Catalyst 9000s Prove to Be Worthy Campus Access Switch Replacement
June 17, 2019

Catalyst 9000s Prove to Be Worthy Campus Access Switch Replacement

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Cisco Catalyst 9400 Series Switches

  • Catalyst 9300 Series
  • Catalyst 9400 Series
  • Catalyst 9500 Series
We previously had another vendor's switches, but they went EoS after owning them for fewer than 5 years. It was clear that Cisco was investing significant resources into their new flagship Catalyst 9000 switches and we could count on owning these switches longer than the previous switches. So we purchased a fleet of Catalyst 9300/9400 switches to replace all campus access switches. These switches have features we need such as secure dot1x ports, expandability, fault tolerance, and programmability (APIs, onboard python scripting). They also support future needs like 802.3bt, multi-gig connectivity, and fabric mode (Software Defined Access).
  • IOS-XE has a large feature set
  • Running VMs and containers on the switches
  • Hardware is reliable
  • Programmability support
  • We've run into a few bugs on IOS-XE, particularly earlier versions.
  • Many of the cool and necessary features being touted by Cisco require newer versions of IOS-XE (16.9.X and up). As of 6/15/19, the recommended MD is still 16.5.X, which we prefer to use for stability.
  • We've had improved reliability and less downtime due to the increased reliability of the Catalyst 9000 switches.
Although we've replaced the majority of our campus access switches with Catalyst 9000s, we're still fairly new to the platform and have not used any of the newer time-saving features in production. We are currently evaluating their capability to run containers and local Python scripts.
We are using Cisco DNA Center to monitor our Catalyst 9000 switches. DNA Assurance has proved to be useful in detecting issues on the switches and providing guidance to fixing issues.
We ran a proof of concept for HPE and Cisco switches. Cisco won out due to the following:
  • Cisco's positive track record of previous Catalyst switch platforms we've had experience with (2900, 4500, 6500).
  • Large TCAM space to support large ACLs used to lock down endpoint access.
  • Cisco's community is large so it's typically easy to find answers online to questions we have about design, installation, or troubleshooting.
  • Catalyst 9000 is a newer platform than Aruba's switches that were perceived as re-branded HP Procurve switches, which have been around longer. While we can't say for sure this will amount to better ROI, we certainly felt like we'd get more life out of the Cisco 9000s.
  • ROI for Aruba Mobility Access Switches was low due to an unexpected EoS/EoL announcement, affecting our campus access switch deployment. This forced us to replace Aruba MAS switches sooner than expected, leaving a bad taste in our mouth.
Cisco Catalyst 9000 switches are well suited for:
  • businesses looking to replace their campus switches and need a platform that will be around for a while.
  • businesses requiring programmability of the network devices.
  • businesses that need newer standard support such as multi-gig ethernet and 802.3bt (POE++).
  • businesses that want to use Cisco's Software Defined Access.
Cisco Catalyst 9000 switches are less suited for:
  • businesses that want the latest features but aren't willing to run the latest code non-maintenance release code.