The Cisco Catalyst 3850 Series is the next generation of enterprise-class stackable access-layer switches that provide full convergence between wired and wireless on a single platform. Cisco's new Unified Access Data Plane (UADP) application-specific integrated circuit (ASIC) powers the switch and enables uniform wired plus wireless policy enforcement, application visibility, and application optimization. This convergence is built on the resilience of the new and improved Cisco StackWise-480. The Cisco Catalyst 3850 Series Switches support full IEEE 802.3at Power over Ethernet Plus (PoE+), Cisco Universal Power over Ethernet (UPOE), modular and field-replaceable network modules, redundant fans, and power supplies.
Integrated wireless controller capability with:
- Up to 40G of wireless capacity per switch (48 port models)
- Up to 50 access points (APs) and 2000 wireless clients support on each switching entity (switch or stack)
24 and 48 10/100/1000 data and Power over Ethernet Plus (PoE+) models with Energy Efficient Ethernet (EEE)
- Cisco StackWise-480 technology provides scalability and resiliency with 480 Gbps of stack throughput
- Cisco StackPower™ technology provides power stacking among stack members for power redundancy
- Three optional uplink modules with 4 x Gigabit Ethernet, 2 x 10 Gigabit Ethernet or 4 x 10 Gigabit Ethernet ports
- Dual redundant, modular power supplies and three modular fans providing redundancy
- Full IEEE 802.3at (PoE+) with 30W power on all ports in 1 rack unit (RU) form factor
- Cisco Universal Power over Ethernet (UPOE) which delivers up to 60W per port over standard cabling infrastructure
Software support for IPv4 and IPv6 routing, Multicast routing, modular quality of service (QoS), Flexible NetFlow (FnF) Version 9, and enhanced security features
Single Universal IOS image across all license levels, providing an easy upgrade path for software features
Enhanced limited lifetime warranty (E-LLW) with next business day (NBD) advance hardware replacement and 90-day access to Cisco Technical Assistance Center (TAC) support
Converged Wired plus Wireless Access
The Cisco Catalyst 3850 is the first stackable access switching platform that enables wired plus wireless services on a single Cisco IOS XE Software-based platform. With this, Cisco has pioneered a host of rich capabilities such as high availability based on stateful switchover (SSO) on stacking, granular QoS, security, and Flexible Netflow (FNF) across wired and wireless in a seamless fashion. Also, the wired plus wireless features are bundled into a single Cisco IOS Software image, which reduces the number of software images that users have to qualify/certify before enabling them in their network. The single console port for command-line interface (CLI) management reduces the number of touch points to manage for wired plus wireless services, thereby reducing network complexity, simplifying network operations, and lowering the TCO to manage the infrastructure.
Converged wired plus wireless not only improves wireless bandwidth across the network but also the scale of wireless deployment. Each 48-port Cisco Catalyst 3850 provides 40 Gbps of wireless throughput (20 Gbps on the 24-port model). This wireless capacity increases with the number of members in the stack. This makes sure that the network can scale with current wireless bandwidth requirements, as dictated by IEEE 802.11n-based access points and with future wireless standards such as IEEE 802.11ac. Additionally, the Cisco Catalyst 3850 distributes the wireless controller functions to achieve better scalability. Each Cisco Catalyst 3850 switch/stack can operate as the wireless controller in two modes:
- Mobility agent (MA): This is the default mode in which the Cisco Catalyst 3850 switch ships. In this mode the switch is capable of terminating the CAPWAP tunnels from the access points and providing wireless connectivity to wireless clients. Maintaining wireless client databases and configuring and enforcing security and QoS policies for wireless clients and access points can be enforced in this mode. No additional license on top of IP Base is required to operate in the mobility agent mode.
- Mobility controller (MC): In this mode, the Cisco Catalyst 3850 switch can perform all the mobility agent tasks in addition to mobility coordination, radio resource management (RRM), and Cisco CleanAir coordination within a mobility subdomain. The mobility controller mode can be enabled on the switch CLI. IP Base license level is required when the Cisco Catalyst 3850 switch is acting as the mobility controller. A centrally located Cisco 5508 Wireless LAN Controller (WLC 5508), Cisco Wireless Services Module 2 (WiSM2) (when running AireOS Version 7.3), and Wireless LAN Controller 5760 can also perform this role for larger deployments.
With mobility agents located in the wiring closets providing 40 Gbps of wireless per switch ( n x 40 Gbps for a stack of n switches) and mobility controllers managing some of the central wireless functions, the converged access-based wireless deployment provides best-in-class scalability for wireless and significantly improved wireless throughput.
