Data sheet

Cisco public
D

Cisco Catalyst 9800-40

Wireless Controller
Built from the ground up for intent-based
networking

© 2022 Cisco and/or its affiliates. All rights reserved. Page 1 of 22

Contents
Product overview 3
Features 4
Details 5
Benefits 11
Specifications 14
Software requirements 18
Licensing 18
Warranty 20
Cisco environmental sustainability 20
Ordering information 21
Cisco Capital 21
Document history 22

© 2022 Cisco and/or its affiliates. All rights reserved. Page 2 of 22

Product overview

Figure 1.
Cisco Catalyst 9800-40 Wireless Controller

Built from the ground-up for intent-based networking and Cisco DNA, Cisco Catalyst 9800 Series Wireless
Controllers are Cisco IOS XE based and integrate the RF excellence of Cisco Aironet access points, creating a
best-in-class wireless experience for your evolving and growing organization. The 9800 Series is built on an
open and programmable architecture with built-in security, streaming telemetry, and rich analytics.

The Cisco Catalyst 9800 Series Wireless Controllers are built on the three pillars of network excellence— always
on, secure, and deployed anywhere—which strengthen the network by providing the best wireless experience
without compromise, while saving time and money.

The Cisco Catalyst 9800-40 is a fixed wireless controller with seamless software updates for midsize and large
enterprises. It is feature rich and enterprise ready to power your business-critical operations and transform
end-customer experiences:

● High availability and seamless software updates, enabled by hot and cold patching, keep your clients
and services always on during planned and unplanned events.
● Secure air, devices, and users with the Cisco Catalyst 9800-40. Wireless infrastructure becomes the
strongest first line of defense with Cisco Encrypted Traffic Analytics (ETA) and Software-Defined Access
(SD-Access). The controller comes with built-in security: Secure Boot, runtime defenses, image signing,
integrity verification, and hardware authenticity.
● Built on a modular operating system, the 9800-40 features open and programmable APIs that enable
automation of day-0 to day-N network operations. Model-driven streaming telemetry provides deep
insights into the health of your network and clients.
● Cisco User Defined Network, a feature available in Cisco DNA Center, allows IT to give end users control
of their very own wireless network partition on a shared network. End users can then remotely and
securely deploy their devices on this network. Perfect for university dormitories or extended hospital
stays, Cisco User Defined Network grants both device security and control, allowing each user to choose
who can connect to their network.
● The Wi-Fi 6 readiness dashboard is a new dashboard in the Assurance menu of Cisco DNA Center. It will
look through the inventory of all devices on the network and verify device, software, and client
compatibility with the new Wi-Fi 6 standard. After upgrading, advanced wireless analytics will indicate
performance and capacity gains as a result of the Wi-Fi 6 deployment. This is an incredible tool that will
help your team define where and how the wireless network should be upgraded. It will also give you
insights into the access point distribution by protocol (802.11 ac/n/abg), wireless airtime efficiency by
protocol, and granular performance metrics.

© 2022 Cisco and/or its affiliates. All rights reserved. Page 3 of 22

 ● With Cisco In Service Software Upgrade (ISSU), network downtime during a software update or upgrade
is a thing of the past. ISSU is a complete image upgrade and update while the network is still running.
The software image—or patch—is pushed onto the wireless controller while traffic forwarding continues
uninterrupted. All access point and client sessions are retained during the upgrade process. With just a
click, your network automatically upgrades to the newest software.

Features
Table 1. Key features

Metric Value

Maximum number of access points Up to 2000

Maximum number of clients 32,000

Maximum throughput Up to 40 Gbps

Maximum WLANs 4096

Maximum VLANs 4096

Maximum site tags 2000

Maximum Flex APs per site 100

Maximum policy tags 2000

Maximum RF tags 2000

Maximum RF profiles 4000

Maximum policy profiles 1000

Maximum Flex profiles 2000

Interfaces 4x 10G/1x 1G SFP+/SFP

Power supply AC power with optional redundant AC power

Maximum power consumption 381W

Deployment modes Centralized, Cisco FlexConnect, and Fabric Wireless (SD-

Access)

Form factor 1RU

License Smart License enabled

Operating system Cisco IOS XE

Management Cisco DNA Center, Cisco Prime Infrastructure, integrated

WebUI, and third party (open standards APIs)*

Interoperability AireOS-based controllers*

© 2022 Cisco and/or its affiliates. All rights reserved. Page 4 of 22

 Metric Value

Policy engine Cisco Identity Services Engine (ISE)*

Location platform Cisco Connected Mobile Experiences (CMX), Cisco Spaces*

Access points Aironet 802.11ac Wave 1 and Wave 2 access points, Cisco
Catalyst 9100 802.11ax access points

