Overblog Follow this blog
Administration Create my blog
Cisco & Cisco Network Hardware News and Technology

Posts with #cisco switches - cisco firewall tag

What You can Do with Cisco AVB?

December 1 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Switches - Cisco Firewall, #Cisco Technology - IT News

Cisco Simplifies Digitization of Audio Video Networks with IEEE Audio Video Bridging

Do you want more audio-video flexibility without spending too much money? If yes, you can try Cisco’s new AVB. What is Audio Video Bridging?

Audio video (AV) equipment deployments have traditionally been single-purpose, analog, point-to-point connections with one-way links. As AV deployments migrate to digital, they have continued to retain this inflexible point to-point architecture. This dedicated connection model also results in a mass of cabling that is difficult and costly to manage. In contrast, an open-standards based Ethernet infrastructure enables flexibility and transparent interoperability of multi-vendor AV equipment and integration of new services.

How did AVB come about, and what does it all mean? AVB is a set of technical standards created by the IEEE Audio Video Bridging Task Group. The IEEE AVB Task Group is a part of the IEEE 802.1 standards committee. IEEE 802.1 defined a set of standards that provided the means for highly reliable delivery of low-latency, time-synchronized AV streaming services through Layer 2 Ethernet networks.

The IEEE 802.1 Audio Video Bridging (AVB) standard enables this digital transition and accelerates the adoption of Ethernet-based AV deployments that are interoperable. The IEEE 802.1 AVB defines a mechanism whereby the endpoints and the network function as a whole. This allows high-quality AV streaming of professional AV over an Ethernet infrastructure. Instead of one-to-one, the network transport enables many-to-many seamless plug-n-play connections for multiple AV endpoints including talkers and listeners. This helps corporations lower total cost of ownership through fewer cables (CapEx) and no license fees for any proprietary technologies (OpEx). It also provides higher quality, time-synchronized AV with more scalability. This scalability includes a more efficient deployment, installation and management enabling new capabilities.

If you want to see how each standard interacts with AVB and for more about the subject, read the “Cisco Audio Video Bridging Design and Deployment for an Enterprise Network” white paper.

http://www.cisco.com/c/en/us/products/collateral/switches/nexus-7000-series-switches/white-paper-c11-736890.html

Cisco simplifies digitization of AV networks with AVB support on industry leading switches. With the Cisco IOS XE Software Release 16.3, Cisco has introduced support for the IEEE 802.1 AVB standard on select Cisco Catalyst 3850 and select Cisco Catalyst 3650 switches. It delivers the highest-capacity 1-,10- and 40-Gigabit Ethernet ports in the industry.

Cisco implements the AVB standards on select Catalyst 3850 and 3650 Series Switches.

The Catalyst 3850 and 3650 Series Switches include our widely deployed, industry leading managed access and aggregation switches. They are designed to deliver a comprehensive set of features to provide the best application experience, the highest levels of security, precise control and management of the network. They offer industry-leading scalability in the fixed configuration category of switches. As a result, they can be deployed as aggregation or access switches in large networks or as core switches in smaller networks.

Cisco’s Unified Access Data Plane application-specific integrated circuit (ASIC) powers the switches and can enable uniform wired-wireless policy enforcement, application visibility and control (AVC), flexibility and application optimization. Cisco Catalyst 3850 and 3650 Series Switches support full IEEE 802.3at Power over Ethernet Plus (PoE+), Cisco Universal Power over Ethernet, modular and field-replaceable network modules, RJ45 and fiber-based downlink interfaces, redundant fans and power supplies and innovative power-sharing functions to achieve a flexible and advanced redundant configuration. With speeds that reach 10 Gbps, Cisco Catalyst 3850 Multigigabit Ethernet Switches support current and next-generation wireless speeds and standards—including 802.11ac Wave 2—on existing cabling infrastructure.

Quite simply, these switches are designed to deliver a comprehensive set of features to provide the best application experience, the highest levels of security, and precise control and management of the network.

The Cisco Catalyst 3850 and 3650 switches offer industry-leading scalability in the fixed configuration category of switches. As a result, they can be deployed as aggregation or access switches in large networks or as core switches in smaller networks.

 

Cisco has also added rich next-generation capabilities to this platform.

Some examples include:

  • Programmability
  • AVB
  • MPLS
  • Services discovery gateway
  • Network as a sensor and enforcer
  • Encapsulated remote switchport analysis

Try using a Cisco Catalyst 3850 and 3650 Series switches to provide AVB. Whether you're in hospitality, government, enterprise or another industry, Cisco AVB is an ideal solution. Deploy it into your current audio-video setup: in conference rooms, auditoriums, and more.

Reference From http://www.cisco.com/c/dam/en/us/products/collateral/switches/at-a-glance-c45-737488.pdf

More Related:

Cisco AVB Switches

What is Audio Video Bridging?

Updated: Comparing the Newest Cisco 3850 Models

The New Cisco Catalyst 3650 Series Mini Switch

The Newest: Model Comparison for the Cisco Catalyst 3650 Models

Read more

Cisco Catalyst 3850 Series Licenses

October 28 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Switches - Cisco Firewall, #Technology, #Cisco License

LAN Base, IP Base and IP Services these 3 features are available with all Cisco Catalyst 3850 models. What are their features?

●   LAN Base: Enterprise access layer 2 switching features

●   IP Base: Enterprise access layer 3 switching features

●   IP Services: Advanced enterprise layer 3 switching (IPv4 and IPv6) features

1. The LAN Base feature set offers enhanced intelligent services that include comprehensive Layer 2 features, with up to 255 VLANs.

2. The IP Base feature set provides entry-level enterprise services in addition to all LAN Base features, with 1K VLANs. IP Base also includes the support for wireless controller functionality (mobility agent and mobility controller role; additional access point license required for mobility controller role), routed access, smart operations, FNF, and so on.

3. The IP Services feature set provides full enterprise services that include advanced Layer 3 features such as EIGRP, OSPF, BGP, PIM, and IPv6 routing such as OSPFv3 and EIGRPv6. All software feature sets support advanced security and MQC-based QoS.

The Cisco Catalyst 3850 Series Switches with LAN Base feature set can only stack with other Cisco Catalyst 3850 Series LAN Base switches. The same applies to IP Base and IP Services as well. A mixed stack of LAN Base switch with IP Base or IP Services feature set is not supported.

The 12-port and 24-port SFP+- and SFP-based models as well as the 48-port SFP+ model can only be ordered with IP Base or IP Services licenses. Therefore, in order to stack with LAN Base models, they need to be configured in LAN Base mode from the CLI.

Customers can transparently upgrade the software feature set in the Cisco Catalyst 3850 Series Switches through Cisco IOS Software CLI using the right to use (RTU)-based software upgrade process. Software activation enables the Cisco IOS Software feature sets. Based on the license’s type, Cisco IOS Software activates the appropriate feature set. License types can be changed, or upgraded, to activate a different feature set.

