Cisco Catalyst 3850 IP User Manual
Data Sheet
Cisco Catalyst 3850 Series Switches
The digital transformation: Converged wired and wireless access and aggregation
The promise of digital for your business is all about innovating more quickly while reducing risk, cost, and complexity. It will be your network that forms the foundation of your business’s transformation.
But supporting your digital organization will require your network to move beyond just connectivity to be a platform for insights, automation, and security.
This is the power of the Cisco® Digital Network Architecture (Cisco DNA™).
Cisco DNA is a monumental shift on how to design and build networks. The Cisco Catalyst® 3850 Series, as part of the Cisco DNA portfolio of next-generation enterprise-class stackable Ethernet and Multigigabit Ethernet access and aggregation layer switches, securely enables time-saving virtualization, greater automation, and valuable analytics data that directly address your evolving business needs, including less cost to install and operate.
The Cisco Catalyst 3850 Series provides capabilities that ideally suited to support the convergence of wired and wireless access. The new Cisco Unified Access Data™ Plane (UADP) Application-Specific Integrated Circuit (ASIC) powers the switch and enables uniform wired-wireless policy enforcement, application visibility, flexibility, and application optimization. This convergence is built on the resilience of the new and improved Cisco StackWise®- 480 technology.
The Cisco Catalyst 3850 Series Switches support full IEEE 802.3at Power over Ethernet Plus (PoE+), Cisco Universal Power Over Ethernet (Cisco UPOE®), modular and field-replaceable network modules, RJ-45 and fiberbased downlink interfaces, and redundant fans and power supplies.
Product overview
● Integrated wireless controller capability with:
◦ Up to 40G of wireless capacity per switch (48-port RJ45 models)
◦ Support for up to 100 access points and 2000 wireless clients on each switching entity (switch or stack)
● 24 and 48 10/100/1000Mbps data PoE+ and Cisco UPOE models with Energy-Efficient Ethernet (EEE)
● 24 and 48 100Mbps/1/2.5/5/10 Gbps Cisco UPOE models with Energy-Efficient Ethernet (EEE)
● 12and 24-port 1 Gigabit Ethernet SFP-based models
● 12and 24-port 1/10 Gigabit Ethernet SFP+-based models
● 48-port 1/10 Gigabit Ethernet SFP+ model with 4 fixed 40 Gigabit Ethernet QSFP+ uplinks
● Cisco StackWise-480 technology provides scalability and resiliency with 480 Gbps of stack throughput1
● Cisco StackPower® technology provides power stacking among stack members for power redundancy1
1 StackWise and StackPower technologies are not supported on the 48-port SFP+ switch model.
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 1 of 38 |
●Five optional uplink modules2 with 4 x Gigabit Ethernet, 2 x 10 Gigabit Ethernet, 4 x 10 Gigabit Ethernet3, 8 x 10 Gigabit Ethernet4, or 2 x 40 Gigabit Ethernet QSFP+4 ports
●Dual redundant, modular power supplies and three modular fans providing redundancy
●Full IEEE 802.3at (PoE+) with 30W power on all copper ports in 1 Rack Unit (RU) form factor
●Cisco UPOE with 60W power per port in 1 Rack Unit (RU) form factor
●IEEE 802.3bz (2.5/5 G/s BASE-T) to go beyond 1 Gb/s with existing Cat5e and Cat6
●IEEE 802.1ba AV Bridging (AVB) built-in to provide better AV experience for including improved time synchronization and QoS
●Software support for IPv4 and IPv6 routing, multicast routing, modular Quality of Service (QoS), Flexible NetFlow (FNF), and enhanced security features
●Single universal Cisco IOS® Software image across all license levels, providing an easy upgrade path for software features
●Cisco DNA services delivered through Cisco ONE™ Software, providing simplified, high-value solutions with license portability and flexibility
●Support for AES-256 with the powerful MACSEC 256-bit for SFP+ and Multigigabit models and 128-bit encryption algorithm available on all models
●Enhanced Limited Lifetime Warranty (E-LLW) with Next Business Day (NBD) advance hardware replacement and 90-day access to Cisco Technical Assistance Center (TAC) support
Switch models and configurations
All switches ship with one of the five power supplies (350WAC, 715WAC, 750WAC, 1100WAC, or 440WDC)5. Figures 1 through 4 show the Cisco Catalyst 3850 Series Switches.
