Cisco Intent Based Network

Cisco’s Next Generation

Enterprise Architecture

Cisco Systems Indonesia

Enterprise Network
Enterprises use digital transformation to drive three
key business priorities

Transform processes Empower workforce with Personalize customer

and business models efficiency and innovation experiences

Foster innovations Increased productivity Greater insights

Decrease time to Better retention Increased loyalty
market

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 These business priorities are shaping a new
dynamic IT landscape

Colo
Mobility Cloud
5-7X business Up to 93% of
mobile traffic
7X
Campus
Branch
Enterprise
DC
93% organizations will
use multiple
growth through Rapidly increasing
20221 clouds by 20192
users and things

Distributed workloads,
processing, and data
IoT IoT Private
Security
28.5 billion Edge Cloud
No clear perimeters leading to Up to 50-70% of
networked
devices and 28B increased security risks 70% web malware
will be
connections will
encrypted3
exist by 20221
Extended Public Cloud
Enterprise / IaaS / SaaS

1
2019 Cisco©VNI:
2018Global
Cisco
Fixed
and/or
and Mobile
its affiliates.
InternetAll
Traffic
rightsForecasts
reserved. Cisco Confidential
2 2018 IDC: Multicloud is the New Normal
3 2017 Gartner: Gartner Predicts 2017: Network and Gateway Security, Dec 13 2016, ID G00317597
A dynamic hyper-connected world is now
the new normal
Door locks Management

Cameras HR

Finance
Digital Signage

Reception
Billing

Internet Security

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Employee Records Guest
The old ways of managing devices no longer work
Manual box-to-box configurations don’t scale and are getting more complex

© 2019
2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 Network operating costs are growing rapidly

95%
Network changes
performed manually

3:1
Ratio of OpEx to CapEx
75%
of OpEx spent on changes
and troubleshooting

on network operations,
labor & tools1
70%
of policy violations are
due to human error

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Cisco McKinsey Study

1
IT architecture must be reinvented
for the realities of this next- SECURITY

generation digital world SERVICE PROVIDERS

It must span across the new and

emerging network domains, CLOUD PROVIDERS

integrating them in
new ways DATA CENTER

IoT & OT

BRANCH

CAMPUS / ACCESS
 USERS APPS
CISCO is building a
multidomain architecture
that securely connects
any user, on any device,
on any network to
any application
DEVICES DATA
Intent-Based Networks simplify management and
reduce OpEx
Business

Intent Policy

Enterprise wide visibility &

assurance

Analytics Intent-Based Automation Comprehensive automation

Networking

Consistent security

Enterprise+ Multicloud
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 Cisco DNA unlocks your network’s value

Business and
IT efficiency Value beyond the network Open platform
IT efficiency | Business intent | Service assurance

Automation Security policy and behavior Analytics and Assurance

Network efficiency Integrated system

Network value beyond connectivity

Security Availability Performance

Network connectivity Programmable devices
The Network is the foundation

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco DNA makes network administration easy
Automate and 67% provisioning
onboard securely time savings

Assure performance 80% time savings

and uptime for issue resolution

Defend against 47% reduced

security threats breach impact

Optimize application 40% WAN

experience OpEx Savings

Personalize customer 10% increase in

experience guest satisfaction

Integrate with IT
61% OpEx Savings
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
processes
 Cisco DNA has a complete products and solutions
portfolio
Built from the ground-up for intent-based networking

Business and IT
integrations Open Platform | Open APIs Ecosystem Partnerships
Location and behavioral analytics
Cisco DNA Spaces Cisco SD-Access Cisco SD-WAN
Secure onboarding
Application experience
Digitize people, spaces and things Secure network access Application experience

SW orchestration Enterprise-class controllers

Automation, Analytics & Assurance
Consistent simplified operations Cisco DNA Center Cisco vManage Meraki dashboard
across wired & wireless

