PDF(188.9 KB) View with Adobe Reader on a variety of devices
Updated:August 8, 2017
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The Cisco Digital Building series switches are Fast Ethernet switches to which you can directly connect various PoE endpoints (such as lighting endpoints).
Lighting endpoints can be controlled through the switch using a Web UI, a mobile app on your smartphone, or standard network PnP (plug-and-play) cable connected to the switch. You can also connect other devices such as Cisco IP Phones, Cisco Wireless Access Points, workstations, and other network devices such as servers, routers, and other switches.
Table 1 CDB Switch Models
Cisco IOS Image
Switch with 8 10/100 Fast Ethernet Cisco UPOE ports and 2 Gigabit Ethernet uplink ports
Switch with 8 10/100 Fast Ethernet Cisco PoE+ ports and 2 Gigabit Ethernet uplink ports
Device Manager System Requirements
The following table lists the system requirements for a PC running Cisco Configuration Professional for Catalyst, including Web browser versions.
Table 2 System Requirements
Any of the following:
Mac OS 10.9.5
Microsoft Windows Version 7
Cisco CPC can be used with the following browsers:
Google Chrome 52 and later
Mozilla Firefox 48 and later
Apple Safari 9 and later
Internet Explorer 11 and later
1280 X 800 pixels or higher
Cisco Management Tools
Identity Services Engine (ISE) 2.1
Cisco Prime 3.1 DP11 (to be released)
Supported OS for Cisco Digital Building app:
Android 4.4.2 and higher
iOS 9 and higher
Upgrading the Switch Software
Finding the Software Version and Feature Set
The Cisco IOS image is stored as a bin file in a directory that is named with the Cisco IOS release number. The files necessary for web management are contained in a subdirectory. The image is stored on the system board flash device (flash:).
You can use the show version privileged EXEC command to see the software version that is running on your switch.
Note Although the show version output always shows the software image running on the switch, the model name shown at the end of this display is the factory configuration.
You can also use the dir filesystem : privileged EXEC command to see the directory names of other software images that you might have stored in flash memory.
The software image can also be upgraded over bluetooth using the Cisco Digital Building smartphone app.
Features of the Switch
The Cisco Digital Building switch supports the LAN Lite feature set. This provides standard Layer 2 security, quality of service (QoS) features, and other features that are unique to CDB. The switch models have reduced functionality and scalability with entry level features in Layer 2, and provide no routing capability. They do not support stacking.
The feature sets are described in the following sections.
PoE+ or Cisco UPOE available on all 8 Fast Ethernet downlink ports. Each switch also contains 2 Gigabit Ethernet copper uplink ports.
Depending on the switch model, a total of either 240 W or 480 W power is available for endpoints.
Automatic device classification for various endpoints such as lights, IP phones, wireless access points, and cameras..
Deep Sleep, where the switch goes into a low standby power mode and draws only 0.5 W per port, thus enhancing power efficiency.
Constrained Application Protocol (CoAP) support, for use with constrained devices to enable Internet of Things (IoT).
Perpetual UPOE, a first in the industry, that ensures uninterrupted power for endpoints during switch upgrade, reboot, and configuration changes.
Smartphone-based management of the switch over bluetooth via mobile app.
Plenum certification, that enhances safety by restricting the burning of cables when exposed to heat or fire.
Ease of Operations
Cisco Catalyst Smart Operations is a comprehensive set of features that simplify LAN deployment, configuration, and troubleshooting. Catalyst Smart Operations enable zero touch installation and replacement of switches and fast upgrade, as well as ease of troubleshooting with reduced operational cost. Catalyst Smart Operations is a set of features that includes Smart Install, Auto Smartports, Smart Configuration, and Smart Troubleshooting to enhance operational excellence:
– Cisco Smart Install is a transparent plug-and-play technology that can configure the Cisco IOS software image and switch configuration without user intervention. Smart Install uses dynamic IP address allocation and the assistance of other switches to facilitate installation.
– Cisco Auto Smartports provide automatic configuration as devices connect to the switch port, allowing auto detection and plug and play of the device onto the network.
– Cisco Smart Configuration provides a single point of management for a group of switches and in addition adds the ability to archive and back up configuration files to a file server or switch allowing seamless zero touch switch replacement.
– Cisco Smart Troubleshooting is an extensive array of debug diagnostic commands and system health checks within the switch, including Generic Online Diagnostics (GOLD) and Onboard Failure Logging (OBFL).
– Auto Configuration determines the level of network access provided to an endpoint based on the type of the endpoint device.
Cisco Prime Infrastructure is a set of tools that enables you to automate much of the management of your Cisco network.
Interface templates provide a mechanism to configure multiple commands at the same time and associate it with a target (such as an interface). An interface template is a container of configurations or policies that can be applied to specific ports.
The Cisco Digital Building series switches provide a range of security features to limit access to the network and mitigate threats.
Port security secures the access to an access or trunk port based on MAC address. It limits the number of learned MAC addresses to deny MAC address flooding.
DHCP snooping to filter untrusted DHCP messages between untrusted hosts and DHCP servers.
Dynamic ARP inspection (DAI) to prevent malicious attacks on the switch by not relaying invalid ARP requests and responses to other ports in the same VLAN.
Flexible authentication via 802.1x and MAC Authentication Bypass using a single, consistent configuration.