Software Policy for Cisco Catalyst 3850 Series Switches

Customers with Cisco Catalyst LAN Base and IP Base software feature sets will be provided with maintenance updates and bug fixes designed to maintain the compliance of the software with published specifications, release notes, and industry standards compliance as long as the original end user continues to own or use the product or up to one year from the end-of-sale date for this product, whichever occurs earlier. Customers with licenses for our IP Services software images require a service support contract such as Cisco SMARTnet Service to download updates. This policy supersedes any previous warranty or software statement and is subject to change without notice.

Cisco ONE Software for Cisco Catalyst 3850 Series

Cisco ONE Software for Access Switching is available for the Cisco Catalyst 3850 Series Switches.

Cisco ONE Software is a new way for customers to purchase and use our infrastructure software. It offers a simplified consumption model, centered on common customer scenarios in the data center, WANs, and LANs.

Cisco ONE Software and services provide customers with four primary benefits:

  • Software suites that address typical customer use scenarios at an attractive price
  • Investment protection of their software purchase through software services-enabled license portability
  • Access to ongoing innovation and new technology with Cisco Software Support Service (SWSS)
  • Flexible licensing models to smoothly distribute customer's software spend over time

For ordering information for Cisco ONE Software for the Cisco Catalyst 3850 Series Switches, go to http://www.cisco.com/c/en/us/products/software/one-access/switching-part-numbers.html.

Licenses for Cisco Catalyst 3850 Series Switches

Software Licenses

C3850-12-S-E

Cisco Catalyst 3850 12-port IP Base to IP Services RTU paper license

C3850-24-L-S

Cisco Catalyst 3850 24-port Switch LAN Base to IP Base RTU paper license

C3850-48-L-S

Cisco Catalyst 3850 48-port Switch LAN Base to IP Base RTU paper license

C3850-24-L-E

Cisco Catalyst 3850 24-port LAN Base to IP Services RTU paper license

C3850-48-L-E

Cisco Catalyst 3850 48-port LAN Base to IP Services RTU paper license

C3850-24-S-E

Cisco Catalyst 3850 24-port IP Base to IP Services RTU paper license

C3850-48-S-E

Cisco Catalyst 3850 48-port IP Base to IP Services RTU paper license

L-C3850-24-L-S

Cisco Catalyst 3850 24-port LAN Base to IP Base RTU electronic license

L-C3850-48-L-S

Cisco Catalyst 3850 48-port LAN Base to IP Base RTU electronic license

L-C3850-24-L-E

Cisco Catalyst 3850 24-port LAN Base to IP Services RTU electronic license

L-C3850-48-L-E

Cisco Catalyst 3850 48-port LAN Base to IP Services RTU electronic license

L-C3850-24-S-E

Cisco Catalyst 3850 24-port IP Base to IP Services RTU electronic license

L-C3850-48-S-E

Cisco Catalyst 3850 48-port IP Base to IP Services RTU electronic license

L-C3850-12-S-E

Cisco Catalyst 3850 12-port IP Base to IP Services RTU electronic license

Access Point Licenses

L-LIC-CT3850-UPG

Primary upgrade license SKU for Cisco 3850 wireless controller (e-delivery)

L-LIC-CTIOS-1A

1 access point adder license for Cisco IOS Software based wireless controller (e-delivery)

LIC-CT3850-UPG

Primary upgrade license SKU for Cisco 3850 wireless controller (paper license)

LIC-CTIOS-1A

1 access point adder license for the Cisco IOS Software based wireless controller (paper license)

Access Point License for Cisco Catalyst 3850: An access point license is required for Cisco Catalyst 3850 operating in mobility controller mode. No access point license is required for 3850 operating in mobility agent mode. This functionality is included in the IP Base feature set. Other devices that can act as mobility controller are the WLC 5760, WLC 5508, and WiSM2 wireless controllers. Access point licenses can be transferred only between two 3850 switches or between 3850 and 5760 controller and vice versa.

More info here: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3850-series-switches/data_sheet_c78-720918.html?referring_site=RE&pos=1&page=http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3850-series-switches/qa_c67-722110.html

 

More Related…

New: Cisco 3850 as Mobility Controller

Updated: Cisco StackPower Technology for Cisco Catalyst 3850 Switches

Updated: Comparing the Newest Cisco 3850 Models

How to Change a Switch Member Number in a Cisco 3850 Stack?

How to Form a Stack-Wise and Power-Stack with Cisco Catalyst 3850?

Cisco Catalyst 3850 Series-“Auto-Upgrade” Feature

Read more

The New Cisco Industrial Ethernet 4010 Series Switches

September 14 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco & Cisco Network, #Cisco Switches - Cisco Firewall

Cisco IE 4010 Series Switches Models

Cisco IE 4010 Series Switches Models

IE 4010 Series-Solution Highlights and Capabilities

IE 4010 Series-Solution Highlights and Capabilities

Cisco IE 4010 Series Switches-Overview

Cisco IE 4010 Series Switches-Overview

How to choose your untypical IT equipment? Why you should choose an untypical network device? Here, we will share a new featured product for you: the Cisco Industrial Ethernet 4000 Series Switches.

Cisco IE4010 Series Switches offer 24 Gigabit PoE/PoE+ capable ports, making them an ideal choice for use as access switches in industrial environments to connect high definition IP cameras, Access Points and IP phones. These switches provide high-bandwidth switching (Layer 2) and proven Cisco IOS Software-based routing (Layer 3) capabilities to improve uptime, performance, and safety of industrial systems and equipment.

Cisco Industrial Ethernet 4010 Series Switches

  • Superior bandwidth and capacity-56-Gbps non-blocking switching capacity with 28-Gigabit-Ethernet (GE) ports
  • High-density, industrial Power over Ethernet (PoE) or PoE Plus (PoE+) support for in-line power to up to 24 devices
  • Cisco IOS Software features for smooth IT integration and policy consistency
  • Robust resiliency enabled by a dual-ring design with 4x Gigabit Ethernet uplink ports, Resilient Ethernet Protocol (REP), Parallel Redundancy Protocol (PRP), EtherChannel, and Flex Links support
  • Easy deployment, with zero-touch discovery using DHCP and an express setup with a swappable SD flash card

Industrial environments can be tough on any equipment, but especially on networking hardware. Your typical IT equipment was never designed to withstand the poundings, dirt, and grime found in most industrial environments. Plus, these pieces of equipment require significant reconfiguring to serve the computing and technology needs of industrial manufacturers and utilities.

The Cisco Industrial Ethernet 4010 (IE4010) Series Switches are flexible and scalable industrial Ethernet switches. They were developed specifically to withstand rugged industrial environments meeting industrial customers’ needs. With 24 Gigabit PoE/PoE+ capable ports, it’s suitable to connect high definition IP cameras, Access Points, or IP Phones.

The ruggedized Cisco IE4010 Series forms the foundation of a wide array of technology solutions for multiple industries, such as:

• Factory automation

• Smart cities

• Substation automation

• Intelligent transportation systems

Benefits-The New Cisco IE 4010 Series Switches

• Reduced downtime through highavailability technology to facilitate networkwide resilience and increased IP network availability

Lower operating costs with inline power for PoE/PoE+ devices, allowing easy installation and updates without an overhaul of the electrical layout

• Improved security with integration of security policy enforcement within the switch without creating traffic bottlenecks

• Investment protection from software licensing, which offers new improved software features without requiring hardware upgrades

• Improved efficiency of your internal IT and operations teams using a single, standardized platform

• Increased speed and flexibility needed to bring products to market and adapt to changing business challenges

How It Works

The Cisco IE4010 Series complements other Cisco IE product families, delivering high performance, rich feature sets, and extensive and scalable Power over Ethernet (PoE)/PoE+ options.