Figure 1. Cisco Catalyst 3850 Series Switches
2Optional uplink modules are not supported on the 48-port 10G SFP+ switch model.
3Compatible only with the 48-port RJ45 models and with the 12-port (or higher) 10 Gigabit capable models.
4Compatible only with Cisco Catalyst 3850 Multigigabit and 24-port SFP+ switch models.
5The 48-port 10G SFP+ switch model will only support dedicated power supplies with front-to-back and back-to-front configurations.
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 2 of 38 |
Figure 2. Cisco Catalyst 3850 Series Switches with 12 and 24 1/10 Gigabit Ethernet SFP+ ports
Figure 3. Cisco Catalyst 3850 Series Switches with 12 and 24 1 Gigabit Ethernet SFP ports
Figure 4. Cisco Catalyst 3850 Series Switches with 10 Gigabit Ethernet 48 ports
Table 1 shows the Cisco Catalyst 3850 Series configurations.
|
Table 1. |
Cisco Catalyst 3850 Series configurations |
|
|
|
|
|
|||
|
|
|
|
|
|
|
|
|
|
|
|
Model |
|
Total 10/100/1000 or SFP or SFP+ ports |
|
Default AC power |
Available PoE |
StackWise-480 |
StackPower |
|
|
|
|
|
|
|
|
supply |
power |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
WS-C3850-24T |
24 |
|
|
350WAC |
- |
Yes |
Yes |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
WS-C3850-48T |
48 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||
|
WS-C3850-24P |
24 PoE+ |
|
715WAC |
435W |
|
|
|
||
|
|
|
|
|
|
|
|
|
||
|
WS-C3850-48P |
48 PoE+ |
|
|
|
|
|
|
||
|
|
|
|
|
|
|
|
|
||
|
WS-C3850-48F |
48 PoE+ |
|
1100WAC |
800W |
|
|
|
||
|
|
|
|
|
|
|
|
|
||
|
WS-C3850-24U |
24 UPOE |
|
1100WAC |
800W |
|
|
|
||
|
|
|
|
|
|
|
|
|
||
|
WS-C3850-48U |
48 UPOE |
|
1100WAC |
800W |
|
|
|
||
|
|
|
|
|
|
|
|
|
||
|
WS-C3850-24XU |
24 UPOE (100Mbps/1/2.5/5/10 Gbps) |
|
1100WAC |
580W |
|
|
|
||
|
|
|
|
|
|
|
|
|
|
|
|
WS-C3850-12X48U |
48 |
UPOE (with 12 100Mbps/1/2.5/5/10 |
|
1100WAC |
630W |
|
|
|
|
|
|
|
Gbps Ports) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||
|
WS-C3850-12S |
12 SFP |
|
350WAC |
|
|
|
|
||
|
|
|
|
|
|
|
|
|
||
|
WS-C3850-24S |
24 SFP |
|
|
|
|
|
|
||
|
|
|
|
|
|
|
|
|
|
|
|
WS-C3850-12XS |
12 |
1/10G SFP+ |
|
350WAC |
- |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
WS-C3850-24XS |
24 |
1/10G SFP+ |
|
715 WAC |
- |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
WS-C3850-48XS |
48 |
1/10G SFP+ |
|
750WAC (front to |
- |
No |
No |
|
|
|
|
|
|
|
|
back) |
|
|
|
|
|
|
|
|
|
|
|
|
|
||
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
|
|
|
Page 3 of 38 |
||||||
Network modules
The Cisco Catalyst 3850 Series Switches support five optional network modules for uplink ports. The default switch configuration does not include the network module. At the time of switch purchase the customer has the flexibility to choose from the network modules described in Table 2.