Catalyst 9100 & Aironet Meraki switches, access

Cisco DNA-ready Access Points
Catalyst Series Routing platforms
Switches (ISR, ASR, vEdge) points, and cameras
Infrastructure
Always-on & programmable
Deploy anywhere
Security
© 2018 Cisco and/orbuilt-in
its affiliates. All rights reserved. Cisco Confidential
Flexible subscriptions for Cisco DNA simplifies
consumption
• Advanced security with
Umbrella and Cisco Threat Grid
Cisco DNA
• Encrypted traffic analytics with
Premier Stealthwatch
• Cisco DNA Spaces

• AI Network Analytics
Cisco DNA • Multidomain integration
Advantage • SD-Access
• SD-WAN Analytics

Cisco DNA Center

Base Automation
Cisco DNA •

• Network Management System

Essentials • Base SD-WAN

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Network Automation :
Cisco Software Defined Access
(SDA)

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Software-Defined Access (SD-Access)
Simplified Operations for a Seamless Experience
Cisco DNA Center™

Identity-based
Policy Automation Analytics policy and segmentation
Security policy definition decoupled from
VLAN and IP address

Automated
network fabric
Single fabric for wired and wireless with
workflow-based automation

Insights
and telemetry
SD-Access
Extension User mobility Analytics and insights into user and
Policy stays with user application experience

IoT network Employee network

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SD-Access
Fabric Terminology

Overlay Network Overlay Control Plane

Encapsulation

Edge Device Edge Device

Hosts
(End-Points)

Underlay Network Underlay Control Plane

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

17
SD-Access
Fabric Roles & Terminology
DNA § DNA Center – provides simple GUI
management and intent based automation
Identity NCP Center
(e.g. NCP) and context sharing
Services
ISE NDP § Identity Services – NAC & ID Systems
Analytics (e.g. ISE) for dynamic Endpoint to Group
Engine mapping and Policy definition
§ Analytics Engine – Data Collectors
(e.g. NDP) analyze Endpoint to App flows
Fabric Border Fabric Wireless and monitor fabric status
Nodes Controller
B B § Control-Plane Nodes – Map System that
manages Endpoint to Device relationships
Intermediate Control-Plane
C Nodes § Fabric Border Nodes – A Fabric device
Nodes (Underlay) (e.g. Core) that connects External L3
network(s) to the SDA Fabric

Campus § Fabric Edge Nodes – A Fabric device

(e.g. Access or Distribution) that connects
Fabric Edge
Nodes Fabric Wired Endpoints to the SDA Fabric
§ Fabric Wireless Controller – A Fabric device
(WLC) that connects APs and Wireless
Endpoints to the SDA Fabric
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

18
Cisco TrustSec
Traditional access control is extremely complex
Applications

Enforcement
access-list
access-list
102
102
deny udp 167.160.188.162 0.0.0.255 gt 4230 248.11.187.246 0.255.255.255 eq 2165
deny udp 32.124.217.1 255.255.255.255 lt 907 11.38.130.82 0.0.31.255 gt 428
IP Based Policies -
access-list
access-list
102
102
permit ip 64.98.77.248 0.0.0.127 eq 639 122.201.132.164 0.0.31.255 gt 1511
deny tcp 247.54.117.116 0.0.0.127 gt 4437 136.68.158.104 0.0.1.255 gt 1945
ACLs, Firewall Rules
access-list 102 permit icmp 136.196.101.101 0.0.0.255 lt 2361 90.186.112.213 0.0.31.255 eq 116
access-list 102 deny udp 242.4.189.142 0.0.1.255 eq 1112 19.94.101.166 0.0.0.127 eq 959
access-list 102 deny tcp 82.1.221.1 255.255.255.255 eq 2587 174.222.14.125 0.0.31.255 lt 4993
access-list 102 deny tcp 103.10.93.140 255.255.255.255 eq 970 71.103.141.91 0.0.0.127 lt 848
access-list
access-list
102
102
deny ip 32.15.78.227 0.0.0.127 eq 1493 72.92.200.157 0.0.0.255 gt 4878
permit icmp 100.211.144.227 0.0.1.255 lt 4962 94.127.214.49 0.255.255.255 eq 1216
Propagation
access-list 102 deny icmp 88.91.79.30 0.0.0.255 gt 26 207.4.250.132 0.0.1.255 gt 1111
Carry “Segment”
Enterprise
access-list 102 deny ip 167.17.174.35 0.0.1.255 eq 3914 140.119.154.142 255.255.255.255 eq 4175