The switches can be set up and operated easily by your internal IT and operations staff, helping you automate industrial processes much more quickly. The embedded Cisco IOS Software also allows you to quickly integrate new switches and connect all your industrial endpoints for greater visibility, control, and access and can automatically detect new endpoints whenever they’re brought online. Plus, with the built-in Cisco SmartPorts technology, your staff can assign the correct quality-of-service (QoS) functions for a desired connection quickly and easily.

An embedded web-based Device Manager provides real-time visibility of your switch configuration and performance. The color-coded displays and animated indicators of the application help simplify management and monitoring tasks. It also has alert functions that help you identify and solve networking problems when they arise.

Designed Tough and Built for Industrial Use

The Cisco IE4010 Series Switches were built to withstand and even thrive in harsh operating environments and temperatures ranging from –40 to 75°C. With no moving parts, the switches come enclosed in tough casings designed for serious protection from dust, dirt, grime, high humidity, electromagnetic fields, and extreme vibrations. They support network standards and protocols such as Ethernet/IP, CIP, and Profinet so you can set up and connect industrial equipment and automation applications quickly and easily.

Use Case Examples

• Increase solution redundancy and connect high-speed automation devices in connected factories and electrical substations by using uplinks to form redundant ring topology and provide multiple Gigabit Ethernet connectivity.

• Connect access points and provide high-speed Wi-Fi coverage along oil/gas pipelines and mining fields in remote locations.

• Provide bandwidth and large amounts of PoE ports required to support citywide surveillance IP camera infrastructure.

• Connect mass transportation to provide voice, video, and data services to passengers.

Easy to Deploy and Manage

Cisco IE4010 Series Switches use the same Cisco IOS Software with which you’re already familiar, so switch integration and connecting endpoints are simple. Out-of-the-box configuration enables you to set a switch up with one click. It also contains line-rate, low-latency forwarding with advanced hardware assist features—for example, Network Address Translation (NAT), Multilayer Traffic Prioritization, Multicast, IEEE 1588, and support for multiple traffic protection technologies including Cisco REP and PROFINET MRP and more—to make interoperability and management tasks easier and more efficient.

Strong Security

The solution supports all of the security features you expect in a Cisco switch, including 802.1x port security, dynamic port-based authentication, encrypted administrative traffic, IEEE 802.1AE MACsec encryption, FIPS compliance, centralized authentication, and more.

Industrial Power over Ethernet

With PoE, you can connect and power devices using a single cable. These switches support high-density, industrial PoE/PoE+ support for up to 24 devices, including IP cameras and phones, badge readers, wireless access points, and more. PoE helps you reduce complexity in your warehouse or factory, lower costs of necessary wiring and other equipment, and enjoy the flexibility and freedom of ready-to-use devices.

More info from http://www.cisco.com/c/dam/en/us/products/collateral/switches/industrial-ethernet-4010-series-switches/at-a-glance-c45-737281.pdf

More Related…

Model Comparison: ISR 4321 vs. 4331 vs. 4351 vs. 4431 vs. 4451 Router

Say Something about Cisco 4400 and 4300 Series

Migrating to Cisco 4000 Series ISR…Benefits You Get

Cisco 4451-X vs. Cisco 3945E vs. 3925E vs. Cisco 3945 vs. 3925 Router

Cisco 4000 Series ISR, Top Choice for Today’s Branch Offices

New Cisco NIM cards for Cisco ISR 4000 Family

Ordering Guide-Cisco 4400 and 4300 Series Routers/Cisco 4000 Router Family

Cisco ISR 4451-X, Prepared for Future Branch Network Needs

Read more

Cisco Industrial Ethernet 1000 Series Switches, How It Works?

July 1 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Cisco Technology - IT News

Cisco Industrial Ethernet 1000 Series Switches' ROLE

Cisco Industrial Ethernet 1000 Series Switches' ROLE

Cisco Industrial Switches have a big family, including the Cisco IE 2000, IE 3000, IE 4000 and IE 5000 Series Switches and the new IE 1000 Series.

The Cisco Industrial Ethernet 1000 Series---Lightly Managed Switches for Industrial Environments

The Cisco Industrial Ethernet 1000 (IE1000) Series Switches enable industrial network connectivity where traditional unmanaged switches lack the required performance and do not offer visibility and control.

Cisco IE1000 is a lightly managed Layer 2 switch designed for industrial users to better achieve productivity and network reliability, a primary element to business success.

The traditional industrial Ethernet switch of the past was a DIN rail unmanaged switch with few Ethernet ports to interconnect various nodes, including computer, HMI, PLC, I/O, drive, and sensors. The main challenge when deploying unmanaged switches is that it is difficult to monitor and troubleshoot issues that impact operational productivity. The IE1000 offers basic management for QoS, and security along with monitoring capability, which are essential in industrial environments.

The Cisco IE1000 Series has the option of Power over Ethernet (PoE) applications. Cisco IE1000 switches are designed to meet IEEE 802.3af (PoE) and 802.3at (PoE+) standards for network devices such as wireless access points, IP surveillance cameras, display monitors, and PoE-enabled industrial devices. One benefit of a PoE network solution is that it reduces the time and cost of having power cabling or outlets installed by certified electricians. The IE1000 PoE series is for industry users that seek flexible, low-cost, and easy-to-use installation solutions.

How It Works

As soon as you power up the IE1000, you can access the switch using a web browser to start the network connectivity. The IE1000 boots within 30 seconds from power up. It also allows you to monitor traffic flows, and Ethernet port utilization. You can administratively shut down or block unwanted devices in case of safety or security concern.

You can prioritize traffic on a per-port basis to assure that the critical traffic is delivered end to end with priority. In addition, the Cisco IE1000 transports industrial protocol traffic such as Ethernet/IP, PROFINET, and Modbus/TCP without extra provisioning. The support of SNMP, alarm relay, and syslog allows you to uncover errors before the network stops totally.

Solution Highlights and Capabilities

The Cisco IE1000 Series Switches support the features and capabilities sufficient for industrial usage, including:

Port density: 5, 6, 8, and 10

• FE copper or GE fiber uplink ports

• 4 or 8 Fast Ethernet downlinks

• Up to 8 PoE/PoE+ ports

• Data load optimization with VLAN awareness

IGMP and DHCP snooping

• Web GUI-based provisioning and monitoring with no need for extensive IT knowledge

• High reliability and five-year hardware warranty

Benefits

• Minimized downtime: troubleshoot, monitor, and diagnose with Web-based GUI tool.

• Improved network resiliency: spanning tree enables network link redundancy and fast link recovery.

• Increased network security: port security allows disabling ports to control what gets connected to the network.

