Cisco Catalyst Switches Review

Provides cost-effective posture assessment, captive portal, and a policy-driven network

What is our primary use case?

The last Catalyst I used was for a core solution in an airport. That was a 3850. The previous use case was as the backbone of an ISP. We used different models of Cisco Catalyst including 3560s and 3700s.

How has it helped my organization?

When we started working with a regular Catalyst, the 2060, we mostly had a VLAN-based network. But in 2015, I worked with a well-known NGO, World Vision, in Bangladesh. They have around 84 locations all over the country, and they expected that their entire network would be authenticated through 802.1X. They expected that their network would be centrally policy-driven and allocated, that they would have posture assessment, and captive portal. Other than using a Catalyst, we couldn't have afforded to have these features.

What is most valuable?

In my country, Catalysts are used mostly for simple distribution, not more than that.

There were some other areas we've worked on the last two years. Most of the organizations who were going for Catalyst switches with Layer 2 options expected Identity Services integration. They were concentrating on having 802.1X authentication policy-making.

What needs improvement?

Recently I have had a little hiccup working with Catalyst switches. They used a few power integration features but I'm not sure they really resulted in much power saving. But, it caused cross-vendor equipment trouble.

For example, if I put some sort of equipment other than Cisco in a Cisco network, where the energy is marked as an option for Catalyst, sometimes I end up with a link breakage situation. This is because Cisco can understand its own structural power dependency and optimization, but it cannot understand the power optimization for other vendors' equipment. I had a really tough time managing the networks.

Also, Cisco has been introducing some software options in Layer 3 switches. I don't find that to be important so far, when there are have SDN options all over the world now. Certain switches are even leaving that out of the licensing option, and they are providing you embedded options so that you can actually use open-source SDNs. I don't believe that this is a good option, that Cisco is actually keeping so many licensing options for Catalyst. That is my opinion on the Catalyst 9000 series.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

So far, I haven't really found any lack of stability. The switches are really good. The Catalyst 2960 switches had some issues earlier, power issues as I mentioned. It had more port failure and port damage issue than previous versions. But after we found the 2960-XR and others, they really improved.

I have been happy with Catalyst performance. It's doing better.

What do I think about the scalability of the solution?

In terms of scalability, it's really working fine.

How are customer service and technical support?

Cisco tech support is really slow. In the time it takes them to actually understand a scenario, we have mostly found our way out on our own.

In 2015, when I had a major deployment, I had an issue resulting from a captive portal for a 2960-Plus switch with IC. I opened a ticket. The call created questions and seven days went by. So I had to intervene in the entire operation, and found that it had a workaround, and I instructed my engineers to do that. Eventually, the problem was solved, but I really wanted to see whether Cisco could solve the problem. So I kept the ticket going and asked them what they were doing, what results they were providing, because there are certain areas they are expert and, ultimately, they can actually tell me what is the better way to do that. But after 21 days, I found that they were not getting anywhere, whereas in 10 days, we had already solved the problem. Then I asked my people to close the ticket because there was no use keeping it open. It was better that we resolved it ourselves.

So I don't appreciate Cisco tech support.

Which solution did I use previously and why did I switch?

I have been using different switches side-by-side.

There have been certain issues. There was one implementation where Cisco was awarded up to the firewall and Dell was awarded from the server farm to all the servers in storage: the server from the switch, then the Dell MXL blade switches. That was the time got to compare the Dell performance with the Cisco Nexus 5 series performance. We found that Dell's performance was much more flexible than Cisco Nexus.

There was another case where I was using PowerConnect with the Dell EqualLogic. When we purchased a Dell EqualLogic, we had to buy a good throughput Cisco switch. When we compared the Cisco switch price with the Dell PowerConnect, we found that Dell PowerConnect was much cheaper. We had certain Cisco switches already. When we compared these switches side-by-side, we found that the PowerConnect was performing much better with the iSCSI.

I'm not saying that I shifted from another vendor, but I actually use these things side-by-side, considering several situations.

How was the initial setup?

I wouldn't say the setups are really that complex because most of the setups we have done in Bangladesh were basically structured data center diagrams, which we have found from Cisco or any other network architecture. Those were pretty simple architectures.

What's my experience with pricing, setup cost, and licensing?

If you consider Cisco's price with the Dell, you will definitely lose with Cisco. But Cisco has a major area of equipment in general. Cisco has routers, firewalls, NAC, certain video conferencing, Apple phones, and different security solutions. But Dell doesn't have such areas, Dell only has switching architecture.

On that basis, Cisco is still better, because whenever someone is actually moving towards Cisco products, they have to consider that they have certain other areas that they can invest in with Cisco. But if you consider the pricing of a Cisco switch against a Dell, Dell is definitely the winner.

Which other solutions did I evaluate?

I have used Cisco side-by-side with Dell and Maipu, and I found that Cisco is good. But if you compare Cisco's performance with these two, you will find that Dell and Maipu are not that bad. I wouldn't say that Maipu is that much of a product, but Dell is really performing well in comparison to Cisco.

Considering the performance, I really chose Dell. But when I have to consider that I'll have to move forward on the next project with certain security integrations, I have to consider Cisco. That is mostly the reason I considered Cisco. Otherwise, Dell would definitely have been the winner.

What other advice do I have?

If you are considering going for a Dell or Cisco or Huawei, even certain other products out there, Dell has really good performance, and Huawei is also doing really well. ZTE is there, certain other organizations are there. But I always pitch good solutions for Cisco. I do that because Cisco has a variety of products, and Cisco has an enterprise-class solution. 

Whenever we are providing solutions to our customers, we have to consider security. On that basis, Cisco has a variety of security products. They have IAC, they have good sandboxing with Threat Grid. They have a benchmarking monitoring system. Then they have ESA and WSA. They have FirePOWER. They have a major cloud system security for Talos. Whenever you find Cisco is not actually putting the emphasis on perimeter fire-walling, they are saying "Save your endpoints. Secure your network. Monitor your network." Do surveillance.

On that basis I find, even if you go through the incident case analysis globally, you'll find that most of the incidents in the last eight or 10 years are happening inside a network. We need to focus on the internal user network. Cisco has a really good option, a one-dashboard option for maintaining and surveilling your entire network. So I give my customers a Cisco pitch, for that reason.

Overall, I am really happy with the 2960G switches, 2960-XR switches, but not that fond of 3560 switches and 3650 switches. And I am really a fan of 3850 switch, considering its performance.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.

1 visitor found this review helpful
Add a Comment