context through the

access-list 102 permit tcp 37.85.170.24 0.0.0.127 lt 3146 77.26.232.98 0.0.0.127 gt 1462
access-list 102 permit tcp 155.237.22.232 0.0.0.127 gt 1843 239.16.35.19 0.0.1.255 lt 4384
Backbone
network using VLAN,
Aggregation Layer IP address, VRF
Static ACL Limits of Traditional VACL

Routing Segmentation
Access Layer Classification
Redundancy • Security Policy based Static or Dynamic
DHCP Scope on Topology VLAN assignments
Address (Address)
VLAN • High cost and Non-Compliant Voice Employee Supplier BYOD

complex maintenance
Quarantine Voice Data Guest BYOD
VLAN VLAN VLAN VLAN VLAN
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

19
Cisco TrustSec
Simplified access control with Group Based Policy

Enforcement
Shared Application
Group Based Policies Services Servers
ACLs, Firewall Rules
Enforcement DC Switch
or Firewall
Propagation
Carry “Group”
context through the Enterprise
network using only Backbone
ISE
SGT

Classification
Static or Dynamic Campus Switch Campus Switch DC switch receives policy
for only what is connected
SGT assignments

Employee Tag
Supplier Tag
Non-Compliant Employee Voice Voice Employee Supplier Non-Compliant Non-Compliant Tag

VLAN A VLAN B
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

20
 SD Access Fabric
Operation Overview

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
What if Networks Operated at Identity Layer?

Joshua Susan Alan Nathan

192.168.3.47 192.168.12.213 192.168.8.89 192.168.37.149

Moving away from an IP Address Centric View

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 It starts with a User
or a device or thing

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
We move the user into a
group…

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
We place the group into a
Virtual Network…

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 This is where
Segmentation happens

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 How does it come
together?

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 Process starts with a user
connecting to the
network…
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 User authenticates with
the Identity Services
Engine…
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 ISE configuration of user
and network element…
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 User becomes part of a
Fabric Overlay…

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 Only sees other users
from SAME virtual
network…

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 Now for the
Fabric Overlay !

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 Data transported in the
overlay network…

Policy enforced in the

overlay network…

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 With user/device mobility,
the SAME policy stays
intact…

The connected tunnel

AUTOMATICALLY re-
establishes…
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 SD-Access Value Proposition

Threat-centric Security Increased Productivity Seamless Experience

A holistic approach to security that Boost operational effectiveness Improve the workforce experience
enables you to take steps Before, with a single network fabric for by automating and applying the
During, and After an Attack. wired and wireless right policies for users or devices
to any application across the
network

The Bridge to Possible

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 POLICY

Manage as Automatically Automated

One Secure adapt to changes Segmentation
Network Fabric (Intent to Policy) to reduce risk and
for Wired & Wireless meet compliance

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 Segmentation Agility with Security
Secure onboarding of users and devices with flexible authentication and
segmentation
Employee virtual network
Before SD-Access After SD-Access
Users
• VLAN and IP address Group 1 Group 2 • No VLAN or subnet
based dependency for
IoT virtual network segmentation and
• Create IP-based ACLs
access control
for access policy Devices
• Define one consistent
• Deal with policy Group 3 Group 4
policy
violations and errors Drag policy
manually to apply Guest virtual network • Policy follows Identity
Apps

Group 5 Group 6

Completely automated Group-based policy Policy follows identity

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Consistent Wired and Wireless Policy
A single network fabric

Before SD-Access RxSOP DBS After SD-Access

§ Repeated policy work DCA

DFS § Enable anytime,
TPC
for wired-wireless anywhere workforce with
§ Issues supporting BYOD ED-RRM secure access to
wireless, cloud apps, and
§ No location-aware video
services
§ Provide BYOD
§ Complex management opportunities
per WLC
Conference room Hotel Room § IoT and location-based
High Density Low Density services to track
equipment and monitor
usage

One click RF
Simplified
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Campus-Wide Wired and Wireless
Provisioning Roaming Consistency
Network Assurance :
Right Place, Right Time, Right Action

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
What is assurance?

