© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 9
To further increase high availability on a networkwide level, the IE 2000U offers REP and FlexLink for fast
reconvergence, link-state tracking, IEEE 802.1w Rapid Spanning Tree Protocol (RSTP), and per-VLAN Rapid
Spanning Tree Plus (PVRST+). These capabilities help to create redundant, failsafe topologies. Strong, built-in
security helps prevent the device and the network from succumbing to malicious attacks, thereby enhancing
network uptime.
Security
The wide range of security features on the IE 2000U protects mission-critical traffic, prevents unauthorized
access, and maintains uninterrupted operation. The IE 2000U protects operational and nonoperational data by
focusing on securing connectivity, defending against network threats, and providing trust and identity features.
Protecting a network begins with securing connectivity. For example, ACLs can be used to restrict access to
sensitive portions of the network. To defend against network threats such as Dynamic Host Configuration Protocol
(DHCP) spoofing, DHCP snooping can be used to allow only DHCP requests (but not responses) from untrusted
user-facing ports. Workforce management is a critical use case, where trust and identity features such as IEEE
802.1x can be used to enable strong security policies, yet provide maximum mobility to a remote workforce.
Table 2 lists these and other primary features of the security solution.
Table 2. Primary Features for Each Area of Comprehensive Security Solution
Secure Connectivity Threat Defense Trust and Identity
UNI/ENI default: control traffic shut down Configurable control plane security ACLs
DHCP snooping and IP source guard Storm control IEEE 802.1x
Dynamic Address Resolution Protocol (ARP) inspection Port security UNI/ENI default: port down
Private VLAN Configurable per-VLAN MAC learning Configuration file security
Switch Management Options
The IE 2000U offers an easy-to-use GUI for configuration through the Cisco Configuration Professional tool, as
well as a superior command-line interface (CLI) for detailed configuration. In addition, the switches support Simple
Network Management Protocol (SNMP) for networkwide management. Network operators can integrate the IE
2000U transparently into their network operations centers and enable improved flow-through provisioning.
Network operators can also manage the IE 2000U using SNMP Versions 2 and 3. A comprehensive set of MIBs is
provided for network operators to collect traffic information from the IE 2000U.
Switch Performance and Scalability
●
Line-rate/nonblocking uplink/downlink ports
●
Forwarding rate: 6.5 mpps with 64-byte packets
●
Egress buffer: 2MB
●
Unicast MAC addresses: 8000
●
IGMP multicast groups: 255
●
Max VLANs: 255
●
IPv4 MAC security Access Control Entries (ACE): 384 (default ternary content-addressable memory
[TCAM] template)
(10 pages)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals