Cisco Catalyst WS-C2960X-48TS-LL, Řízený, L2/L3, Gigabit Ethernet (10/100/1000), Plně duplexní režim, Instalace do racku
Úvodní popis
Cisco Catalyst WS-C2960X-48TS-LL. Typ přepínače: Řízený, Přepínač
vrstev: L2/L3. Typy přepínaných ethernetových portů RJ-45: Gigabit Ethernet
(10/100/1000), Počet přepínaných ethernetových portů RJ-45: 48, Počet
portů USB 2.0: 2, Konzolový port: RJ-45. Plně duplexní režim. Kapacita
přepínání: 100 Gbit/s. Síťové standardy: IEEE 802.1ab,IEEE 802.1D,IEEE
802.1p,IEEE 802.1Q,IEEE 802.1s,IEEE 802.1w,IEEE 802.1×,IEEE… Instalace do
racku
Popis
Cisco® Catalyst® 2960-X Series Switches are fixed-configuration, stackable
Gigabit Ethernet switches that provide enterprise-class access for campus and
branch applications (Figure 1). Designed for operational simplicity to lower
total cost of ownership, they enable scalable, secure and energy-efficient
business operations with intelligent services and a range of advanced Cisco
IOS® Software features.
Product Highlights
Cisco Catalyst 2960-X switches feature:
- 24 or 48 Gigabit Ethernet ports with line-rate forwarding performance
- Gigabit Small Form-Factor Pluggable (SFP) or 10G SFP+ uplinks
- FlexStack Plus for stacking of up to 8 switches with 80 Gbps of stack
throughput (optional)
- Power over Ethernet Plus (PoE+) support with up to 740W of PoE budget
- 24-port PoE fanless switch for deployment outside the wiring closet
- Reduced power consumption and advanced energy management features
- USB and Ethernet management interfaces for simplified operations
- Application visibility and capacity planning with integrated NetFlow-Lite
- LAN Base or LAN Lite Cisco IOS® software features
- Enhanced limited lifetime warranty (E-LLW) offering next-business-day hardware
replacement
Cisco Catalyst 2960-XR models also offer:
- Power resiliency with optional dual field-replaceable power supplies
- IP Lite Cisco IOS® software with dynamic routing and Layer 3 features
Switch Models and Configurations
Catalyst 2960-X switches include a single fixed power supply and are available
with either the Cisco IOS LAN Base or LAN Lite feature set. Catalyst 2960-XR
switch models include a field-replaceable modular power supply and can
accommodate a second power supply. Catalyst 2960-XR is available only with the
Cisco IOS IP Lite feature set.
Catalyst 2960-X series Software Features
All Catalyst 2960-X Series Switches use a single Universal Cisco IOS Software
Image for all SKUs. Depending on the switch model, the Cisco IOS image
automatically configures the LAN Lite, LAN Base, or IP Lite feature set.
LAN Lite models have reduced functionality and scalability for small deployments
with basic requirements. Cisco Catalyst 2960-X Family of Switches are available
with the LAN Base and LAN Lite feature sets and Catalyst 2960-XR Family of
switches are available IP Lite feature sets.
Note that each switch model is tied to a specific feature level; LAN Lite cannot
be upgraded to LAN Base and LAN Base cannot be upgraded to IP Lite.
Cisco Catalyst 2960-XR IP-Lite High-Performance Routing
The Cisco hardware routing architecture delivers extremely high-performance IP
routing in the Cisco Catalyst 2960-XR IP-Lite Switches:
- IP unicast routing protocols (Static, Routing Information Protocol Version 1
[RIPv1], RIPv2, RIPng, and EIGRP-Stub) are supported for network routing
applications.
- Advanced IP unicast routing protocols (OSPF for Routed Access) are supported
for load balancing and constructing scalable LANs. IPv6 routing (OSPFv3) is
supported in hardware for maximum performance.
- EIGRPv3-Stub and PIMv6-Stub are supported as a part of the IPv6 routing
suite.
- Equal-cost routing facilitates Layer 3 load balancing and redundancy across
the stack.
- Policy-based routing (PBR) allows superior control by facilitating flow
redirection regardless of the routing protocol configured (for both IPv4 and
IPv6).
- Hot Standby Routing Protocol (HSRP) and Virtual Router Redundancy Protocol
(VRRP) provides dynamic load balancing and failover for routed links.
- Protocol Independent Multicast (PIM) for IP multicast is supported, including
PIM sparse mode (PIM-SM), PIM dense mode (PIM-DM), PIM sparse-dense mode and
Source Specific Multicast (SSM).
Network Security
The Cisco Catalyst 2960-X Series Switches provide a range of security features
to limit access to the network and mitigate threats, including:
- MAC-based VLAN assignment enables different users to authenticate on different
VLANs. This feature enables each user to have a different data VLAN on the same
interface.
- Cisco TrustSec uses SXP to simplify security and policy enforcement throughout
the network. For more information about Cisco TrustSec security solutions, visit
cisco.com/go/TrustSec.
- Comprehensive 802.1X Features to control access to the network, including
Flexible Authentication, 802.1× Monitor Mode, and RADIUS Change of
Authorization.
- IPv6 First-Hop Security enhances Layer-2 and Layer-3 network access from
proliferating IPv6 devices especially BYOD devices. It protects against rogue
router advertisements, address spoofing, fake DHCP replies and other risks
introduced by IPv6 technology.