*
For information on compatibility: Compatibility Guide

Always on

Seamless software updates enable faster resolution of critical issues, introduction of new access points with
zero downtime, and flexible software upgrades. Stateful Switchover (SSO) with 1:1 active standby and N+1
redundancy keeps your network, services, and clients always on, even in unplanned events.
Secure

Secure air, devices, and users with the Cisco Catalyst 9800-40 Wireless Controller. Wireless infrastructure
becomes the strongest first line of defense with ETA and SD-Access. The controller comes with built-in
security: Secure Boot, runtime defenses, image signing, integrity verification, and hardware authenticity. Cisco
Advanced Wireless Intrusion Prevention System (aWIPS) is a complete wireless security solution that uses the
Cisco Unified Access infrastructure to detect, locate, mitigate, and contain wired and wireless rogues and
threats.
Open and programmable

The controller is built on the Cisco IOS XE operating system, which offers a rich set of open standards-based
programmable APIs and model-driven telemetry that provide an easy way to automate day-0 to day-N network
operations.

Details

Physical dimensions
Table 2. Physical dimensions

Dimension Value

Width 17.3 inches (43.94 cm)

Depth 19.5 inches (49.53 cm)

Height 1.72 inches (4.37 cm)

Weight 22.8 lb (10.34 kg)

© 2022 Cisco and/or its affiliates. All rights reserved. Page 5 of 22

Front panel

Figure 2.
Front panel

Figure 3.
Front panel components

Figure 4.
10G/1G ports

Table 3. Descriptions of front panel components

Label Component

1 PWR: Power LED

2 SYS: System LED

3 ALM: Alarm LED

4 HA: High-availability LED

5 CON: RJ-45 compatible console port

© 2022 Cisco and/or its affiliates. All rights reserved. Page 6 of 22

Label Component

6 EN: USB console-enabled LED

7 CON: Mini USB console port

8 USB ports 0 and 1

9 SP: RJ-45 10/100/1000 management Ethernet port

10 RP: RJ-45 10/100/1000 redundancy Ethernet port

11 RP: 1 GE SFP port (the only SFPs supported on the RP port are GLC-SX-
MMD and GLC-LH-SMD)

12 LINK: RJ-45 connector LED

13 SSD: SSD activity LED

14 TE0: 1 GE SFP/10 GE SFP+ port 0

15 TE1: 1 GE SFP/10 GE SFP+ port 1

16 TE2: 1 GE SFP/10 GE SFP+ port 2

17 TE3: 1 GE SFP/10 GE SFP+ port 3

Ports

Table 4. Ports and their purpose

Port Purpose

1x RJ-45 console port Console port for out-of-band management

1x USB 3.0 console port Console port for out-of-band management

2x USB 3.0 ports USB 3.0 ports for plugging in external memory

1x RJ-45 management port Management port used for out-of-band management. Also known as
service port

1x RJ-45 redundancy port Redundancy port used for SSO

1x SFP Gigabit Ethernet redundancy port Redundancy port used for SSO
● Redundancy port used for SSO; works with Cisco supported SFPs (GLC-LH-SMD
and GLC-SX-MMD) for RP port

4x 10G/1G SFP+ or SFP ports Ports used for sending and receiving traffic between access points and
controller, northbound traffic, in-band management traffic, and wireless
client traffic. Must be connected to the switch

© 2022 Cisco and/or its affiliates. All rights reserved. Page 7 of 22

Front panel LEDs
Table 5. Front panel LEDs

LED Color Function

Power Green Green if all power rails are within spec

System status Green On: IOS has boot complete

Blinking: IOS boot in progress

Amber On: System crash

Blinking: Secure boot failure
Off: ROMMON boot

High Availability Green On: HA active

Blinking: HA standby hot

Amber Slow blink: Booted with HA standby cold

Fast blink: HA maintenance

Alarm Green On: ROMMON boot complete

Blinking: System upgrade in progress

Amber On: ROMMON boot and SYSTEM bootup

Blinking: Temperature err and secure boot failure

USB console Green When LED is lit, USB Console is enabled (RJ-45 console is
disabled)

SSD activity Green Indicates active use of the hard disk SSD memory devices in
the unit

Network link Green Solid green indicates link

Flashing green indicates activity

Rear panel

Figure 5.
Rear panel

© 2022 Cisco and/or its affiliates. All rights reserved. Page 8 of 22

Table 6. Descriptions of rear panel components

Label Component

1 Fans

2 Optional redundant power supply (PEM 1)

3 Power supply (PEM 0)

4 Power/standby switch

Rear panel LEDs

Table 7. Power LEDs

Green LED Amber LED Power supply status

Off Off No AC power to all power supplies

Off On Power supply failure (includes over voltage, over current,

over temperature, and fan failure)

Off 1 Hz blinking Power supply warning events in which the power supply
continues to operate (high temperature, high power, and
slow fan)

1 Hz blinking Off AC present, 12VSB on (power supply off)

On Off Power supply on and OK

Power
The 9800-40 controller supports an optional redundant AC power supply.

The AC input ranges are as follows:

● Worldwide ranging AC input range (90 to 264 VAC)

The power entry modules (PEMs) provide redundant power to the system, and the 9800-40 can operate
continuously with only a single PEM installed. The PEMs are hot-swappable, and replacement of a single PEM
can be made without power interruption to the system. All external connections to the PEMs are made from the
rear panel of the chassis, and they are removed or inserted from the rear. The main power switch for the unit is
located directly next to the PEMs on the rear of the chassis.

© 2022 Cisco and/or its affiliates. All rights reserved. Page 9 of 22

SFPs supported
The four data ports can operate in either 10G or 1G mode.

Note: 10/100-Mbps operation is not supported.

Table 8. SFPs supported

Type Modules supported

Small Form-Factor Pluggable (SFP) GLC-BX-D

GLC-BX-U

GLC-LH-SMD

GLC-SX-MMD

GLC-EX-SMD

GLC-ZX-SMD

GLC-TE

Enhanced SFP (SFP+) SFP-10G-AOC1M

SFP-10G-AOC2M

SFP-10G-AOC3M

SFP-10G-AOC5M

SFP-10G-AOC7M

SFP-10G-AOC10M

SFP-10G-SR

SFP-10G-SR-S

SFP-10G-SR-X

SFP-10G-LR

SFP-10G-LRM

SFP-10G-LR-X

SFP-10G-ER

SFP-10G-ZR

SFP-H10GB-CU1M

SFP-H10GB-CU1.5M

SFP-H10GB-CU2M

© 2022 Cisco and/or its affiliates. All rights reserved. Page 10 of 22

Type Modules supported

SFP-H10GB-CU2.5M

SFP-H10GB-CU3M

SFP-H10GB-CU5M

SFP-H10GB-ACU7M

SFP-H10GB-ACU10M

DWDM-SFP10G-30.33 - DWDM-SFP10G-61.41

Benefits
Cisco IOS XE opens a completely new paradigm in network configuration, operation, and monitoring through
network automation. Cisco’s automation solution is open, standards-based, and extensible across the entire
lifecycle of a network device. The various mechanisms that bring about network automation are outlined below,
based on a device lifecycle.

● Automated device provisioning: This is the ability to automate the process of upgrading software
images and installing configuration files on Cisco access points when they are being deployed in the
network for the first time. Cisco provides turnkey solutions such as Plug and Play (PnP) that enable an
effortless and automated deployment.
● API-driven configuration: Modern wireless controllers such as the Cisco Catalyst 9800-40 Wireless
Controller support a wide range of automation features and provide robust open APIs over Network
Configuration Protocol (NETCONF) using YANG data models for external tools, both off-the-shelf and
custom built, to automatically provision network resources.
● Granular visibility: Model-driven telemetry provides a mechanism to stream data from a wireless
controller to a destination. The data to be streamed is driven through subscription to a data set in a
YANG model. The subscribed data set is streamed out to the destination at configured intervals.
Additionally, Cisco IOS XE enables the push model, which provides near-real-time monitoring of the
network, leading to quick detection and rectification of failures.
● Seamless software upgrades and patching: To enhance OS resilience, Cisco IOS XE supports
patching, which provides fixes for critical bugs and security vulnerabilities between regular maintenance
releases. This support allows customers to add patches without having to wait for the next maintenance
release.