Open mode that creates a user friendly environment for 802.1X operations.
Comprehensive RADIUS Change of Authorization capability for asynchronous policy management.
ACLs define security policies on interfaces for control-plane and data-plane traffic. IPv6 ACLs can be applied to filter IPv6 traffic. Port-based ACLs for Layer 2 interfaces allow security policies to be applied on individual switch ports.
Secure Shell (SSH) Protocol and Simple Network Management Protocol Version 3.
(SNMPv3) provide network security by encrypting administrator traffic during Telnet and SNMP sessions. SSH Protocol, Kerberos, and the cryptographic version of SNMPv3 require a special cryptographic software image because of U.S. export restrictions.
Bidirectional data support on the Switched Port Analyzer (SPAN) port allows Cisco Intrusion Detection.
TACACS+ and RADIUS authentication facilitates centralized control of the switch and restricts unauthorized users from altering the configuration.
MAC address notification allows administrators to be notified of users added to or removed from the network.
Multilevel security on console access prevents unauthorized users from altering the switch configuration.
Bridge protocol data unit (BPDU) Guard shuts down Spanning Tree PortFast-enabled interfaces when BPDUs are received to avoid accidental topology loops.
IGMP filtering provides multicast authentication by filtering out non-subscribers and limits the number of concurrent multicast streams available per port.
802.1x monitor mode allows companies to enable authentication across the wired infrastructure in an audit mode without affecting wired users or devices. It helps IT administrators smoothly manage 802.1x transitions by allowing access and logging system messages when a device requires reconfiguration or is missing an 802.1x supplicant.
Deployment and Control Features
Dynamic Host Configuration Protocol (DHCP) Auto-configuration of multiple switches through a boot server eases switch deployment.
Auto-negotiation on all ports automatically selects half- or full-duplex transmission mode to optimize bandwidth.
Dynamic Trunking Protocol (DTP) facilitates dynamic trunk configuration across all switch ports.
Port Aggregation Protocol (PAgP) automates the creation of Cisco Fast EtherChannel groups and Gigabit groups.
Link Aggregation Control Protocol (LACP) allows the creation of Ethernet channeling with devices that conform to IEEE 802.3ad.
Unidirectional Link Detection Protocol (UDLD) and Aggressive UDLD allow unidirectional links caused by incorrect wiring. Also, port faults can be detected and disabled on the interfaces.
Internet Group Management Protocol (IGMP) v1, v2, v3 Snooping for IPv4. MLD v1 and v2 Snooping provide fast client joins and leaves of multicast streams and limit bandwidth-intensive video traffic to only the requestors.
Voice VLAN simplifies telephony installations by keeping voice traffic on a separate VLAN for easier administration and troubleshooting.
The Embedded Remote Monitoring (RMON) software agent supports four RMON groups (history, statistics, alarms, and events) for enhanced traffic management, monitoring, and analysis.
Layer 2 traceroute eases troubleshooting by identifying the physical path that a packet takes from source to destination.
Trivial File Transfer Protocol (TFTP) reduces the cost of administering software upgrades by downloading from a centralized location.
Network Timing Protocol (NTP) provides an accurate and consistent timestamp to all intranet switches.
Storm control for unicast, broadcast and multicast traffic to prevent disruption in the network due to packet flooding on the LAN.
Switch-port auto-recovery (error-disable) automatically attempts to reactivate a link that is disabled because of a network error.
Auto-LAG and etherchannel min-link support.
Quality of Service
Up to 4 egress queues per port and strict priority queuing, and finer flow segregation using 2 threshold markers for non-strict-priority queues.
Strict priority queuing to ensure that the highest-priority packets are serviced ahead of all other traffic.
Limitations and Restrictions
The switch does not support routing protocols.
The switch has 180 free TCAM entries, which are allocated between MAC ACE, IPv4 ACE and IPv6 ACE entries.
Extension header match options for IPv6 PACLs are not supported on the switch. Also, PACLs not supported in the out direction.
The switch does not support jumbo frames.
IPv4 access-list supports only the eq layer-4 operator.
Support for Security Group Tag (SGT) Exchange Protocol (SXP): This is one of several protocols that supports Cisco TrustSec and is referred to in this document as SXP. It is a control protocol for propagating IP-to-SGT binding information across network devices that do not have the capability to tag packets. SXP passes IP to SGT bindings from authentication points to upstream devices in the network. This process allows security services on switches, routers, or firewalls to learn identity information from access devices.
New triggers to put the switch into Deep Sleep mode:
– SNMP operation on CISCO-ENERGYWISE-MIB to hibernate the switch immediately and wake it up at a scheduled time.
– Energywise Level 1 command to hibernate the switch immediately and wake it up at a scheduled time.
Service and Support
Information About Caveats
If you need information about a specific caveat that does not appear in these release notes, you can use the Cisco Bug Toolkit to find caveats of any severity. Click this URL to browse to the Bug Toolkit:
The Bug Search Tool (BST), which is the online successor to Bug Toolkit, is designed to improve the effectiveness in network risk management and device troubleshooting. The BST allows partners and customers to search for software bugs based on product, release, and keyword, and aggregates key data such as bug details, product, and version. The tool has a provision to filter bugs based on credentials to provide external and internal bug views for the search input.
To view the details of a caveat listed in this document:
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.