• Critical traffic prioritization: guaranteed delivery of mission critical end devices traffic.

• Reduced overall TCO: VLANs allow for logical segmentation in a single switch, which reduces total number of switches needed.

Use Case Examples

• Machine builders: Connects complex I/O and automation gears

• Panel builders and panel shops: for electricians to manage Ethernet connectivity.

• PoE solution for smart cities: Connects Wi-Fi access points and IP camera in locations without flexible power outlet or in spaceconstrained roadside cabinets.

More Related…

New Industrial Switches-Cisco IE 2000 Series

Cisco Industrial Ethernet 1000 Series Switches

Cisco Industrial Ethernet 1000 Series Switches

Cisco IE 1000 Series Switches Configurations

Cisco IE 1000 Series Switches Configurations

Read more

Introducing the Cisco Catalyst 2960-CX 8 Port Gigabit Switch

June 24 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

Cisco Catalyst 2960-CX Series Switches

Cisco Catalyst 2960-CX Series Switches

Cisco Catalyst 2960-X Compact Switch Models and Default Software

Cisco Catalyst 2960-X Compact Switch Models and Default Software

Who are the COOL 2960-CX 8 Port Gigabit Switches? They are:

  • Layer 2 compact switches with 8 ports optimized for 1 Gb services
  • Up to 124 Watts of Power over Ethernet Plus (PoE+) power budget per switch
  • Fan-less compact design for quiet and efficient operation; flexible mounting options

Yes! The Catalyst 2960-CX Series Switches are fan-less, small form-factor, Gigabit Ethernet switches and are ideal for high-speed data connectivity, Wi-Fi backhaul, and Power over Ethernet (PoE) connectivity in places where space is at a premium.

Freedom to Connect Devices Anywhere

When you have a tight space, bigger is not always better. So start compact with the 2960-CX 8 port gigabit switch. And expand your network as your company grows. Gain the enterprise features of a larger Cisco switch without using a lot of physical space. Our Catalyst switches bring wired and wireless together through unified access, so you gain scale, security, and mobility.

Features and Capabilities

Created for organizations where space is tight, the compact 2960-CX switch is a powerful 8 port gigabit switch. Because it’s small, you can place it outside the wiring closet. It has a quiet, fan-less design so it’s silent. And it has flexible mounting options.

With a setup that allows for shorter cable runs from the switch, new devices can easily join the network. Shorter cables reduce the need for expensive and inflexible cabling.

Whether in a hospital, retail store, office, classroom, or branch location, this 8 port gigabit switch supports IP connections for devices with PoE+. You don’t need to install new electrical circuits to power your access points and other devices, such as:

  • IP phones
  • Wireless access points
  • Surveillance cameras
  • PCs
  • Video endpoints

Specifications at a Glance

  • 8 Gigabit Ethernet ports with line-rate forwarding performance
  • 2 x 1 Gigabit Ethernet copper and small form-factor pluggable (SFP) uplinks
  • PoE+ support with up to 124W of PoE budget
  • Advanced Layer 2 (LAN Base) support

More Related…

New Cisco Catalyst 3560-CX and 2960-CX Series Switches Review

Cisco Catalyst 3560-CX & 2960-CX Model Comparison

NEW Horizontal Stacking Supported on Cisco 3560-CX

Update but Not Featured: What’s New on Cisco Catalyst 2960-C & 3560-C Series Compact Switches?

Cisco Catalyst 3560-CX (the right) and 2960-CX (the Left) Compact Switch

Cisco Catalyst 3560-CX (the right) and 2960-CX (the Left) Compact Switch

Cisco Catalyst 3560-CX and 2960-CX Series

Cisco Catalyst 3560-CX and 2960-CX Series

Read more

Switch Architecture of Cisco Catalyst 2960-X/XR Series FAQ

May 17 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Cisco & Cisco Network

Cisco Catalyst 2960-X/XR switches, the greenest Cisco Catalyst access switches

Cisco Catalyst 2960-X/XR switches, the greenest Cisco Catalyst access switches

Why Select Cisco Catalyst 2960-X? What Benefits will you get from migrating to Cisco Catalyst 2960-X/XR series? We talked about the Cisco Catalyst 2960-X a lot before, such as the added features of Catalyst 2960-X Series, stacking of the Cisco Catalyst 2960-X and 2960-XR, Comparison of Cisco Catalyst 2960 Switches, etc. As the greenest Cisco Catalyst access switches, Cisco Catalyst 2960-X/XR switches are the best replacement for the 2960-S series.

The Cisco Catalyst 2960-X models provide Layer 2 switching and have one fixed power supply with an external redundant power supply. They provide 24 or 48 Gigabit Ethernet wire rate ports, PoE/PoE+ support, and four 1G Small Form-Factor Pluggable (SFP) or two 10G SFP+ uplinks.

With FlexStack-Plus technology, the Cisco Catalyst 2960-X switches can be stacked up to 8 members with up to 80 Gbps stacking capacity for high scalability.

In this article we will continue to talk about the architecture, Energy Efficiency of the Cisco Catalyst 2960-X and 2960-XR Series Switches.

Energy Efficiency

Catalyst 2960-X Series introduced new innovative energy saving modes for the switch.

● The Switch Hibernation Mode puts the switch to sleep when the switch is not in use. This feature enables the switch to save up to 90% of power during non-business hours.

● Downlink Hibernation Mode powers down the PHY and the optics of the downlink port when not in use.

● Energy Efficient Ethernet (EEE) enables dynamic power savings on all switch ports; saves about 15W for a 48port-switch and 8W for a 24 port-switch.

● EnergyWise Puts IP End Points in Energy Saver mode, saving 60%+ power with non-active IP devices.

The collective power savings with different energy efficient technologies will reduce the power consumption by up to 80%.

Downlink Hibernation Mode (DHM) feature enables all 2960-X switches to save power on the downlink ports. The switch supports static downlink port power-down where only the PHY and Optics are powered down when not in use.

When the switch is not in use, switch hibernation mode can be scheduled to save power. When the switch is in hibernation mode, it powers off application-specific integrated circuits (ASICs), and connected PoE devices. Power to most of the components is off. The DRAM is in refresh mode, keeping data intact. The switch hibernation mode is integrated with EnergyWise.

Q. Is a Cisco Catalyst 2960-X Series Switch usable while in hibernation mode?

A. No. All hardware components on the data path are switched off on Cisco Catalyst 2960-X Series Switches during hibernation mode.

The Cisco Catalyst 2960-X Series provides the following wake-up triggers from switch hibernation mode:

● Wake on scheduled real-time clock alarm/trigger

● Wake on mode button trigger

Q. Can Cisco Catalyst 2960-X Series Switches be scheduled to switch hibernation mode using the Cisco EnergyWise management tool?

A. Yes, the switch hibernation mode is integrated with Cisco EnergyWise. Cisco Catalyst 2960-X Series Switches can be put to switch hibernation mode using a Cisco EnergyWise management tool like any other IP devices.

Q. Is it possible to wakeup a Cisco Catalyst 2960-X Series Switch in switch hibernation mode before the scheduled wake-up time?