The guarantee that the infrastructure is doing what you intended it to do

Continuous Insights and Corrective

verification visibility actions

Configurations, changes, Visibility, context, Guided remediation,

routing, security, services, historical insights, prediction automated updates, system
VMs, compliance, audits optimization

Reduced downtime,
Successful IT rollouts IT productivity
increased user productivity

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Today’s Tools
Too Limited – and Do Not Address Network Needs

Too Many Tools Reactive Systems Limited Insights

Fragmented visibility Always playing catch up Limited data that is not actionable
Closed interfaces / Silo’d views Not designed for analytics My report vs your report
Devices queried multiple times Inconsistent API architecture No view of state changes
Different protocols/mechanisms Specialized knowledge required Lacking context or feedback loop

Rigid
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Closed/Proprietary Lack of Intelligence 45
BRKNMS-2814
DNA Center Data Analytics Architecture

Data collection and ingestion Data correlation and analysis Data visualization and action
Network assurance

Router Switch WLC Sensor Complex

Network correlation
telemetry
Metadata
SNMP NetFlow Syslog Streaming extraction
telemetry
...
Collector and analytics pipeline SDK
ISE AAA Topology Location PxGrid Stream
processing
Data models and restful APIs

DNS DHCP Inventory Policy IPAM Time series analysis

Contextual data Analytics Engine System management portal

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

46
Contextual Correlation and Property Graph
Business
Applications
Finance George Baker
App ID: 18

Src IP: 1.1.1.2 Dest Port: 3600 ?

1.1.1.1 Dest IP: 2.2.2.2

? Forwarding
problem here…
RTP
DC

Client density
WAN QoS problem here...
problem here...
SJC-9 2nd Floor

Netflow AVC
© 2018 Cisco and/or its affiliates. All rights reserved.
DDI
Cisco Confidential
ISE/Radius Topology CMX, DNAC Device
BRKNMS-2814 47
Why Analytics not Reporting?
Transform network operation through actionable insights and simplicity

From: Reporting To: Analytics

Data organized into informational summaries Advanced correlation of information (analytics) from the
with no real insights Network to generate meaningful insights

Lots of wasted time in analyzing overwhelming

Insights are actionable and drive proactive operations
volume of data

Answer Questions: Answer Questions:

What, How much, How Many….. Why, So What….

Mostly reactive system Proactive and predictive system

Root cause issue in few clicks:

Many clicks to isolate and root cause issue
Right Place, Right Time, Right Action

Slow problem resolution, requires deep technical

Quick problem resolution via guided remediation actions
expertise
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

48
Power of Analytics and Automation working in sync

DNA Center
Telemetry, alerts,
violations

Assurance and
Automation Analytics
Network inventory, topology,
and configuration

B B
Network and telemetry Streaming telemetry
configuration SD-Access & network data

Fabric

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

49
1. Right place: How Cisco does it
Problem isolation
360-degree context graph: Connected
view of users, clients, applications, and
Before After network, end to end

Hours finding Get to root

needle in cause Everything as a sensor: Granularity
the haystack in minutes

Event-driven telemetry

50%
of Wi-Fi issues
take more than 30
minutes to resolve Cisco DNA Wi-Fi analytics
Assurance for iOS
© 2017
2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
2. Right time: How Cisco does it
Problem replication
Full contextual state:
14 days of history
Before After

Wi-Fi issues Network time

come and go. travel with Predictive trends to resolve issues
before they become problems
If you cannot full context
replicate, you
cannot solve
Proactively test-drive the network