Figure 5 shows the following network modules:
●4 x Gigabit Ethernet with Small Form-Factor Pluggable (SFP) receptacles
●2 x 10 Gigabit Ethernet with SFP+ or 4 x Gigabit Ethernet with SFP receptacles
●4 x 10 Gigabit Ethernet with SFP+ receptacles (supported only on the 48-port Gigabit Ethernet models or on the 12-port or higher 10 Gigabit Ethernet models)
Figure 5. Network modules with four Gigabit Ethernet, two 10 Gigabit Ethernet SFP+, or four 10 Gigabit Ethernet SFP+ interfaces
Figure 6 shows the following network modules:
●8 x 10 Gigabit Ethernet with Small Form-Factor Pluggable+ (SFP+) receptacles
●2 x 40 Gigabit Ethernet with Quad Small Form-Factor Pluggable+ (QSFP+) receptacles
Figure 6. Network modules with two 40 Gigabit Ethernet QSFP+ or eight 10 Gigabit Ethernet SFP+ interfaces
The C3850-NM-4-10G module is supported only on the 48-port Gigabit Ethernet models or on the 12-port or higher 10 Gigabit Ethernet models. The C3850-NM-8x10G and C3850-NM-2x40G modules are supported on the 24-port and 48-port multigigabit switches and also on the 24-port 10G SFP+ switch model. The C3850-NM-4-1G and C3850-NM-2-10G modules are not supported on the 12-port and 24-port SFP+ models.
|
Table 2. |
Network module compatibility matrix |
|
|
|
|
|
|
|
|
|
|
Model |
|
Network modules |
|
|
|
|
|
|
|
|
|
WS-C3850-24T |
C3850-NM-4-1G, C3850-NM-2-10G |
|
|
|
|
|
|
|
|
|
|
WS-C3850-48T |
C3850-NM-4-1G, C3850-NM-2-10G, C3850-NM-4-10G |
|
|
|
|
|
|
|
|
|
|
WS-C3850-24P |
C3850-NM-4-1G, C3850-NM-2-10G |
|
|
|
|
|
|
|
|
|
|
WS-C3850-48P |
C3850-NM-4-1G, C3850-NM-2-10G, C3850-NM-4-10G |
|
|
|
|
|
|
|
|
|
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 4 of 38 |
||||
WS-C3850-48F |
C3850-NM-4-1G, C3850-NM-2-10G, C3850-NM-4-10G |
|
|
WS-C3850-24U |
C3850-NM-4-1G, C3850-NM-2-10G |
|
|
WS-C3850-48U |
C3850-NM-4-1G, C3850-NM-2-10G, C3850-NM-4-10G |
|
|
WS-C3850-24XU |
C3850-NM-4-1G, C3850-NM-2-10G, C3850-NM-4-10G, C3850-NM-8-10G, C3850-NM-2-40G |
|
|
WS-C3850-12X48U |
C3850-NM-4-1G, C3850-NM-2-10G, C3850-NM-4-10G, C3850-NM-8-10G, C3850-NM-2-40G |
|
|
WS-C3850-12S |
C3850-NM-4-1G, C3850-NM-2-10G |
|
|
WS-C3850-24S |
C3850-NM-4-1G, C3850-NM-2-10G |
|
|
WS-C3850-12XS |
C3850-NM-4-10G |
|
|
WS-C3850-24XS |
C3850-NM-4-10G, C3850-NM-8-10G, C3850-NM-2-40G |
|
|
WS-C3850-48XS |
None |
|
|
An SFP+ receptacle supports both 10 Gigabit Ethernet and Gigabit Ethernet modules, allowing customers to use their investment in Gigabit Ethernet SFP modules and upgrade to 10 Gigabit Ethernet when business demands change without having to do a comprehensive upgrade of the access switch. In contrast, SFP receptacles can be used only as Gigabit Ethernet ports, as shown in the examples in Table 3.
Table 3. |
Network module configuration examples |
|
|
|
|
|
|
|
|
|
|
|
|
|
Interface options |
|
|
|
|
|
|
|
|
Network module |
|
10 Gigabit Ethernet SFP+ ports |
|
Gigabit Ethernet SFP ports |
|
|
|
|
|
|
|
4 x Gigabit Ethernet |
|
0 |
|
4 |
|
|
|
|
|
|
|
4 x Gigabit Ethernet/2 x10 Gigabit Ethernet network modules |
|
2 |
|
0 |
|
|
|
|
|
|
|
|
|
|
1 |
|
3 |
|
|
|
|
|
|
|
|
|
2 |
|
2 |
|
|
|
|
|
|
|
|
|
0 |
|
4 |
|
|
|
|
|
|
4 x Gigabit Ethernet/4 x10 Gigabit Ethernet network modules |
|
4 |
|
0 |
|
|
|
|
|
|
|
|
|
|
0 |
|
4 |
|
|
|
|
|
|
|
|
|
2 |
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
1 |
|
|
|
|
|
|
|
|
|
1 |
|
3 |
|
|
|
|
|
|
Dual redundant modular power supplies
The Cisco Catalyst 3850 Series Switches support dual redundant power supplies.6 The switch ships with one power supply by default, and the second power supply can be purchased at the time of ordering the switch or at a later time. If only one power supply is installed, it should always be in power supply bay 1. The switch also ships with three field-replaceable fans. (See Figure 7.)