A. Yes, the mode button trigger will get the Cisco Catalyst 2960-X Series Switch out of switch hibernation mode.

Q. Can we schedule switch hibernation mode for some members only in a stack of Cisco Catalyst 2960-X Series Switches?

A. No. The whole stack of Cisco Catalyst 2960-X Series Switches can only be scheduled to switch hibernation mode.

Q. How long does it take for a Cisco Catalyst 2960-X Series Switch to be operational when it wakes up from switch hibernation mode?

A. A Cisco Catalyst 2960-X Series Switch coming out of switch hibernation mode is similar to a switch booting from reload. If the switches are stacked, master reelection is triggered after wake-up.

Q. Is Energy-Efficient Ethernet (EEE) 802.3az supported on the Cisco Catalyst 2960-X Series?

A. Yes, Energy-Efficient Ethernet (EEE) is supported on all downlink ports of the Cisco Catalyst 2960-X Series.

Q. Do we need to enable EEE on the Cisco Catalyst 2960-X Series?

A. EEE is enabled by default on all the downlink ports of the Cisco Catalyst 2960-X Series. If needed, EEE can be disabled.

Q. How is power saved with EEE on the Cisco Catalyst 2960-X Series?

A. Cisco Catalyst 2960-X downlink ports switch to low-power idle (LPI) mode during gaps in the data stream, saving power.

Q. Do both sides of the Ethernet interface have to support EEE for it to work?

A. Yes. Both endpoints of the Ethernet link must support EEE to get the power-saving advantages.

Q. How do I check if EEE is working?

A. The show eee status interface Gigabit Ethernet xxx” command can be used to check if EEE is agreed between both the endpoints.

The Cisco Catalyst 2960-X Series provides two types of console ports and one out-of-band Ethernet port:

● USB Type B console port

● Standard RJ-45 serial port

● 10/100 Ethernet management port

Q. Can both USB Type B console and RJ-45 console ports be used simultaneously?

A. No. Only one can be used for input, but both can receive output. When the USB console is connected, “it is used for input (by default)”. This design allows the administrator to see when the USB console port is in use. This capability is useful for remote administrators.

Q. Does the switch support auto-baud on the console port?

A. No. This was a tradeoff between console speed sensing and the ability to use the USB console.

Switch Architecture

Q. What management ports are available?

A. The Cisco Catalyst 2960-X Series provides two types of console ports and one out-of-band Ethernet port:

● USB Type B console port

● Standard RJ-45 serial port

● 10/100 Ethernet management port

Q. Can both USB Type B console and RJ-45 console ports be used simultaneously?

A. No. Only one can be used for input, but both can receive output. When the USB console is connected, “it is used for input (by default)”. This design allows the administrator to see when the USB console port is in use. This capability is useful for remote administrators.

Q. Does the switch support auto-baud on the console port?

A. No. This was a tradeoff between console speed sensing and the ability to use the USB console.

Q. Which management port has priority?

A. The RJ-45 console port is always the default management port, but when a PC is connected to the USB console port, the USB console takes over. The RJ-45 port continues to receive the output (a copy) of everything that gets displayed on the USB console port. This capability allows remote administrators to continue monitoring or logging the output showing what is happening at the switch location, sending it to a storage device.

Q. When a PC is left unattended on the USB console port, would remote administrators get locked out from the RJ-45 management port?

A. The USB console port has a default activity timer that can also be programmed by the user. This activity timer will expire and return control to the RJ-45 management port to avoid locking the remote administrator out.

Q. What can I do with the USB Type A port of the Cisco Catalyst 2960-X Series?

A. It is used to connect to an external USB memory drive for additional storage. This USB port can be used to perform software upgrades, store configurations, and even write memory core dumps for troubleshooting purposes. All Cisco USB memory drives can be used. Currently up to 8-GB USB drives are supported.

Q. Can a third-party USB Flash drive be used with the Cisco Catalyst 2960-X Series?

A. Yes, a third-party USB Flash drive can be used with the Cisco Catalyst 2960-X Series. They will work, but are not officially supported.

Q. What is the performance of the Cisco Catalyst 2960-X Series Switches?

A. The Cisco Catalyst 2960-X Series have a nonblocking switching architecture capable of forwarding traffic for all 48 1 Gigabit ports plus 2 10 Gigabit ports at line rate. See the datasheet for the MPPS information for each model.

Q. Do the Cisco Catalyst 2960-X Series Switches consume less power than the Cisco Catalyst 2960-S Series Switches?

A. The Cisco Catalyst 2960-X Series are based on the same building blocks as the 2960-S-Series Switches for most components. However, these switches have a new thermal design, new highly efficient power supplies, and new efficient fans, which use less power.

Q. Do the Cisco Catalyst 2960-X Series Switches support front-to-back airflow?

A. The airflow on the Cisco Catalyst 2960-X Series is “front and sides” to back airflow.

Q. Is the airflow reversible in the Cisco Catalyst 2960-X Series Switches?

A. No. The airflow is not reversible.

Q. Do Cisco Catalyst 2960-X Series Switches support field-replaceable power supplies?

A. Cisco Catalyst 2960-XR switch models have field replaceable power supplies, whereas the 2960-X switch models have fixed power supplies.

Q. Are Cisco Catalyst 2960-XR field-replaceable power supplies hot swappable?

A. Yes. Cisco Catalyst 2960-XR power supplies are hot swappable.

Q. Can a non-PoE Cisco Catalyst 2960-X Series Switch support PoE by replacing its power supply with a PoE-capable power supply?

A. No. A non-PoE Cisco Catalyst 2960-X Series Switch will not support PoE by using a PoE-capable power supply.

Q. Can we increase the PoE budget of Cisco Catalyst 2960-X Series Switch by replacing its power supply with a high-capacity power supply?

A. The available PoE budget is fixed for a given model of Cisco Catalyst 2960-X Series Switch. Replacing the switch power supply will not increase the PoE budget.

…More questions to help you know Cisco 2960-X and 2960-XR series well you can read more information here: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-2960-x-series-switches/qa_c67-728348.html

More Related Cisco 2960-X/XR Topics

Why SELECT Cisco 2960-X Series?

Cisco Catalyst 2960-X vs. 2960-XR Series Switches

How to Install or Replace an AC Power Supply in a Cisco 2960-X Switch?

Cisco Catalyst 2960-X/XR vs. Catalyst 3650 vs. Cisco 3850 Series

WS-C2960X-48TD-L & WS-C2960XR-48TD-I Tested, from Miercom

Catalyst 2960-XR Family Power Supply & Configuration

Catalyst 2960-XR Family Power Supply & Configuration

Read more

Discussion: Management of ASA with Firepower Services

March 3 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Cisco & Cisco Network

Cisco ASA with FirePOWER Services-Key Security Features

Cisco ASA with FirePOWER Services-Key Security Features

Discussion: Management of ASA with Firepower Services

We talked Cisco ASA with Firepower Services a lot before. With Cisco ASA with FirePOWER Services, you consolidate multiple security layers in a single platform, eliminating the cost of buying and managing multiple solutions.

