Three years ago Cisco introduced the Catalyst 9000 series switches as the next generation of campus switches. Every Catalyst switch family had an equivalent 9K to replace it; the 3800s were replaced with the 9300, the 4500s were replaced with the 9500, and the long standing 6500 chassis switches were replaced with the 9400. Cisco was consolidating all Catalyst switches into the 9000 series, well all but one. It seemed, at the time, that the wildly successful Catalyst 2000 series switch was spared from the chopping block as there was no comparable 9K. Enter the 9200!
Early last year Cisco announced the Catalyst 9200, effectively sounding the final call for the Catalyst 2K. For those of you who may have just purchased a new 2960-X be assured that Cisco is still fully supporting those switches and has yet to announce the hardware end of life for that switch. That being said Cisco is pushing new purchases away from the 2960 to the 9200.
The Catalyst 9200 series comes in two major flavors, the 9200 and the 9200L. The main different between the two is the 9200 is a fully module switch with different uplink modules and modular fans while the 9200L has 4 fixed SPF+ uplinks that will support up to 10 Gigabit connections and fixed fans. Both model types have two modular power supplies and support stacking.
Speaking of stacking, the 9200 has a backplane of 160 Gbps, twice the backplane speed of the 2960-X. Up to 8 switches can be stacked, however you cannot mix and match 9200 and 9200Ls. It is noteworthy to point out that no matter what model you buy there is no support for stack power. This may be troublesome if you need to balance POE power between the stack members. To combat this issue, Cisco released a 600 and 1000 watt power supply for the 9200s. Two of the latter will be more than enough for any PoE needs.
Inside the switch the 9200s use the same programable ASICs found in the rest of the 9000 series family. What this means is as new protocols and features emerge from Cisco these features can be pushed to the switches though firmware changes rather than having to scrap the hardware for new switches. This ultimately means the 9200s, as well as the 9000 series family as a whole, will be around for a long time.
Like the rest of the 9K family, the 9200 switches are built around integrations with DNA Center. This means easier deployments, and an extension of the SD-Access fabric to entry level access switches in your branches. Just like the rest of the 9K family, the 9200s supports the full support of Plug and Play, Assurance, SD-Access and integration with ISE.
There is a difference in the number of Virtual Network with the 9200s. The 9200 supports up to 4 Virtual Networks, while the 9200L supports only one Virtual Network.
If you aren’t ready for DNA Center, the 9200s run IOS-XE and can be managed traditionally though the CLI or though a local web GUI.
Like the 2960 predecessor, the 9200 supports 802.1x, Security Group Tagging, and network access control. These features allow standalone integration with Cisco ISE to provide user authentication on to the LAN. While the 2960 has been able to integrate with ISE, the 9200 is built with ISE in mind. This means a more stable feature set to help design the security policies of the future.
Unlike the 2960, the 9200s now support MACsec for end to end encryption of traffic across the LAN. This added feature shows the 9200s role in building a layered security approach all the way to the access port to match our ever changing security needs.
The 9200 marks the beginning of the end for the long standing 2960. While this seems like a sad day, the 9200 is already showing that it is ready to continue the legacy its predecessor built. By building a switch with security and automation in mind while still maintaining the same standardized platform as the rest of the LAN, the 9200 is built not just for todays network, but also tomorrows.
Last year I did an unboxing video of the 9200 with LookingPoint. Here is the video below, enjoy!