HPE Aruba Networking CX 5420 6-slot Switch
HPE Aruba Networking CX 5420 Switch Series
HPE Aruba Networking CX 5420 chassis switches are modern, flexible, intelligent, and modular making them optimal for access, small core, and aggregation deployments. Designed for operational efficiency, CX 5420 chassis switches feature built-in MACsec* hardware capability, analytics, and automation - providing an enterprise-class access layer solution that's easy-to-deploy, simple, secure, and resilient.
Part of the HPE Aruba Networking CX switching portfolio, CX 5420 chassis switches were built from the ground up with cutting-edge hardware, software, and analytics and automation tools, and are ideal for small and medium campus and branch networks.
CX 5420 chassis switches combine a modern, fully programmable OS with the HPE Aruba Networking Network Analytics Engine for superior monitoring and troubleshooting capabilities across the network.
A powerful HPE Aruba Networking Gen7 ASIC architecture delivers performance and feature support with flexible programmability for tomorrow's applications. The HPE Aruba Networking Virtual Switching Extension (VSX) with live upgrades provides high availability, fast, non-disruptive upgrades, and simplified management. This advanced modular 4U chassis switch offers performance up to 960 Gbps with low latency, six half-width line card slots with line rate up to 64 bytes, and up to 90 W Smart Rate 10 GbE PoE. The Layer 3 chassis provide BGP/OSFP/RIP/PIM support with single data-plane VRF and management VRF.
HPE Aruba Networking Dynamic Segmentation extends HPE Aruba Networking's wireless role-based policy capability to HPE Aruba Networking wired switches. This means the same security, user experience, and simplified IT management is uniform throughout the network. Regardless of how users and IoT devices connect, consistent policies are enforced across wired and wireless networks, keeping traffic secure and separate.
Key features
- Powerful, modular, intelligent Layer 3 chassis switch with BGP, VSX, OSPF and robust QoS
- High performance switching with up to 960 Gbps in non blocking bandwidth and up to 714 Mpps for forwarding
- High availability VSX live upgrades, redundant power supplies, and N+1 redundant fans
- High capacity HPE Smart Rate 10GbE multi-gigabit for up to 90W Class-8 PoE
- High speed 6-line card slots with up to 160 Gb/s forwarding per slot, line rate at 64 bytes
- Intelligent monitoring, visibility, and remediation with HPE Aruba Networking Network Analytics Engine (NAE)
- Single pane of glass management with HPE Aruba Networking Central across wired, wireless, and WAN
- Support for automated configuration and verification with HPE Aruba Networking NetEdit. Secure and simple access for users and IoT devices via HPE Aruba Networking Dynamic Segmentation
Standard Features
Product Differentiators The HPE Aruba Networking CX 5420 Switch Series is based on the HPE Aruba Networking CX Operating System (AOS-CX), a modern, database-driven operating system that automates and simplifies many critical and complex network tasks. A built-in time series database to utilize software scripts for historical troubleshooting and analysis of past trends. This helps predict and avoid future problems caused by scale, security, and performance bottlenecks. AOS-CX is built on a modular Linux architecture with a stateful database, providing it the following capabilities:
Every CX switch includes AOS-CX at no cost and an active, perpetual set of native features, providing everything needed to deploy, connect, and troubleshoot an enterprise network, including:
|
