New and Changed Features in Catalyst Center

This table summarizes the new and changed features in Catalyst Center 3.2.2 and tells you where they are documented.

Table 1. New and changed features in Catalyst Center 3.2.2
Feature Description

AP accelerometer support

You can now enable the AP accelerometer to display tilt information and monitor AP orientation for supported APs.

AP accelerometer is disabled by default. It is available only on Cisco Catalyst 9166D1, 9176I, 9176D1, and 9178I Series APs.

Refer to Configure APs.

AP label enhancements in 2D wireless maps

You can now display up to four label types for each AP and up to two label types for each planned AP in 2D wireless maps.

Refer to 2D map view options and About the AP icon and planned AP icon.

AP zone optimization

Catalyst Center supports AP zone optimization to enhance efficiency in large-scale wireless deployments.

After upgrading to Release 3.2.2 from an earlier release, reprovision all Cisco Catalyst 9800 Series Wireless Controllers to enable this optimization. If there are no other intent changes, reprovisioning the wireless controllers does not push new configurations to devices.

Refer to Add AP zones to a network profile.

AP zone support for plug and play.

You can apply AP zone configurations to the APs claimed from the plug and play process.

Refer to Provision a wireless controller.

Cisco Catalyst 9800 Series Wireless Controller provisioning optimizations

Catalyst Center includes these performance optimizations for Cisco Catalyst 9800 Series Wireless Controller provisioning:

  • Intuitive skip AP provisioning: When you reprovision the wireless controller, Catalyst Center detects if there are no changes to the AP-related configurations. It skips configuring AP-related commands if the AP intent configuration does not change.

  • Selective AP group RFS translate: This feature optimizes reprovisioning for AP-related configurations (such as AP tag mapping, RF tags, and flex or RF profiles). Out-of-band changes to AP-related configurations are not automatically corrected during reprovisioning unless a compliance report explicitly flags them. To correct the AP-related out-of-band configurations to match your network intent, perform a wireless controller resynchronization and compliance run. To disable this feature, contact Cisco Technical Assistance Center (TAC).

Refer to Provision a Cisco Catalyst 9800 Series Wireless Controller and Skip AP provision during Cisco Catalyst 9800 Series Wireless Controller provisioning.

Deploy Cyber Vision Center from Catalyst Center

Catalyst Center supports integration with Cisco Cyber Vision, which is a network security solution. The browser-based manager is called Cisco Cyber Vision Center. The Cyber Vision Center helps monitor and manage network devices.

Refer to Integrate Cisco Cyber Vision Center with Catalyst Center.

Dynamic AP elevation reporting

For 2D and 3D wireless maps, the Elevation field automatically displays the tilt angle for APs with enabled and supported accelerometer hardware.

Refer to Edit an AP.

Edit PRP channel

You can modify the Allowed VLAN details in the PRP configuration.

Refer to Edit PRP channel.

Enhanced Catalyst Center home page

This release introduces an enhanced home page that offers a granular summary view of your network. This data allows you to quickly assess its overall performance, status, and health.

The main menu, icons in the top-right portion of the window, and Interactive Help work the same as they did on the previous home page.

Refer to Default home page.

Enhanced Catalyst Center first-time setup

After installing and configuring your Catalyst Center appliance, you can complete the first-time setup of Catalyst Center using one of these enhanced setup methods:

  • Express setup

  • Standard setup

  • Expert setup

These setup methods offer you flexibility, allowing you to choose how you would like to set up the system and onboard devices.

Refer to First-time setup.

Enhancements to the AP configuration workflow

The Configure Access Points workflow is enhanced to support the RAP Downlink Backhaul check box. After enabling this option, you can select the downlink backhaul radio band for Root Access Points (RAP).

Refer to Configure APs, Schedule recurring events for APs, and Configure APs using existing templates.

Enhancements to AP selection during AP configuration

The AP selection in the Configure Access Points workflow has these enhancements to support large-scale deployments:

  • Select All option is added to allow selection of up to 4000 APs simultaneously.

  • The Access Points table now allows you to display 200 or 300 rows per page.

  • Column-level filtering is available for the Access Points table to quickly search and select specific APs.

  • The table settings slide-in pane is restructured for easier customization.

Refer to Configure APs.

Enhancements to Per-Device Configurations for Cisco Catalyst 9800 Series Wireless Controllers

Per-Device Configurations for Cisco Catalyst 9800 Series Wireless Controllers have these enhancements:

Enhancements to Per-Device Configurations for wireless controllers running Cisco IOS XE Release 17.18.2

For Per-Device Configurations, Catalyst Center displays warning messages for insecure configuration options that do not meet the current security standards and will be deprecated in Cisco IOS XE Release 17.18.2, such as Lightweight Extensible Authentication Protocol (LEAP).

