Call a Specialist Today! (02) 9388 1741
Free Delivery! Free Delivery!

Aruba CX8320 Switch Series
High performance enterprise switches

Aruba 8320 Series


High density 1/10GbE and 40GbE switches offering wire speed performance to power today's bandwidth-intensive applications.

Download the Aruba CX8320 Series Datasheet (PDF)

It appears you don't have a PDF plugin for this browser. No biggie... you can click here to download the PDF file.


The past several decades in networking have been defined by static, closed networking solutions designed for the client- server era. Aruba is introducing the Aruba 8320 campus core and aggregation switch, a game-changing solution offering a flexible and innovative approach to dealing with the demands of the mobile, cloud and IoT era.

The 8320 provides industry-leading line rate 10GbE/40GbE in a compact 1U form factor. Together with the modular Aruba 8400 chassis, the 8320 rounds out Aruba's Mobile First switching portfolio with an enterprise core and aggregation solution that ensures higher performance and higher uptime.

The 8320 is based on the new ArubaOS-CX, a modern software system for the enterprise core that automates and simplifies many critical and complex network tasks, delivers enhanced fault tolerance and facilitates zero-service disruption during planned or unplanned control-plane events. The key innovations in ArubaOS-CX are its micro-services style modular architecture, REST APIs, Python scripting capabilities and the Aruba Network Analytics Engine.

ArubaOS-CX is based on a modular architecture that allows individual process re-startability and upgrades. Its REST APIs and Python scripting enables fine-grained programmability of the switch functions and its unique Aruba Network Analytics Engine provides the ability to monitor and troubleshoot the network easily.

The Network Analytics Engine framework is made up of a time series database and associated REST APIs.

The time series database may be used to store configuration and operational state. Customers can use ArubaOS-CX REST APIs, Python scripting capabilities and time series data to write software modules for trouble shooting problems. The time series data may also be used to analyze trends, identify anomalies and predict future capacity requirements.

Key Features

  • High performance 2.5Tbps with 1,905MPPS
  • High availability with redundant power and fans
  • ArubaOS-CX enables automation and programmability using built-in REST APIs and Python scripts
  • Intelligent monitoring and visibility with Aruba Network Analytics Engine
  • Advanced Layer 2/3 feature set includes BGP, OSPF, VRF, and IPv6
  • 1U chassis with 48 ports of 10G and 6 ports of 40G
  • Multi-chassis link aggregation


Created for game‑changing operational efficiency with built-in security and resiliency, the CX 8320 provides the foundation for high-performance networks supporting IoT, mobile, and cloud applications.

Simplify your IT operations with AOS-CX

The Aruba CX 8320 Switch Series is based on AOS-CX, a modern, database-driven operating system that automates and simplifies many critical and complex network tasks. Delivering complete network configuration and assurance, Aruba AOS-CX key innovations are its microservices-style modular architecture, REST APIs, Python-scripting capabilities, and the Aruba Network Analytics Engine.

No downtime, even during upgrades

Aruba Virtual Switching Extension (VSX) takes a new and innovative approach to solving high-availability challenges by combining the best aspects of existing HA technologies, such as multi-chassis link aggregation (MC-LAG) and equal-cost, multi-path (ECMP) routing. Providing a distributed and redundant architecture, it's highly available, with minimal-to-zero traffic loss, even during software upgrades.

Unparalleled visibility and analytics

Get real-time monitoring and troubleshooting with Aruba Network Analytics Engine (NAE). Embedded in every Aruba CX switch, NAE provides the necessary compute and storage to analyze any event that could impact network health. Offering intelligent pre-processing of data, it can turn raw telemetry into actionable insights.

Resiliency and high availability

Redundant and load-sharing fans and power supplies increase the total performance and power availability while providing a hitless, stateful failover. Additionally, the hot-swappable power supply and fan modules allow for the replacement of accessories modules without any operational impact on other modules or the switch operations.