HPE Aruba Networking Central - unified single pane of glass management HPE Aruba Networking Central is an AI-powered solution that simplifies IT operations, improves agility, and reduces costs by unifying management of all network infrastructure. Built for enterprise-grade resiliency and security, while simple enough for smaller businesses with limited IT staff, Central is your single point of visibility and control that spans the entire network-from branch to data center, wired and wireless LAN to WAN. Available as a cloud-based or an on-premises solution, HPE Aruba Networking Central simplifies Day 0 through Day 2 operations. It offers streamlined workflows for virtual switch stack creation, automated monitoring using AI-powered insights and NAE, and a unified view of all devices and users, both wired and wireless. Comprehensive switch management capabilities include configuration, on boarding, monitoring, troubleshooting, and reporting. An HPE Aruba Networking Central Advanced license expands these capabilities with premium security and AIOps, including the HPE Aruba Networking Central NetConductor Fabric Wizard and Policy Manager to enable dynamic segmentation. With the HPE Aruba Networking Central Advanced license there is no need to purchase a CX Advanced license. This streamlines operational efficiency, reducing the need to keep track of multiple licenses, active terms, and renewal dates. For more information on HPE Aruba Networking Central licensing, see the HPE Aruba Networking Central SaaS Subscription Ordering Guide. |
HPE Aruba Networking Network Analytics Engine - -advanced monitoring and diagnostics The HPE Aruba Networking Network Analytics Engine (NAE) automatically monitors and analyzes events that can impact network health, enhancing visibility and troubleshooting. Advanced telemetry and automation provide easy identification and troubleshooting of network, system, application, and security related issues., using Python agents, CLI-based agents, and REST APIs. The Time Series Database (TSDB) stores configuration and operational state data, to quickly resolve network issues. The data may also be used to analyze trends, identify anomalies, and predict future capacity requirements. HPE Aruba Networking Central uses NAE and agents to deliver switch monitoring, analytics, and enhanced troubleshooting for wired assurance. HPE Aruba Networking NetEdit and third-party tools such as ServiceNow and Slack provide intelligence to integrate NAE alerts into IT service management processes, speeding problem resolution |
HPE Aruba Networking NetEdit - automated switch configuration and management The HPE Aruba Networking CX portfolio can orchestrate multiple switch configuration changes for smooth end-to-end service rollouts. HPE Aruba Networking NetEdit introduces automation for rapid network-wide changes and ensures policy conformance for post-network updates. Intelligent capabilities include search, edit, validation (including conformance checking), deployment, and audit features.
Notes: A separate software license is required to use NetEdit. |
HPE Aruba Networking CX Mobile App - true deployment convenience This easy-to-use mobile app simplifies connecting and managing HPE Aruba Networking CX 5420 chassis switches for any size project. Switch information can also be imported into HPE Aruba Networking NetEdit for simplified configuration management and to continuously validate conformance of configurations anywhere in the network. |
HPE Aruba Networking ASICs - programmable innovation With over 30 years of continuous investment, HPE Aruba Networking's ASICs form the basis for innovative and agile software feature advancements, improved performance, and deep visibility. These programmable ASICs are purpose built for a tighter integration of switch hardware and software within campus and data center architectures to optimize performance and capacity. Flexible ASIC resources enable HPE Aruba Networking's NAE solution to inspect all data, for superior analytics capabilities. The HPE Aruba Networking CX 5420 chassis switch is based on HPE Aruba Networking Gen7 ASIC architecture. |
HPE Aruba Networking Dynamic Segmentation - campus and branch fabric Providing seamless mobility, consistent policy enforcement, and automated configurations, HPE Aruba Networking Dynamic Segmentation is ideal for wired and wireless clients for networks of all sizes. It unifies role-based access and policy enforcement across LAN, WLAN, and SD-WAN networks with centralized policy definition and dedicated enforcement points. This ensures that users and devices can only communicate with destinations consistent with their role, keeping traffic secure and separate. Dynamic Segmentation establishes least privilege access to IT resources