© 2022 Cisco and/or its affiliates. All rights reserved. Page 11 of 22

Always on
● High availability: Stateful switchover with a 1:1 active standby and N+1 redundancy keeps your network,
services, and clients always on, even in unplanned events.
● Software Maintenance Upgrades (SMUs) with hot and cold patching: Patching allows for a patch to be
installed as a bug fix without bringing down the entire network and eliminates the need to requalify an
entire software image. The SMU is a package that can be installed on a system to provide a patch fix or
security resolution to a released image. SMUs allow you to address the network issue quickly while
reducing the time and scope of the testing required. The Cisco IOS XE platform internally validates the
SMU compatibility and does not allow you to install incompatible SMUs. All SMUs are integrated into the
subsequent Cisco IOS XE Software maintenance releases.
● Intelligent rolling access point upgrades and seamless multisite upgrades: The Cisco Catalyst 9800-
40 Wireless Controller comes equipped with intelligent rolling access point upgrades to simplify network
operations. Multisite upgrades can now be done in stages, and access points can be upgraded
intelligently without restarting the entire network.
● Standby monitoring of Cisco Catalyst 9800 Wireless Controllers in high-availability mode enables
monitoring the health of the system on a standby controller in a high-availability pair using programmatic
interfaces (NETCONF/YANG, RESTCONF) and CLIs without going through the active controller. For more
details refer to the technical documentation.
● In-Service Software Upgrade (ISSU): ISSU is a complete image upgrade/update with zero downtime
while the network is still on. The software image or a patch is pushed onto the wireless controller while
traffic forwarding continues uninterrupted. All access point and client sessions are retained during the
upgrade process.
With just a click, your network automatically upgrades to the newest software. Your backup 9800
controller receives the new software that is pushed via the active 9800 controller. The backup 9800
controller becomes active and takes over your network, while your previously active 9800 turns into a
backup 9800 controller and processes the software upgrade. Using an intelligent RF-based rolling
access point upgrade, all access points are upgraded in a staggered fashion without impacting any
wireless session. This procedure is carried out without any manual intervention natively from the
controller and without the need for an external orchestrator or additional licenses.
Security
● Encrypted Traffic Analytics (ETA): ETA is a unique capability for identifying malware in encrypted traffic
coming from the access layer. Since more and more traffic is being encrypted, the visibility this feature
provides related to threat detection is critical for keeping your network secure at different layers.
● Trustworthy systems: Cisco Trust Anchor Technologies provide a highly secure foundation for Cisco
products. With the Cisco Catalyst 9800-40, these trustworthy systems help assure hardware and
software authenticity for supply chain trust and strong mitigation against man-in-the-middle attacks on
software and firmware. Trust Anchor capabilities include:

◦ Image signing: Cryptographically signed images provide assurance that the firmware, BIOS, and
other software are authentic and unmodified. As the system boots, its software signatures are
checked for integrity.

◦ Secure Boot: Cisco Secure Boot technology anchors the boot sequence chain of trust to immutable
hardware, mitigating threats against a system's foundational state and the software that is to be

© 2022 Cisco and/or its affiliates. All rights reserved. Page 12 of 22

 loaded, regardless of a user's privilege level. It provides layered protection against the persistence of
illicitly modified firmware.

◦ Cisco Trust Anchor module: A tamper-resistant, strong cryptographic, single-chip solution uniquely
identifies the product so that its origin can be confirmed to Cisco, providing assurance that the
product is genuine.