6The 48-port 10G SFP+ switch model will only support dedicated power supplies with front-to-back and back-to-front configurations.
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 5 of 38 |
Figure 7. Dual redundant power supplies
Table 5 shows the different power supplies available in these switches and available PoE power.
Table 4. |
Power supply models |
|
|
|
|
|
|
Model |
|
Default power supply |
Available PoE power |
|
|
|
|
24-port data switch |
PWR-C1-350WAC |
- |
|
|
|
|
|
48-port data switch |
|
|
|
|
|
|
|
24-port PoE switch |
PWR-C1-715WAC |
435W |
|
|
|
|
|
48-port PoE switch |
|
|
|
|
|
|
|
48-port full PoE switch |
PWR-C1-1100WAC |
800W |
|
|
|
|
|
24-port UPOE switch |
PWR-C1-1100WAC |
800W |
|
|
|
|
|
48-port UPOE switch |
|
|
|
|
|
|
|
24-port Multigigabit UPOE switch |
PWR-C1-1100WAC |
580W |
|
|
|
|
|
48-port Multigigabit UPOE switch |
PWR-C1-1100WAC |
630W |
|
|
|
|
|
12-port SFP switch |
PWR-C1-350WAC |
- |
|
|
|
|
|
24-port SFP switch |
|
|
|
|
|
|
|
12-port SFP+ switch |
PWR-C1-350WAC |
- |
|
|
|
|
|
24-port SFP+ switch |
PWR-C1-715WAC |
- |
|
|
|
|
|
48-port SFP+ switch (WS-C3850-48XS-S and |
PWR-C3-750WAC-R |
- |
|
WS-C3850-48XS-E) |
|
|
|
|
|
|
|
48-port SFP+ switch (WS-C3850-48XS-F-S and |
PWR-C3-750WAC-F |
- |
|
WS-C3850-48XS-F-E) |
|
|
|
|
|
|
|
In addition to the power supplies listed in Table 5, a 440WDC power supply is available as a configuration option and also as a spare (that is, it can be ordered separately) on all switch models. The DC power supply also delivers PoE capabilities for maximum flexibility (refer to Table 6 for available PoE budget with DC power supplies). Customers can mix and match the AC and DC power supplies in the two available power supply slots. Any of these power supplies can be installed in any of the switches.
|
Table 5. |
Available PoE with DC power supply |
|
|
|
|
|
|
|
|
|
|
Model |
|
Number of 440WDC power supplies |
Total available PoE budget |
|
|
|
|
|
|
|
|
24-port PoE switch |
1 |
220W |
|
|
|
|
|
|
|
|
|
|
|
2 |
660W |
|
|
|
|
|
|
|
|
48-port PoE switch |
1 |
185W |
|
|
|
|
|
|
|
|
|
|
|
2 |
625W |
|
|
|
|
|
|
|
|
24-port Multigigabit UPOE switch |
2 |
360W |
|
|
|
|
|
|
|
|
|
48-port Multigigabit UPOE switch |
2 |
410W |
|
|
|
|
|
|
|
|
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 6 of 38 |
||||
Power over Ethernet Plus (PoE+)
In addition to PoE (IEEE 802.3af), the Cisco Catalyst 3850 Series Switches support PoE+ (IEEE 802.3at standard), which provides up to 30W of power per port. The Cisco Catalyst 3850 Series Switches can provide a lower Total Cost of Ownership (TCO) for deployments that incorporate Cisco IP phones, Cisco Aironet® wireless LAN (WLAN) access points, or any IEEE 802.3at-compliant end device. PoE removes the need for wall power to each PoEenabled device and eliminates the cost for additional electrical cabling and circuits that would otherwise be necessary in IP phone and WLAN deployments. Table 7 shows the power supply combinations required for different PoE needs.
