuktu - Timbuktupermit tcp any any eq 407permit udp any any eq 407remark xwindows - XWindowspermit tcp any any range 6000 6003remark vnc - VNCpermit tcp any any eq 5800permit udp any any eq 5800permit tcp any any range 5900 5901permit udp any any range 5900 5901
exitip access-list extended APIC_EM-SIGNALING-ACLremark h323 - H.323permit tcp any any eq 1300permit udp any any eq 1300permit tcp any any range 1718 1720
Your Choice …
22© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco DNA and theImportance ofFlexible Hardware
© 2016 Cisco and/or its affiliates. All rights reserved. 23Cisco Public
EISGArchitecture TeamDavid Goeckeler
Cisco SVP,Security and NetworkingCisco Live Las Vegas 2016
ASICs are apillar of Ciscoinnovation …
© 2016 Cisco and/or its affiliates. All rights reserved. 24Cisco Public
Logic Design Choices
• General Purpose CPU• Field Programmable Gate Arrays• Application Specific Integrated
Circuits• System on Chip• Graphics Processing Unit
© 2016 Cisco and/or its affiliates. All rights reserved. 25Cisco Public
How is an ASIC built?How is an ASIC built?
© 2016 Cisco and/or its affiliates. All rights reserved. 26Cisco Public
It all starts with the Transistor• The first bipolar junction transistors were invented by Bell Labs in
1948. • Transistors can be an amplifier (linear region operation) or a switch
(saturation region operation).• In switch mode +VCC =1, Gnd = 0 for binary operations.
© 2016 Cisco and/or its affiliates. All rights reserved. 27Cisco Public
An example of a Transistor AND Gate
Fairchild DM7408 Quad 2-Input AND Gates
Truth Table
© 2016 Cisco and/or its affiliates. All rights reserved. 28Cisco Public
An example of a Transistor NAND Gate
© 2016 Cisco and/or its affiliates. All rights reserved. 29Cisco Public
We are talking transistors…
and how many we can packin an ASIC die …
“The number of transistors incorporated into a chip
will approximately doubleevery 18 - 24 months …”
“Moore’s Law” - 1975
Transistor Width measured inNanometers
Nanometer = One Billionth of a Meter
TSMC currently plans to start manufacturing 7nm chips in 2018.
“This past September, we announced our plan for the world's first 3-nanometer fab located in the Tainan science park. This fab could cost upwards of $20 billion and represents TSMC's commitment to drive technology forward," TSMC executive Mark Liu.
NVIDIA TITAN V GPU is fabricated on TSMC 12 nm FFN (FinFET NVIDIA) process. 21.1 billion transistors.
Apple iPhone X 10nm
© 2016 Cisco and/or its affiliates. All rights reserved. 30Cisco Public
Then, it starts with coding…
VerilogVHDL
Synthesis ProcessConverts code into
logical gate constructs (Netlist)
ASICs – From Definition to Deployment
© 2016 Cisco and/or its affiliates. All rights reserved. 31Cisco Public
Discrete transistor
MOSFET(metal oxide semiconductor
field effect transistor)
FinFET(Fin Field
Effect Transistor - "3D" )
NAND gate
NOR Gate
Universal Gates
XOR GateAND Gate
OR Gate NOT Gate
XNOR Gate
… which can be used to build any of the other logic gates …
… mostly used @ 22nm and above
Intel in 2012 used 22-nm in Ivy Bridge
processors
… which, when we put millions of them together on a silicon
die, produce a chip!
Silicon wafer
© 2016 Cisco and/or its affiliates. All rights reserved. 33Cisco Public
Why DoesCisco Develop
Our Own Silicon?
Simpler Deployment OptionsBetter Insight and Optimization
Increased SecurityMost Appropriate Scalability
Flexibility and Investment Protectionvia Programmability
Simpler Deployment OptionsBetter Insight and Optimization
Increased SecurityMost Appropriate Scalability
Flexibility and Investment Protectionvia Programmability
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
• Cisco spent US$1.567 Billion last quarter (Q2, FY2018) on R&D, some of which was on custom ASICs.
