Laserfiche WebLink
Brochure <br />• Cisco Identity Based Networking Services (IBNS) in the Catalyst 3560 Series prevents <br />unauthorized access and helps ensure that users receive only their designated privileges. <br />It provides the ability to dynamically administer granular levels of network access. <br />• Secure Shell Protocol Version 2 (SSHv2) and Simple Network Management Protocol <br />Version 3 (SNMPv3) provide network security by encrypting administrator traffic - preventing <br />unauthorized users from accessing passwords or configuration information. <br />• Access control lists (ACLs) can be used to restrict access to sensitive portions of the <br />network by denying packets based on source and destination MAC addresses, IP <br />addresses, or TCP /UDP ports. ACLs can be used to guard against denial -of- service (DoS) <br />and other attacks, and because ACL processing is done in hardware, forwarding <br />performance of the switch is not compromised when implementing ACL -based security. <br />• Private VLAN edge provides security and isolation between ports on a switch, helping <br />ensure that voice traffic travels directly from its entry point to the aggregation device <br />through a virtual path and cannot be directed to a different port. <br />• Port security can be used to limit access on an Ethernet port based on the MAC address <br />of the device that is connected to it. It also can be used to limit the total number of devices <br />plugged into a switch port, thereby reducing the risks of rogue wireless access points <br />or hubs. <br />• MAC Address Notification can be used to monitor the network and track users by sending <br />an alert to a management station so that network administrators know when and where <br />users entered the network. The Dynamic Host Configuration Protocol (DHCP) Interface <br />Tracker (Option 82) feature tracks where a user is physically connected on a network by <br />providing both switch and port ID to a DHCP server. Additionally, the DHCP Snooping <br />Option 82 feature enables granular control over IP address assignment by a DHCP server <br />by augmenting a host IP address request so that the DHCP server can make a more <br />sophisticated address assignment. <br />• TACACS+ or RADIUS authentication facilitates centralized access control of switches and <br />restricts unauthorized users from altering the configurations. Alternatively, a local username <br />and password database can be configured on the switch itself. Fifteen levels of <br />authorization on the switch console and two levels on the Web -based management <br />interface provide the ability to give different levels of configuration capabilities to different <br />administrators. <br />Redundancy <br />The Cisco Catalyst 3560 Series supports the following capabilities to optimize network availability, <br />so that users can access data at all times, locally and remotely: <br />• Per VLAN Rapid Spanning Tree Plus (PVRST +) allows rapid spanning -tree reconvergence <br />on a per -VLAN spanning -tree basis, without requiring the implementation of spanning -tree <br />instances. <br />Flex Links are a pair of Layer 2 interfaces (switch ports or port channels), where one <br />interface is configured to act as a backup to the other. This feature provides an alternative <br />solution to the Spanning Tree Protocol, allowing users to turn off Spanning Tree Protocol <br />and still provide basic link redundancy. <br />All contents are Copyright 01992-2005 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 4 or 8 <br />