Product architecture

  • ArubaOS-CX
    • Modular, Linux based and built with OVSDB to support a database-centric operating system.
    • Distributed architecture with separation of data and control planes.
    • Includes independent monitoring and restart of individual software modules, and enhanced software process serviceability functions.
    • Allows individual software modules to be upgraded for higher availability.
  • Network Analytics Engine
    • Afirst of a kind built-in framework for monitoring, troubleshooting and capacity planning


  • High-speed fully distributed architecture
    Provides 2.5Tbps for switching and 1,905MPPS for forwarding. All switching and routing are wire-speed to meet the demands of bandwidth-intensive applications today and in the future.
  • Scalable system design
    Provides investment protection to support future technologies and higher-speed connectivity


  • High-density port connectivity
    Comes with 48 ports of 10G to support SFP and SFP+ transceivers, and 6 ports of 40G to support QSFP+ transceivers.
  • Jumbo frames
    Allows high-performance backups and disaster-recovery systems; provides a maximum frame size of 9K bytes
  • Loopback
    Supports internal loopback testing for maintenance purposes and an increase in availability; loopback detection protects against incorrect cabling or network configurations and can be enabled on a per-port or per- VLAN basis for added flexibility
  • Flexible port selection
    Provides a combination of fiber and copper transceiver to support 1000BASE-T and 10GBASE-T copper solution
  • Packet storm protection
    Protects against unknown broadcast, unknown multicast, or unicast storms with user-defined thresholds

Quality of Service (QoS)

  • Powerful QoS feature
    Supports the following congestion actions: strict priority (SP) queuing and weighted fair queuing

Resiliency and high availability

  • Redundant and load-sharing fans, and power supplies
    Increases total performance and power availability while providing hitless, stateful failover
  • All hot-swappable modules
    Allows replacement of modules without any impact on other modules
  • Separate data and control paths
    Separates control from services and keeps service processing isolated; increases security and performance
  • VRRP
    Allows groups of two routers to dynamically back each other up to create highly available routed environments
  • Unidirectional Link Detection (UDLD)
    Monitors link connectivity and shuts down ports at both ends if unidirectional traffic is detected, preventing loops in STP-based networks
  • IEEE 802.3ad LACP
    Supports up to 128 trunks, each with eight links per trunk; and provides support for static or dynamic groups and a user-selectable hashing algorithm
  • Redundant power supplies
    Provides N+1 high reliability with hot swappable, redundant power supplies

Virtual private network (VPN)

  • Generic Routing Encapsulation (GRE)
    Enables tunneling traffic from site to site over a Layer 3 path


  • Management interface control
    Enables or disables each of the following interfaces depending on security preferences: console port, or reset button
  • Industry-standard CLI with a hierarchical structure
    Reduces training time and expenses, and increases productivity in multivendor installations
  • Management security
    Restricts access to critical configuration commands; offers multiple privilege levels with password protection; ACLs provide SNMP access; local and remote syslog capabilities allow logging of all access
  • SNMP v2c/v3
    Provides SNMP read and trap support of industry standard Management Information Base (MIB), and private extensions
  • sFlow® (RFC 3176)
    Provides scalable ASIC-based wire speed network monitoring and accounting with no impact on network performance; this allows network operators to gather a variety of sophisticated network statistics and information for capacity planning and real-time network monitoring purposes
  • Remote monitoring (RMON)
    Uses standard SNMP to monitor essential network functions and supports events, alarms, history, and statistics groups as well as a private alarm extension group
  • TFTP and SFTP support
    Offers different mechanisms for configuration updates; trivial FTP (TFTP) allows bidirectional transfers over a TCP/ IP network; Secure File Transfer Protocol (SFTP) runs over an SSH tunnel to provide additional security
  • Debug and sampler utility
    Supports ping and traceroute for both IPv4 and IPv6
  • Network Time Protocol (NTP)
    Synchronizes timekeeping among distributed time servers and clients; keeps timekeeping consistent among all clock-dependent devices within the network so the devices can provide diverse applications based on the consistent time
  • IEEE 802.1AB Link Layer Discovery Protocol (LLDP)
    Advertises and receives management information from adjacent devices on a network, facilitating easy mapping by network management applications
  • Dual flash images
    Provides independent primary and secondary operating system files for backup while upgrading
  • Multiple configuration files
    Stores easily to the flash image