47%
of organizations have
10% or more of their
users experience a WiFi
Cisco DNA Cisco Aironet
issue in a typical week Assurance Active Sensor
© 2017
2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
3. Right action: How Cisco does it
Problem resolution
Step-by-step guided remediation
based on 30 years of Cisco® networking
Before After expertise and best practices

Continuous Leverage
Extending network context to
training 30 years of improve business operations
industry efficiency with Operational Insights
experience

81%
of organizations say a
single hour of downtime
costs over $300,000 Cisco DNA Operational
Assurance Insights
© 2017
2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco DNA Assurance
From network data to business insights

Network telemetry Complex event Correlated Suggested

contextual data processing insights remediation

Traceroute
Complex
Syslog NetFlow correlation Clients Baseline

AAA Router DHCP

Metadata
Telnet Wireless CLI extraction
DNS
OID IPSLA Ping
MIB Steam
SNMP IPAM Processing Application Network
AppD
CMX

Everything as a sensor Over 150 actionable insights

Clients | Applications | Wireless | Switching | Routing

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 Use Case : Client is having a poor App experience

Before Cisco DNA Center After Cisco DNA Center

Time to resolve issue in minutes

10 User Reports Problem
20 Check for RPA Failure
6 Run Trace Route
156 min 10 min
120 Site Visit
Issue Isolation 10

Success Client performance summary Reduce the time taken to Reduce troubleshooting OPEX
© 2018 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential

Metrics on main page. resolve the issues by solving remotely

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 Larissa to
increase
count and
look into
changing
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
dashboard
 Larissa to
increase
count and
look into
changing
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
dashboard
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco IBN Components

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SD-Access
DNA Center – Service Components

SNS 3600 Series DN2-HW-APL

ISE Appliance DNA Center Appliance
API Cisco DNA Center API

Design | Policy| Provision | Assurance

API

Cisco ISE
Identity 2.3
& Policy Automation
NCP Assurance
NDP
API API
Identity Services Engine Network Control Platform Network Data Platform

NETCONF
SNMP
SSH

AAA
RADIUS
EAPoL
Campus Fabric HTTPS
NetFlow
Syslogs

Cisco Switches | Cisco Routers | Cisco Wireless

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

69
 Cisco DNA Appliance – Scale and Hardware Spec

DN2-HW-APL DN2-HW-APL-L DN2-HW-APL-XL

ü 44 Core M5 ü 56 Core M5 ü 112 Core M5

ü 1000 NW Devices (Switch/Router/WLC) ü 2000 NW Devices (Switch/Router/WLC) ü 5000 NW Devices (Switch/Router/WLC)
ü 4000 APs ü 6000 APs ü 13000 APs
ü 25,000 Clients ü 40,000 Clients ü 100,000 Clients (40K Wired + 60K
ü 1.2.8 Release ü 1.3 Release Wireless)
ü 1.3 Release

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IBN Everywhere : Scalability, Reliability, Security across
the Network with Catalyst 9k
Access Points Access Switches Core/Agg. Switches Wireless Controller
Catalyst Catalyst Catalyst Catalyst
9100
9200/9300/9400 9500/9600 9800 Series
Series Series

25G
mGig
1G 10 G
/40G 40 G
40G/
100G

The Full Experience End to End

Built forCiscointent-based
© 2018 networking
and/or its affiliates. All rights reserved. Cisco Confidential
Automation Security Analytics
Cisco Catalyst 9000 family switching transitions
Greater flexibility from the branch to business-critical, mission-critical campus core

Cisco Catalyst Cisco Catalyst Cisco Catalyst

9400 Series 9500 Series 9600 Series
New
Cisco Catalyst
9300 Series
Cisco® Catalyst®
9200 Series

Cisco Catalyst Cisco Catalyst Cisco Catalyst Cisco Catalyst Cisco Catalyst Cisco Catalyst
2960-X/XR Series 3850 copper 4500E Series 3850F/4500-X Series 6840-X/ 6880-X 6807-XL/ 6500-E