- Device Sensor and Device Classifier enable seamless versatile device profiles
including BYOD devices. They also enable Cisco Identity Services Engine (ISE) to
provision identity based security policies. This feature is available on both
the 2960-X and the 2960-XR product families.
- Cisco Trust Anchor Technology enables easy distribution of a single universal
image for all models of Catalyst 2960-X by verifying the authenticity of IOS
images. This technology allows the switch to perform IOS integrity checks at
boot-up by verifying the signature, verifying the Trusted Asset under Management
and authenticating the license.
- Cisco Threat Defense features including Port Security, Dynamic ARP Inspection,
and IP Source Guard.
- Private VLANs restrict traffic between hosts in a common segment by
segregating traffic at Layer 2, turning a broadcast segment into a nonbroadcast
multi access like segment. This feature is available in IP-Lite feature set
only.
- Private VLAN Edge provides security and isolation between switch ports, which
helps ensure that users cannot snoop on other users’ traffic.
- Unicast Reverse Path Forwarding (uRPF) feature helps mitigate problems caused
by the introduction of malformed or forged (spoofed) IP source address into a
network by discarding IP packets that lack a verifiable IP source address. This
feature is available in IP-Lite feature set only.
- Multidomain Authentication allows an IP phone and a PC to authenticate on the
same switch port while placing them on appropriate voice and data VLAN.
- Access Control Lists (ACLs) for IPv6 and IPv4 for security and QoS ACEs.
- VLAN ACLs on all VLANs prevent unauthorized data flows from being bridged
within VLANs.
- Router ACLs define security policies on routed interfaces for control-plane
and data-plane traffic. IPv6 ACLs can be applied to filter IPv6 traffic.
- Port-based ACLs for Layer 2 interfaces allow security policies to be applied
on individual switch ports.
- Secure Shell (SSH) Protocol, Kerberos, and Simple Network Management Protocol
Version 3 (SNMPv3) provide network security by encrypting administrator traffic
during Telnet and SNMP sessions. SSH Protocol, Kerberos, and the cryptographic
version of SNMPv3 require a special cryptographic software image because of U.S.
export restrictions.
- Switched Port Analyzer (SPAN), with bidirectional data support, allows Cisco
Intrusion Detection System (IDS) to take action when an intruder is detected.
- TACACS+ and RADIUS authentication facilitates centralized control of the
switch and restricts unauthorized users from altering the configuration.
- MAC Address Notification allows administrators to be notified of users added
to or removed from the network.
- Multilevel security on console access prevents unauthorized users from
altering the switch configuration.
- Bridge protocol data unit (BPDU) Guard shuts down Spanning Tree Port
Fast-enabled interfaces when BPDUs are received to avoid accidental topology
loops.
- Spanning Tree Root Guard (STRG) prevents edge devices not in the network
administrator’s control from becoming Spanning Tree Protocol root nodes.
- IGMP filtering provides multicast authentication by filtering out
nonsubscribers and limits the number of concurrent multicast streams available
per port.
- Dynamic VLAN assignment is supported through implementation of VLAN Membership
Policy Server client capability to provide flexibility in assigning ports to
VLANs. Dynamic VLAN facilitates the fast assignment of IP addresses.
Redundancy and Resiliency
Cisco Catalyst 2960-X Series Switches offer a number of redundancy and
resiliency features to prevent outages and help ensure that the network remains
available:
- Cross-stack EtherChannel provides the ability to configure Cisco EtherChannel
technology across different members of the stack for high resiliency.
- Flexlink provides link redundancy with convergence time less than
100 milliseconds.
- IEEE 802.1s/w Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree
Protocol (MSTP) provide rapid spanning-tree convergence independent of
spanning-tree timers and also offer the benefit of Layer 2 load balancing and
distributed processing. Stacked units behave as a single spanning-tree node.
- Per-VLAN Rapid Spanning Tree (PVRST+) allows rapid spanning-tree reconvergence
on a per-VLAN spanning-tree basis, without requiring the implementation of
spanning-tree instances.
- Cisco Hot Standby Router Protocol (HSRP) is supported to create redundant,
fail safe routing topologies in 2960-XR IP-Lite SKUs.
- Switch-port auto-recovery (Error Disable) automatically attempts to reactivate
a link that is disabled because of a network error.
- Power redundancy with an optional second power supply on 2960-XR models, or
with an external RPS on 2960-X models.
Enhanced Quality of Service
The Cisco Catalyst 2960-X Series Switches offers intelligent traffic management
that keeps everything flowing smoothly. Flexible mechanisms for marking,
classification, and scheduling deliver superior performance for data, voice, and
video traffic, all at wire speed. Primary QoS features include:
- Up to eight egress queues per port and strict priority queuing so that the
highest priority packets are serviced ahead of all other traffic.
- Shaped Round Robin (SRR) scheduling and Weighted Tail Drop (WTD) congestion
avoidance.
- Flow-based rate limiting and up to 256 aggregate or individual policers per
port.
- 802.1p class of service (CoS) and Differentiated Services Code Point (DSCP)
classification, with marking and reclassification on a per-packet basis by
source and destination IP address, MAC address, or Layer 4 TCP/UDP port
number.
- Cross-stack QoS to allow QoS to be configured across a stack of 2960-X series
switches.
- The Cisco committed information rate (CIR) function provides bandwidth in
increments as low as 8 Kbps.
- Rate limiting is provided based on source and destination IP address, source
and destination MAC address, Layer 4 TCP/UDP information, or any combination of
these fields, using QoS ACLs (IP ACLs or MAC ACLs), class maps, and policy
maps.