The Cisco Firepower Next-Generation Firewall is the industry’s first fully integrated, threat-focused next-gen firewall with unified management. It includes Application Visibility and Control (AVC), optional Firepower next-gen IPS (NGIPS), Cisco Advanced Malware Protection (AMP), and URL Filtering. Cisco Firepower NGFW provides advanced threat protection before, during, and after attacks.

Cisco ASA with FirePOWER Services, Stop more threats with a threat-focused NGFW

Beat sophisticated cyber attacks with superior security. We offer the industry’s first threat-focused next-generation firewall (NGFW). You get the confidence of the most-deployed stateful firewall combined with application control, next-generation intrusion prevention system (NGIPS), and advanced malware protection (AMP).

Discussion: Management of ASA with Firepower Services

There are a few questions about the Management of ASA with Firepower Services. Let’s look at the discussion from Cisco Communities

1. An ASA with Firepower Services requires a Firesight management device (physical or virtual) - Correct?

Yes, that’s correct.

2. Is there a High Availability option for a physical Firesight management?

Read about this in the bottom of Table 2 on this page:

http://www.cisco.com/c/en/us/products/collateral/security/firesight-management-center/datasheet-c78-732251.html

3. Does the Firesight management also manage the ASA's firewall rules?

--Not yet. Cisco is developing Firepower Threat Defence that does excately that.

4. I ask because I believe there was mention that a rule could have a specific IPS policy assigned to it. This is correct in the terms on Firepower Access Control Rules. Not ASA firewall rules.

5. If this is true I would believe that the use of CLI or ASDM on the ASA would no longer be usable - Correct?

The new Threat Defence system will be managed from Firepower Management Center. Not CLI nor ASDM.

6. When changes are made on the Firesight management station are they applied immediately to the ASA, like managing via CLI or is there another step to applying he changes?

No. You will have to deploy the new policy to the Firepower sensor first.

7. When change are applied what if anything happens to existing connections?

- I actually am not sure about this. I have never seen any connections being dropped when applying policy. Cisco has made a note about this in their manual: Firepower Management Center Configuration Guide, Version 6.0 - Policy Management [Cisco FireSIGHT Management Center] -…

  • When you enable Inspect traffic during policy apply:
    • Certain configurations can require the Snort process to restart.
    • When the configurations you deploy do not require a Snort restart, the system initially uses the currently deployed access control policy to inspect traffic, and switches during deployment to the access control policy you are deploying.
  • When you disable Inspect traffic during policy apply, the Snort process always restarts when you deploy.
  • How a Snort restart affects traffic depends on the interface configuration and the platform.

Original Discussion from https://communities.cisco.com/thread/59509

More Related…

What are the Considerations While Buying a Cisco Next-Generation Firewall?

NGFW-Cisco ASA with FirePOWER Services

Cisco ASA 5500-X Series’ New Features & Main Model Comparison

How to Enable the Wireless Access Point (ASA 5506W-X)?

How to Deploy the ASA 5508-X or ASA 5516-X in Your Network?

Cisco ASA 5506-X with Version 9.4.1–Policy Based Routing

ASA 5508-X and ASA 5516-X Overview

ASA 5506-X/SecurityPlus, 5506W-X & 5506H-X, Cisco ASA with FirePOWER Services, What’s New Here?

Read more

New Catalyst Performance of Cisco Switch Engines

February 22 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Cisco Modules & Cards

Cisco Catalyst 4500E Supervisor Engine 8L-E

Cisco Catalyst 4500E Supervisor Engine 8L-E

To Read the Cisco Catalyst 4500E Supervisor Engine 8L-E

To Read the Cisco Catalyst 4500E Supervisor Engine 8L-E

Cisco introduced two supervisor engines last week--the 6T and 8L-E. The former is for the Catalyst 6700, 6800 and 6900 series, while Cisco has aimed the latter at the Catalyst 4500E.

Both switch engines are scheduled to ship in April.

Read more about the Updated: Cisco Catalyst 4500 Supervisor Engine 8-E and 8L-E & Introducing Cisco Catalyst 6800 Series Supervisor Engine 6T

In general, the Catalyst switches are designed for the campus backbone, the wiring closet, or a small office or retail network. Switch engines, which are the brains of the Catalyst, extend the usefulness of the hardware as application-driven network traffic rises.

The 6T raises speeds to 400 Gbps per slot on the Catalyst 6807-XL chassis. As a result, the supervisor engine can increase switch capacity to 6 Tbps and scale to 12 Tbps when in the Virtual Switching System configuration. The Supervisor Engine 6T is compatible with 10 Gb, 40 Gb and 100 Gb line cards, and has 8 x 10 GbE and 2 x 40 GbE uplinks to support high-performance applications.

The 8L-E has up to 560 Gbps of wired switching capacity and can handle independent packets simultaneously at a rate of 48 Gbps. The extension has four 10 GbE uplinks.

Cisco upgrades wireless, UCS platforms

With the latest switch engines, Cisco introduced the Catalyst 3650-Mini for companies with space-constrained locations. The hardware mirrors the 3650 family of switches in a 1RU form factor. It's available with 24 or 48 fixed PoE+ GbE ports.

For wireless networks, Cisco introduced 802.11ac Wave 2 access points under the Aironet and cloud-managed Meraki brands. The company also introduced stackable Meraki MS Switches that feature 16 or 32 1 Gbps ports, and hot-swappable power supplies and fans.

The Catalyst and wireless network upgrades reflect Cisco's two-prong product strategy of strengthening its on-premises and cloud-managed technology, which also includes security, said Rohit Mehra, an analyst at IDC. By focusing on both, Cisco is bolstering its core platforms for switching and routing, while also addressing the needs of the "midmarket, distributed enterprise that is developing a greater affinity for leveraging cloud for IT infrastructure."

For the data center, Cisco introduced the 6300 Series Fabric Interconnect for the company's Unified Computing System (UCS), which combines compute, storage and networking into a single platform. Cisco's fabric interconnects provide the management and communication backbone of the UCS B-Series Blade Servers, 5100 Series Blade Server Chassis and the C-Series Rack Servers.

The 6300 Series features two 1RU 40 GbE switches and a 40 GbE Fabric Extender. The products leverage the Virtual Interface Card 1300 series, which is designed to support up to 40 GbE networks. The card supports network overlay technologies, such as VXLAN.

The Article from http://searchnetworking.techtarget.com/news/4500272897/Cisco-switch-engines-boost-Catalyst-performance

More Related…

Cisco Catalyst 4500E Supervisor Engine 8L-E in Detail

Updated: Cisco Catalyst 4500 Supervisor Engine 8-E and 8L-E

Introducing Cisco Catalyst 6800 Series Supervisor Engine 6T

Cisco 4500E Supervisor 8E vs. Supervisor 7E vs. Supervisor 7LE

Read more

The Different Types of Ethernet Switches

February 1 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

More about the Types of Cisco Switches:

More about the Types of Cisco Switches:

There are two main categories of Ethernet Switches: Modular and Fixed Configuration.

What are the Exact Modular and Fixed Configuration switches?

Modular switches, as the name implies, allows you to add expansion modules into the switches as needed, thereby delivering the best flexibility to address changing networks. Examples of expansion modules are application-specific (such as Firewall, Wireless, or Network Analysis), modules for additional interfaces, power supplies, or cooling fans.