Layer 2 switching

  • VLAN
    Supports up to 4,096 port-based or IEEE 802.1Q-based VLANs; and supports MAC-based VLANs, protocol-based VLANs, and IP-subnet-based VLANs for added flexibility
  • Bridge Protocol Data Unit (BPDU) tunneling
    Transmits STP BPDUs transparently, allowing correct tree calculations across service providers, WANs, or MANs
  • Port mirroring
    Duplicates port traffic (ingress and egress) to a local or remote monitoring port; supports 4 mirroring groups, with an unlimited number of ports per group
  • STP
    Supports standard IEEE 802.1D STP, IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) for faster convergence, and IEEE 802.1s Multiple Spanning Tree Protocol (MSTP)
  • Internet Group Management Protocol (IGMP)
    Controls and manages the flooding of multicast packets in a Layer 2 network
  • Rapid Per-VLAN spanning tree plus (RPVST+)
    Allows each VLAN to build a separate spanning tree to improve link bandwidth usage in network environments with multiple VLANs

Layer 3 services

  • Address Resolution Protocol (ARP)
    Determines the MAC address of another IP host in the same subnet; supports static ARPs; gratuitous ARP allows detection of duplicate IP addresses; proxy ARP allows normal ARP operation between subnets or when subnets are separated by a Layer 2 network
  • UDP helper
    Redirects UDP broadcasts to specific IP subnets to prevent server spoofing
  • Dynamic Host Configuration Protocol (DHCP)
    Simplifies the management of large IP networks and supports client; DHCP Relay enables DHCP operation across subnets
  • Domain Name System (DNS)
    Provides a distributed database that translates domain names and IP addresses, which simplifies network design; supports client and server

Layer 3 routing

  • Static IPv4 routing
    Provides simple manually configured IPv4 routing
  • Open shortest path first (OSPF)
    Delivers faster convergence; uses link-state routing Interior Gateway Protocol (IGP), which supports ECMP, NSSA, and MD5 authentication for increased security and graceful restart for faster failure recovery
  • Border Gateway Protocol 4 (BGP-4)
    Delivers an implementation of the Exterior Gateway Protocol (EGP) utilizing path vectors; uses TCP for enhanced reliability for the route discovery process; reduces bandwidth consumption by advertising only incremental updates; supports extensive policies for increased flexibility; scales to very large networks
  • IP performance optimization
    Provides a set of tools to improve the performance of IPv4 networks; includes directed broadcasts, customization of TCP parameters, support of ICMP error packets, and extensive display capabilities
  • Static IPv6 routing
    Provides simple manually configured IPv6 routing
  • Dual IP stack
    Maintains separate stacks for IPv4 and IPv6 to ease the transition from an IPv4-only network to an IPv6-only network design
  • OSPFv3
    Provides OSPF support for IPv6
  • Equal-Cost Multipath (ECMP)
    Enables multiple equal-cost links in a routing environment to increase link redundancy and scale bandwidth


  • TAA Compliance
    The Aruba 8320, a TAA compliant product, with the ArubaOS-CX uses FIPS 140-2 validated cryptography for protection of sensitive information
  • Access control list (ACL)
    Supports powerful ACLs for both IPv4 and IPv6; ACLs are used for filtering traffic to prevent unauthorised users from accessing the network, or for controlling network traffic to save resources; rules can either deny or permit traffic to be forwarded; rules can be based on a Layer 2 header or a Layer 3 protocol header
  • Remote Authentication Dial-In User Service (RADIUS)
    Eases security access administration by using a password authentication server
  • Terminal Access Controller Access-Control System (TACACS+)
    Delivers an authentication tool using TCP with encryption of the full authentication request, providing additional security
  • Management access security
    Aruba OS CX provides for both on-box as well as off- box authentication for administrative access. RADIUS or TACACS+ can be used to provide encrypted user authentication. Additionally, TACACS+ can also provide user authorization services
  • Secure shell (SSHv2)
    Uses external servers to securely log in to a remote device; with authentication and encryption, it protects against IP spoofing and plain-text password interception; increases the security of Secure FTP (SFTP) transfers


  • Multicast VLAN
    Allows multiple VLANs to receive the same IPv4 or IPv6 multicast traffic, lessening network bandwidth demand by reducing multiple streams to each VLAN
  • Protocol Independent Multicast (PIM)
    Defines modes of IPv4 multicasting to allow one-to-many and many-to-many transmission of information; supports PIM, Sparse Mode (SM)
  • Internet Group Management Protocol (IGMP)
    Utilizes Any-Source Multicast (ASM) to manage IPv4 multicast networks; supports IGMPv1, v2, and v3

Additional information

  • Green initiative support
    Provides support for RoHS and WEEE regulations

Warranty and support

  • 5-year Warranty