◦ Cisco Wireless Intrusion Prevention System (WIPS): WIPS offers advanced network security to
detect, locate, mitigate, and contain any intrusion or threat on your wireless network. It can monitor
and detect wireless network anomalies, unauthorized access, and RF attacks. A new, dedicated
classification engine for rogues and aWIPS is built on Cisco DNA Center. A fully integrated stack for
the WIPS solution includes Cisco DNA Center, a Cisco Catalyst 9800 controller, Wave 2, and Cisco
Catalyst 9100 Access Point. This new architecture provides improved detection and security,
simplicity, and ease of use, and reduced false positive alarms.
Flexible NetFlow
● Flexible NetFlow (FNF): Cisco IOS FNF is the next generation in flow visibility technology, allowing
optimization of the network infrastructure, reducing operating costs, and improving capacity planning
and security incident detection with increased flexibility and scalability.
Application visibility and control
● Next-Generation Network-Based Application Recognition (NBAR2): NBAR2 enables advanced
application classification techniques, with up to 1400 predefined and well-known application signatures
and up to 150 encrypted applications on the Cisco Catalyst 9800-40. Some of the most popular
applications included are Skype, Office 365, Microsoft Lync, Cisco Webex, and Facebook. Many others
are already predefined and easy to configure. NBAR2 provides the network administrator with an
important tool to identify, control, and monitor end-user application usage while helping ensure a quality
user experience and securing the network from malicious attacks. It uses FNF to report application
performance and activities within the network to any supported NetFlow collector, such as Cisco Prime,
Stealthwatch, or any compliant third-party tool.
Quality of service
● Superior Quality of Service (QoS): QoS technologies are tools and techniques for managing network
resources and are considered the key enabling technologies for the transparent convergence of voice,
video, and data networks. QoS on the Cisco Catalyst 9800-40 consists of classification of traffic based
on packet data as well as application recognition and traffic control actions such as drop, marking and
policing. A modular QoS command-line framework provides consistent platform-independent and
flexible configuration behavior. The 9800-40 also supports policies at two levels of target: BSSID as well
as client. Policy assignment can be granular down to the client level.
Smart operation
● Bluetooth ready: The Cisco Catalyst 9800-40 has hardware support to connect a Bluetooth dongle to
the controller, enabling you to use this wireless interface as a management port. This port functions as
an IP management interface and can be used for configuration and troubleshooting using WebUI or the
Command-Line Interface (CLI), and to transfer images and configurations.

© 2022 Cisco and/or its affiliates. All rights reserved. Page 13 of 22

 ● WebUI: WebUI is an embedded GUI-based device-management tool that provides the ability to
provision the device, simplify device deployment and manageability, and enhance the user experience.
WebUI comes with the default image. There is no need to enable anything or install any license on the
device. You can use WebUI to build a day-0 and day-1 configuration and from then on monitor and
troubleshoot the device without having to know how to use the CLI.

Specifications
Table 9. Specifications

Item Specification

Wireless standards IEEE 802.11a, 802.11b, 802.11g, 802.11d, WMM/802.11e, 802.11h,

802.11n, 802.11k, 802.11r, 802.11u, 802.11w, 802.11ac Wave1 and
Wave2, 802.11ax

Wired, switching, and IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE-TX, 1000BASE-T.
routing standards 1000BASE-SX, 1000-BASE-LH, IEEE 802.1Q VLAN tagging, 802.1AX
Link Aggregation

Data standards ● RFC 768 User Datagram Protocol (UDP)

● RFC 791 IP
● RFC 2460 IPv6
● RFC 792 Internet Control Message Protocol (ICMP)
● RFC 793 TCP
● RFC 826 Address Resolution Protocol (ARP)
● RFC 1122 Requirements for Internet Hosts
● RFC 1519 Classless Interdomain Routing (CIDR)
● RFC 1542 Bootstrap Protocol (BOOTP)
● RFC 2131 Dynamic Host Configuration Protocol (DHCP)
● RFC 5415 Control and Provisioning of Wireless Access Points (CAPWAP)
Protocol
● RFC 5416 CAPWAP Binding for 802.11

Security standards ● Wi-Fi Protected Access (WPA)

● IEEE 802.11i (WPA2, RSN)

● Wi-Fi Protected Access 3 (WPA3)
● RFC 1321 MD5 Message-Digest Algorithm

● RFC 1851 Encapsulating Security Payload (ESP) Triple DES (3DES) Transform
● RFC 2104 HMAC: Keyed-Hashing for Message Authentication
● RFC 2246 TLS Protocol Version 1.0

● RFC 2401 Security Architecture for the Internet Protocol

● RFC 2403 HMAC-MD5-96 within ESP and AH
● RFC 2404 HMAC-SHA-1-96 within ESP and AH

● RFC 2405 ESP DES-CBC Cipher Algorithm with Explicit IV

● RFC 2407 Interpretation for Internet Security Association Key Management
Protocol (ISAKMP)
● RFC 2408 ISAKMP

● RFC 2409 Internet Key Exchange (IKE)

● RFC 2451 ESP CBC-Mode Cipher Algorithms
● RFC 3280 Internet X.509 Public Key Infrastructure (PKI) Certificate and

© 2022 Cisco and/or its affiliates. All rights reserved. Page 14 of 22

Item Specification
Certificate Revocation List (CRL) Profile
● RFC 4347 Datagram Transport Layer Security (DTLS)
● RFC 5246 TLS Protocol Version 1.2