Refer to Per-Device Configuration for a Cisco Catalyst 9800 Series Wireless Controller.

Enhanced support for Cisco C9350 Series Smart Switches in fabric network

Cisco C9350 Series Smart Switches is supported in all fabric network roles, such as edge, border, and control plane nodes.

Enhancements to Catalyst Center Compliance

You can view and manage the Compliance Dashboard for centralized, enterprise-wide network compliance health monitoring. The dashboard categorizes compliance into Configuration, Hardware/Software, and Vulnerability buckets, and introduces bulk operational capabilities to acknowledge and manage violations across multiple devices simultaneously.

Refer to Compliance overview, Compliance categories, and Monitor the network compliance.

Enhancements to per-device configurations for Cisco Catalyst Switches in Catalyst Center inventory

You can view and edit the Layer 3 configurations, network settings, and port configurations on a single device. Additionally, the Layer 2, security, and industrial profiles are updated to include new configurations.

Refer to Manage per-device configurations for Cisco Catalyst Switches.

Enhancements to custom site tags for load-balancing

Catalyst Center allows you to configure a load value for a custom site tag. The valid range for load is 0 to 1000, and it can be set according to the AP density at the site.

Refer to Add AP groups, flex groups, site tags, and policy tags to a network profile.

Enhancements in AP refresh and AP configuration workflows

 Catalyst Center supports these enhancements in AP workflows:

  • AP onboarding through Plug and Play for assurance use case.

    Refer to AP Refresh workflow.

  • Configuration of mesh roles through the AP configuration workflow.

    Refer to Configure APs.

Enhancements in campus networks provisioning for Cisco Catalyst Switches

Campus networks workflow now supports provisioning switching device groups using group profiles for Layer 2, Layer 3, security, network settings, industrial, and port profiles.

Refer to Provision Campus Networks.

MACsec encryption support for onboarding of Supplicant-based extended node

You can onboard a new supplicant-based extended node with MACsec enabled, or you can provide MACsec encryption support to an already onboarded extended node.

Refer to Create anycast gateways and Configure Cisco Identity Services Engine to onboard supplicant-based extended node.

Manage out-of-band RMA device replacement in Catalyst Center

The workflow detects the serial number conflict and prompts user for confirmation of replacement of out-of-band RMA device.

Refer to Manage Out-of-band RMA device replacement.

Plug and Play (PnP) claim flow and StackWise Virtual Switch (SVL) enhancements

PnP claim flow is enhanced to reduce confusion when managing devices in PnP and inventory.

Refer to Plug and Play provisioning overview.

The SVL support during PnP onboarding allows users to onboard a pair of connected Catalyst 9500 switches as a single logical device.

Refer to Provision StackWise Virtual Link switch.

RMA support for wireless controllers

Catalyst Center supports RMA for wireless controllers. The Replace Device workflow allows you to replace standalone wireless controllers or both wireless controllers in a High Availability (HA) pair.

This workflow is not supported for these devices;

  • Devices with embedded wireless controllers

  • wireless controllers

  • Mobility Express devices

Refer to Replace a faulty device, Limitations of the RMA workflow in Catalyst Center, and Replace a device.

Support for campus networks provisioning for Cisco Catalyst 9800 Series Wireless Controllers

Campus networks support provisioning multiple Cisco Catalyst 9800 Series Wireless Controllers by learning configurations from an existing Cisco Catalyst 9800 Series Wireless Controller. Catalyst Center can learn the configurations from a wireless controller that is provisioned through Per-Device Configuration, provisioned through intent-based network configuration, or available in the inventory without being provisioned.

These configurations are saved as configuration profiles. You can apply the configuration profiles to multiple wireless controllers, ensuring uniform configurations and standardized deployment.

Note

 

This feature is in beta and requires feature enablement. To enable the feature, contact Cisco TAC. If this feature is not enabled, the options for wireless controller-related configurations are unavailable or dimmed.

Refer to Provision Campus Networks and Campus networks configuration use cases for Cisco Catalyst 9800 Series Wireless Controllers.

Support for Cisco C9610 Series Smart Switches

Catalyst Center supports Cisco C9610 Series Smart Switches in the fabric network.

Note

 

Cisco C9610 Series Smart Switches do not support edge and extended node capability.