Distributed Intelligent Services
Flexible NetFlow (FNF)
Full visibility into the wired plus wireless traffic is achieved because of the access point Control and Provisioning of Wireless Access Points (CAPWAP) tunnel termination on the switch. This helps identify users and user traffic flows in order to identify potential attackers and take corrective action at the access layer before the attack penetrates further into the network. This is achieved using FNF, which monitors every single flow entering and exiting the switch stack for wired and wireless users. It also helps identify the top wired/wireless talkers and enforce appropriate bandwidth provisioning policies.
The 3850 switch has advanced wired plus wireless QoS capabilities. It uses the Cisco modular QoS command line interface (MQC). The switch manages wireless bandwidth using unprecedented hierarchical bandwidth management starting at the per-access-point level and drilling further down to per-radio, per-service set identification (SSID), and per-user levels. This helps manage and prioritize available bandwidth between various radios and various SSIDs (enterprise, guest, and so on) within each radio on a percentage basis.
The switch is also capable of automatically allocating equal bandwidth among the connected users within a given SSID. This makes sure that all users within a given SSID get a fair share of the available bandwidth while being connected to the network. The UADP ASIC enables the hierarchical bandwidth management and fair sharing of bandwidth, thereby providing hardware-based QoS for optimized performance at line-rate traffic.
In addition to these capabilities, the switch is able to do class of service (CoS) or differentiated services code point (DSCP) based queuing, policing, shaping, and marking of wired plus wireless traffic. This enables users to create common policies that can be used across wired plus wireless traffic. The 3850 also supports downloadable policy names from the Cisco Identity Services Engine (ISE) when a user successfully authenticates to the network using the ISE.
The Cisco Catalyst 3850 provides a rich set of security features for wired plus wireless users. Features such as IEEE 802.1x, Dynamic Host Configuration Protocol (DHCP) snooping, IP Source Guard and control plane protection, wireless intrusion prevention systems (WIPSs), and so on enable protection against unauthorized users and attackers. With a variety of wired plus wireless users connecting to the network, the switch supports session-aware networking, in which each device connected to the network is identified as one session, and unique access control lists (ACLs) and/or QoS policies can be defined and applied using the ISE for each of these sessions, providing better control on the devices connecting to the network.
Cisco StackWise-480 Technology
Cisco StackWise-480 technology is built on the highly successful industry-leading StackWise ® technology, which is a premium stacking architecture. StackWise-480 has a stack bandwidth of 480 Gbps. StackWise-480 uses Cisco IOS Software SSO for providing resiliency within the stack. The stack behaves as a single switching unit that is managed by an "active" switch elected by the member switches. The active switch automatically elects a standby switch within the stack. The active switch creates and updates all the switching/routing/wireless information and constantly synchronizes that information with the standby switch. If the active switch fails, the standby switch assumes the role of the active switch and continues to the keep the stack operational. Access points continue to remain connected during an active-to-standby switchover. A working stack can accept new members or delete old ones without service interruption. StackWise-480 creates a highly resilient single unified system of up to four switches, providing simplified management using a single IP address, single Telnet session, single CLI, auto-version checking, auto-upgrading, auto-configuration, and more. StackWise-480 also enables local switching in Cisco Catalyst 3850 Series Switches.
Cisco StackPower Technology
The Cisco Catalyst 3850 Series uses the Cisco StackPower technology present on the Cisco Catalyst 3850 Series. StackPower is an innovative power interconnect system that allows the power supplies in a stack to be shared as a common resource among all the switches. Cisco StackPower unifies the individual power supplies installed in the switches and creates a pool of power, directing that power where it is needed. Up to four switches can be configured in a StackPower stack with the special connector at the back of the switch using the StackPower cable, which is different than the StackWise-480 cables.
StackPower can be deployed in either power-sharing mode or redundancy mode. In power-sharing mode, the power of all the power supplies in the stack is aggregated and distributed among the switches in the stack. In redundant mode, when the total power budget of the stack is calculated, the wattage of the largest power supply is not included. That power is held in reserve and used to maintain power to switches and attached devices when one power supply fails, enabling the network to operate without interruption. Following the failure of one power supply, the StackPower mode becomes power sharing.
StackPower allows customers to simply add one extra power supply in any switch of the stack and either provide power redundancy for any of the stack members or simply add more power to the shared pool. StackPower eliminates the need for an external redundant power system or installation of dual power supplies in all the stack members. StackPower is available in LAN Base license level (or higher). For LAN Base, cables need to be purchased separately.
Foundation for Open Network Environment
The heart of the Cisco Catalyst 3850 is the UADP ASIC with programmability for future features and intelligence with investment protection. The new ASIC provides the foundation for converged APIs across wired and wireless, Cisco Open Network Environment, software-defined networking (SDN) readiness and OnePK SDK through software updates over the product lifetime.
All switches ship with one of the four power supplies (350W or 715W AC or 1100W AC or 440W DC). Figure 1 shows the Cisco Catalyst 3850 Series Switches (front and back).