Encryption standards ● Static Wired Equivalent Privacy (WEP) RC4 40, 104 and 128 bits
● Advanced Encryption Standard (AES): Cipher Block Chaining (CBC), Counter
with CBC-MAC (CCM), Counter with CBC Message Authentication Code
Protocol (CCMP)
● Data Encryption Standard (DES): DES-CBC, 3DES
● Secure Sockets Layer (SSL) and Transport Layer Security (TLS): RC4 128-bit
and RSA 1024- and 2048-bit
● DTLS: AES-CBC
● IPsec: DES-CBC, 3DES, AES-CBC
● 802.1AE MACsec encryption

Authentication, ● IEEE 802.1X

Authorization, and ● RFC 2548 Microsoft Vendor-Specific RADIUS Attributes
Accounting (AAA)
● RFC 2716 Point-to-Point Protocol (PPP) Extensible Authentication Protocol
standards (EAP)-TLS
● RFC 2865 RADIUS Authentication
● RFC 2866 RADIUS Accounting
● RFC 2867 RADIUS Tunnel Accounting

● RFC 2869 RADIUS Extensions

● RFC 3576 Dynamic Authorization Extensions to RADIUS
● RFC 5176 Dynamic Authorization Extensions to RADIUS

● RFC 3579 RADIUS Support for EAP

● RFC 3580 IEEE 802.1X RADIUS Guidelines
● RFC 3748 Extensible Authentication Protocol (EAP)
● Web-based authentication
● TACACS support for management users

Management standards ● Simple Network Management Protocol (SNMP) v1, v2c, v3

● RFC 854 Telnet
● RFC 1155 Management Information for TCP/IP-based Internets
● RFC 1156 MIB
● RFC 1157 SNMP
● RFC 1213 SNMP MIB II
● RFC 1350 Trivial File Transfer Protocol (TFTP)
● RFC 1643 Ethernet MIB
● RFC 2030 Simple Network Time Protocol (SNTP)
● RFC 2616 HTTP
● RFC 2665 Ethernet-Like Interface Types MIB
● RFC 2674 Definitions of Managed Objects for Bridges with Traffic Classes,
Multicast Filtering, and Virtual Extensions
● RFC 2819 Remote Monitoring (RMON) MIB
● RFC 2863 Interfaces Group MIB
● RFC 3164 Syslog
● RFC 3414 User-Based Security Model (USM) for SNMPv3
● RFC 3418 MIB for SNMP

© 2022 Cisco and/or its affiliates. All rights reserved. Page 15 of 22

Item Specification
● RFC 3636 Definitions of Managed Objects for IEEE 802.3 MAUs
● RFC 4741 Base NETCONF protocol
● RFC 4742 NETCONF over SSH
● RFC 6241 NETCONF
● RFC 6242 NETCONF over SSH
● RFC 5277 NETCONF event notifications
● RFC 5717 Partial Lock Remote Procedure Call
● RFC 6243 With-Defaults capability for NETCONF
● RFC 6020 YANG
● Cisco private MIBs

Management interfaces ● Web-based: HTTP/HTTPS

● Command-line interface: Telnet, Secure Shell (SSH) Protocol, serial port
● SNMP
● NETCONF

Hard disk drives (HDD) ● SATA solid-state drive (SSD)

● 240 GB of memory

Environmental Operating temperature:

conditions supported
● Normal: 0° to 40°C (32° to 104°F)

● Short term:0° to 50°C (32° to 122°F)

Nonoperating temperature:
● -40°to 65°C (-104° to 149°F)

Operating humidity:
● Nominal: 10% to 90% noncondensing

● Short term: 5% to 90% noncondensing

Nonoperating temperature humidity:

● 5% to 93% at 82°F (28°C)

Operating altitude:
● Appliance operating: 0 to 3000 m (0 to 10,000 ft)
● Appliance nonoperating: 0 to 12,192 m (0 to 40,000 ft)

Electrical input:
● AC input frequency range: 47 to 63 Hz
● AC input range: 90 to 264 VAC with AC PEM
● 1100W AC with optional redundant power supply (hot-swappable)

Maximum power: 381W

Heat dissipation: 1300 BTU/hr
Sound power level measure:
● A-weighted sound power level is 74.1 LpAm (dBA) @ 27C nominal operation

© 2022 Cisco and/or its affiliates. All rights reserved. Page 16 of 22

Item Specification

Regulatory compliance Safety:

● UL/CSA 60950-1
● IEC/EN 60950-1
● AS/NZS 60950.1
● CAN/CSA-C22.2 No. 60950-1

EMC – Emissions: Class A

● FCC 47CFR15
● AS/NZS CISPR 22
● CISPR 22
● EN55022/EN55032 (EMI-1)
● ICES-003
● VCCI
● KN 32 (EMI-2)
● CNS-13438

EMC – Emissions:
● EN61000-3-2 Power Line Harmonics (EMI-3)
● EN61000-3-3 Voltage Changes, Fluctuations, and Flicker (EMI-3)

EMC – Immunity:
● IEC/EN61000-4-2 Electrostatic Discharge Immunity
● IEC/EN61000-4-3 Radiated Immunity

● IEC/EN61000-4-4 EFT-B Immunity (AC Power Leads)

● IEC/EN61000-4-4 EFT-B Immunity (DC Power Leads)
● IEC/EN61000-4-4 EFT-B Immunity (Signal Leads)

● IEC/EN61000-4-5 Surge AC Port

● IEC/EN61000-4-5 Surge DC Port
● IEC/EN61000-4-5 Surge Signal Port

● IEC/EN61000-4-6 Immunity to Conducted Disturbances

● IEC/EN61000-4-8 Power Frequency Magnetic Field Immunity
● IEC/EN61000-4-11 Voltage Dips, Short Interruptions, and Voltage Variations
● K35 (EMI-2)

EMC (ETSI/EN)
● EN 300 386 Telecommunications Network Equipment (EMC) (EMC-3)
● EN55022 Information Technology Equipment (Emissions)
● EN55024/CISPR 24 Information Technology Equipment (Immunity)
● EN50082-1/EN61000-6-1 Generic Immunity Standard (EMC-4)

© 2022 Cisco and/or its affiliates. All rights reserved. Page 17 of 22

Software requirements
The Cisco Catalyst 9800-40 runs on Cisco IOS XE Software version 16.10.1 or later. This software release
includes all the features listed earlier in the Platform Benefits section.

Table 10. Minimum software requirements

Model Description Minimum software requirement

C9800-40-K9 Cisco Catalyst 9800-40 Wireless Controller Cisco IOS XE Software Release 16.10.1

Licensing
No licenses are required to boot up a Cisco Catalyst 9800 Series Wireless Controller. However, in order to
connect any access points to the controller, Cisco DNA software subscriptions are required. To be entitled to
connecting to a 9800 Series controller, each access point requires a Cisco DNA subscription license.

Figure 6.
Determining license requirements for access points connecting to Cisco Catalyst 9800 Series Wireless Controllers

© 2022 Cisco and/or its affiliates. All rights reserved. Page 18 of 22

The access points connecting to the Cisco Catalyst 9800 Series have new and simplified software subscription
packages.

They can support both tiers of Cisco DNA software: Cisco DNA Essentials and Cisco DNA Advantage.

Cisco DNA software subscriptions provide Cisco innovations on the access point. They also include perpetual
Network Essentials and Network Advantage licensing options, which cover wireless fundamentals such as
802.1X authentication, QoS and PnP; telemetry and visibility; and single sign-on, as well as security controls.

Cisco DNA subscription software has to be purchased for a 3-, 5-, or 7-year subscription term. Upon expiry of
the subscription, the Cisco DNA features will expire, whereas the Network Essentials and Network Advantage
features will remain.

For the full feature list of Cisco DNA Software, including the perpetual Network Essentials and Network
Advantage, please see the feature matrix: https://www.cisco.com/c/m/en_us/products/software/dna-
subscription-wireless/en-sw-sub-matrix-wireless.html?oid=porew018984.

Two modes of licensing are available:

● Cisco Smart Licensing is a flexible licensing model that provides you with an easier, faster, and more
convenient way to purchase and manage software across the Cisco portfolio and across your
organization. And it’s secure- you control what users can access. With Smart Licensing you get:

◦ Easy Activation: Smart licensing establishes a pool of software licenses that can be used across the
entire organization-no more PAKs (Product Activation Keys).

◦ Unified Management: My Cisco Entitlements (MCE) provides a complete view into all of your Cisco
Products and services in an easy-to-use portal, so you always know what you have and what you are
using.

◦ License Flexibility: Your software is not node-locked to your hardware, so you can easily use and
tranfer licenses as needed.

To use Smart Licensing, you must first set up a Smart Account on Cisco Software Central
(software.cisco.com).