Table 6. |
Power supply requirements for PoE and PoE+ |
|
|
|
|
|
|
|
|
24-port PoE switch |
48-port PoE switch |
|
|
|
|
PoE on all ports (15.4W per port) |
One PWR-C1-715WAC |
One PWR-C1-1100WAC or two PWR-C1-715WAC |
|
|
|
|
|
PoE+ on all ports (30W per port) |
One PWR-C1-1100WAC or two PWR-C1-715WAC |
Two PWR-C1-1100WAC or one PWR-C1-1100WAC |
|
|
|
|
and one PWR-C1-715WAC |
|
|
|
|
Cisco Universal Power over Ethernet (Cisco UPOE)
Cisco UPOE (Table 8) is a breakthrough technology, offering the following services and benefits.
●60W per port to enable a variety of end devices such as Samsung VDI client, BT IP turret systems in trading floors, Cisco Catalyst compact switches in retail/hospitality environments, personal Cisco TelePresence® systems, and physical access control devices
●High availability for power and guaranteed uninterrupted services, a requirement for critical applications (e911)
●Lowering OpEx by providing network resiliency at lower cost by consolidating backup power into the wiring closet
●Faster deployment of new campus access networking infrastructures by eliminating the need for a power outlet for every endpoint
Table 7. |
Power supply requirements for Cisco UPOE |
|
|
||
|
|
|
|
|
|
|
|
24-port UPOE switch |
48-port UPOE switch |
24-port Multigigabit |
48-port multigigabit |
|
|
|
|
UPOE switch |
UPOE switch |
|
|
|
|
|
|
UPOE (60W per port) on all |
One PWR-C1-1100WAC |
Two PWR-C1-1100WAC |
Two PWR-C1-1100WAC |
Two PWR-C1-1100WAC |
|
(24 port switch) or max. 30 |
and one PWR-C1-715WAC |
|
|
|
|
ports (48 port switch) |
|
|
|
|
|
|
|
|
|
|
|
Cisco Catalyst Multigigabit Ethernet technology
Cisco Multigigabit Ethernet is a unique Cisco innovation to the new Cisco Catalyst Ethernet access switches. With the enormous growth of 802.11ac and new wireless applications, wireless devices are promoting the demand for more network bandwidth. This creates a need for a technology that supports speeds higher than 1 Gbps on all cabling infrastructure. Cisco Multigigabit technology allows you to achieve bandwidth speeds from 1 Gbps through 10 Gbps over traditional Cat 5e cabling or above. In addition, the Multigigabit ports on select Cisco Catalyst switches support UPOE, which is increasingly important for next-generation workspaces and Internet of Things (IoT) ecosystems.
Cisco Multigigabit technology offers significant benefits for a diverse range of speeds, cable types, and PoE power. The benefits can be grouped into three different areas:
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 7 of 38 |
●Multiple speeds: Cisco Multigigabit technology supports autonegotiation of multiple speeds on switch ports. The supported speeds are 100 Mbps, 1 Gbps, 2.5 Gbps, and 5 Gbps on Cat 5e cable and up to 10 Gbps over Cat 6a cabling.
●Cable type: The technology supports a wide range of cable types, including Cat 5e, Cat 6, and Cat 6a or above.
●PoE power: The technology supports PoE, PoE+, and UPOE for all the supported speeds and cable types.
For more information, visit https://www.cisco.com/c/en/us/solutions/enterprise-networks/catalyst-multigigabit- switching/index.html.
SD-Access architecture
What if you could give time back to IT? And provide network access in minutes for any user or device to any application – without compromise?
Cisco Software-Defined Access (SD-Access) is the industry’s first intent-based networking solution for the enterprise, built on the principles of Cisco’s Digital Network Architecture (Cisco DNA™). SD-Access provides automated, end-to-end segmentation to separate user, device, and application traffic without the need to redesign the network. SD-Access automates user access policy so organizations can make sure the right policies are established for any user or device with any application across the network. This is accomplished with a single network fabric across LAN and WLAN, which creates a consistent user experience anywhere without compromising on security.
Organizations have many challenges today in managing the network to drive business outcomes. These limitations are due to manual configuration and fragmented tool offerings. SD-Access provides:
●A transformational management solution that reduces operational expenses and enhances business agility
●Consistent management of wired and wireless network provisioning and policy
●Automated network segmentation and group-based policy
●Contextual insights for fast issue resolution and capacity planning
●Open and programmable interfaces for integration with third-party solutions
For an overview of key use cases that SD-Access addresses, refer to the SD-Access Solution Overview.