by segmenting traffic based on identity, a fundamental concept of both zero trust and SASE frameworks, which base trust on roles and policies, not on where and how a user or device connects. The solution begins with colorless ports and role-based microsegmentation technologies. Colorless ports allow wired clients to connect to any switch port, using RADIUS-based control to automate configuration. This eliminates the need for manual onboarding of clients, including IoT devices, onto the network. Role-based microsegmentation reduces subnet and VLAN sprawl, simplifies policy definition and employs client user roles for scalable policy enforcement. Independent of network constructs such as VLANs and VRFs, clients can be grouped into user roles based on their identity, which extends the colorless ports to the centralized overlay fabric. This enables client onboarding using automatic tunnel creation based on the associated user roles policy. The user roles policy provides a choice between microsegmentation (using centralized and unified policy enforcement for wireless and wired traffic with Layer 7 stateful firewall on gateways) or a distributed approach (using Layer 4 role-role ACL on switches). Dynamic Segmentation enables scale and flexibility in network design by stretching VLANs and subnets across the network using VXLAN overlay fabric with Group Based Policy tagging to transport source role. The CX 5420 chassis switch attaches to the VXLAN Fabric as an Extended-Edge VTEP with static VXLAN to stub VTEP. This switch series supports VXLAN-GBP-based policies to enable role-based microsegmentation. and when used in a HPE Aruba Networking Central NetConductor extended-edge campus solution, forms static VXLAN-GBP tunnels to fabric edge devices. |
Mobility and IoT performance The HPE Aruba Networking CX 5420 chassis switch uses the latest HPE Aruba Networking Gen7 ASICs. This ensures very low latency, increased packet buffering, and adaptive power consumption. Wire speed switching and routing ensure the demands of bandwidth-intensive applications are met today and in the future. Each switch includes the following:
- IPv6 host to manage switches in an IPv6 network - Dual stack (IPv4 and IPv6) transitions from IPv4 to IPv6, supporting connectivity for both protocols - MLD snooping to forward IPv6 multicast traffic to the appropriate interface - IPv6 ACL/QoS supports ACL and QoS for IPv6 network traffic - IPv6 routing supports Static, MP-BGP, RIPng, and OSPFv3 protocols - Security for RA guard, DHCPv6 protection, dynamic IPv6 lockdown, ND snooping, IPv6 Destination Guard, IPv6 DHCP Guard, and IPv6 Router Advertisement Guard
|
High availability and resiliency To maximize uptime we offer high availability and multicast features for Layer 3 deployments, including:
- N+1 and N+N redundancy for high reliability in case of power line or supply failure - Up to 4 power supplies to increase total available PoE power
|
Quality of Service (QoS) features The HPE Aruba Networking CX 5420 Series includes the following to support congestion actions and traffic prioritization:
|
Layer 2 switching The following layer 2 services are supported:
|
Layer 3 services The following layer 3 services are supported:
|
Layer 3 routing The following layer 3 routing services are supported:
|
Security The HPE Aruba Networking CX 5420 Switch Series comes with an integrated trusted platform module (TPM) for platform integrity. This ensures the boot process starts from a trusted combination of HPE Aruba Networking AOS-CX switches. Other security features include:
IEEE 802.1AE MACsec* provides switch-to-switch and switch-to-host security on a link between two ports using standard encryption and authentication, available on uplink and downlink ports |
Multicast
|
Convergence
|
Technical Specifications
HPE Aruba Networking 5420 6-slot Switch (S0U59A) | |
Description | 1 x 5420 6-slot Chassis (S0U60A) 1 x 5420 Management Module (S0U55A) 1 x Fan Tray (S0U54A) 1 x 6-slot Accessory Kit (S0U57A) 1 x 2-post 6-slot Rack Kit (S0U56A) 1 open management slot 6 open line card module slots
Supports the management card in the open management slots: SOU55A, S0U58A