For more detailed overview on Cisco Licensing, go to cisco.com/go/licensingguide

● Specific License Reservation (SLR) is a feature used in highly secure networks. It provides a method for
customers to deploy a software license on a device (product instance) without communicating usage
information to Cisco. There is no communication with Cisco or a satellite. The licenses are reserved for
every controller. It is node-based licensing.

Four levels of license are supported on the Cisco Catalyst 9800 Series Wireless Controllers. The controllers
can be configured to function at any one of the four levels.

● Cisco DNA Essentials: At this level the Cisco DNA Essentials feature set will be supported.
● Cisco DNA Advantage: At this level the Cisco DNA Advantage feature set will be supported.
● NE: At this level the Network Essentials feature set will be supported. This is available with Cisco DNA
Essentials.
● NA: At this level the Network Advantage feature set will be supported. This is available with Cisco DNA
Advantage.

© 2022 Cisco and/or its affiliates. All rights reserved. Page 19 of 22

For customers who purchase Cisco DNA Essentials, Network Essentials will be supported and will continue to
function even after term expiration. And for customers who purchase Cisco DNA Advantage, Network
Advantage will be supported and will continue to function even after term expiration.

Initial bootup of the controller will be at the Cisco DNA Advantage level.

For questions, contact the Cisco Catalyst 9800 Series Wireless Controllers Licensing mailer group at
ask-catalyst 9800 licensing.

Managing licenses with Smart Accounts

Creating Smart Accounts by using the Cisco Smart Software Manager (SSM) enables you to order devices and
licensing packages and also manage your software licenses from a centralized website. You can set up the
Smart Account to receive daily email alerts and to be notified of expiring add-on licenses that you want to
renew. A Smart Account is mandatory for the Cisco Catalyst 9800 Series. For more information on Smart
Account refer to https://www.cisco.com/go/smartaccounts.

Warranty
Find warranty information on Cisco.com at the Product Warranties page.
Cisco 1-year limited hardware warranty terms

The following are terms applicable to your hardware warranty. Your embedded software is subject to the Cisco
General Terms (link available below) and/or any SEULA or specific software warranty terms for additional
software products loaded on the device.
Duration of hardware warranty: One (1) year

Replacement, repair, or refund procedure for hardware: Cisco or its service center will use commercially
reasonable efforts to ship a replacement part within ten (10) working days after receipt of the Return Materials
Authorization (RMA) request. Actual delivery times may vary depending on customer location.

Cisco reserves the right to refund the purchase price as its exclusive warranty remedy.

Cisco environmental sustainability

Information about Cisco’s environmental sustainability policies and initiatives for our products, solutions,
operations, and extended operations or supply chain is provided in the “Environment Sustainability” section of
Cisco’s Corporate Social Responsibility (CSR) Report.

Reference links to information about key environmental sustainability topics (mentioned in the “Environment
Sustainability” section of the CSR Report) are provided in the following table:

Table 11. Links to sustainability information

Sustainability topic Reference

Information on product material content laws and regulations Materials

Information on electronic waste laws and regulations, including products, batteries, and WEEE compliance
packaging

Sustainability inquiries Contact:

[email protected]

© 2022 Cisco and/or its affiliates. All rights reserved. Page 20 of 22

Cisco makes the packaging data available for informational purposes only. It may not reflect the most current
legal developments, and Cisco does not represent, warrant, or guarantee that it is complete, accurate, or up to
date. This information is subject to change without notice.

Ordering information
Table 12. Ordering information

Type Product ID Description

Controller C9800-40-K9 Cisco Catalyst 9800-40 Wireless Controller

LIC-C9800-DTLS-K9 Cisco Catalyst 9800 Series Wireless Controller DTLS License

Accessories, spares C9800-AC-750W R= Cisco Catalyst 9800-40 750W AC Power Supply Reverse Air

Cisco Capital
Flexible payment solutions to help you achieve your objectives

Cisco Capital makes it easier to get the right technology to achieve your objectives, enable business
transformation and stay competitive. We can help you reduce the total cost of ownership, conserve capital, and
accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware,
software, services and complementary third-party equipment in easy, predictable payments.
Learn more.

© 2022 Cisco and/or its affiliates. All rights reserved. Page 21 of 22

Document history
New or Revised Topic Described In Date

Cisco DNA Spaces name change Updated product name to Cisco Spaces 10/21/22

Printed in USA C78-741545-12 10/22

© 2022 Cisco and/or its affiliates. All rights reserved. Page 22 of 22