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 8 of 38 |
SD-Access licensing
To be able to benefit from the SD-Access architecture, you must purchase an add-on licensing package. Such licensing package includes the Cisco DNA Essentials and Cisco DNA Advantage options. Add-on licenses have to be purchased for a 3-, 5-, or 7-year term (and hence are also known as term-based licenses). Product SKUs for these packages are given in Table 10 below.
Ordering and managing licenses with smart accounts: Creating smart accounts by using the Cisco Smart Software Manager (SSM) enables you to order devices and licensing packages and also to manage your software licenses from a centralized website. You can set up Cisco SSM to receive daily email alerts and to be notified of expiring add-on licenses that you want to renew. When the license term expires, you can either renew the add-on license to continue using it or deactivate the add-on license and then reload the switch to continue operating with the base license capabilities.
Note: You are not required to deploy Cisco DNA Center just to use one of the license packages.
Table 9 shows the features included in the Essentials and Advantage packages.
Table 8. |
Essentials and Advantage package features |
|
|
|
|
|
|
Feature |
|
Cisco DNA Essentials |
Cisco DNA Advantage |
|
|
|
|
Day 0 network bring-up automation |
|
|
|
Cisco Network Plug-and-Play application, network settings, device credentials |
|
|
|
|
|
|
|
Element management |
|
|
|
Discovery, inventory, topology, software image, licensing, and configuration |
|
|
|
management |
|
|
|
|
|
|
|
Element management |
|
|
|
Patching |
|
|
|
|
|
|
|
Network monitoring |
|
|
|
Product Security Incident Response Team (PSIRT) compliance, end-of-life/end-of- |
|
|
|
sale reporting, telemetry quotient, client 360, device 360, top talkers/ |
|
|
|
NetFlow/streaming telemetry collection and correlation |
|
|
|
|
|
|
|
Static QoS configuration and monitoring |
|
|
|
EasyQoS application |
|
|
|
|
|
|
|
Policy-based automation |
|
|
|
SD-Access, group-based policy for access, app prioritization, monitoring, and path |
|
|
|
selection; |
|
|
|
SD-Access with integrated wireless |
|
|
|
|
|
|
|
Network assurance and analytics |
|
|
|
Insights gained from analytics and machine learning for the network, clients and |
|
|
|
applications that cover onboarding, connectivity, and performance |
|
|
|
|
|
|
|
Table 10 shows the product IDs for these licenses.
|
Table 9. |
Essentials and Advantage package product IDs |
|
|
|||
|
|
|
|
|
|
|
|
|
|
|
Product ID |
Description |
|
|
|
|
|
|
|
|
|
|
|
|
12-port |
|
C3850-DNA-E-12 |
C3850 |
DNA Essentials, 12-port term licenses |
|
|
|
|
|
|
|
|
|
|
|
|
|
C3850-DNA-E-12-3Y |
C3850 |
DNA Essentials, 12-port, 3-year term license |
|
|
|
|
|
|
|
|
|
|
|
|
|
C3850-DNA-E-12-5Y |
C3850 |
DNA Essentials, 12-port, 5-year term license |
|
|
|
|
|
|
|
|
|
|
|
|
|
C3850-DNA-E-12-7Y |
C3850 |
DNA Essentials, 12-port, 7-year term license |
|
|
|
|
|
|
|
|
|
|
|
|
|
C3850-DNA-A-12 |
C3850 |
DNA Advantage, 12-port term licenses |
|
|
|
|
|
|
|
|
|
|
|
|
|
C3850-DNA-A-12-3Y |
C3850 |
DNA Advantage, 12-port, 3-year term license |
|
|
|
|
|
|
|
|
|
|
|
|
|
C3850-DNA-A-12-5Y |
C3850 |
DNA Advantage, 12-port, 5-year term license |
|
|
|
|
|
|
|
|
|
|
|
|
|
C3850-DNA-A-12-7Y |
C3850 |
DNA Advantage, 12-port, 7-year term license |
|
|
|
|
|
|
|
|
||
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 9 of 38 |
||||||
|
Product ID |
Description |
|
|
|||
|
|
|
|
24-port |
C3850-DNA-E-24 |
C3850 |
DNA Essentials, 24-port term licenses |
|
|
|
|
|
C3850-DNA-E-24-3Y |
C3850 |
DNA Essentials, 24-port, 3-year term license |
|
|
|
|
|
C3850-DNA-E-24-5Y |
C3850 |
DNA Essentials, 24-port, 5-year term license |
|
|
|
|
|