• Vast major of Cisco products include custom ASICs
• Custom ASICs in:• Catalyst 3000, 9000• Nexus 5000, 7000, 9000• ISR, ASR 1000 (Quantum Flow Processor)• Wireless• …
Cisco Investments
© 2016 Cisco and/or its affiliates. All rights reserved. 35Cisco Public
Up to 32MBPacket Buffer
Up to 64K x2Netflow RecordsEmbedded
Microcontrollers
Shared Lookup
Up to 240GEBandwidth
384K Flex Counters,
Up to 2X to 4X
Forwarding + TCAM
Universal DeploymentsAdaptable Tables
Enhanced Scale/BufferingMulticore resource share
Investment ProtectionFlexible Pipeline
7.46BTransistors
28nm Technology
UADP 2.0 – Next Generation of ASIC Innovation
Mobile ReadySecurity/Trustsec/MACsec
Enhanced Netflow Programmable High PerformanceRecirculation (tunneling -
GRE, VXLAN, etc)
Flexible Pipeline
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
Traditionally the ASICprocessing pipeline is
FIXEDIPv4
IPv6
Traditional Fixed ASIC Processing Pipeline
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
… and has challengeshandling NEW
PROTOCOLS …MPLS
Traditional Fixed ASIC Processing Pipeline
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Flex Rewrite
Flex Rewrite
Cisco’s UADP ASICdelivers
FLEXIBILITY …
Flex Parser
Flex Parser
Flexible, Programmable Processing Pipeline
GRE
If IPv7 were invented
tomorrow …
... we could probably handle it via the Programmable
Pipeline!
Flex Counters Flex Counters
Stage 1 Stage 2 Stage 3 Stage n
IPv4
IPv6
VXLAN
MPLS
IPv7
Unified Access Data Plane – Processing Pipeline
© 2016 Cisco and/or its affiliates. All rights reserved. 39Cisco Public
So where canFlexible ASICs help us?
So where canFlexible ASICs help us?
© 2016 Cisco and/or its affiliates. All rights reserved. 40Cisco Public
DNA Flexible Infrastructure – Programmable ASIC Silicon
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
ASIC Evolution – Over Time
UADP 2.0: 7.46B transistors!2,160,000 lines of code
New!New!
Catalyst 9300 / 9400 / 9500 – 2017
Catalyst 3550Circa 2003
60M transistors47,226 lines of code
Catalyst 3750Circa 2008
210M transistors86,220 lines of code
Catalyst 3850Circa 2013
UADP 1.0 – 1.3B transistorsUADP 1.1 – 3.0B transistors
1,490,000 lines of code
All Cisco-developed siliconDriving the benefits of vertical integration –Hardware and software working together!
Just like some other famous examples …
© 2016 Cisco and/or its affiliates. All rights reserved. 42Cisco Public
What does all of thismean for me?
© 2016 Cisco and/or its affiliates. All rights reserved. 43Cisco Public
Cisco Programmable Hardwareequals
FLEXIBILITYADAPTABILITY
Enabling Network Evolution –a critical requirement
for DNA
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Digital Network ArchitectureHow DNA Center embraces the Cisco DNA
Principles
Insights and experiences
Automationand assurance
Security and compliance
Automation
Abstraction and policy control from core to edge
Open and programmable | Standards-based
Open APIs | Developers environment
Cloud service managementPolicy | Orchestration
Physical and virtual infrastructure | App hosting
Network data, contextual insights
Network-enabled applications
Cloud-enabled | Software-delivered
Analytics
Virtualization
DNA CenterAPIC-EM, ISE, Analytics &
Assurance
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
June 2017 - What we announced: • DNA Center
• Built-in expertise to manage and deploy end-to-end network services with a central management
• DNA Analytics & Assurance • Analytics collects data from users, devices, and applications
and uses machine learning to proactively identify problems
• Software-Defined Access• Dynamically adapt to changing needs with policy-based
management of the network fabric
• Enhanced Network as a Sensor• Uncover threats hidden in encrypted traffic without
decryption.