Access switching Core switching

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 For more details: cs.co/sda-compatibility-matrix

SD-Access Support
Digital Platforms for your Cisco Digital Network Architecture

Switching Routing Wireless Extended

BETA

NEW
Catalyst 9500 ASR-1000-HX Catalyst 9800
NEW

ASR-1000-X
AIR-CT8540

Catalyst 9300 Cisco Digital Building

NEW

Catalyst 9400 Catalyst 9200 AIR-CT5520

ISR 4451
AIR-CT3504
NEW 4800
ISR 4430
Catalyst 3560-CX

ISR 4330 Wave 2 APs (1800,2800, 3800)

Catalyst 4500E Catalyst 6800 Nexus 7700
NEW
NEW

Catalyst 3650 & 3850 ENCS 5400 Wave 1 APs* (1700,2700,3700) Cisco IE 4K/5K
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 What is Wi-Fi 6 (or 11ax)?
• 802.11ax and Wi-Fi 6 are interchangeable engineering
and marketing terms that have the same meaning Wi-Fi 6

• You may also sometimes see the term “high-efficiency 2019

wireless” or “HEW” used
Wi-Fi 5 11AX
2013
Wi-Fi 4
High Efficiency
2009 11AC
Wi-Fi 3 4x Capacity
Wi-Fi 2 2004 IoT Scale
11N
Wi-Fi 1 2003
• Cellular like Determinism
for high quality services
1999 11A/G
• Higher power efficiency to
11G accelerate IoT adoption
11B
• Extended outdoor range
IEEE 802.11ax Ratification now due Q3 2020 • Better app. performance
WFA Wi-Fi 6 certification Q3 2019 in high density
deployments

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
New Cisco Catalyst 9100 Series Access Points
Ideal for small to medium-sized deployments Mission critical

May
Mar Mar ‘19
‘19 ‘19

Powered by
Cisco RF ASIC
Catalyst 9120
Catalyst 9115 Catalyst 9117 (Wi-Fi 6 certifiable)
(Wi-Fi 6 certifiable) (Wi-Fi 6 compatible)
• 4x4 + 4x4
• 4x4 + 4x4 • 8x8 + 4x4 • Cisco RF ASIC for Next gen CleanAir
• MU-MIMO, OFDMA • MU-MIMO, OFDMA (only DL) • Dual 5GHz, HDX
• Spectrum Intelligence • Spectrum intelligence • RF signature capture
• 1 x 2.5 mGig • 1 x 5 mGig • IoT ready (Zigbee, Thread)
• TWT • Non Triggered TWT • Container support for IOT apps
• LP $1,245 • Integrated Antenna only • 1 x 2.5 mGig
• LP $1,695 • TWT
• LP $1,695

DNA Assurance with Integrated or external

iCAP
© 2018 Cisco and/or its affiliates. All rights reserved.
Bluetooth 5
Cisco Confidential
USB antenna SKUs
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
 Next generation wireless
infrastructure for any scale
Catalyst 9800-80
6000 Aps, 64K clients
80 Gbps

Catalyst 9800-40
2000 Aps, 32K Clients,
40 Gbps

Catalyst 9800-CL
1000, 3000 or 6000^ APs
Catalyst 9800-L 10K, 32K or 64K^ Clients
250 APs, 5K Clients,
5 Gbps
Catalyst 9800
embedded wireless*
200 APs, 4K Clients
Mobility Express
100 Aps, 2K Clients Catalyst 9800-CL+
1000 APs, 10K Clients *SD-Access only
^Centralized support for 6000 APs for Private Cloud in Future
+ Catalyst 9800 for Public cloud FlexConnect only

Up to 100 APs Up to 250 APs Up to 1000 APs Up to 3000 APs Up to 6000 APs

Distributed Branch & Small

CiscoCampus
© 2018 Cisco and/or its affiliates. All rights reserved.
Confidential Medium Campus Large Campus
 Q&A

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential