Data sheetCisco publicCisco Catalyst 9500 Series SwitchesBuilt for Security, IoT, and CloudThe Cisco Catalyst 9500 Series Switches are the next generation of enterprise-class core and aggregation layer switches, supporting fullprogrammability and serviceability. Based on an x86 CPU, the Catalyst 9500 Series is Cisco’s lead purpose-built fixed core and aggregationenterprise switching platform, built for security, IoT, and cloud. The switches come with a 4-core, 2.4-GHz CPU, 16-GB DDR4 memory, and16-GB internal storage.The Catalyst 9500 Series is the industry’s first purpose-built 40 Gigabit Ethernet line of switches targeted for the enterprise campus. Theseswitches deliver unmatched table scale (MAC/route/ACL) and buffering for enterprise applications. The Catalyst 9500 Series includesnonblocking 40G Quad Small Form-factor Pluggable (QSFP) and 10G Small Form-factor Pluggable Plus (SFP ) switches with granular portdensities that fit diverse campus needs. The switches support advanced routing and infrastructure services (such as Multiprotocol LabelSwitching [MPLS] Layer 2 and Layer 3 VPNs, Multicast VPN [MVPN], and Network Address Translation [NAT]); software-defined accessborder capabilities (such as a host tracking database, cross-domain connectivity, and VPN Routing and Forwarding [VRF]-aware Locator/IDSeparation Protocol [LISP]); and network system virtualization with Cisco StackWise virtual technology that are critical for their placementin the campus core. The platform also supports all the foundational high-availability capabilities such as patching, Graceful Insertion andRemoval (GIR), Cisco Nonstop Forwarding with Stateful Switchover (NSF/SSO), redundant platinum-rated power supplies, and fans.The foundation of Software-Defined AccessAdvanced persistent security threats. The exponential growth of Internet of Things (IoT) devices. Mobility everywhere. Cloud adoption. All ofthese require a network fabric that integrates advanced hardware and software innovations to automate, secure, and simplify customernetworks. The goal of this network fabric is to enable customer revenue growth by accelerating the rollout of business services.The Cisco Digital Network Architecture (Cisco DNA ) with Software-Defined Access (SD-Access) is the network fabric that powers business.It is an open and extensible, software-driven architecture that accelerates and simplifies your enterprise network operations. Theprogrammable architecture frees your IT staff from time-consuming, repetitive network configuration tasks so they can focus instead oninnovation that positively transforms your business. SD-Access enables policy-based automation from edge to cloud with foundationalcapabilities. These include: Simplified device deployment Unified management of wired and wireless networks Network virtualization and segmentation Group-based policies Context-based analyticsThe Cisco Catalyst 9500 Series switches form the foundational building block for Software-Defined Access―Cisco’s leading enterprisearchitecture. 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.Page 1 of 18

Data sheetCisco publicCisco ONE SoftwareCisco ONE Software offers a valuable and flexible way to buy software for the access, WAN, and data center domains. At each stage in theproduct lifecycle, Cisco ONE Software helps make buying, managing, and upgrading your network and infrastructure software easier. CiscoONE Software provides: Flexible licensing models to smoothly distribute customers’ software spending over time Investment protection for software purchases through software services–enabled license portability Access to updates, upgrades, and new technology from Cisco through Cisco Software Support Services (SWSS) Lower cost of entry with the new Cisco ONE Subscription for Switching modelCisco ONE for Access lets you manage your entire switching structure as a single, converged component. With one management system andone policy for wired and wireless networks, it offers an efficient way to provide more secure access.Product overview: featuresProduct highlights Cisco Unified Access Data Plane (UADP) 2.0 Application-Specific Integrated Circuit (ASIC) ready for next-generation technologieswith its programmable pipeline, microengine capabilities, and template-based, configurable allocation of Layer 2 and Layer 3forwarding, Access Control Lists (ACLs), and QoS entries. Intel 2.4-GHz x86 CPU with up to 120 GB of USB 3.0 SSD storage for container-based application hosting. Up to 960-Gbps switching capacity (IPv4) with up to 1440 Mpps of throughput. Up to 24 nonblocking 40 Gigabit Ethernet QSFP ports. Platinum-rated AC power supplies. Up to 512,000 Flexible NetFlow (FNF) entries in hardware. Up to 32 MB of shared buffer per ASIC. Up to 64,000 routing entries for high-end campus access and aggregation deployments. IPv6 support in hardware, providing wire-rate forwarding for IPv6 networks. Dual-stack support for IPv4/IPv6 and dynamic hardware forwarding table allocations, for ease of IPv4-to-IPv6 migration. Support for both static and dynamic NAT and Port Address Translation (PAT). Scalable routing (IPv4, IPv6, and multicast) tables and Layer 2 tables. Open IOS-XE, a modern operating system for the enterprise with support for model-driven programmability, on-box Pythonscripting, streaming telemetry, container-based application hosting, and patching for critical bug fixes. The OS also has built-indefenses to protect against runtime attacks. StackWise virtual technology, a network system virtualization technology that increases operational efficiency and boosts nonstopcommunications and scaled system bandwidth. SD-Access: With the Catalyst 9500 Series, you can be part of the future of networking with features that include: Policy-based automation from edge to cloud. Segmentation and micro-segmentation made easy, with predictable performance and scalability. Automation through the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM). Policy through the Cisco Identity Services Engine (ISE). Network assurance through the Network Data Platform. Faster launch of new business services and significantly improved issue resolution time. 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.Page 2 of 18

Data sheetCisco public Plug and Play (PnP) enabled: A simple, secure, unified, and integrated offering to ease new branch or campus device rollouts orupdates to an existing network. Advanced security: Encrypted Traffic Analytics (ETA): You benefit from the power of machine learning to identify and take actions toward threats oranomalies in your network, including malware detection in encrypted traffic and distributed anomaly detection. Additionally, ETAis able detect vulnerable implementations in encrypted traffic. Support for AES-256 with the powerful MACsec 256-bit encryption algorithm available on all models. Trustworthy systems: Secure Unique Device Identification (SUDI) support for Plug and Play, enabling tamper-proof device identitycapability, which secures zero-touch provisioning by allowing your device to show a certificate to the server to be able to get ontoyour network.Platform detailsSwitch models and configurationsAll switches ship with the 950W AC power supply. Figure 1 shows the Cisco Catalyst 9500 Series Switches.Figure 1.Cisco Catalyst 9500 Series Switches – 24 x 40 Gigabit EthernetFigure 2.Cisco Catalyst 9500 Series Switches – 12 x 40 Gigabit EthernetFigure 3.Cisco Catalyst 9500 Series Switches – 40 x 10 Gigabit EthernetTable 1 shows the Cisco Catalyst 9500 Series configurations.Table 1.Cisco Catalyst 9500 Series configurationsModelDescriptionTotal QSFP or SFP PortsC9500-12QCisco Catalyst 9500 Series 12-port 40 Gigabit Ethernet with QSFP12 QSFP/12 SFP C9500-24QCisco Catalyst 9500 Series 24-port 40 Gigabit Ethernet with QSFP 24 QSFP/24 SFP C9500-40XCisco Catalyst 9500 Series 40-port 10 Gigabit Ethernet with SFP 40 SFP Network modulesThe Cisco Catalyst 9500 Series Switches support optional network modules for uplink ports only on the 40-port 10 Gigabit Ethernet switch.The default switch configuration does not include the network module. When you purchase the switch, you can choose from the networkmodules described in Table 2.Figure 4 shows the available network modules. 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.Page 3 of 18

Data sheetCisco publicFigure 4.Cisco Catalyst 9500 Series network module 8-port 10 Gigabit Ethernet with SFP Figure 5.Cisco Catalyst 9500 Series network module 2-port 40 Gigabit Ethernet with QSFP Table 2.Network module numbers and descriptionsNetwork ModuleDescriptionC9500-NM-8XCisco Catalyst 9500 Series Network Module 8-port 10 Gigabit Ethernet with SFP C9500-NM-2QCisco Catalyst 9500 Series Network Module 2-port 40 Gigabit Ethernet with QSFP Power suppliesThe Cisco Catalyst 9500 Series Switches support dual 1 1 redundant power supplies. The switches ship with one power supply by default. Thesecond power supply can be purchased at the time the switch is ordered or at a later time. If only one power supply is installed, it shouldalways be in power supply bay #1. The switches also ship with five field-replaceable variable-speed fans. These have front-to-back airflowand can operate with up to one individual fan failure. The fan trays support fan-tray Online Insertion and Removal (OIR) for up to 120 secondsand can support a maximum fan speed of 2400 RPM.Figure 6.Shows the 950W AC power supply.Table 3 provides more details on the Catalyst 9500 Series power supply.Table 3.Power supply specificationsPower Supply FeatureSupport in the Catalyst 9500 SeriesAC power max rating950WSystem power consumption850W maxInput-voltage range and frequencyAC 115 to 230 VAC, 50 to 60 HzPower supply efficiency94%Total output BTU (Note: 1000 BTU/hr 293W)2901 BTU/hr (850W) maxInput currentAC 10A at 115VAC, 5 A at 230VACOutput ratings12V at 79A, 12V at 3AOutput holdup timeAC 10 ms at maximum loadPower-supply input receptaclesAC IEC 60320 C16 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.Page 4 of 18

Data sheetCisco publicPower Supply FeatureSupport in the Catalyst 9500 SeriesPower cord ratingAC 15ATable 4 shows the different power supplies available in these switches.Table 4.Power supply modelsModelsDefault Power SupplyCisco Catalyst 9500 Series 12-port 40 Gigabit Ethernet with QSFPPWR-C4-950WAC-RCisco Catalyst 9500 Series 24-port 40 Gigabit Ethernet with QSFP PWR-C4-950WAC-RCisco Catalyst 9500 Series 40-port 10 Gigabit Ethernet with SFP PWR-C4-950WAC-RSwitch performanceTable 5 shows performance specifications for the Cisco Catalyst 9500 Series switches.Table 5.*Performance specificationsPerformance Numbers for All Switch ModelsC9500-12QC9500-24QC9500-40XSwitching capacityUp to 480 Gbps fullduplexUp to 960 Gbps fullduplexUp to 480 Gbps fullduplexForwarding rateUp to 720 MppsUp to 1440 MppsUp to 720 MppsTotal number of MAC addressesUp to 64,000*Total number of IPv4 routes (Address Resolution Protocol [ARP] pluslearned routes)Up to 64,000 indirect*Up to 32,000 host*Total number of IPv6 routesUp to 32,000 indirect*Up to 16,000 host*Multicast scaleUp to 48,000*QoS ACL scaleUp to 18000*Security ACL scaleUp to 18000*FNF entriesUp to 512,000*DRAM16 GBFlash16 GBVLAN IDs4000Total Switched Virtual Interfaces (SVIs)4000Jumbo frame9198 bytesVaries based on selected flexible ASIC template.Flexible ASIC templatesFlexible ASIC templates enable universal deployments by leveraging the UADP 2.0 XL’s ability to create resources to optimize table sizes fordifferent places in the network. Based on how the switch is used in the network, an appropriate flexible ASIC template may be selected toconfigure the switch for specific features.The following flexible ASIC templates are supported on the Cisco Catalyst 9500 Series. Access-edge for switches deployed in the access layer or fabric edge (ASIC resources are optimized for client scale) Core-border for switches deployed in the core layer or fabric border (ASIC resources are optimized for Layer 3 and cross-domainpolicies) Aggregation for switches deployed in the distribution and aggregation layer (ASIC resources are optimized for a mixture of Layer 2and Layer 3 capabilities) Collapsed-core-WAN for switches deployed in a collapsed core and WAN edge (ASIC resources are optimized for Layer 3 and NAT) 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.Page 5 of 18

Data sheetCisco publicTable 6 describes the ASIC templates.Table 6.ASIC template descriptionsTemplate Numbers for C9500-24Q ModelC9500-24QC9500-24QC9500-24QAggregation TemplateCollapsed Core- WAN TemplateCore-Border TemplateIPv4/IPv6 LPM0-64K/0-32K0-64K/0-32K0-64K/0-32KIPv4/IPv6 Multicast route8K (IPv4) /16K (IPv4)4K (IPv6)1/8K (IPv6)8K (IPv4) /48K (IPv4)4K (IPv6)1/24K (IPv6)32K (IPv4)16K (IPv4)IGMP/MLD snooping8K1/16K8K1/16K16KMAC address64K32K16KSGT curity ACL18K18K18KQoS sec1K1K1KSPAN1K1K1KCoPP1K1K1KNetFlow1K ingress, 2K egress1K ingress, 2K egress1K ingress, 2K egressMicroflow policer0.5K input, 1K output0.5K input, 1K output0.5K input, 1K output11SD-Access architectureEnterprises are in search of ways to transform their operations to add digital capabilities that enhance service delivery and assetmanagement. Cisco SD-Access provides this transformational shift in building and managing networks. It provides faster, easier, andimproved business efficiency with investment protection for enhanced business outcomes. By decoupling network functions from hardware,SD-Access helps ensure policy compliance, allows you to launch new business services faster, an