Good examples of Modular switches: Cisco Catalyst 4K and Catalyst 6K.

Fixed Configuration switches are switches with a fixed number of ports and are typically not expandable.

Good Examples of Fixed Configuration Switches: Cisco Catalyst 2K, Catalyst 3K and the Cisco 300/500 series.

The Fixed configuration switch category is further broken down into:

– Unmanaged Switches

– Smart Switches

– Managed L2 and L3 Switches

Unmanaged Switches:

This category of switch is the most cost effective for deployment scenarios that require only basic layer 2 switching and connectivity. As such, they fit best when you need a few extra ports on your desk, in a lab, in a conference room, or even at home.

With some Unmanaged switches in the market, you can even get capabilities such as cable diagnostics, prioritization of traffic using default QoS settings, Energy savings capabilities using EEE (Energy Efficient Ethernet) and even PoE (Power Over Ethernet). However, as the name implies, these switches generally cannot be modified/managed. You simply plug them in and they require no configuration at all.

Cisco 100 Series switches are good examples of this category.

Smart Switches (also known as Lightly Managed Switches):

This category of switches is the most blurred and fastest changing. The general rule here is that these switches offer certain levels of Management, QoS, Security, etc. but is “lighter” in capabilities and less scalable than the Managed switches. It therefore makes them a cost-effective alternative to Managed switches. As such, Smart switches fit best at the edge of a large network (with Managed Switches being used in the core), as the infrastructure for smaller deployments, or for low complexity networks in general.

The capabilities available for this Smart switch category vary widely. All of these devices have an interface for Management – historically a browser-based interface used to be the only way to configure these devices, though nowadays you can manage some of these devices with CLI and/or SNMP/RMON as well. Regardless, these capabilities are lighter than what you will find in their Managed switch counterparts. Smart switches tend to have a management interface that is more simplified than what Managed Switches offer.

Smart switches allow you to segment the network into workgroups by creating VLANs, though with a lower number of VLANs and nodes (MAC addresses) than you’d get with a Managed switch.

They also offer some levels of security, such as 802.1x endpoint authentication, and in some cases with limited numbers of ACLs (access control lists), though the levels of control and granularity would not be the same as a Managed switch.

In addition, Smart switches support basic quality-of-service (QoS) that facilitates prioritization of users and applications based on 802.1q/TOS/DSCP, thereby making it quite a versatile solution.

Cisco 200 Series switches are good examples of this category.

Fully Managed L2 and L3 switches:

Managed Switches are designed to deliver the most comprehensive set of features to provide the best application experience, the highest levels of security, the most precise control and management of the network, and offer the greatest scalability in the Fixed Configuration category of Switches. As a result, they are usually deployed as aggregation/access switches in very large networks or as core switches in relatively smaller networks. Managed switches should support both L2 switching and L3 IP routing though you’ll find some with only L2 switching support.

From a Security perspective, Managed switches provide protection of the data plane (User traffic being forwarded), control plane (traffic being communicated between networking devices to ensure user traffic goes to the right destination), and management plane (traffic used to manage the network or device itself). Managed switches also offer network storm control, denial-of-service protection, and much more.

The Access Control List capabilities allows for flexibly dropping, rate limiting, mirroring, or logging of traffic by L2 address, L3 address, TCP/UDP port numbers, Ethernet type, ICMP or TCP flags, etc.

Managed switches are rich in features that enable them to protect themselves and the network from deliberate or unintended Denial of Service attacks. It includes Dynamic ARP Inspection, IPv4 DHCP snooping, IPv6 First Hop Security with RA Guard, ND Inspection, Neighbor Binding Integrity, and much more.

Additional Security capabilities may include Private VLANs for securing communities of users or device isolation, Secure Management (downloads through SCP, Web-based Authentication, Radius/TACACS AAA, etc), Control Plane Policing (CoPP) for protecting the CPU of the switch, richer support for 802.1x (time-based, Dynamic VLAN Assignment, port/host-based, etc)

From a Scalability perspective, these devices have large table sizes so that you can create large numbers of VLANs (for workgroups), devices (MAC table size), IP routes, and ACL policies for flow-based security/QoS purposes, etc.

For highest network availability and uptime, Managed switches support L3 redundancy using VRRP (Virtual Router Redundancy Protocol), large numbers of Link Aggregation groups (which is used both for scalability and resiliency), and capabilities for protecting L2 such as Spanning Tree Root Guard and BPDU Guard.

When we talk about QoS and Multicast features, the richness of capabilities goes far beyond what you’d see in a Smart Switch. Here you’d see things such as IGMP and MLD Snooping with Querier functions for optimizing IPv4/v6 multicast traffic in the LAN, TCP Congestion Avoidance, 4 or 8 queues to treat traffic differently by importance, setting/tagging traffic by L2 (802.1p) or L3 (DSCP/TOS), and rate limiting traffic.

In terms of Management, things such as multiple ways to configure (using CLI, Web GUI, SNMP Management application), discovering of neighbor devices in the networks (using CDP, LLDP, Bonjour, etc), and troubleshooting capabilities (such as VLAN and Port Mirroring, Traceroute, Ping, Syslog, Cable Diagnostics, RMON, etc) are all included.

What I highlighted is by no means exhaustive, but gives you a sense of what some of the differences may be between Managed and Smart Switches.

Cisco Catalyst and Cisco 300 Series and 500 Series switches are good examples of this category of products.

Managed Switches can go even further than what I’ve highlighted. For example, there’s even richer support for Dynamic Unicast and Multicast Routing protocols, deeper flow intelligence or macro flow statistics with Netflow/SFlow, non-Stop Forwarding capabilities, MPLS/VRF support, Policy enforcement, and many others.

Now, to take a deeper dive into these switch categories and talk about various options, you can select the switches based on:

– Speed

– Number of ports

– POE versus non-POE

– Stackable versus Standalone

Speed:

You can find Fixed Configuration switches in Fast Ethernet (10/100 Mbps), Gigabit Ethernet (10/100/1000 Mbps), Ten Gigabit (10/100/1000/10000 Mbps) and even some 40/100 Gbps speeds. These switches have a number of uplink ports and a number of downlink ports. Downlinks connect to end users – uplinks connect to other Switches or to the network infrastructure. Currently, Gigabit is the most popular interface speed though Fast Ethernet is still widely used, especially in price-sensitive environments. Ten Gigabit has been growing rapidly, especially in the datacenter and, as the cost comes down, it will continue to expand into more network applications. With 10GBase-T Ten Gigabit copper interfaces being integrated into LOM (LAN on the Motherboard) and 10G-Base-T switches becoming available now (see the Cisco SG500XG-8F8T 16-port 10-Gigabit switch), building a Storage or Server farm with 10 Gigabit interfaces has never been easier or more cost-effective. 40G/100G is still emerging and will be mainstream in a few years.