Supports any of the following line cards in the open slots: S0U62A, S0U66A, S0U65A, S0U61A, S0U67A, S0U63A, S0U64A, S0U68A S0U72A, S0U76A, S0U75A, S0U71A, S0U77A, S0U73A, S0U74A, S0U78A
Supports PoE Standards IEEE 802.3af, 802.3at, 802.3bt (up to 90W)
|
Power Supplies | Supports 4 field replaceable and hot-swappable power supply slots Supported power supplies: S0U53A PoE availability is dependent on the number of management modules, line cards, fan trays and the number of power supplies used. Power supplies are not included; order separately
|
Fans | 1 field-replaceable and hot-swappable system fan tray
|
Dimensions | (H) 17.41cm x (W) 44.25cm x (D) x 44.74cm (6.85" x 17.42" x 17.6")
|
Configuration weight | 15.73 kg (34.7 lbs)
|
Additional Specifications | |
CPU | Management Module: AMD Ryzen Quad Core V1500B x86 processor @ 2.2GHz |
Memory and flash | Management Module: 16GB DDR4 SODIMM with ECC, 32GB eMMC Flash Memory |
Packet buffer | 64MB packet buffer memory shared dynamically among ports
|
Performance | |
Model switching capacity | 960 Gbps (480 Gbps in + 480 Gbps out) |
Model throughput capacity | 714 Mpps |
Average latency (LIFO-64-bytes packets) | 2.5 micro sec |
Switch Virtual Interface (SVI) (dual stack) | 512 |
IPv4 host table (ARP) | 25,600 |
IPv6 host table (ND) | 25,600 |
Performance* | |
IPv4 unicast routes | 16,384 |
IPv6 unicast routes | 8,192 |
MAC table capacity | 32,768 |
IGMP groups | 2,048 |
MLD groups | 2,048 |
IPv4/IPv6/MAC ACL entries (ingress) | MAC - 10,233 IPv4 - 10,233 IPv6 - 2,558 (1/4 of scale) |
IPv4/IPv6/MAC ACL entries (egress) | MAC - 5,113 IPv4 - 5,113 IPv6 - 1,278 (1/4 of scale) |
Notes: | *Pending final validation
|
Environment | |
Operating temperature | 32°F to 113°F (0°C to 45°C), up to 5,000 feet Derate 1°C every 1,000 feet from 5,000 feet to 10,000 feet Can support excursion to 131°F (55°C) for short periods1 of time |
Notes: 1No more than 96 consecutive hours and 360 hours total (15 days) in 1 year | |
Operating relative humidity | 5% to 95% relative humidity at 113°F (45°C), non-condensing |
Non-operating | -40°F to 158°F (-40°C to 70°C) up to 15,000 feet |
Non-operating storage relative humidity | 5% to 95% relative humidity at 149°F(65°C), non-condensing |
Max operating altitude | Up to 10,000 feet (3 km) |
Max non-operating altitude | Up to 15,000 feet (4.5 km) |
Acoustics | Sound power (LWAd): 4.7 Bel, Sound pressure (LpAm, Bystander): 44.6 dB when tested with 2x S0U53A power supply at low voltage line, loaded with 2 x S0U55A, 3 x S0U67A, 3 x S0U68A with a loading of 50% traffic on all ports
Sound power (LWAd): 5.5 Bel, Sound pressure (LpAm, Bystander): 52.1 dB when tested with 4x S0U53A power supply at low voltage line, loaded with 2 x S0U55A, 6 x S0U66A and drawing a total of 2000W PoE, with a loading of 50% traffic on all ports |
Primary airflow | Front to back
|
Electrical Characteristics | |
Frequency | 50Hz/60Hz |
AC voltage | S0U53A PSUs: 100-127/200-240VAC |
Current | 11.6A @ 100-127VAC 9A @ 200VAC 8A @ 208-240VAC |
Power output | S0U53A: 1600W @ 200-240Vac, 1000W @ 100-127Vac |
80plus.org certification | Platinum for S0U53A PSU |
Safety | IEC 62368-1:2014 2nd Ed w/all known national deviations IEC 62368-1:2018 3rd Ed w/all known national deviations IEC 60825-1:2014 / EN 60825-1:2014+A11:2021 Class 1 Laser EN 62368-1:2014 +A11:2017 2nd Ed. EN IEC 62368-1:2020 +A11:2020 3rd Ed. UL 62368-1 3rd Ed./ CAN/CSA C22.2 No. 62368-1:19 CNS 15598-1:2020 |
Emissions | EN 55032:2015+A11:2020 Class A, CISPR 32:2015+A1:2019 Class A, FCC Part 15B Class A, VCCI 32-1 Class A, ICES-003 Class A, AS/NZS CISPR 32 Class A, CNS 15936:2016 |
Lasers | IEC 60825-1:2014 / EN 60825-1:2014+A11:2021 Class 1 Laser
|
Immunity | |
Generic | Directive 2014/35/EU |
EN | CISPR 35:2016/EN 55035:2017+A11:2020 |
ESD | IEC 61000-4-2 |
Radiated | IEC 61000-4-3 |
EFT/Burst | IEC 61000-4-4 |
Surge | IEC 61000-4-5 |
Conducted | IEC 61000-4-6 |
Power frequency magnetic field | IEC 61000-4-8 |
Voltage dips and interruptions | IEC 61000-4-11 |
Harmonics | EN IEC 61000-3-2 |
Flicker | EN IEC 61000-3-3 |
Mounting and enclosure | Cable management kit and 2-post rack mounting kit included. 4-post rack mounting kit available separately |
|
Standards and Protocols
|
.