C3850-DNA-E-24-7Y |
C3850 |
DNA Essentials, 24-port, 7-year term license |
|
|
|
|
|
C3850-DNA-A-24 |
C3850 |
DNA Advantage, 24-port term licenses |
|
|
|
|
|
C3850-DNA-A-24-3Y |
C3850 |
DNA Advantage, 24-port, 3-year term license |
|
|
|
|
|
C3850-DNA-A-24-5Y |
C3850 |
DNA Advantage, 24-port, 5-year term license |
|
|
|
|
|
C3850-DNA-A-24-7Y |
C3850 |
DNA Advantage, 24-port, 7-year term license |
|
|
|
|
48-port |
C3850-DNA-E-48 |
C3850 |
DNA Essentials, 48-port term licenses |
|
|
|
|
|
C3850-DNA-E-48-3Y |
C3850 |
DNA Essentials, 48-port, 3-year term license |
|
|
|
|
|
C3850-DNA-E-48-5Y |
C3850 |
DNA Essentials, 48-port, 5-year term license |
|
|
|
|
|
C3850-DNA-E-48-7Y |
C3850 |
DNA Essentials, 48-port, 7-year term license |
|
|
|
|
|
C3850-DNA-A-48 |
C3850 |
DNA Advantage, 48-port term licenses |
|
|
|
|
|
C3850-DNA-A-48-3Y |
C3850 |
DNA Advantage, 48-port, 3-year term license |
|
|
|
|
|
C3850-DNA-A-48-5Y |
C3850 |
DNA Advantage, 48-port, 5-year term license |
|
|
|
|
|
C3850-DNA-A-48-7Y |
C3850 |
DNA Advantage, 48-port, 7-year term license |
|
|
|
|
Spares |
C3850-DNA-E-12= |
C3850 |
DNA Essentials, 12-port term licenses spare |
|
|
|
|
|
C3850-DNA-A-12= |
C3850 |
DNA Advantage, 12-port term licenses spare |
|
|
|
|
|
C3850-DNA-E-24= |
C3850 |
DNA Essentials, 24-port term licenses spare |
|
|
|
|
|
C3850-DNA-A-24= |
C3850 |
DNA Advantage, 24-port term licenses spare |
|
|
|
|
|
C3850-DNA-E-48= |
C3850 |
DNA Essentials, 48-port term licenses spare |
|
|
|
|
|
C3850-DNA-A-48= |
C3850 |
DNA Advantage, 48-port term licenses spare |
|
|
|
|
Benefits
Converged wired plus wireless access
The Cisco Catalyst 3850 is the first stackable access switching platform that enables wired plus wireless services on a single Cisco IOS XE Software-based platform. With this, Cisco has pioneered a host of rich capabilities such as high availability based on Stateful Switchover (SSO) on stacking, granular QoS, security, and Flexible NetFlow (FNF) across wired and wireless in a seamless fashion. Also, the wired plus wireless features are bundled into a single Cisco IOS Software image, which reduces the number of software images that users have to qualify/certify before enabling them in their network. The single console port for Command-Line Interface (CLI) management reduces the number of touch points to manage for wired plus wireless services, thereby reducing network complexity, simplifying network operations, and lowering the TCO to manage the infrastructure.
Converged wired plus wireless not only improves wireless bandwidth across the network but also the scale of wireless deployment. Each 48-port Cisco Catalyst 3850 provides 40 Gbps of wireless throughput (20 Gbps on the 24-port/12-port models). This wireless capacity increases with the number of members in the stack. This makes sure that the network can scale with current wireless bandwidth requirements, as dictated by IEEE 802.11n-based access points and with future wireless standards such as IEEE 802.11ac. Additionally, the Cisco Catalyst 3850 distributes the wireless controller functions to achieve better scalability. Each Cisco Catalyst 3850 switch/stack can operate as the wireless controller in two modes (Figure 8):
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 10 of 38 |
●Mobility Agent (MA): This is the default mode in which a Cisco Catalyst 3850 switch ships. In this mode the switch is capable of terminating the CAPWAP tunnels from the access points and providing wireless connectivity to wireless clients. Maintaining wireless client databases and configuring and enforcing security and QoS policies for wireless clients and access points can be enforced in this mode. No additional license on top of IP Base is required to operate in the mobility agent mode.