• Catalyst 9000 Series Switches • First infrastructure devices purposely designed for DNA
Software Subscription Licensing | DNA Advisory, Technical, Support Services
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Software-Defined AccessIndustry’s first policy-based automation from the edge to the cloud
Single Network Fabric
Automate User Access Policy
End-to-End Segmentation
Keep user, device and applications traffic separate without redesigning
the network
Apply the right policies for user or device to any application across the
network
Enable a consistent user experience anywhere without
compromising on security
Common user policy for the branch, campus, WAN and cloud
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Controller-based Management
Programmable Overlay
Simplified L3 Underlay
DNA Center
Software Defined Access (SD-Access)Bringing Everything Together
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
1. Control Plane based on LISP
2. Data-Plane based on VXLAN
3. Policy-Plane based on TrustSec
Key Components of SD-Access
Key Differences
• L2 + L3 Overlay -vs- L2 or L3 Only
• Host Mobility with Anycast Gateway
• Adds VRF + SGT into Data-Plane
• Virtual Tunnel Endpoints (No Static)
• No Topology Limitations (Basic IP)
53
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
APIC-EM
ISE NDP
Control-Plane Nodes – Map System that manages Endpoint ID to Device relationships
Edge Nodes – A Fabric device (e.g. Access or Distribution) that connects Wired Endpoints to the SDA Fabric
Identity Services – External ID Systems (e.g. ISE) are leveraged for dynamic User or Device to Group mapping and Policy definition
Border Nodes – A Fabric device (e.g. Core) that connects External L3 network(s) to the SDA Fabric
Identity Services
Intermediate Nodes (Underlay)
Fabric Border Nodes
Fabric Edge Nodes
DNA Controller – Enterprise SDN Controller provides GUI management and abstraction via multiple Service Apps, that share information
DNA Center
Analytics Engine – External Data Collectors (e.g. NDP) are leveraged to analyze User or Device to App flows and monitor fabric status
Analytics Engine
CControl-Plane
Nodes
B
SD-AccessRoles & Terminology
B
Fabric Wireless Controller – A Fabric device (WLC) that connects Wireless Endpoints to the SDA Fabric
54
Fabric WirelessLAN Controller
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SD-Access SupportA single fabric for your digital ready network
WirelessRoutingSwitching
AIR-CT5520
AIR-CT8540
Wave 2 APs (1800, 2800,3800)
Wave 1 APs* (1700, 2700,3700)
Catalyst 9400
Catalyst 9300
Catalyst 9500
Catalyst 4500E Catalyst 6K Nexus 7700
Catalyst 3850 and 3650
AIR-CT3504
*with Caveats**Future
NEW
NEW
NEWNEW
Subtended
Catalyst Digital Building
Catalyst 3560-CX
NEW
IE Switches** (2K/3K/4K/5K)
ASR-1000-X
ASR-1000-HX
ISR 4430
ISR 4450
ENCS 5400**
ISR 4351
ISR 4331
CSRv
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DNA Center: Design, Policy, Provision, Assurance A better way to manage your network
DNA Center: Design, provision, automate policy and assure services from one place
Logical workflow to design, provision, set policy
Respond to changes faster
Monitor end-to-end network performance
Predict and act on problems before they happen
Pinpoint problems faster Reduce downtime with an end-to-end view instead of
hop by hop
Manage hardware and software lifecycles
Keep up to date, meet compliance and plan for refresh
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Select Areas, Building, Floors
• Configure Network Settings
• Set IP Address Pools
Design
Design | Provision | Policy | Assurance
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Assign Devices to Locations
• Provision Network Fabric
• On-board Hosts
Provision
Design | Provision | Policy | Assurance
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Create Virtual Networks
• Register End Point Types
• Administer Context-Based Policy
Policy
Design | Provision | Policy | Assurance
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Network and Device Performance
• Client Access, Connectivity, Monitoring and Troubleshooting
• Application Experience Monitoring & Acceleration
Assurance
Design | Provision | Policy | Assurance
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Analyze netflow metadata without decrypting traffic flows
• Global-to-local knowledge correlation - 99.99% threat detection accuracy
• Encrypted traffic analytics from Cisco’s newest switches and routers
Encrypted Traffic Analytics
Security with Privacy
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Enhanced Network as a Sensor
Encrypted Traffic Non-Encrypted Traffic
Secure and manage your digital network in real time, all the time, everywhere
Industry’s first network with the ability to find threats in encrypted traffic without decryptionAvoid, stop, or mitigate threats faster then ever before | Real-time flow analysis for better visibility
C97-739122-02 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
A closer look at the science behind ETA
C97-739122-02 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Encrypted traffic – mining usable information
https://1.2.3.4
https://123.123.123.123
https://234.234.234.234
https://22.33.44.55
https://21.21.21.21
We can see the TLS session properties
We can see the channel behavior We (often) know the server
• TLS session properties• Channel behavior• Domain identity (often)
C97-739122-02 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• HTTPS header contains several information-rich fields.