Number of ports:

Fixed Configuration Switches typically come in 5, 8, 10, 16, 24, 28, 48, and 52-port configurations. These ports may be a combination of SFP/SFP+ slots for fiber connectivity, but more commonly they are copper ports with RJ-45 connectors on the front, allowing for distances up to 100 meters. With Fiber SFP modules, you can go distances up to 40 kilometers

POE versus non-POE:

Power over Ethernet is a capability that facilitates powering a device (such as an IP phone, IP Surveillance Camera, or Wireless Access Point) over the same cable as the data traffic. One of the advantages of PoE is the flexibility it provides in allowing you to easily place endpoints anywhere in the business, even places where it might be difficult to run a power outlet. One example is that you can place a Wireless Access Point inside a wall or ceiling.

Switches deliver power according to a few standards – IEEE 802.3af delivers power up to 15.4 Watts on a switch port whereas IEEE 802.3at (also known as POE+) delivers power up to 30 Watts on a switch port. For most endpoints, 802.3af is sufficient but there are devices, such as Video phones or Access Points with multiple radios, which have higher power needs. It’s important to point out that there are other PoE standards currently being developed that will deliver even high levels of power for future applications. Switches have a power budget set aside for running the switch itself, and also an amount of power dedicated for POE endpoints.

To find the switch that is right for you, all you need to do is choose a switch according to your power needs. When connecting to desktops or other types of devices which do not require POE, the non-POE switches are a more cost-effective option.

Stackable versus Standalone:

As the network grows, you will need more switches to provide network connectivity to the growing number of devices in the network. When using Standalone switches, each switch is managed, troubleshot, and configured as an individual entity.

In contrast, Stackable switches provide a way to simplify and increase the availability of the network. Instead of configuring, managing, and troubleshooting eight 48-port switches individually, you can manage all eight like a single unit using a Stackable Switches. With a true Stackable Switch, those eight switches (total 384 ports) function as a single switch – there is a single SNMP/RMON agent, single Spanning Tree domain, single CLI or Web interface – i.e. single management plane. You can also create link aggregation groups spanning across multiple units in the stack, port mirror traffic from one unit in the stack to another, or setup ACLs/QoS spanning all the units. There are valuable operational advantages to be gained by this approach.

Here’s a word of warning. Be careful about products in the market which are sold as “Stackable” when they merely offer a single user interface, or central management interface, for getting to each individual switch unit. This approach is not stackable, but really “clustering”. You still have to configure every feature such as ACLs, QoS, Port mirroring, etc, individually on each switch. Use the following as a proof point – can I create a link aggregation group with one port in one unit of the stack and another port of that group in another unit of the stack? Can I select a port on one unit in the stack and mirror the traffic to a port on another unit of the stack? When I configure an ACL for Security purposes, can I apply that to any port on any unit in the stack? If the answer is “No” to any of these questions, you’re probably not working with a stackable switch.

There are other advantages of True Stacking as well. You can connect the stack members in a ring such that, if a port or cable fails, the stack will automatically route around that failure, many times at microsecond speeds. You can also add or subtract stack members and have it automatically recognized and added into the stack.

Cisco Catalyst 2K-X and 3K or Cisco 500 Series Switches are examples of Switches in this category.

As you can see there’s a multitude of switch options to choose from. So, have a close look at your current deployment and future needs to determine the right switch for your network.

From http://blogs.cisco.com/smallbusiness/understanding-the-different-types-of-ethernet-switches

More Related Cisco Network Switch Topics

Cisco Catalyst Switches for Campus Networks & Nexus Switches for Data Centers

Cisco Catalyst Switches for the Different Types of Campuses

About Cisco Catalyst Multigigabit Ethernet & Cisco Multigigabit Ethernet Switches

Layer-3 Switching or Layer-2 Switching?

Routers vs. Network Switches

Read more

Configuring the ASA as CA Server

January 18 2016 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall, #Cisco & Cisco Network

ASDM -> Configuration -> Remote Access VPN -> Certificate Management - Local Certificate Authority

ASDM -> Configuration -> Remote Access VPN -> Certificate Management - Local Certificate Authority

Do you know how to configure the ASA as CA Server? You know the Cisco ASA can act as a Certificate Authority server an issue certificates to the VPN clients or other network devices.

The Cisco ASA only provides browser-based certificate enrollment.

Before to proceed with the configuration, make sure the time on your ASA is correct (Show clock) or use a NTP server to synchronize the time across your network devices.

We cannot specify the CA server name, because you can only have one instance of Local CA server running at the same time.

Under the Crypto ca server mode, we have multiple options explained as follows:

CA Server configuration commands:

  • CDP-URL: Specifies the certificate revocation list distribution point to be included in the certificates issued by the CA.
  • Database: Specifies a path or location for the local CA database. The default location is flash memory.
  • Enrollment-retrieval: Specifies the time in hours that an enrolled user can retrieve a PKCS12 enrollment file.
  • Issuer-name: Indicates that rule entry is applied to the issuer DN of the IPSec peer certificate.
  • Keysize: Configure the size of keypair to generate for certificate enrollments for the local CA server.
  • Lifetime CA-certificate: Specify the lifetime for the CA certificate.
  • Lifetime certificate: Specify the lifetime for the user certificate.
  • Lifetime CRL: Specify the lifetime for the CRL.
  • OTP expiration: Specify the lifetime for the OTP expiration.
  • Publish-CRL: Make the CRL available for download via HTTP on the specified interface.
  • Renewal-reminder: Specify the time prior the CA certificate expiration, the ASA will notify the users via email.
  • SMTP from address: Specify the email from which the notification will be sent to deliver the OTP password and enrollment invitations.
  • SMTP subject: Customize the email subject.
  • Subject-name-default: Specify an optional SUBJECT-NAME DN.

Basic ASA configuration as CA server

ASDM -> Configuration -> Remote Access VPN -> Certificate Management - Local Certificate Authority

...

Equivalent CLI configuration.

ASA(config)# Crypto ca server

ASA(config-ca-server)# lifetime ca-certificate 100 ASA(config-ca-server)# lifetime certificate 30 ASA(config-ca-server)# smtp from-address admin@cisco.com ASA(config-ca-server)# smtp subject Certificate enrollment ASA(config-ca-server)# keysize 2048 ASA(config-ca-server)# cdp-url http://cisco/+CSCOCA+/asa_ca.crl ASA(config-ca-server)# subject-name-default CN=BoB , O=Cisco, C= US ASA(config-ca-server)# no shutdown

Once the CA server has been enabled , we cannot do any modification to the configuration unless we shutdown the server.

Show and debugs commands:

  • Debug crypto ca server
  • Show crypto ca server
  • Show crypto ca server cert-db

More information http://www.cisco.com/c/en/us/td/docs/security/asa/asa81/config/guide/config/cert_cfg.html

Original Guide From https://supportforums.cisco.com/document/12597006/how-configure-asa-ca-server

More Cisco and Network Guide

ASA Routed vs. Transparent

Cisco ACLs In and Out on Cisco ASA

Cisco ASA Failover, Failover Modes & ASA Failover Configuration

Cisco ASA IPS Module Configuration

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software

Cisco ASA SNMP Polling Via VPN Site-to-Site Tunnel

Read more
<< < 1 2 3 4 5 6 7 8 9 10 > >>