●Mobility Controller (MC): In this mode, the Cisco Catalyst 3850 switch can perform all the mobility agent tasks in addition to mobility coordination, Radio Resource Management (RRM), and Cisco CleanAir® coordination within a mobility subdomain. The mobility controller mode can be enabled on the switch CLI. IP Base license level is required when the Cisco Catalyst 3850 switch is acting as the mobility controller. A centrally located Cisco 5508 Wireless LAN Controller (WLC 5508), Cisco Wireless Services Module 2 (WiSM2) (when running AireOS Version 7.3), and Wireless LAN Controller 5760 can also perform this role for larger deployments.
●With mobility agents located in the wiring closets providing 40 Gbps of wireless per 48-port Gigabit Ethernet RJ45 switch (n x 40 Gbps for a stack of n switches) and mobility controllers managing some of the central wireless functions, the converged access-based wireless deployment provides best-in-class scalability for wireless and significantly improved wireless throughput.
Figure 8. Mobility Controller (MC) and Mobility Agent (MA)
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 11 of 38 |
For more information about Converged Wired plus Wireless Access, refer to the Q&A document here: https://www.cisco.com/c/dam/en/us/products/collateral/switches/catalyst-3850-series-switches/cisco-catalyst-3850- series-switches-faq.pdf.
Distributed intelligent services
Flexible NetFlow (FNF)
Full visibility into the wired plus wireless traffic is achieved because of the access point Control and Provisioning of Wireless Access Points (CAPWAP) tunnel termination on the switch. This helps identify users and user traffic flows in order to identify potential attackers and take corrective action at the access layer before the attack penetrates further into the network. This is achieved using FNF, which monitors every single flow entering and exiting the switch stack for wired and wireless users. It also helps identify the top wired/wireless talkers and enforce appropriate bandwidth provisioning policies.
QoS
The Cisco Catalyst 3850 switch has advanced wired plus wireless QoS capabilities. It uses the Cisco modular QoS command line interface (MQC). The switch manages wireless bandwidth using unprecedented hierarchical bandwidth management starting at the per-access-point level and drilling further down to per-radio, per-service set identification (SSID), and per-user levels. This helps manage and prioritize available bandwidth between various radios and various SSIDs (enterprise, guest, and so on) within each radio on a percentage basis. The switch is also capable of automatically allocating equal bandwidth among the connected users within a given SSID. This makes sure that all users within a given SSID get a fair share of the available bandwidth while being connected to the network. The UADP ASIC enables the hierarchical bandwidth management and fair sharing of bandwidth, thereby providing hardware-based QoS for optimized performance at line-rate traffic.
In addition to these capabilities, the switch is able to do Class of Service (CoS) or Differentiated Services Code Point (DSCP) based queuing, policing, shaping, and marking of wired plus wireless traffic. This enables users to create common policies that can be used across wired plus wireless traffic. The Cisco Catalyst 3850 also supports downloadable policy names from the Cisco Identity Services Engine (ISE) when a user successfully authenticates to the network using the ISE.
Security
The Cisco Catalyst 3850 provides a rich set of security features for wired plus wireless users. Features such as IEEE 802.1x, port security, Dynamic Host Configuration Protocol (DHCP) Snooping and Guard, Dynamic ARP Inspection, RA Guard, IP Source Guard, Control Plane Protection (CoPP), Wireless Intrusion Prevention Systems (WIPSs), and so on enable protection against unauthorized users and attackers. With a variety of wired plus wireless users connecting to the network, the switch supports session-aware networking, in which each device connected to the network is identified as one session, and unique Access Control Lists (ACLs) and/or QoS policies can be defined and applied using the ISE for each of these sessions, providing better control on the devices connecting to the network.
AES-256 MACsec encryption is the IEEE 802.1AE standard for authenticating and encrypting packets between switches and endpoints. The Cisco Catalyst 3850 Series switches support 256-bit (SFP+ and Multigigabit models only) and 128-bit Advanced Encryption Standard (AES) on all ports at all speeds, providing the most secure link encryption.
© 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. |
Page 12 of 38 |
Loading...