• Server name provides domain information.
• Crypto information educates us on client and server behavior and application identity.
• Certificate information is similar to whoisinformation for a domain.
• And much more can be understood when we combine the information with global data.
Initial data packet
IP H
ead
erT
CP
He
ade
r
TLS HeaderTLS version
SNI (Server Name)Ciphersuites
Certificate
Organization
Issuer
Issued
Expires
Initial data packet
Initial data packet
C97-739122-02 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Sequence of packet lengths and times
Sequence of packet lengths and times
Flow start Time
• Size and timing of the first packets allow us to estimate the type of data inside theencrypted channel.
• We can distinguish video, web, API calls, voice, and other data types from one another and characterize the source within the class.
C97-739122-02 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco’s threat intelligence map
Image: http://census2012.sourceforge.net/images.html
• Who’s who of the internet’s dark side
• Models use up to 20 features of 150 million malicious, risky, or otherwise security-relevant endpoints on the internet.
• These data features include domain data, whois data, TLS certificate data, usage statistics, and behavioral data for each server.
C97-739122-02 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Finding malicious activity in encrypted traffic
Cisco Stealthwatch®
Cognitive Analytics
Malware detection and cryptographic
compliance
New Catalyst® 9000*
NetFlow
Enhanced NetFlow
Telemetry for encrypted malware detectionand cryptographic compliance
* ISR, ASR are supported
Enhanced analytics and machine learning
Global-to-local knowledge correlation
Enhanced NetFlow from Cisco’s newest switches and
routers
Continuous Enterprise-wide compliance
Leveraged network Faster investigation Higher precision Stronger protection
Metadata
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Catalyst 9000: The platform for the new era
First in enterprise• x86 CPU with application hosting
• Programmable ASIC
• Software patching
Future-Proofed• IEEE 802.11ax ready
• 100W PoE (IEEE 802.3bt) ready
• 25G Ethernet ready
Industry’s unmatched• High availability
• Multigigabit density
• UPOE scale
SD-Accessintegrated
ConvergedASIC
Single image
Commonlicensing
Security IoT convergence CloudMobility
UADP 2.0
Cisco IOS® XE Software
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
Kanata R&D Team3rd Largest Cisco Engineering site worldwide
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Catalyst 9000 - CRN's 2017 Products Of The Year
Cisco Public 73© 2016 Cisco and/or its affiliates. All rights reserved.
Summary –
Innovation Acrossthe Network. Intuitive.
© 2016 Cisco and/or its affiliates. All rights reserved. 74Cisco Public
From the Hardware …
… to the Software andProtocols, with Integrated Security …
to the Whole Solution …
Cisco Innovations – In Hardware, Software, and Solutions – Tie It All Together
“From the Gates – to the GUI”
IntegratedSecurity
Innovation All The Way Up the StackHardware, Software, and Solutions