Data Sheet
All contents are Copyright © 1992–2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 4 of 19
addresses, IP addresses, or TCP/User Datagram Protocol (UDP) ports. ACL lookups are done in
hardware, so forwarding performance is not compromised when ACL-based security is implemented.
Port security can be used to limit access on an Ethernet port based on the MAC address of the
device to which it is connected. It also can be used to limit the total number of devices plugged into
a switch port, thereby protecting the switch from a MAC flooding attack as well as reducing the
risks of rogue wireless access points or hubs.
With Dynamic Host Configuration Protocol (DHCP) snooping, DHCP spoofing can be thwarted by
allowing only DHCP requests (but not responses) from untrusted user-facing ports. Additionally,
the DHCP Interface Tracker (Option 82) feature helps enable granular control over IP address
assignment by augmenting a host IP address request with the switch port ID.
The MAC Address Notification feature can be used to monitor the network and track users by
sending an alert to a management station so that network administrators know when and where
users entered the network. Secure Shell Protocol Version 2 (SSHv2) and Simple Network
Management Protocol Version 3 (SNMPv3) encrypt administrative and network-management
information, protecting the network from tampering or eavesdropping. TACACS+ or RADIUS
authentication enables centralized access control of switches and restricts unauthorized users
from altering the configurations. Alternatively, a local username and password database can be
configured on the switch itself. Fifteen levels of authorization on the switch console and two levels
on the Web-based management interface provide the ability to give different levels of configuration
capabilities to different administrators.
Intelligent PoE Management
The Cisco Catalyst 2960 PoE models support Cisco IP phones and Cisco Aironet
®
wireless LAN
access points, as well as any IEEE 802.3af-compliant end device.
●
Cisco Discovery Protocol version 2 allows the Cisco Catalyst 2960 Series Switch to
negotiate a more granular power setting when connecting to a Cisco powered device, such
as IP phones or access points, than what is provided by IEEE classification.
●
The PoE MIB provides proactive visibility into power usage and allows you to set different
power level thresholds.
●
Link Layer Discovery Protocol (LLDP and LLDP-MED) adds support for IEEE 802.1AB link
layer discovery protocol for interoperability in multivendor networks. Switches exchange
speed, duplex, and power settings with end devices such as IP phones.
Availability and Scalability
The Cisco Catalyst 2960 LAN Base Series is equipped with a large set of features that allow for
network scalability and higher availability through multicast filtering as well as a complete suite of
Spanning Tree Protocol enhancements aimed to maximize availability in a Layer 2 network.
Voice-aware 802.1x port security disables the offending data VLAN when a violation is detected
without affecting Voice VLAN on the same switch port. Enhancements to the standard Spanning
Tree Protocol, such as Per-VLAN Spanning Tree Plus (PVST+), UplinkFast, and PortFast help
maximize network uptime. PVST+ allows for Layer 2 load sharing on redundant links to efficiently
use the extra capacity inherent in a redundant design. UplinkFast, PortFast, and BackboneFast all
greatly reduce the standard 30- to 60-second Spanning Tree Protocol convergence time. Flexlink
(28 pages)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals