already Wired Switch PortfolioAs explained earlier, new features and models have been released over time. So, let's talk about the latest updated CX switch portfolio from HPE Aruba Networking.
Before discussing HPE Aruba Networking's switch portfolio, it's probably worth explaining the ESP architecture.
I've explained the ESP architecture before, but I'll explain it again today.
Four Key Features of the HPE Aruba Networking Edge Services Platform (ESP)
HPE Aruba Networking's ESP is a platform optimized for modern network environments, built on four core elements:.
1. Unified Infrastructure
meaning: Manage different types of devices in different locations through a single interface.
effect: Break down fragmented operating environments (silos), streamline overall operations, and increase efficiency.
2. Zero Trust Networking
meaning: Any device connecting to a network is untrusted by default and must go through authentication and authorization procedures.
effect: Role-based security minimizes the need for manual setup and enforces strong security for all access.
3. Artificial Intelligence Operations (AIOps)
meaning: It gives your network a "sixth sense," helping you resolve issues before they impact your business—or even resolve them much faster if they do occur.
effect: Reduce troubleshooting time and maximize network stability.
4. HPE Aruba Networking Central
meaning: This is a centralized management solution based on Software as a Service (SaaS) that powers ESP. It is ready to monitor and manage businesses of all sizes.
effect: It provides exceptional flexibility, giving businesses greater choice and control over how they consume and pay for technology to achieve their goals.
These four features combine to provide HPE Aruba Networking ESP with a foundation for managing enterprise networks securely, efficiently, and intelligently.
Now, let's take a look at the HPE Aruba Networking CX switch portfolio based on the ESP architecture. First, let's look at the advantages that only the CX switch has.
Key Benefits of HPE Aruba Networking CX Switching
HPE Aruba Networking CX switches deliver unified operations and robust performance across your entire environment, from the edge to the data center.
1. Single Operating System
From the edge to the data center The same operating system is used across the entire range. This reduces operational complexity and provides the basis for unifying management.
2. Unified management through HPE Aruba Networking Central
HPE Aruba Networking CentralManages and monitors wired and wireless devices. Unified Infrastructure Management Toolno see.
View and manage all your devices on a single pane-of-glass screen.
Multi-editor modeSupports advanced configuration deployments, such as applying common configurations to multiple CX switches simultaneously.
3. Network Analytics Engine (NAE)
NAE is a powerful tool to aid in monitoring and troubleshooting.
Decentralized to network operators Real-time insightsIt provides. Through this, issues affecting IT teams and users are addressed. Faster and more proactive We help you detect and resolve them.
4. Virtual Switching Extension (VSX) technology
VSXis a single physical switch that logical switchIt is a technology that binds together.
Through this High availabilityand guarantee, Real-time upgradeEliminate maintenance time and minimize downtime by supporting.
5. Dynamic Segmentation
Regardless of whether the user uses a wired or wireless (Wi-Fi) connection: Integrating network access and securityThis is how it is done.
Maintain consistency by unifying the application of security policies.
6. Performance based on the latest Gen 7 ASIC
Best Gen 7 ASICis a microprocessor specialized in processing network traffic.
This chip is No bottlenecks Provides data center-grade performance, There are no separate Switch software licenses or subscription fees.
HPE Aruba Networking CX Switch Portfolio Overview and Positioning
The CX switch is Access, Aggregation, Core We offer a modular switch lineup across all tiers.
In the access and aggregation layer Power over Ethernet (PoE), multi-gigabit speeds, security segmentation, and stacking Provides functionality. In the campus core and data center areas, 40GbE and 100GbE scalability, ensuring high availability, bandwidth and speed.
Access and entry-level switches
Model series
Overview
Positioning
CX 6000 & 6100
It supports 10GbE uplinks and is ideal for small networks of approximately 100 to 500 devices.
A reliable and cost-effective entry-level access solution for branch offices, mid-market enterprises, and SMBs.
CX 6200
As a fixed port access switch, it has built-in 1/10GbE uplinks and PoE and supports 8-member stacking.
Branch, mid-sized company, SMBA reliable, easy-to-deploy, and cost-effective access solution for .
CX 6300
As a fixed-port access switch, it has built-in 25/50GbE uplinks and high-power PoE and supports 10-member stacking.
Wi-Fi 6/6E/7, IoT adoption and automation Business Critical Networksis suitable for. Future-ready Smart Rate multi-gigabit and high-power PoE up to 90WProvides investment protection by supporting.
Campus core and high-availability switches
Model series
Overview
Positioning
CX 6400
Multipurpose 5-slot and 10-slot High Availability (HA) ChassisIt provides up to 28Tbps capacity, 1/10/25/40/50/100GbE line-rate interfaces, high-density Smart Rate multi-gigabit, and up to 90W high-power PoE ports.
From mid-sized companies to large corporations, campus access and core, and some that require performance, scalability, and high availability. data center Ideal for your use case.
CX 8300
Compact with up to 6Tbps capacity 1U(1 Unit) switchIt supports high-speed 1/10/25GbE, 1/10/40GbE, and 40/100GbE connections. It offers flexible cooling options (front-to-rear or rear-to-front).
Enterprise Aggregation, Core, Top-of-Rack (ToR), and End-of-Rack (EoR) Ideal for deployment. Leverage Fabric Composer (AFC) to accelerate infrastructure provisioning and reduce risk.
CX 8400
Highest stability and reliabilitywhich provides 8-slot chassisIt features fully redundant fabric, management, power, and fans, providing up to 19.2 Tbps of capacity and high-density 10/40/100GbE connectivity.
High availabilityThis is essential and requires maximum size (table size and buffer) Large enterprise campus core and data center Ideal for networks.