Support for dynamic addition of nodes to a REP ring for fabric deployments

You can now dynamically add a node to an existing REP ring for fabric deployments without deleting the REP ring. Nodes must be added one at a time. This requires Cisco IOS XE Release 17.18.3 or later.

Refer to Add a node to a REP ring.

Support for editing the BGP Autonomous System (AS) number

You can now edit the BGP AS number for fabric sites in Catalyst Center.

Note

 

Editing the BGP AS Number temporarily disrupts BGP peerings and removes any custom BGP configurations on border nodes and control plane nodes, requiring updates to templates and reconfiguration of custom settings. If you edit the BGP AS number, all virtual networks may lose external connectivity and management access may be disrupted temporarily.

Refer to Edit BGP AS number for a fabric site.

Support for extranet policy without policy-based routing configurations in Cisco SD-Access fabric

Catalyst Center introduces a new CLI configuration for extranet policy operations within the Cisco SD-Access fabric. This feature is supported on border devices running Cisco IOS XE 17.18.1 or later. Additionally, Catalyst Center offers migration support to transition from policy-based routing (PBR) to the new CLI approach.

Refer to Extranet policy management.

Support for IPv6 in wireless networks

Catalyst Center supports IPv6 in single-stack and dual-stack deployments for wireless networks. These configurations support IPv6 addresses:

  • Device inventory

  • Anchor group

  • NAT IP address configuration for remote teleworkers

  • Preauthentication ACLs

  • ACL association with SSIDs

  • IP-based access control policies

  • Mobility groups

  • Application visibility and application policy

  • AI-enhanced RRM

  • Cisco Catalyst 9800 Series Wireless Controller and AP provisioning

  • Plug and Play (PnP) onboarding for APs and wireless controllers

  • High availability (HA) in the AP configuration workflow

  • Per-Device Configurations

  • AP refresh

  • RMA for wireless controllers

  • AAA support

Refer to Create an anchor group, Create a remote teleworker site, Create Preauthentication Access Control Lists, Create SSIDs for an enterprise wireless network, Create SSIDs for a guest wireless network, Create an IP-based and URL-based access control policy, Create an IP-based access control contract, Configure mobility group, Provision a Cisco Catalyst 9800 Series Wireless Controller, Provision a wireless controller, Register or edit a virtual account profile, Add devices in bulk, Configure per-device features for a Cisco Catalyst 9800 Series Wireless ControllerReplace a faulty device, and Replace a device.

Support for post-authentication ACL configuration for fabric SSIDs

Catalyst Center supports post-authentication Access Control List (ACL) configuration for fabric SSIDs in the Create IP & URL-Based Access Control Policy workflow.

Refer to Create an IP-based and URL-based access control policy.

Support for secondary IP address pools in anycast gateways

You can configure up to four additional IP address pools for an anycast gateway.

Refer to Create anycast gateways.

Support for Visibility and Control of Configurations for policy-extended node upgrades

The Visibility and Control of Configurations feature is now supported for policy-extended node upgrades.

With enhanced visibility, you can enforce the previewing of device configurations before deploying them. With enhanced control, you can ensure only authentic and authorized configurations are provisioned onto your network devices through an IT Service Management (ITSM) check.

Refer to Upgrade an extended node to a policy-extended node.

Support for IPv6 underlay in Cisco SD-Access fabric

Cisco SD-Access fabric supports IPv6 underlay for single stack and dual stack Catalyst Center deployments.

Refer to Add a fabric site, Add a device as a border node, Create anycast gateways, and Reserve an IP address pool.

Support for IPv6 in LAN automation workflow

LAN automation workflow has been enhanced to support IPv6 for a single stack (IPv6-only) Catalyst Center deployment.

Refer to Provision a network through LAN automation and Create a link between interfaces.

Support for outdoor areas in Catalyst Center network hierarchy

Catalyst Center supports the Outdoor Areas site element in the network hierarchy. Outdoor areas can be added with physical address or latitude and longitude coordinates and can reside under Global or under areas or buildings.

Note

 

The Outdoor Area feature is in beta.

Only wireless access points can be assigned to an outdoor area.

Outdoor areas cannot be assigned as physical sites for wireless controllers but they can be selected as managed AP location during wireless controller provisioning.

Refer to Network hierarchy and Add, edit, and delete an outdoor area.

Extended Fast Software Upgrade (xFSU) support for Catalyst 9300 Series device

You can choose to upgrade the device using xFSU to minimize downtime during upgrades.

Refer to Upgrade a software image with ISSU or xFSU.