Data Center and Special Purpose Switches
Model series
Overview
Positioning
CX 9300
Next generation 25.6Tbps, 1U fixed configuration switchSupports 32 ports of 100/200/400GbE. Flexible and cost-effective. High-density 400GbE connectivity Ideal for server, storage, and internal fabric connectivity.
In the data center Spine, Core, Aggregation, ToR, Leaf, EoRDesigned to fit.
CX 10000
We provide advanced services for data centers, such as distributed stateful firewalls, encryption services, stateful Network Address Translation (NAT), and Zero Trust Networking (ZTN).
On-premises corporate data centers and private cloudsis suitable for.
CX 4100i
Robustly designed Layer 2 switchno see. Special environment, and the two fanless models can withstand extreme temperatures (-40 degrees Celsius to +70 degrees Celsius).
Used for special purpose deployments in demanding environments.
For more information about our data center switch portfolio, please see the blog post below.
Now, let's take a look at some of the unique features offered only by the AOS-CX switch.
Innovative AOS-CX switch management with HPE Aruba Networking Central
HPE Aruba Networking Central provides a simpler and more powerful user interface (UI) to make routine changes to interfaces, ports, VLANs, and more on AOS-CX switches much easier.
Advanced configuration settingsWhen needed, you can simply switch to 'MultiEdit mode'. In this mode Command auto-completion, syntax highlighting, and network policy validation You can receive various support functions such as:.
Users can choose according to their needs and preferences. UI mode와 Multi-edit mode You can freely switch between them and change the configuration.
Additionally, you can connect to the remote console mode and perform switch console operations for troubleshooting purposes.
NAE is a key tool that revolutionizes the way you monitor and troubleshoot networks on AOS-CX switches.
Key Features and Operating Principles
The NAE engine AOS-CX system configuration and time series databases (TSDBs)1It works integrated with .
Predictive Analytics and Automation:
The network operator Analyze past trendsAnd due to scale, security and performance issues Predict problems that may arise in the future possible
The problem Automatically detecteddo, Take appropriate action, Software modules that reduce manual work and troubleshooting time Can be created
Agent-based monitoring:
NAE is Python-based agentAutomate network monitoring and troubleshooting tasks using
Agents monitor the status, settings, and statistics of system components in the Current State Database (CSDB). (e.g. interface transmission bytes, switch operating temperature)
Monitoring results are recorded in a time series database (TSDB) for subsequent analysis.
Configuration and deployment with NAE
Network operators can interact with NAE and extend its capabilities in the following ways:.
1. Web UI and Dashboard: Within the Switch's web UI Analytics DashboardYou can check the NAE status through
2. Automation (REST API): Using tools like Postman and Ansible REST APIYou can automate NAE through .
3. Create and load the agent:
For new agents Python scriptYou can create or obtain them directly.
This agent can be loaded onto the switch using the web UI or REST API.
4. Centralized distribution:
Central Configuration UIUsing A set of predefined NAE scriptscan be deployed on CX switches.
Customized NAE scripts You can also push and deploy via template configuration.
Strengthen security and simplify management with Dynamic Segmentation
Most modern endpoint devices, including desktops, laptops, tablets, and smartphones, support 802.1x/EAP.2Supports strong security mechanisms such as:.
but Special deviceSome devices, such as CCTV cameras, payment card readers, IoT devices, and medical devices that rely on PoE, often lack these security mechanisms. This lack of endpoint security can pose a serious risk to the entire infrastructure.
so Dynamic Segmentation Using a feature-rich switch can significantly improve your security posture while increasing manageability.
Authentication and Tunneling: Dynamic Sgementation is ClearPassAuthenticate all terminals, including vulnerable devices, using . Authenticated traffic is tunneled to a central gateway.
Policy centralization: Previously each was dispersed ACL (Access Control List) 및 Firewall rules Back A single, intuitive policy systemIntegrate with (ClearPass Policy Manager).
This way, vulnerable devices can continue to be used safely without compromising network security.
How Dynamic Segmentation Works and Policy Applications
In an environment where Dynamic Segmentation is applied, the switch acts as an AAA server.3인 ClearPassInteracts with and authenticates users.
Basic Operation Process (Gateway Tunneling)
1. Authentication and Profiling: When a user connects to the network, the switch ClearPassAuthenticates and authorizes users by communicating with them. ClearPassEach terminal ProfilingAnd if it is judged to be approved, switch ‘'Accept' messageSend.
2. Receiving tunnel information: This acceptance message contains Tunnel Information, Assigned VLAN, and Secondary Role Includes details such as:.
3. Tunneling traffic to the gateway: The switch uses the received information to send a message to the gateway (Mobility Controller, MC). tunnelSet up. User traffic is sent through this tunnel to the gateway, which then Firewall policyAppropriate policies such as these are centrally applied.
example: The user ‘'Finance' roleWhen mapped to , the port is VLAN 61, and traffic is securely tunneled to the gateway. The gateway restricts access by applying centralized access control policies appropriate to the accounting team's traffic. IoT devices such as printers and cameras are treated similarly.
ClearPassis the traffic of a specific device. Without tunneling to the gateway (controller), the switch Direct local forwarding to final destinationYou can also instruct whether or not to do something.
In this case Centralized PEF (Policy Enforcement Firewall) policy enforcementBut you have to give up some of the advantages, Devices that are extremely sensitive to delay and jittercan optimize the performance of .
This is a look at the HPE Aruba Networking switch, AOS-CX portfolio. CX switches offer a variety of models to meet all environments and requirements with a single operating system.
In addition, it provides various security and convenience features beyond simple wired network connection.
For more detailed switch functions, model names, and specifications, HPE homepageYou can check it at .
Time-series Database: AOS-CX uses Prometheus DB ↩︎
